Merge remote-tracking branch 'origin/4.0' into 4.0

修改用户登录为直接查库、登录返回增加返回用户等级
--- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java
+++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/AuthService.java
@@ -10,13 +10,10 @@ import cc.smtweb.framework.core.db.DbEngine;
 import cc.smtweb.framework.core.exception.BizException;
 import cc.smtweb.framework.core.session.SessionManager;
 import cc.smtweb.framework.core.session.UserSession;
 import cc.smtweb.framework.core.util.PubUtil;
 import cc.smtweb.system.bpm.web.sys.user.party.Party;
 import cc.smtweb.system.bpm.web.sys.user.party.PartyCache;
 import cc.smtweb.system.bpm.web.sys.user.role.RoleCache;
 import cc.smtweb.system.bpm.web.sys.user.user.User;
 import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
 import cc.smtweb.system.bpm.web.sys.user.user.UserRoleCache;
 import lombok.extern.slf4j.Slf4j;

 import java.util.ArrayList;
@@ -47,48 +44,20 @@ public class AuthService {
        return R.success(list);
    }

    @SwPerm()
    public R userInfo(@SwBody SwMap params, UserSession us) {
        SwMap data = new SwMap();

        User user = (User) UserCache.getInstance().get(us.getUserId()).clone();
        user.setId(us.getUserId());
        user.put("create_time", PubUtil.checkLastTime(user.getCreate()));
        user.put("sur_party", PartyCache.getInstance().get(us.getPartyId()));
        user.put("sur_roles", RoleCache.getInstance().getNamesByIds(UserRoleCache.getInstance().getRoleIdByUP(us.getUserId(), us.getPartyId())));
        data.put("userInfo", user);

        return R.success(data);
    }

    @SwPerm()
    public R saveUser(@SwBody SwMap params, UserSession us) {
        SwMap userInfo = params.readMap("userInfo");
        User user = UserCache.getInstance().get(us.getUserId());
        user.getData().putAll(userInfo);
        DbEngine.getInstance().findDao(User.ENTITY_NAME).updateEntity(user);
        UserCache.getInstance().put(user);
        return R.success();
    }

    @SwPerm()
    public R changePwd(@SwBody SwMap params, UserSession us) {
        String old_pwd = params.readString("old_pwd");
        String new_pwd = params.readString("new_pwd");
        User user = UserCache.getInstance().get(us.getUserId());
        if (!LoginHelper.verifyPwd(user, old_pwd)) {
            return R.error("旧密码错误");
        }
        LoginHelper.resetUserPwd(user, new_pwd);
        return R.success();
    }

    @SwPerm(SwPerm.NONE)
    public R login(@SwBody LoginVO loginPO) {
        SwMap data = new SwMap();
        User user = null;
        UserSession userSession = null;
        try {
            userSession = LoginHelper.login(loginPO);
            if ("admin".equals(loginPO.getUsername())) {
                userSession = new UserSession(1);
 //                user=new User();
 //                return new UserSession(1);
            }else{
                user= LoginHelper.login(loginPO);
                userSession=new UserSession(user.getId());
            }
        } catch (BizException e) {
            data.put("isOk", false);
            data.put("msg", e.getMessage());
@@ -99,7 +68,7 @@ public class AuthService {
            return R.success(data);
        }
        userSession.setSiteId(1);
        User user = UserCache.getInstance().get(userSession.getUserId());
 //       UserCache.getInstance().get(userSession.getUserId());
        if (user == null) {
            if (1 != userSession.getUserId()) {
                data.put("isOk", false);
@@ -118,7 +87,7 @@ public class AuthService {
        loginAckVO.setAvatar("");
        loginAckVO.setDesc(user.getSign());
        loginAckVO.setToken(sessionManager.login(userSession));

        loginAckVO.setUserLevel(user.getLevel()+"");
        data.put("user", loginAckVO);
        data.put("token", loginAckVO.getToken());
        data.put("isOk", true);
--- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java
+++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginAckVO.java
@@ -11,4 +11,5 @@ public class LoginAckVO {
    private String avatar;
    private String desc;
    private String token;
    private String userLevel; //102100内部用户/102101外部用户/102102公众用户
 }
--- a/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java
+++ b/smtweb-framework/bpm/src/main/java/cc/smtweb/system/bpm/web/login/LoginHelper.java
@@ -1,5 +1,6 @@
 package cc.smtweb.system.bpm.web.login;

 import cc.smtweb.framework.core.annotation.SwParam;
 import cc.smtweb.framework.core.cache.redis.RedisManager;
 import cc.smtweb.framework.core.common.SwConsts;
 import cc.smtweb.framework.core.common.SwEnum;
@@ -11,6 +12,8 @@ import cc.smtweb.system.bpm.web.sys.user.user.UserCache;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;

 import java.util.List;

 /**
 * Created with IntelliJ IDEA.
 * User: AKhh
@@ -21,7 +24,7 @@ public class LoginHelper {

    private static final String PWD_SALT = "goodpj";

    public static UserSession login(LoginVO loginPO) {
    public static User login(LoginVO loginPO) {
        String key = loginPO.getUuid() + "_" + SwConsts.LOGIN_VERIFY_CODE;
        //先提取验证码
        String verifyCode = RedisManager.getInstance().get(key, String.class);
@@ -31,9 +34,7 @@ public class LoginHelper {
            throw new BizException("账号不能为空");
        }

        if ("admin".equals(loginPO.getUsername())) {
            return UserSession.createSys();
        }


        if (StringUtils.isBlank(loginPO.getPassword())) {
            throw new BizException("密码不能为空");
@@ -47,10 +48,16 @@ public class LoginHelper {
            throw new BizException("验证码错误");
        }

        User user = UserCache.getInstance().getByKey(loginPO.getUsername());
        if (user == null) {
        //查询数据库
        List<User> userObjList = DbEngine.getInstance().findDao(User.ENTITY_NAME).queryWhere(" sur_code=? or sur_tel=?", loginPO.getUsername(), loginPO.getUsername());
 //        User user = UserCache.getInstance().getByKey(loginPO.getUsername());
        if(null == userObjList || userObjList.size()<=0){
            throw new BizException("账号或者密码出错");
        }
        User user =userObjList.get(0);
 //        if (user == null) {
 //            throw new BizException("账号或者密码出错");
 //        }

        if (!verifyPwd(user, loginPO.getPassword())) {
            throw new BizException("账号或者密码出错");
@@ -60,7 +67,7 @@ public class LoginHelper {
            throw new BizException("账户状态异常");
        }

        return new UserSession(user.getId());
        return user;
    }
    public static UserSession simpleLogin(long useId){
        User user = UserCache.getInstance().get(useId);
@@ -70,6 +77,55 @@ public class LoginHelper {
        return new UserSession(user.getId());
    }

 //    public static UserSession login(LoginVO loginPO) {
 //        String key = loginPO.getUuid() + "_" + SwConsts.LOGIN_VERIFY_CODE;
 //        //先提取验证码
 //        String verifyCode = RedisManager.getInstance().get(key, String.class);
 //        RedisManager.getInstance().del(key);
 //
 //        if (StringUtils.isBlank(loginPO.getUsername())) {
 //            throw new BizException("账号不能为空");
 //        }
 //
 //        if ("admin".equals(loginPO.getUsername())) {
 //            return new UserSession(1);
 //        }
 //
 //        if (StringUtils.isBlank(loginPO.getPassword())) {
 //            throw new BizException("密码不能为空");
 //        }
 //
 //        if (StringUtils.isBlank(loginPO.getVerifyCode())) {
 //            throw new BizException("验证码不能为空");
 //        }
 //
 //        if (!loginPO.getVerifyCode().equalsIgnoreCase(verifyCode)) {
 //            throw new BizException("验证码错误");
 //        }
 //
 //        //查询数据库
 //        List<User> userObjList = DbEngine.getInstance().findDao(User.ENTITY_NAME).queryWhere(" sur_code=? or sur_tel=?", loginPO.getUsername(), loginPO.getUsername());
 ////        User user = UserCache.getInstance().getByKey(loginPO.getUsername());
 //        if(null == userObjList || userObjList.size()<=0){
 //            throw new BizException("账号或者密码出错");
 //        }
 //        User user =userObjList.get(0);
 ////        if (user == null) {
 ////            throw new BizException("账号或者密码出错");
 ////        }
 //
 //        if (!verifyPwd(user, loginPO.getPassword())) {
 //            throw new BizException("账号或者密码出错");
 //        }
 //
 //        if (SwEnum.UserStatu.NORMAL.value != user.getStatu()) {
 //            throw new BizException("账户状态异常");
 //        }
 //
 //        return new UserSession(user.getId());
 //    }


    //密码加密(登录时以密文比较)
    public static String encodePwd(long user_id, String pwd) {
        return DigestUtils.md5Hex(PWD_SALT + user_id + pwd);
@@ -79,12 +135,6 @@ public class LoginHelper {
        return DigestUtils.md5Hex(PWD_SALT + user.getId() + pwd).equals(user.getPwd());
    }

    public static void resetUserPwd(User user, String pwd) {
        user.setPwd(LoginHelper.encodePwd(user.getId(), pwd));
        DbEngine.getInstance().findDao(User.ENTITY_NAME).updateEntity(user);
        UserCache.getInstance().put(user);
    }

    /**
     * 校验密码是否符合规定
     *
Автор	SHA1	Съобщение	Дата
zhangyulong	f04402d602	Merge remote-tracking branch 'origin/4.0' into 4.0	преди 2 години
zhangyulong	82e77c670d	修改用户登录为直接查库、登录返回增加返回用户等级	преди 2 години