update:登录、注册

mec-auth/mec-auth-api/src/main/java/com/ym/mec/auth/api/entity/LoginEntity.java

@@ -3,25 +3,23 @@ package com.ym.mec.auth.api.entity;
 public class LoginEntity {
     private String smsCode;
 
-    private String isLessee;
-
     private String clientId;
 
     private String clientSecret;
 
-    private String isRegister;
+    private Boolean isRegister;
 
     private String phone;
 
-    public String getIsRegister() {
-        return isRegister;
-    }
+    public Boolean getIsRegister() {
+		return isRegister;
+	}
 
-    public void setIsRegister(String isRegister) {
-        this.isRegister = isRegister;
-    }
+	public void setIsRegister(Boolean isRegister) {
+		this.isRegister = isRegister;
+	}
 
-    public String getSmsCode() {
+	public String getSmsCode() {
         return smsCode;
     }
 
@@ -29,14 +27,6 @@ public class LoginEntity {
         this.smsCode = smsCode;
     }
 
-    public String getIsLessee() {
-        return isLessee;
-    }
-
-    public void setIsLessee(String isLessee) {
-        this.isLessee = isLessee;
-    }
-
     public String getClientId() {
         return clientId;
     }

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/config/WebSecurityConfig.java

@@ -124,7 +124,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 		filter.setAuthenticationManager(authenticationManagerBean());
 		filter.setAuthenticationSuccessHandler(successEventHandler);
 		filter.setAuthenticationFailureHandler(failureEvenHandler);
-		filter.setSysUserService(sysUserService);
 		return filter;
 	}
 

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/filter/PhoneLoginAuthenticationFilter.java

@@ -10,16 +10,13 @@ import javax.servlet.http.HttpServletResponse;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.security.authentication.AbstractAuthenticationToken;
 import org.springframework.security.authentication.AuthenticationServiceException;
-import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
-import com.ym.mec.auth.api.dto.SysUserInfo;
 import com.ym.mec.auth.api.entity.LoginEntity;
 import com.ym.mec.auth.config.token.PhoneAuthenticationToken;
-import com.ym.mec.auth.service.SysUserService;
 import com.ym.mec.common.security.SecurityConstants;
 
 public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
@@ -27,14 +24,11 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 	private static final String SPRING_SECURITY_RESTFUL_PHONE_KEY = "phone";
 	private static final String SPRING_SECURITY_RESTFUL_VERIFY_CODE_KEY = "smsCode";
 	private static final String clientIdParameter = "clientId";
-	private static final String IS_REGISTER_PARAMETER = "register";
 	private static final String IS_LESSEE = "isLessee";
 
 	private static final String SPRING_SECURITY_RESTFUL_LOGIN_URL = "/smsLogin";
 	private boolean postOnly = true;
 
-	private SysUserService sysUserService;
-
 	public PhoneLoginAuthenticationFilter() {
 		super(new AntPathRequestMatcher(SPRING_SECURITY_RESTFUL_LOGIN_URL, "POST"));
 	}
@@ -49,29 +43,21 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 		// 手机验证码登陆
 		String principal = obtainParameter(request, SPRING_SECURITY_RESTFUL_PHONE_KEY);
 		String credentials = obtainParameter(request, SPRING_SECURITY_RESTFUL_VERIFY_CODE_KEY);
-		String isRegister = obtainParameter(request, IS_REGISTER_PARAMETER);
 		// 是否是租户
 		String isLessee = obtainParameter(request, IS_LESSEE);
+		
+		boolean isRegister = StringUtils.equals("1", isLessee);
 
 		String clientId = request.getParameter(clientIdParameter).toUpperCase();
-
-//		SysUserInfo userInfo = sysUserService.queryUserInfoByPhone(principal);
-		SysUserInfo userInfo = sysUserService.queryUserInfoByPhoneAndClient(principal,clientId);
-		if (userInfo != null && StringUtils.isNotEmpty(isLessee)) {
-			throw new LockedException("用户已存在");
-		}
+		
 		if ("EDUCATION".equals(clientId)) {
 			clientId = "SYSTEM";
 		}
-		if (userInfo != null && !userInfo.getSysUser().getUserType().contains(clientId)) {
-			throw new LockedException("用户不存在,请联系教务老师");
-		}
 
 		principal = principal.trim();
 
 		LoginEntity loginEntity = new LoginEntity();
 		loginEntity.setClientId(clientId);
-		loginEntity.setIsLessee(isLessee);
 		loginEntity.setPhone(principal);
 		loginEntity.setSmsCode(credentials);
 		loginEntity.setIsRegister(isRegister);
@@ -99,8 +85,4 @@ public class PhoneLoginAuthenticationFilter extends AbstractAuthenticationProces
 		return result == null ? "" : result;
 	}
 
-	public void setSysUserService(SysUserService sysUserService) {
-		this.sysUserService = sysUserService;
-	}
-
 }

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/provider/PhoneAuthenticationProvider.java

@@ -1,8 +1,11 @@
 package com.ym.mec.auth.core.provider;
 
+import java.util.Date;
+
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.InternalAuthenticationServiceException;
+import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -12,6 +15,7 @@ import org.springframework.transaction.annotation.Transactional;
 
 import com.ym.mec.auth.api.dto.SysUserInfo;
 import com.ym.mec.auth.api.entity.LoginEntity;
+import com.ym.mec.auth.api.entity.SysUser;
 import com.ym.mec.auth.config.token.PhoneAuthenticationToken;
 import com.ym.mec.auth.service.SysUserService;
 import com.ym.mec.common.security.SecurityConstants;
@@ -35,7 +39,7 @@ public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider
 
 	@Override
 	@Transactional(rollbackFor = Exception.class)
-	protected UserDetails retrieveUser(String phone, Authentication authentication) throws AuthenticationException {
+	protected UserDetails retrieveUser(String username, Authentication authentication) throws AuthenticationException {
 
 		LoginEntity loginEntity = (LoginEntity) authentication.getCredentials();
 		if (loginEntity == null) {
@@ -43,21 +47,53 @@ public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider
 		}
 
 		String smsCode = loginEntity.getSmsCode();
+		
+		String phone = StringUtils.substringAfter(username, SecurityConstants.PHONE_PRINCIPAL_PREFIX);
 
 		// 验证码验证
-		boolean b = smsCodeService.verifyValidCode(StringUtils.substringAfter(phone, SecurityConstants.PHONE_PRINCIPAL_PREFIX), smsCode);
+		boolean b = smsCodeService.verifyValidCode(phone, smsCode);
 		if (!b) {
 			throw new BadCredentialsException("验证码校验失败");
 		}
 
+		String clientId = loginEntity.getClientId();
+
+		Boolean isRegister = loginEntity.getIsRegister();
+
 		SysUserInfo userInfo = sysUserService.queryUserInfoByPhone(loginEntity.getPhone());
-		if (userInfo == null && StringUtils.isNotEmpty(loginEntity.getIsLessee())) {
-			sysUserService.initUser(loginEntity.getPhone(), loginEntity.getClientId(), loginEntity.getIsRegister(), loginEntity.getIsLessee());
+
+		if (userInfo == null) {
+			if (isRegister == false || StringUtils.equals("SYSTEM", clientId)) {
+				throw new LockedException("用户不存在");
+			}
+			sysUserService.initUser(loginEntity.getPhone(), clientId);
+		} else {
+			if (!userInfo.getSysUser().getUserType().contains(clientId)) {
+				if (isRegister == false || StringUtils.equals("SYSTEM", clientId)) {
+					throw new LockedException("用户不存在");
+				} else {
+					SysUser user = sysUserService.queryByPhone(phone);
+					if(user == null){
+						throw new LockedException("用户不存在");
+					}
+					user.setUserType(user.getUserType()+","+clientId);
+					user.setUpdateTime(new Date());
+					
+					// 添加userType以及附加信息
+					if (StringUtils.equals("STUDENT", clientId)) {
+						user.setOrganId(sysUserService.getLesseeOrganId());
+						sysUserService.saveStudent(user.getId());
+					} else if (StringUtils.equals("TEACHER", clientId)) {
+						sysUserService.saveTeacher(user.getId());
+					}
+					sysUserService.update(user);
+				}
+			}
 		}
 
 		UserDetails loadedUser;
 		try {
-			loadedUser = userDetailsService.loadUserByUsername(phone);
+			loadedUser = userDetailsService.loadUserByUsername(username);
 		} catch (UsernameNotFoundException e) {
 			throw e;
 		} catch (Exception e) {

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/service/SysUserService.java

@@ -4,7 +4,6 @@ import com.ym.mec.auth.api.dto.SysUserInfo;
 import com.ym.mec.auth.api.entity.SysUser;
 import com.ym.mec.common.entity.ImUserModel;
 import com.ym.mec.common.service.BaseService;
-import org.springframework.security.core.Authentication;
 
 public interface SysUserService extends BaseService<Integer, SysUser> {
 
@@ -97,14 +96,7 @@ public interface SysUserService extends BaseService<Integer, SysUser> {
 	 * @param clientId
 	 * @return
 	 */
-	SysUserInfo initUser(String phone,String clientId,String isRegister,String isLessee);
-
-	/**
-	 * 获取老师的分部编号
-	 * @param phone
-	 * @return
-	 */
-	void retrieveUser(String phone, Authentication authentication);
+	SysUserInfo initUser(String phone,String clientId);
 
 	/**
 	 * 刷新token
@@ -117,4 +109,12 @@ public interface SysUserService extends BaseService<Integer, SysUser> {
 	 * @param userId
 	 */
 	void saveStudent(Integer userId);
+	
+	/**
+	 * 保存teacher数据
+	 * @param userId
+	 */
+	void saveTeacher(Integer userId);
+	
+	Integer getLesseeOrganId();
 }

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/service/impl/SysUserServiceImpl.java

@@ -1,7 +1,15 @@
 package com.ym.mec.auth.service.impl;
 
+import java.util.Date;
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
 import com.ym.mec.auth.api.dto.SysUserInfo;
-import com.ym.mec.auth.api.entity.LoginEntity;
 import com.ym.mec.auth.api.entity.SysUser;
 import com.ym.mec.auth.api.enums.YesOrNoEnum;
 import com.ym.mec.auth.dal.dao.SysUserDao;
@@ -16,18 +24,6 @@ import com.ym.mec.common.service.IdGeneratorService;
 import com.ym.mec.common.service.impl.BaseServiceImpl;
 import com.ym.mec.im.ImFeignService;
 import com.ym.mec.im.WebFeignService;
-import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.LockedException;
-import org.springframework.security.core.Authentication;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-
-import java.util.Date;
-import java.util.List;
 
 @Service
 public class SysUserServiceImpl extends BaseServiceImpl<Integer, SysUser> implements SysUserService {
@@ -49,8 +45,6 @@ public class SysUserServiceImpl extends BaseServiceImpl<Integer, SysUser> implem
 	@Autowired
 	private IdGeneratorService smsCodeService;
 
-	@Value("${message.autoRegister}")
-	private boolean autoRegister;
 	@Value("${auth.sysconfig.tenantId}")
 	private Integer lesseeOrganId;
 
@@ -155,59 +149,33 @@ public class SysUserServiceImpl extends BaseServiceImpl<Integer, SysUser> implem
 
 	@Override
 	@Transactional(rollbackFor = Exception.class)
-	public SysUserInfo initUser(String phone, String clientId,String isRegister,String isLessee) {
-		if("register".equals(isRegister)){
-			throw new UsernameNotFoundException("404.9");
-		}
-		if(StringUtils.isNotEmpty(isLessee) || autoRegister){
-			if(StringUtils.isNotEmpty(isLessee) && StringUtils.equalsIgnoreCase(clientId,"TEACHER")){
-				SysUser sysUser = new SysUser();
-				sysUser.setPhone(phone);
-				sysUser.setUserType("TEACHER");
-				sysUserDao.insert(sysUser);
-				//添加用户现金账户
-				imFeignService.register(new ImUserModel(sysUser.getId().toString(),phone,null));
-				userFeignService.createCashAccount(sysUser.getId());
-				//sysTenantAccount
-				sysUserDao.insertSysTenantAccount(sysUser.getId());
-				//创建teacher表
-				sysUserDao.insertTeacher(sysUser.getId(),lesseeOrganId);
-				return queryUserInfoByPhone(phone);
-			}else if(StringUtils.isNotEmpty(isLessee) && StringUtils.equalsIgnoreCase(clientId,"STUDENT")){
-				SysUser sysUser = new SysUser();
-				sysUser.setPhone(phone);
-				sysUser.setUserType("STUDENT");
-				sysUser.setOrganId(lesseeOrganId);
-				sysUserDao.insert(sysUser);
-				sysUserService.saveStudent(sysUser.getId());
-				//添加用户现金账户
-				imFeignService.register(new ImUserModel(sysUser.getId().toString(),phone,null));
-				userFeignService.createCashAccount(sysUser.getId());
-				return queryUserInfoByPhone(phone);
-			}
+	public SysUserInfo initUser(String phone, String clientId) {
+		if(StringUtils.equalsIgnoreCase(clientId,"TEACHER")){
+			SysUser sysUser = new SysUser();
+			sysUser.setPhone(phone);
+			sysUser.setUserType("TEACHER");
+			sysUserDao.insert(sysUser);
+			//添加用户现金账户
+			imFeignService.register(new ImUserModel(sysUser.getId().toString(),phone,null));
+			userFeignService.createCashAccount(sysUser.getId());
+			//sysTenantAccount
+			sysUserDao.insertSysTenantAccount(sysUser.getId());
+			//创建teacher表
+			sysUserDao.insertTeacher(sysUser.getId(),lesseeOrganId);
+			return queryUserInfoByPhone(phone);
+		}else if(StringUtils.equalsIgnoreCase(clientId,"STUDENT")){
+			SysUser sysUser = new SysUser();
+			sysUser.setPhone(phone);
+			sysUser.setUserType("STUDENT");
+			sysUser.setOrganId(lesseeOrganId);
+			sysUserDao.insert(sysUser);
+			sysUserService.saveStudent(sysUser.getId());
+			//添加用户现金账户
+			imFeignService.register(new ImUserModel(sysUser.getId().toString(),phone,null));
+			userFeignService.createCashAccount(sysUser.getId());
+			return queryUserInfoByPhone(phone);
 		}
-		throw new UsernameNotFoundException("404.9");
-	}
-
-	@Override
-	@Transactional(rollbackFor = Exception.class)
-	public void retrieveUser(String phone, Authentication authentication) {
-		LoginEntity loginEntity = (LoginEntity) authentication.getCredentials();
-		SysUserInfo userInfo = sysUserService.queryUserInfoByPhone(loginEntity.getPhone());
-		if (userInfo == null) {
-			userInfo = sysUserService.initUser(loginEntity.getPhone(),loginEntity.getClientId(),loginEntity.getIsRegister(),loginEntity.getIsLessee());
-		}else if(StringUtils.isNotEmpty(loginEntity.getIsLessee())){
-			throw new LockedException("用户已存在");
-		}
-		if("EDUCATION".equals(loginEntity.getClientId())){
-			loginEntity.setClientId("SYSTEM");
-		}
-		if (!userInfo.getSysUser().getUserType().contains(loginEntity.getClientId())) {
-			throw new LockedException("用户不存在,请联系教务老师");
-		}
-//			 验证码验证
-		boolean b = smsCodeService.verifyValidCode(loginEntity.getPhone(), loginEntity.getSmsCode());
-		if(!b) throw new BadCredentialsException("验证码校验失败");
+		return null;
 	}
 
 	@Override
@@ -221,4 +189,14 @@ public class SysUserServiceImpl extends BaseServiceImpl<Integer, SysUser> implem
 		sysUserDao.saveStudent(userId);
 	}
 
+	@Override
+	public void saveTeacher(Integer userId) {
+		sysUserDao.insertTeacher(userId, lesseeOrganId);
+	}
+
+	@Override
+	public Integer getLesseeOrganId() {
+		return lesseeOrganId;
+	}
+
 }