三方登录,

facade/src/app/routes/passport/login/login.component.ts

@@ -97,13 +97,28 @@ export class UserLoginComponent implements OnDestroy {
   // #endregion
 
   submit() {
+    this.userName.markAsDirty();
+    this.userName.updateValueAndValidity();
+    this.password.markAsDirty();
+    this.password.updateValueAndValidity();
+    if (this.userName.invalid || this.password.invalid) return;
+    const info = {
+      username: this.userName.value,
+      password: this.password.value,
+    };
+
+    this.login(info);
+  }
+
+
+  /**
+   * 执行登录
+   * @param params 登录参数
+   */
+  login(info: object) {
     this.error = '';
     // if (this.type === 0) {
-      this.userName.markAsDirty();
-      this.userName.updateValueAndValidity();
-      this.password.markAsDirty();
-      this.password.updateValueAndValidity();
-      if (this.userName.invalid || this.password.invalid) return;
+
     // } else {
     //   this.mobile.markAsDirty();
     //   this.mobile.updateValueAndValidity();
@@ -120,9 +135,9 @@ export class UserLoginComponent implements OnDestroy {
         client_id: this.settingsService.user.client.clientId || environment.client_id,
         client_secret: this.settingsService.user.client.clientSecret || environment.client_secret,
         scope: '*',
-        username: this.userName.value,
-        password: this.password.value,
-        provider: environment.provider,
+        username: info['username'],
+        password: info['password'],
+        type: info['type'] || 0,
       };
 
 
@@ -164,6 +179,7 @@ export class UserLoginComponent implements OnDestroy {
       });
   }
 
+
   // #region social
 
   open(item: object, openType: SocialOpenType = 'href') {
@@ -217,7 +233,8 @@ export class UserLoginComponent implements OnDestroy {
           type: 'window',
         })
         .subscribe(res => {
-          const code = localStorage.getItem('_code');
+          const code = localStorage.getItem('_token_');
+          this.loginByToken(item, code);
           //this.loadUser(item, code);
           // if (res) {
           //   this.settingsService.setUser(res);
@@ -231,37 +248,13 @@ export class UserLoginComponent implements OnDestroy {
     }
   }
 
-  loadUser(item: object, code: string) {
-    // 获得token
-    const data = {
-      grant_type: 'authorization_code',
-      client_id: item['clientId'],
-      client_secret: item['clientSecret'],
-      code: code,
-      redirect_uri: '',
+  loginByToken(item: object, token: string) {
+    const info = {
+      username: item['code'],
+      password: token,
+      type: 9,
     };
-
-
-  const url = environment.BASE_URL + 'oauth/token?_allow_anonymous=true';
-  let options = null;
-  let params: any = null;
-  let body = null;
-  if ( environment.auth_set_header ) {
-     options = {headers:   {Authorization: 'Basic ' + btoa ( data.client_id + ':' + data.client_secret ),
-       'Content-type': 'application/x-www-form-urlencoded'}};
-    params = data;
-  } else {
-    body = data;
-  }
-console.log(item);
-
-  this.http
-    .post('http://127.0.0.1:8092/oauth/token' , body , data, options)
-    .subscribe((res: any) => {
-      console.log(res);
-    } ,  (res) => {
-       console.log(res);
-    });
+    this.login(info);
   }
 
   // #endregion

src/main/java/com/kingkong/bljs/controller/MainController.java

@@ -75,7 +75,7 @@ public class MainController {
         //threeLoginService.setThreelogin(threelogin);
 
 
-        //String str = "<script>localStorage.setItem('_code','" + token + "');window.close();</script>";
-        return code;
+        String str = "<script>localStorage.setItem('_token_','" + token + "');window.close();</script>";
+        return str;
     }
 }

src/main/java/com/kingkong/bljs/security/CustomClientDetailService.java

@@ -10,6 +10,7 @@ import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.ClientRegistrationException;
 import org.springframework.security.oauth2.provider.client.BaseClientDetails;
 
+import javax.servlet.http.HttpSession;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;
@@ -19,6 +20,9 @@ public class CustomClientDetailService implements ClientDetailsService {
     @Autowired
     private ClientMapper clientMapper;
 
+    @Autowired
+    private HttpSession session;
+
     @Override
     public ClientDetails loadClientByClientId(String s) throws ClientRegistrationException {
 
@@ -35,7 +39,10 @@ public class CustomClientDetailService implements ClientDetailsService {
         Set<String> uris = new HashSet<>();
         uris.add(client.getRedirectUri());
         clientDetails.setRegisteredRedirectUri(uris);
-        clientDetails.setAccessTokenValiditySeconds(3600*24);
+        clientDetails.setAccessTokenValiditySeconds(3600*24*7);
+
+        session.setAttribute("_app_id",client.getAppId());
+
         return clientDetails;
     }
 }

src/main/java/com/kingkong/bljs/security/CustomUserDetailsService.java

@@ -34,6 +34,9 @@ public class CustomUserDetailsService implements UserDetailsService {
     @Autowired
     private HttpServletRequest request;
 
+    @Autowired
+    private HttpSession session;
+
 
 
     @Value("${app.type}")
@@ -44,15 +47,32 @@ public class CustomUserDetailsService implements UserDetailsService {
 
     @Override
     public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
+        String appid = this.request.getParameter("app_id");
+        if(null == appid){
+            Object tmp = session.getAttribute("_app_id");
+            if(null == tmp)
+                appid = "0";
+            else
+                appid = tmp.toString();
+        }
 
         if(1== appType)
-            return this.zlUser(s);
+            return this.zlUser(s,appid);
+
+        String type =  this.request.getParameter("type");
+        Map user = null;
+        if(type.equals("9")){   //第三方登录
+            String userType = request.getParameter("username");
+            String token = request.getParameter("password");
+            user = queryService.find("select * from k_user where type='{0}' and password='{1}'",userType,token);
+        }else{
+            user = queryService.find("select * from k_user where name='{0}' and type is null",s);
+        }
 
-        Map user = queryService.first("k_user","name=" + s);
         if(null == user )
             throw new UsernameNotFoundException("用户不存在！");
 
-        String appid = this.request.getParameter("app_id");
+
         Map condition = new HashMap();
         condition.put("u_id",user.get("id").toString());
         condition.put("app_id",appid);
@@ -69,18 +89,18 @@ public class CustomUserDetailsService implements UserDetailsService {
         return customUser;
     }
 
-    private CustomUser zlUser(String userName) throws UsernameNotFoundException{
-        String strSQL =  "select user_id id,username name,DECODE(t.username,'ZLHIS',1,0) is_super,100 app_id\n" +
+    private CustomUser zlUser(String userName,String appid) throws UsernameNotFoundException{
+        String strSQL =  "select user_id id,username name,DECODE(t.username,'ZLHIS',1,0) is_super,{1} app_id\n" +
                         "from all_users t,上机人员表 z\n" +
                         "where t.username='{0}' and t.username = z.用户名";
 
-        Map user = this.queryService.find(strSQL,userName);
+        Map user = this.queryService.find(strSQL,userName,appid);
         if(null == user)
             throw new UsernameNotFoundException("用户不存在！");
         CustomUser customUser =   new CustomUser();
 
         customUser.setUser(user);
-        customUser.setAppid("100");
+        customUser.setAppid(appid);
         return customUser;
     }
 }

src/main/java/com/kingkong/bljs/security/CustomtAuthenticationProvider.java

@@ -10,6 +10,8 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Component;
 
+import javax.servlet.http.HttpServletRequest;
+
 /**
  * 自定义登录
  */
@@ -28,6 +30,9 @@ public class CustomtAuthenticationProvider implements AuthenticationProvider  {
     @Value("${app.server}")
     private String server;
 
+    @Autowired
+    private HttpServletRequest request;
+
 
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
@@ -42,9 +47,16 @@ public class CustomtAuthenticationProvider implements AuthenticationProvider  {
                 throw new BadCredentialsException("密码不正确！");
         } else {
             user = (CustomUser)userDetailsService.loadUserByUsername(username);
-            BCryptPasswordEncoder encoder  = new BCryptPasswordEncoder();
-            if(! encoder.matches(password,user.getPassword()))
-                throw new BadCredentialsException("密码不正确！");
+            String loginType =  this.request.getParameter("type");
+            if(loginType.equals("9")){ //三方登录不需要验证
+
+            }
+            else{
+                BCryptPasswordEncoder encoder  = new BCryptPasswordEncoder();
+                if(! encoder.matches(password,user.getPassword()))
+                    throw new BadCredentialsException("密码不正确！");
+            }
+
         }
 
 

src/main/java/com/kingkong/bljs/service/ThreeLoginService.java

@@ -12,6 +12,7 @@ import org.springframework.util.MultiValueMap;
 
 import javax.servlet.http.HttpServletRequest;
 import java.util.HashMap;
+import java.util.Map;
 
 
 @Service
@@ -37,7 +38,7 @@ public class ThreeLoginService {
 
 
     public Threelogin getThreelogin(){
-        return this.getThreelogin();
+        return this.threelogin;
     }
 
     public String getToken() {
@@ -88,6 +89,21 @@ public class ThreeLoginService {
         return JSONObject.parse(res);
     }
 
+
+    public Object postData(String api,Map map) throws Exception {
+        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
+        if(null != map) {
+            for(Object o : map.keySet()) {
+                params.add(o.toString(),null == map.get(o) ? "": map.get(o).toString());
+            }
+        }
+        return post(api,params);
+    }
+
+    public Object postData(String api) throws Exception {
+        return postData(api,null);
+    }
+
     public Object get(String api,MultiValueMap<String, String> params) throws Exception{
         HttpHeaders httpHeaders = this.getHeader();
 
@@ -98,4 +114,17 @@ public class ThreeLoginService {
         return JSONObject.parse(res);
     }
 
+    public Object getData(String api,Map map) throws Exception {
+        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
+        if(null != map) {
+            for(Object o : map.keySet()) {
+                params.add(o.toString(),null == map.get(o) ? "": map.get(o).toString());
+            }
+        }
+        return get(api,params);
+    }
+
+    public Object getData(String api) throws Exception{
+        return getData(api,null);
+    }
 }

src/main/java/com/kingkong/bljs/service/UserService.java

@@ -31,11 +31,11 @@ public class UserService {
     private HttpServletRequest request;
 
 
-    @Value("${app.table.user}")
-    private String k_user;
-
-    @Value("${app.table.app_user}")
-    private String k_app_user;
+//    @Value("${app.table.user}")
+//    private String k_user;
+//
+//    @Value("${app.table.app_user}")
+//    private String k_app_user;
 
     @Value("${app.type}")
     private String appType;
@@ -82,14 +82,13 @@ public class UserService {
         String strSQL = "";
         if(appType.equals("1")) {   //中联账号体系
 
-            strSQL = "select  t.id,t.name,null email,null avatar,t.is_super ,a.id staff_id,a.name staff,a.code staff_code,a.note,z.s_id,\n" +
-                    "	case when a.gender = 1 then '男' else '女' end gender_name,null tel,c.name department\n" +
-                    "from " + k_user + " t\n" +
-                    "LEFT JOIN k_user_staff z on z.u_id = t.id and z.app_id = {1}\n" +
-                    "LEFT JOIN k_staff a on a.app_id = z.app_id and a.id = z.s_id\n" +
-                    "LEFT JOIN k_staff_department b on b.s_id = a.id\n" +
-                    "LEFT JOIN k_department c on c.app_id = z.app_id and c.id = b.d_id\n" +
-                    "where t.name='{0}'";
+            strSQL =  "select a.user_id id,t.用户名 name,null email,null avatar,decode(t.用户名,'ZLHIS',1,0) is_super,\n" +
+                            "       z.id staff_id,z.姓名 staff,z.编号 staff_code,z.个人简介 note,t.人员id s_id,\n" +
+                            "       z.性别 gender_name,z.移动电话 tel,null department,-1 user_type\n" +
+                            "from all_users a,上机人员表 t ,人员表 z\n" +
+                            "where a.username=t.用户名 and z.id(+) = t.人员id\n" +
+                            "      and a.username='{0}'";
+
 
 
             user = queryService.find(strSQL, name, appid);
@@ -106,9 +105,9 @@ public class UserService {
                 user.put("departments", new ArrayList<Map>());
             }
         }else {
-            strSQL = "select  t.id,t.name,null email,null avatar,t.is_super ,null staff_id,null staff,null staff_code, null note,null s_id,\n" +
+            strSQL = "select  t.type user_type,t.id,t.name,null email,null avatar,t.is_super ,null staff_id,null staff,null staff_code, null note,null s_id,\n" +
                     "	null gender_name,null tel,null department\n" +
-                    "from " + k_user + " t\n" +
+                    "from k_user t\n" +
                     "where t.name='{0}'";
 
             user = queryService.find(strSQL, name, appid);