package org.springblade.modules.auth.granter; import lombok.AllArgsConstructor; import org.springblade.common.cache.CacheNames; import org.springblade.common.cache.ParamCache; import org.springblade.core.log.exception.ServiceException; import org.springblade.core.redis.cache.BladeRedis; import org.springblade.core.tool.utils.DigestUtil; import org.springblade.core.tool.utils.Func; import org.springblade.core.tool.utils.WebUtil; import org.springblade.modules.auth.enums.UserEnum; import org.springblade.modules.auth.provider.ITokenGranter; import org.springblade.modules.auth.provider.TokenParameter; import org.springblade.modules.auth.sms.MobTechSmsVerify; import org.springblade.modules.auth.utils.TokenUtil; import org.springblade.modules.system.entity.Tenant; import org.springblade.modules.system.entity.UserInfo; import org.springblade.modules.system.service.IRoleService; import org.springblade.modules.system.service.ITenantService; import org.springblade.modules.system.service.IUserService; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import java.time.Duration; import java.util.List; /** * @PROJECT_NAME: zttj-java-boot * @DESCRIPTION: 短信验证码鉴权 * @USER: aix * @DATE: 2023/12/12 14:25 */ @Component @AllArgsConstructor public class SmsCodeTokenGranter implements ITokenGranter { public static final String GRANT_TYPE = "smsCode"; public static final Integer FAIL_COUNT = 5; public static final String FAIL_COUNT_VALUE = "account.failCount"; private final IUserService userService; private final IRoleService roleService; private final ITenantService tenantService; private final BladeRedis bladeRedis; @Override public UserInfo grant(TokenParameter tokenParameter) { HttpServletRequest request = WebUtil.getRequest(); // 获取用户绑定ID String headerDept = request.getHeader(TokenUtil.DEPT_HEADER_KEY); String headerRole = request.getHeader(TokenUtil.ROLE_HEADER_KEY); // 获取用户信息 String tenantId = tokenParameter.getArgs().getStr("tenantId"); String phone = tokenParameter.getArgs().getStr("phone"); String code = tokenParameter.getArgs().getStr("code"); //短信验证api String verifyStr = MobTechSmsVerify.requestData(phone, code); if (verifyStr.indexOf("200") < 0) { throw new ServiceException(TokenUtil.CAPTCHA_NOT_CORRECT); } // 判断登录是否锁定 int cnt = Func.toInt(bladeRedis.get(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, phone)), 0); int failCount = Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), FAIL_COUNT); if (cnt >= failCount) { throw new ServiceException(TokenUtil.USER_HAS_TOO_MANY_FAILS); } UserInfo userInfo = null; if (Func.isNoneBlank(phone, code)) { // 获取租户信息 Tenant tenant = tenantService.getByTenantId(tenantId); if (TokenUtil.judgeTenant(tenant)) { throw new ServiceException(TokenUtil.USER_HAS_NO_TENANT_PERMISSION); } // 获取用户类型 String userType = tokenParameter.getArgs().getStr("userType"); // 根据不同用户类型调用对应的接口返回数据,用户可自行拓展 if (userType.equals(UserEnum.WEB.getName())) { userInfo = userService.userInfo(tenantId, phone); } else if (userType.equals(UserEnum.APP.getName())) { userInfo = userService.userInfo(tenantId, phone); } else { userInfo = userService.userInfo(tenantId, phone); } } if (userInfo == null || userInfo.getUser() == null) { // 增加错误锁定次数 bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, phone), cnt + 1, Duration.ofMinutes(30)); } else { // 成功则清除登录缓存 bladeRedis.del(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, phone)); } // 多部门情况下指定单部门 if (Func.isNotEmpty(headerDept) && userInfo != null && userInfo.getUser().getDeptId().contains(headerDept)) { userInfo.getUser().setDeptId(headerDept); } // 多角色情况下指定单角色 if (Func.isNotEmpty(headerRole) && userInfo != null && userInfo.getUser().getRoleId().contains(headerRole)) { List roleResult = roleService.getRoleAliases(headerRole); userInfo.setRoles(roleResult); userInfo.getUser().setRoleId(headerRole); } return userInfo; } }