eCoWorksV3.git - Gitblit

fs-danaus

2022-07-26 b0744c82dbb0bb2a15763dbbd83a924f54312821

提交 \| 用户 \| age
a6a76f	1	package com.yc.sdk.oauth2.action;
F	2
	3
	4	import com.yc.action.BaseAction;
	5	import com.yc.action.login.LoginAction;
	6	import com.yc.entity.UserAccountEntity;
	7	import com.yc.listener.SessionListener;
	8	import com.yc.multiData.SpObserver;
	9	import com.yc.sdk.oauth2.entity.OAuth2InfoEntity;
	10	import com.yc.service.role.RoleIfc;
	11	import com.yc.service.user.LoginRecordIfc;
	12	import com.yc.service.user.UserAccountServiceIfc;
	13	import com.yc.utils.IPUtil;
	14	import com.yc.utils.SessionKey;
	15	import me.chanjar.weixin.common.util.http.URIUtil;
ba6749	16	import org.springframework.beans.factory.annotation.Autowired;
F	17	import org.springframework.data.redis.core.RedisTemplate;
	18	import org.springframework.stereotype.Controller;
	19	import org.springframework.web.bind.annotation.RequestMapping;
	20
	21	import javax.servlet.http.HttpServletRequest;
	22	import javax.servlet.http.HttpServletResponse;
	23	import javax.servlet.http.HttpSession;
a6a76f	24
F	25	@Controller
	26	public class OAuth2Login extends BaseAction{
	27	@Autowired
	28	private UserAccountServiceIfc userAccountService;
	29	@Autowired
	30	private LoginRecordIfc record;
	31	@Autowired
	32	private RoleIfc rIfc;
	33	@Autowired
	34	RedisTemplate redisTemplate ;
	35	@Autowired
	36	LoginAction loginAction;
	37	//protected static String oauth2HostName = AttachmentConfig.get("Oauth2.HostName") ;
	38
	39	@RequestMapping("/oauth2/login.do")
	40	public void login(HttpServletRequest request, HttpServletResponse response){
	41	HttpSession session = request.getSession();
	42
	43	String oauth2UUID = request.getParameter(SessionKey.OAUTH2UUID) ;
	44	if (oauth2UUID == null \|\| "".equals(oauth2UUID)) {
	45	this.print(response, "非法访问!");
	46	return ;
	47	}
	48	OAuth2InfoEntity oauth2InfoEntity = null ;
	49	try{
	50	//从 redis 服务器中取出 OAuth2InfoEntity 对象
	51	oauth2InfoEntity = (OAuth2InfoEntity) redisTemplate.opsForValue().get(oauth2UUID) ;
	52	}catch(Exception e) {
	53	e.printStackTrace();
	54	this.print(response, e.getMessage());
	55	return ;
	56	}
	57
	58	if (oauth2InfoEntity==null) {
	59	this.print(response, "无法读取用户授权信息，非法访问，可能原因：在邦定用户页面停留太久（超过30分钟），请重新扫码登录!");
	60	return ;
	61	}
	62
	63	String redirect = oauth2InfoEntity.getRedirect(); // 登录后重定向页面，Added by Johns Wang, 2016-02-17
	64	if (redirect != null && !"".equals(redirect)) redirect = URIUtil.encodeURIComponent(redirect);
	65
	66	String openId = oauth2InfoEntity.getOpenId();
	67	String dbId = oauth2InfoEntity.getDbid();
	68
	69	try {
	70	SpObserver.setDBtoInstance("_" + dbId);
	71	// --------------------
	72	// 判断是否超出人数限制
	73	if (SessionListener.checkUserLimit(request,dbId)) {
	74	String s = "当前登录人数已超过系统最大登录人数，如有需要增加登录人数，请联系软件公司";
	75	this.print(response, "<script> alert('" + s + "');window.location='/login.jsp"+(redirect != null && !"".equals(redirect)?"?redirect="+redirect:"") + "';</script>");
	76	session.invalidate();
	77	return ;// 验证出错返回'
	78	}
	79	//根据扫码openid 获取用户信息
	80	UserAccountEntity userAccount = null ;
	81	if (oauth2InfoEntity.getOauth2From().equals("wx")) {
	82	userAccount = userAccountService.getUserInfoByOauth2OpenIdForWeiXin(openId);
	83	}
	84	if (oauth2InfoEntity.getOauth2From().equals("qq")) {
	85	userAccount = userAccountService.getUserInfoByOauth2OpenIdForQQ(openId);
	86	}
	87
	88	if (userAccount == null ) {
	89	record.loginRecord(openId, "", IPUtil.getIpAddr(request));// 记录登录登录失败的信息
	90	String s = "当前"+ (oauth2InfoEntity.getOauth2From().equals("qq")?"QQ":"微信")+"号没有与用户账号绑定！";
	91	this.print(response, "<script> alert('" + s + "');window.location='/login.jsp"+(redirect != null && !"".equals(redirect)?"?redirect="+redirect:"") + "';</script>");
	92	return ;
	93	}
	94	// ----------------
	95
	96	int recordeCount = record.getRecordCountIn10min(openId); //10分钟内不能登录
	97
	98	String ip = IPUtil.getIpAddr(request);
	99	if (recordeCount >= 5) {
	100	record.loginRecord(openId, "", ip);// 登录次数过多再行登陆作为登录失败处理
	101	String s = "在短时间内登录错误次数过多！请耐心的等10分钟后再登录！";
	102	this.print(response, "<script> alert('" + s + "');window.location='/login.jsp"+(redirect != null && !"".equals(redirect)?"?redirect="+redirect:"") + "';</script>");
	103	return ;
	104	}
	105	// 检查限制用户登录时间和登录I
	106
	107	int s = userAccountService.checkUserLoginTimeAndIp(userAccount.getUserCode(), ip);
	108	if (s == 0) {
	109	this.print(response, "<script> alert('" + ip + "禁止登录" + "');window.location='/login.jsp"+(redirect != null && !"".equals(redirect)?"?redirect="+redirect:"") + "';</script>");
	110	return ;
	111	}
	112	session.setAttribute("NickName",oauth2InfoEntity.getNickName()); //昵称
	113	session.setAttribute("headimgurl",oauth2InfoEntity.getHeadimgurl()); //头像
b0744c	114	//by danaus 2022/7/26 16:34
F	115	session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_MINIAPP);//miniapp 小程序类型
	116	loginAction.processLoginUserToSessionV2(ip,dbId,request,userAccount);
	117	try {
a6a76f	118	//删除 redis 上的信息
F	119	redisTemplate.delete(oauth2UUID) ;
	120	}catch(Exception e) {
	121	e.printStackTrace();
	122	this.print(response, e.getMessage());
	123	return ;
	124	}
	125
	126
	127	if (redirect != null && !"".equals(redirect)) { // 增加登录后重定向页面功能，added by Johns Wang, 2016-02-17
	128	response.sendRedirect(redirect);
	129	return ;
	130	} else {
	131	response.sendRedirect("/home.jsp");
	132	return ;
	133	}
	134	}catch (Exception e) {// 不存在此账号
	135	e.printStackTrace();
	136	this.print(response, "<script> alert('"+e.getMessage()+"');window.location='/login.jsp"+(redirect != null && !"".equals(redirect)?"?redirect="+redirect:"") + "';</script>");
	137	return ;
	138	}finally {
	139	SpObserver.setDBtoInstance();
	140	}
	141	}
	142	}