package com.yc.action.login; import com.alibaba.fastjson.JSON; import com.google.gson.Gson; import com.yc.action.BaseAction; import com.yc.action.grid.GridUtils; import com.yc.api.bean.Gfrom; import com.yc.api.bean.QrScanType; import com.yc.api.bean.attendance.AppSalesSetting; import com.yc.api.controller.QrCodeController; import com.yc.api.service.QrServiceIfc; import com.yc.api.utils.VersionUtils; import com.yc.app.v2.entity.SysUserConfigEntity; import com.yc.entity.*; import com.yc.entity.attachment.AttachmentEntity; import com.yc.exception.ApplicationException; import com.yc.exception.CallBackMessage; import com.yc.factory.FactoryBean; import com.yc.factory.InitSystem; import com.yc.im.util.RedisSocket; import com.yc.jpush.JpushAction; import com.yc.listener.SessionListener; import com.yc.multiData.MultiDataSource; import com.yc.multiData.SpObserver; import com.yc.open.utils.HttpClientUtil; import com.yc.sdk.WebSocketMessage.action.WebSocketMessageServer; import com.yc.sdk.WebSocketMessage.entity.MessageInfo; import com.yc.sdk.WebSocketMessage.entity.MessageType; import com.yc.sdk.WebSocketMessage.entity.WsMessageUserEntity; import com.yc.sdk.gaodemap.entity.GdErrorException; import com.yc.sdk.map.entity.LocationEntity; import com.yc.sdk.map.service.MapService; import com.yc.sdk.password.action.ChangePassword; import com.yc.sdk.shopping.action.VerificationCodes; import com.yc.sdk.shopping.action.api.InvitationCode; import com.yc.sdk.shopping.service.sms.SendSMSMessagesIfc; import com.yc.sdk.shopping.util.SettingKey; import com.yc.sdk.weixinmp.util.UserAgentUtil; import com.yc.sdk.weixinopen.entity.OpenComponentAppSetting; import com.yc.service.BaseService; import com.yc.service.demo.DemoIfc; import com.yc.service.role.RoleIfc; import com.yc.service.upload.AttachmentIfc; import com.yc.service.user.EquipmentEntry; import com.yc.service.user.LoginEquipmentIfc; import com.yc.service.user.LoginRecordIfc; import com.yc.service.user.UserAccountServiceIfc; import com.yc.utils.*; import com.yc.wyn.controller.WynAuthenticationThread; import com.yc.wyn.entry.TokenEntry; import eu.bitwalker.useragentutils.UserAgent; import me.chanjar.weixin.common.util.http.URIUtil; import org.apache.commons.lang.StringUtils; import org.apache.http.client.methods.CloseableHttpResponse; import org.apache.http.client.methods.HttpGet; import org.apache.http.client.methods.HttpPost; import org.apache.http.util.EntityUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.dao.DataAccessException; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.jdbc.core.BeanPropertyRowMapper; import org.springframework.scheduling.concurrent.ThreadPoolTaskExecutor; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.File; import java.io.IOException; import java.io.PrintWriter; import java.text.SimpleDateFormat; import java.util.*; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; //@Scope("request") @Controller public class LoginAction extends BaseAction { @Autowired private UserAccountServiceIfc userAccountService; @Autowired private LoginRecordIfc record; @Autowired private RoleIfc rIfc; @Autowired private DemoIfc demoIfc; @Autowired ThreadPoolTaskExecutor threadPoolExecutor; @Autowired LoginEquipmentIfc loginEquipmentIfc; @Autowired SendSMSMessagesIfc sms ; @Autowired RedisTemplate redisTemplate; final Logger log = LoggerFactory.getLogger(this.getClass()); private static String attachment_server = AttachmentConfig.get("attachment.server"); private int prossSN(String cltsn) { List> list = new ArrayList>(); try { SpObserver.setDBtoDemo(); list = demoIfc.getInfoByCltSn(cltsn); } finally { SpObserver.setDBtoInstance(); } int r = 0; if (list != null && list.size() > 0) { r = 1; } return r; } @RequestMapping(value = "/multilogin.do",method = RequestMethod.POST) public String multilogin(@RequestBody MultipleLoginEntry entry, HttpServletRequest request, HttpServletResponse response) { request.setAttribute("account",entry.getUserCode()); request.setAttribute("pwd",entry.getPwd()); request.setAttribute("isMultiLogin",1); if(VersionUtils.getAPPTypeName(request) != null) { request.setAttribute("isApp",1); } if(entry.getLoginByCode()!=null&&entry.getLoginByCode() == 1){ request.setAttribute("loginByCode", 1);//存在则不再验证设备情况 } request.setAttribute("dataName",entry.getDbid()); return login(request,response); } @RequestMapping("/login.do") public String login(HttpServletRequest request, HttpServletResponse response) { String userCode = request.getParameter("account"); if (userCode == null || "".equals(userCode)) { userCode = (request.getAttribute("account") == null ? "" : (String) request.getAttribute("account")); } String password = request.getParameter("pwd"); if (password == null || "".equals(password)) { password = (request.getAttribute("pwd") == null ? "" : (String) request.getAttribute("pwd")); } if (password != null && !"".equals(password)) { password = EncodeUtil.replaceUrlChar(password); } boolean isMultiLogin =false ;//多账号选择后重登录 isMultiLogin=request.getAttribute("isMultiLogin")==null?false:true; String code = request.getParameter("code"); if (code == null || "".equals(code)) { code = (request.getAttribute("code") == null ? "" : (String) request.getAttribute("code")); } CallBackMessage callBackMessage = new CallBackMessage(); boolean ch_userid = (request.getAttribute("isch_userid") == null ? false : (Boolean) request.getAttribute("isch_userid")); if (ch_userid) { password = "***";// 避开与密码相关 } String dbId = ""; String dataBaseDis = ""; String isone = ""; Boolean isApp = false; if (request.getParameter("isApp") != null || request.getAttribute("isApp") != null) { isApp = true;// 手机app传过来 ; } String redirect = request.getParameter("redirect"); // 登录后重定向页面,Added by Johns Wang, 2016-02-17 // 处理通行证的情况 StringBuilder sb = new StringBuilder(); String cltsn = request.getParameter("cltsn"); if (cltsn == null) cltsn = (String) request.getAttribute("cltsn"); // Added by Johns Wang, 2015-12-06。。……。。……..…… if (cltsn != null && !"".equalsIgnoreCase(cltsn)) { int k = this.prossSN(cltsn); if (k == 0) { callBackMessage.setError("通行证已失效,请联络服务提供商!"); this.printJson(response, callBackMessage.toString()); return null;// 验证出错返回' } } else { dbId = request.getParameter("dataName");// 数据源id dataBaseDis = request.getParameter(SessionKey.DATABASE_DIS); isone = request.getParameter("isone");// 只有一个数据源的情况 if (dbId == null) dbId = (String) request.getAttribute("dataName"); // Added by Johns Wang, 2015-12-06 if (dataBaseDis == null) dataBaseDis = (String) request.getAttribute(SessionKey.DATABASE_DIS); // Added by Johns Wang, 2015-12-06 // 从数据源取 系统名称 dataBaseDis ,added by Johns Wang, 2017-07-02 if (dataBaseDis == null) { DataSourceEntity dataSourceEntity = MultiDataSource.getDataSourceMap(dbId); if (dataSourceEntity != null) { dataBaseDis = dataSourceEntity.getSystemID(); } } if (isone == null) isone = (String) request.getAttribute("isone"); // Added by Johns Wang, 2015-12-06 } if (userCode != null && userCode.length() > 30) {//解密为明文 try { userCode = ChangePassword.getDecryptPassword(EncodeUtil.replaceUrlChar(userCode)); } catch (Exception e) { e.printStackTrace(); print2(response, this.getErrorMsg(e), redirect, isApp); return null;// 验证出错返回' } } HttpSession session = request.getSession(); String domain = request.getParameter("domain") != null ? request.getParameter("domain") : (String) request.getAttribute("domain"); UserAccountEntity userAccount = null; //---多账号登录时,跳过这里 if(!isMultiLogin) { // -------处理原生APP登录,通过手机号,注册时的密码 by danaus 2018-8-24 // 1---有dbid的情况表明是通过选择一个数据源进行登录操作 if (VersionUtils.getAPPTypeName(request) != null) {// ios,android调用 try { InvitationCode invitationCode = (InvitationCode) FactoryBean.getBean("invitationCode"); // userCode代表手机号 (在方法 invitationCode.getDbList() 切换数据源 ) invitationCode.checkPasswordByTelephone(userCode, password, dbId); // 通过数据源id和手机号取得用户usercode进行登录,这时候不需要密码验证 SpObserver.setDBtoInstance("_" + dbId); List userAccounts = userAccountService.getUserInfoByTelephone(userCode);//userCode 手机号 if (userAccounts != null) { if (userAccounts.size() == 1) { userAccount = userAccounts.get(0); if (userAccount.isInActive()) { print2(response, "【" + userCode + "】手机号码已被停用,禁止登录本系统", redirect, isApp); return null;// 验证出错返回 } userAccount.setApp_userCode(userCode);//手机号 userAccount.setApp_Password(password); userCode = userAccount.getUserCode();//转成ERP的usercode进行登陆 password = userAccount.getPassword();//转成ERP的密码进行登陆 ch_userid = true; //---处理极光别名绑定过多(>10个)的情况,需要查询绑定数量,超过8个则需要删除最后一个,以保证客户端别名设置没问题 this.processJiguangAliases(userCode, dbId); } else { //多个账号,则需要返回给前端让用户选择用哪个账号进行登录,app端选择只需要选择不同的ERP账号密码重新登录 this.processMultpleAccount(userAccounts, response, isApp, null,dbId); } } else { print2(response, "【" + userCode + "】手机号码未开通ERP系统服务,登录失败", redirect, isApp); return null;// 验证出错返回' } } catch (DataAccessException e) { e.printStackTrace(); print2(response, e.getCause() != null ? e.getCause().getMessage() : e.getMessage(), redirect, isApp); return null; } catch (Exception e) { e.printStackTrace(); print2(response, e.getCause() != null ? e.getCause().getMessage() : e.getMessage(), redirect, isApp); return null; } finally { SpObserver.setDBtoInstance(); } } //这里是短信登录 xin 2020-8-20 11:25:59 String phone = request.getParameter("telephone"); phone = (phone == null ? "" : phone); String phoneCode = request.getParameter("phoneCode"); phoneCode = (phoneCode == null ? "" : phoneCode); if (StringUtils.isBlank(userCode) && !StringUtils.isBlank(phone) && !StringUtils.isBlank(phoneCode)) { try { if (!redisTemplate.hasKey("CODE:" + phone + ":" + dbId)) { print2(response, "验证码已失效,请重新获取验证码。", redirect, isApp); return null; } if (!phoneCode.equals(redisTemplate.opsForValue().get("CODE:" + phone + ":" + dbId) + "")) { print2(response, "验证码错误,请输入正确的验证码", redirect, isApp); return null; } redisTemplate.delete("CODE:" + phone + ":" + dbId);//删除 SpObserver.setDBtoInstance("_" + dbId); List userAccounts = userAccountService.getUserInfoByTelephone(phone);//phone 手机号 if (userAccounts != null) { if (userAccounts.size() == 1) { userAccount = userAccounts.get(0); if (userAccount.isInActive()) { print2(response, "【" + phone + "】手机号码已被停用,禁止登录本系统", redirect, isApp); return null;// 验证出错返回' } userCode = userAccount.getUserCode();//转成ERP的usercode进行登陆 password = userAccount.getPassword();//转成ERP的密码进行登陆 } else { //短信登录,因为没密码输入,所以没有选中状态,都需要输入密码重新登录 this.processMultpleAccount(userAccounts, response, false, null,dbId); } } else { print2(response, "【" + phone + "】手机号码未开通ERP系统服务,登录失败", redirect, isApp); return null;// 验证出错返回 } } catch (Exception e) { print2(response, this.getErrorMsg(e), redirect, true);//短信登录也是没密码,和app端处理一样,选一个作为选中 return null;// 验证出错返回' } finally { SpObserver.setDBtoInstance(); } } } //---------------- // -------- if (StringUtils.isBlank(dbId) && StringUtils.isBlank(isone)) { sb.append("请选择一个系统!\\n"); } else { if (!StringUtils.isBlank(isone)) dbId = isone; session.setAttribute(SessionKey.DATA_BASE_ID, dbId); session.setAttribute(SessionKey.DATABASE_DIS, dataBaseDis); // 如果domain为空,则取默认的域名 by danaus 2021/4/12 11:18 if (org.apache.commons.lang3.StringUtils.isBlank(domain)) { domain = SettingKey.getHostUrl(request); } session.setAttribute(SessionKey.DOMAIN, domain); } if (StringUtils.isBlank(userCode)) { sb.append("账号不能为空\\n"); } if (StringUtils.isBlank(password)) { sb.append("密码不能为空\\n"); } // 判断进行验证码校验********************* boolean isValidateLogin = "true".equals(SystemConfig.getInstanse().get("isEnableValidateCode")); ; if (isValidateLogin) {// 是否进行验证码验证 if (StringUtils.isBlank(code)) { sb.append("验证码不能为空\\n"); } else { String rand = (String) session.getAttribute("rand");// 对照验证码 if (!code.equalsIgnoreCase(rand)) { sb.append("验证码不相符\\n"); } } } // 判断进行验证码校验********************* if (sb.length() > 0) { print2(response, sb.toString(), redirect, isApp); return null;// 验证出错返回' } try { // -------------------- // 判断是否超出人数限制 if (SessionListener.checkUserLimit(request, dbId)) { String s = "当前登录人数已超过系统最大登录人数,如有需要增加登录人数,请联系软件公司"; print2(response, s, redirect, isApp); session.invalidate(); return null;// 验证出错返回' } // *** start ******* 读取加密锁的授权店铺数 // int scount=0; // if(session.getAttribute(SessionKey.HAsP_sHOPCOUNT)!=null) // scount=(Integer)session.getAttribute(SessionKey.HAsP_sHOPCOUNT); // if(scount>0){ // // by danaus 13-5-4 // int shop=record.getShopCount(); // if(shop>scount){ // this.print(response, ""); // return null;//验证出错返回' // } // } // *** end *********** int recordeCount = 0; try { SpObserver.setDBtoInstance("_" + dbId); recordeCount = record.getRecordCountIn10min(userCode); // 10分钟内不能登录 } finally { SpObserver.setDBtoInstance(); } String ip = IPUtil.getIpAddr(request); if (recordeCount >= 5) { try { SpObserver.setDBtoInstance("_" + dbId); record.loginRecord(userCode, password, ip);// 登录次数过多再行登陆作为登录失败处理 } finally { SpObserver.setDBtoInstance(); } print2(response, userCode + "在短时间内登录错误次数过多!请耐心的等10分钟后再登录!", redirect, isApp); return null;// 验证出错返回 } // 检查限制用户登录时间和登录IP int s = 0; try { SpObserver.setDBtoInstance("_" + dbId); s = userAccountService.checkUserLoginTimeAndIp(userCode, ip); } finally { SpObserver.setDBtoInstance(); } if (s == 0) { print2(response, "该用户只能在工作时间或固定场所使用本系统[" + ip + "]", redirect, isApp); return null; } // // 设置session try { if (userAccount == null) { SpObserver.setDBtoInstance("_" + dbId); userAccount = userAccountService.getUserInfoByUserCode(userCode); if (userAccount == null) { List userAccounts = userAccountService.getUserInfoByTelephone(userCode); //允许电话登录 if (userAccounts != null) { if(userAccounts.size()==1) { userAccount = userAccounts.get(0); if (userAccount.isInActive()) { print2(response, "【" + userCode + "】手机号码已被停用,禁止登录本系统", redirect, isApp); return null;// 验证出错返回' } userCode = userAccount.getUserCode();//转成ERP的usercode进行登陆 }else { //处理输入的密码在不在所列出账号里面,不存在说明密码错误,存在则标记是哪一个账号 final String pwd=password; boolean errorPwd = userAccounts.stream().noneMatch(x -> { try { return x.checkPassword(pwd); } catch (Exception e) { throw new RuntimeException(e); } }); if(errorPwd){ print2(response, "【" + userCode + "】密码不正确,登录失败", redirect, isApp); return null;// 密码不正确出错返回 } this.processMultpleAccount(userAccounts,response,isApp,pwd,dbId); } } else { if(!userCode.contains("@")&&userCode.matches("\\d+?")&&userCode.length()==11) {//只有是手机登录才有这样的提示,因为下面还要处理邮箱登录,不能直接返回 print2(response, "【" + userCode + "】手机号码未开通ERP系统服务,登录失败", redirect, isApp); return null;// 验证出错返回 } } } if (userAccount == null) { userAccount = userAccountService.getUserInfoByEmail(userCode); //允许邮箱号登录 } } }catch (Exception e){ this.print2(response, this.getErrorMsg(e), request.getParameter("redirect"), isApp); return null; }finally { SpObserver.setDBtoInstance(); } if (userAccount == null) { try { SpObserver.setDBtoInstance("_" + dbId); record.loginRecord(userCode, password, IPUtil.getIpAddr(request));// 记录登录登录失败的信息 }catch (Exception e){ this.print2(response, this.getErrorMsg(e), request.getParameter("redirect"), isApp); return null; } finally { SpObserver.setDBtoInstance(); } if (ch_userid) { return "{\"ch_error\":\"ch_user_error\",\"info\":\"未开通ERP系统服务,登录失败!\"}"; } else { this.print2(response, "未开通ERP系统服务,登录失败!", request.getParameter("redirect"), isApp); return null; } } try { if (!ch_userid && !userAccount.checkPassword(password)) { try { SpObserver.setDBtoInstance("_" + dbId); record.loginRecord(userCode, password, IPUtil.getIpAddr(request));// 记录登录登录失败的信息 }catch (Exception e){ this.print2(response, this.getErrorMsg(e), request.getParameter("redirect"), isApp); return null; } finally { SpObserver.setDBtoInstance(); } this.print2(response, "用户密码不正确!", request.getParameter("redirect"), isApp); return null; } } catch (Exception ex) { this.print2(response, ex.getMessage(), request.getParameter("redirect"), isApp); return null; } // 判断用户登录时是否禁用 if (userAccount.isInActive()) { this.print2(response, "用户账号已禁止登录!如有问题,请联系管理员", request.getParameter("redirect"), isApp); return null; } if (isApp) { session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_APP);//app 类型 //判断当前登录设备是否与最新一次登录设备是一样,不一样需要返回给前端,输出短信进行验证登录 } else if (redirect != null && !"".equals(redirect)) { // 增加登录后重定向页面功能,added by Johns Wang, 2016-02-17 session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_MINIAPP);//miniapp 类型 } else { session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_WEB);//web 类型 } final DataSourceEntity dataSourceMap = MultiDataSource.getDataSourceMap(dbId); //--------------------------------- //开启了账号只能在相同类型设备上登录一个,禁止多方登录 if (isApp) { if(isMultiLogin&& org.apache.commons.lang3.StringUtils.isBlank(userAccount.getApp_userCode())){ //isMultiLogin=true表示以pc端身份登录,app端登录的手机号需要重新绑定 userAccount.setApp_userCode(userAccount.getTel()); } //---验证当前设备是否为上一次登录设备 //---1,检查是否有发送SMS验证的标记,有则不需要查,表明之前已查过,跳过下面checkSameEquipmentByLastLogin方法 final Object object = request.getAttribute("loginByCode"); if(object==null){ EquipmentEntry equipmentEntry=null; try { SpObserver.setDBtoDemo(); equipmentEntry = loginEquipmentIfc.checkSameEquipmentByLastLogin(userAccount.getApp_userCode(), request.getHeader("x-app-uniqueIdentifier")); }catch (Exception e){ printJson(response, callBackMessage.sendErrorMessage(this.getErrorMsg(e))); return null; }finally { SpObserver.setDBtoInstance(); } if(equipmentEntry!=null&&equipmentEntry.getUserId()!=null) { //log.info(JSON.toJSONString("equipmentEntry:"+equipmentEntry)); //2----不相同,则需要SMS进行验证登录 //session.invalidate();//删除当前会话 String error=null; //---处理多账号登录时,用户用新设备或设备不在信任列表,由于这种情况都需要进行短信验证,需要和之前单账号登录的情况区分开 Map map=new HashMap<>(); map.put("action",isMultiLogin?"multiLogin":"singleLogin"); if(isMultiLogin){ Map info=new HashMap<>(); info.put("userCode",userCode); info.put("pwd",password); info.put("dbid",dbId); info.put("loginByCode","1"); map.put("info",info); } callBackMessage.setInfo(map); if(org.apache.commons.lang3.StringUtils.isNotBlank(equipmentEntry.getUniqueIdentifier())) { //开启了才需要提示 if(dataSourceMap.isLoginOnceForOneUserCode()) { error = String.format("您已在另一台设备%s登录,登录时间:%s,如果需要在本机登录,需要验证您的身份。", equipmentEntry.getEquipmentName(), equipmentEntry.getLastLogonDate()); callBackMessage.sendErrorMessage(error,-1005); //返回错误信息 String msg=JSON.toJSONString(callBackMessage.toJSONObject()); printJson(response, msg); return null; } }else { //是否开启限制也需要弹出验证,为空表示是新用户第一次登录或清空了之前登录过的设备 error="为了保证系统使用安全,需要验证您的身份"; //返回错误信息 callBackMessage.sendErrorMessage(error,-1005); String msg=JSON.toJSONString(callBackMessage.toJSONObject()); printJson(response,msg); return null; } } }else{ if(dataSourceMap.isLoginOnceForOneUserCode()) { this.singleAccount(isApp ? "2" : "1", dbId, userAccount, request); } } }else { if(dataSourceMap.isLoginOnceForOneUserCode()) { //限制多设备登录 this.singleAccount(isApp ? "2" : "1", dbId, userAccount, request); } } processLoginUserToSessionV2(ip, dbId, request, userAccount); //------------------------------- //--APP用户配置组装成对象输出 SysUserConfigEntity sysUserConfigEntity=new SysUserConfigEntity(); sysUserConfigEntity.setSwitchToPageWhenLogonApp(session.getAttribute(SessionKey.SWITCHTOPAGEWHENLOGONAPP)+""); sysUserConfigEntity.setListDisplayStyleForToDo(session.getAttribute(SessionKey.LISTDISPLAYSTYLEFORTODO)==null?0:Integer.parseInt((session.getAttribute(SessionKey.LISTDISPLAYSTYLEFORTODO)+""))); sysUserConfigEntity.setSelectNextDocumentWhenApproved(session.getAttribute(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED)==null?0:Integer.parseInt(session.getAttribute(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED)+"")); sysUserConfigEntity.setIsStartupPopupMessages(session.getAttribute(SessionKey.ISSTARTUPPOPUPMESSAGES)==null?0:Integer.parseInt(session.getAttribute(SessionKey.ISSTARTUPPOPUPMESSAGES)+"")); session.setAttribute("userConfig",sysUserConfigEntity); //---Wyn认证 wynAuth(session, domain, dataSourceMap); //---- if (isApp) { QrServiceIfc qrServiceIfc = (QrServiceIfc) FactoryBean.getBean("qrService"); try { SpObserver.setDBtoInstance("_" + dbId); AppSalesSetting appSalesSetting = qrServiceIfc.getAppSalesOrderStyle(); //加到会话 session.setAttribute(SessionKey.APP_SALESORDER_MATCODE_LIST, appSalesSetting.getAppSalesOrderMatCodeList()); session.setAttribute(SessionKey.APP_SALESORDER_STYLE, appSalesSetting.getAppSalesOrderStyle()); } catch (Exception e) { e.printStackTrace(); throw new ApplicationException(e.getMessage()); } finally { SpObserver.setDBtoInstance(); } Map map = new HashMap(); map.put("success", "ok"); map.put("sessionid", session.getId()); map.put("userName", userAccount.getUserName()); String avatarUnid = ""; if (userAccount.getAvatarUnid() != null && !"".equals(userAccount.getAvatarUnid())) { try { SpObserver.setDBtoInstance("_" + dbId); AttachmentIfc attachmentIfc = (AttachmentIfc) FactoryBean.getBean("AttachmentImpl"); String[] unids = userAccount.getAvatarUnid().split(";"); final AttachmentEntity attachmentEntity = attachmentIfc.getAttachmentEntity(unids[0], unids[1]); avatarUnid = userAccount.getAvatarUnid() + ";" + attachmentEntity.getFileType(); } catch (Exception ex) { callBackMessage.sendErrorMessage(ex.getMessage()); this.printJson(response, callBackMessage.toString()); return null; } finally { SpObserver.setDBtoInstance(); } } map.put("avatarUnid", avatarUnid); map.put("attachment_server", attachment_server); map.put("url", domain == null ? "" : domain); if (request.getAttribute("postTokenV2") == null) { map.put("token", genToken(userAccount.getApp_Password(), userAccount.getApp_userCode(), Integer.parseInt(dbId))); } //---增加扫码显示方式 QrScanType qrScanType = null; //显示下单图标 int appSalesMenuIcon = 0; try { SpObserver.setDBtoInstance("_" + dbId); qrScanType = qrServiceIfc.getQrScanType(userAccount.getUserCode(), userAccount.getUserName()); } catch (Exception e) { e.printStackTrace(); throw new ApplicationException(e.getMessage()); } finally { SpObserver.setDBtoInstance(); } //---增加是否可以显示下单图标 try { SpObserver.setDBtoInstance("_" + dbId); BaseService baseService = (BaseService) FactoryBean.getBean("BaseService"); List list = baseService.getJdbcTemplate().query("select a.formid,a.formname from gform a where exists(select 1 from gfield b where a.formid = b.formid and b.fieldid in ( 'matcode','barcode','qrcode') and b.ScanCodeField = 1 )", new BeanPropertyRowMapper<>(Gfrom.class)); if (list != null && list.size() > 0) { QrCodeController qrCodeController = (QrCodeController) FactoryBean.getBean("qrCodeController"); List tempList = qrCodeController.procFormLimit(request, list); if (tempList != null && tempList.size() > 0) { appSalesMenuIcon = 1; } } } catch (Exception e) { e.printStackTrace(); throw new ApplicationException(e.getMessage()); } finally { SpObserver.setDBtoInstance(); } map.put("sessionInfo", getSessionInfo(session)); map.put("userType", session.getAttribute(SessionKey.USERTYPE)); map.put("isStopSystem", session.getAttribute(SessionKey.isStopSystem)); map.put("isAdmin", ("SuperUser".equalsIgnoreCase(session.getAttribute(SessionKey.USERTYPE) + "") || "DeveloperUser".equalsIgnoreCase(session.getAttribute(SessionKey.USERTYPE) + "")) ? 1 : 0);//非普通用户都有所有权限 map.put("isShowAttendance", dataSourceMap.isShowAttendanceButton() ? 1 : 0);//打卡 map.put("qrDisplayType", qrScanType.getScanMeterialAction());//扫码显示方式 map.put("appSalesMenuIcon", appSalesMenuIcon);//是否显示下单图标,0不显示,1显示 map.put("isRelatingMaterialWhenNewCustomer", qrScanType.getIsRelatingMaterialWhenNewCustomer());//是否关联客户 OpenComponentAppSetting openComponentAppSetting = OpenComponentAppSetting.defaultSettings(); map.put("mobileAppId", openComponentAppSetting == null ? null : openComponentAppSetting.getMobileAppId());//小程序id map.put("mobileAppSecret", openComponentAppSetting == null ? null : openComponentAppSetting.getMobileAppSecret());//小程序MobileAppSecret map.put("miniAppOrgId", dataSourceMap.getMiniAppOrgId());//小程序miniAppOrgId map.put("isModifyPriceWhenScanQrCode", session.getAttribute(SessionKey.ISMODIFYPRICEWHENSCANQRCODE)); map.put("isModifyPriceWhenSalesOrder", session.getAttribute(SessionKey.ISMODIFYPRICEWHENSALESORDER)); map.put("isModifyPriceWhenPurchaseOrder", session.getAttribute(SessionKey.ISMODIFYPRICEWHENPURCHASEORDER)); map.put("switchToPageWhenLogonApp", session.getAttribute(SessionKey.SWITCHTOPAGEWHENLOGONAPP)); map.put("listDisplayStyleForToDo", session.getAttribute(SessionKey.LISTDISPLAYSTYLEFORTODO)); map.put("selectNextDocumentWhenApproved", session.getAttribute(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED)); map.put("userConfig", sysUserConfigEntity); map.put("perssion", session.getAttribute(SessionKey.PERSSION)); map.put("map_provider", org.apache.commons.lang3.StringUtils.isNotBlank(AttachmentConfig.get("map_provider")) ? AttachmentConfig.get("map_provider") : "gaode");//huawei,gaode this.printJson(response, GridUtils.toJson(map)); return null; } else if (redirect != null && !"".equals(redirect)) { // 增加登录后重定向页面功能,added by Johns Wang, 2016-02-17 //return "redirect:" + redirect; callBackMessage.sendSuccessMessage("登录成功"); callBackMessage.setData("{\"redirect\":\"" + redirect + "\"}"); this.printJson(response, callBackMessage.toString()); return null; } else { if (ch_userid) return "{\"ok\":\"ch_user_ok\",\"info\":\"" + userCode + "\"}"; else { callBackMessage.sendSuccessMessage("登录成功"); this.printJson(response, callBackMessage.toString()); return null; } } }catch (IllegalStateException e) { e.printStackTrace(); if (e.getMessage()!=null&&e.getMessage().contains("Session already invalidated")) { sb.append("会话已过期,请重新登录系统"); print2(response, sb.toString(), redirect, isApp); System.out.println(this.getClass() + " sessionid:" + session.getId()); return null;// 会话已过期返回 } else { e.printStackTrace(); print2(response, this.getErrorMsg(e), redirect, isApp); return null; } } catch (DataAccessException e) { e.printStackTrace(); //SQLException sql = (SQLException) e.getCause(); //return "/403.jsp?info=" + sql.getMessage(); this.print2(response, e.getCause() != null ? e.getCause().getMessage() : e.getMessage(), request.getParameter("redirect"), isApp); return null; } catch (NullPointerException e) {// 不存在此账号 e.printStackTrace(); proccError(userCode, password, request, response); return null; } catch (RuntimeException e) { e.printStackTrace(); if (e.getLocalizedMessage()!=null&&e.getMessage().equals(SessionKey.DEMO_REF)) { session.setAttribute(SessionKey.DEMO_REF, SessionKey.DEMO_REF); this.print(response, ""); }else{ this.print2(response, this.getErrorMsg(e), request.getParameter("redirect"), isApp); } return null; }catch (GdErrorException e) {// 不存在高德地图apiKey e.printStackTrace(); this.print2(response, "高德地图KEY不存在,请在数据源里维护好", request.getParameter("redirect"), isApp); return null; } catch (Exception e) {// 不存在此账号 e.printStackTrace(); proccError(userCode, password, request, response); return null; } } private void wynAuth(HttpSession session, String domain, DataSourceEntity dataSourceMap) { if(org.apache.commons.lang3.StringUtils.isBlank(dataSourceMap.getWynOrganizationId())){ //未有开启wyn return; } String companyId = session.getAttribute(SessionKey.COMPANY_ID) + ""; String companyName = session.getAttribute(SessionKey.COMPANY_NAME) + ""; String ccCode = session.getAttribute(SessionKey.CCCODE) + ""; String ccName = session.getAttribute(SessionKey.CCNAME) + ""; String wynUserCode = session.getAttribute(SessionKey.USERCODE) + ""; String dbid= session.getAttribute(SessionKey.DATA_BASE_ID)+""; TokenEntry entry = new TokenEntry(); entry.setUserCode(wynUserCode); entry.setCompanyId(companyId); entry.setDbid(dbid); entry.setDomainUrl(domain); //用户所属组织结构 tenant_path格式:数据源id_数据源名称/公司id_公司名称/部门id_部门名称 String tenant_path= dataSourceMap.getDbId()+"_"+ dataSourceMap.getSystemID()+"/"+companyId+"_"+companyName; if(org.apache.commons.lang3.StringUtils.isNotBlank(ccCode)) { tenant_path+="/" + ccCode + "_" + ccName; } entry.setTenant_path(tenant_path); threadPoolExecutor.execute(new WynAuthenticationThread(entry)); } private void processMultpleAccount(List userAccounts, HttpServletResponse response, final Boolean isApp,final String pwd,final String dbid) { CallBackMessage callBackMessage=new CallBackMessage(); List collect = userAccounts.stream().map(x -> { MultipleAccountsEntry entry = new MultipleAccountsEntry(); entry.setUserCode(x.getUserCode()); entry.setUserName(x.getUserName()); String userType="未知"; if(x.getLogonType()==0) userType="员工"; if(x.getLogonType()==1) userType="客户"; if(x.getLogonType()==2) userType="员工"; if(x.getLogonType()==3) userType="供应商"; entry.setUserType(userType); entry.setDbid(dbid); if(!isApp) { if(pwd!=null) { try { entry.setSelected(x.checkPassword(pwd) ? true : false); } catch (Exception e) { throw new RuntimeException(e); } if (entry.isSelected()) { entry.setPwd(x.getPassword()); } else { entry.setPwd(""); } }else { //适合于短信登录情况,密码全为空 entry.setPwd(""); } }else { entry.setPwd(x.getPassword()); } return entry; }).collect(Collectors.toList()); if(isApp) collect.get(0).setSelected(true);//app端选第一个作为默认选中 callBackMessage.setInfo(collect); callBackMessage.sendErrorMessage("存在多个登录账号",-1009); this.printJson(response,JSON.toJSONString(callBackMessage.toJSONObject())); return; } private void singleAccount(String userFromType,String dbId, UserAccountEntity userAccount, HttpServletRequest request){ HttpSession session = request.getSession(); List onLineUser = SessionListener.getOnLineUser(request, dbId);//tomcat集群是采用会话复制,所以每个tomcat里的会话信息是一样,取到同一数据源所有会话,从中取到当前用户的会话 if(onLineUser!=null&&onLineUser.size()>0) { for(OnlineUserEntity entity:onLineUser){ if(entity.getUserCode().equalsIgnoreCase(userAccount.getUserCode()) &&userFromType.equalsIgnoreCase(entity.getLoginType()+"")//指明是PC,还是APP端 &&!session.getId().equalsIgnoreCase(entity.getSessionId())//排除当前的会话,取同账号的之前会话 ){ //只要会话存在,发webSocket回到登录界面 //---通知webscoket MessageInfo messageInfo = new MessageInfo(); messageInfo.setDbId(Integer.parseInt(dbId)); messageInfo.setMsgType(MessageType.RETURN_LOGIN_PAGE); messageInfo.setUserFromType(userFromType); messageInfo.setUserCode(entity.getUserCode()); messageInfo.setSessionId(entity.getSessionId()); if(userFromType.equalsIgnoreCase("1")) {//PC端 messageInfo.setMsg("您的账号已在其他地方登录"); }else{ messageInfo.setMsg("您的账号已在其他设备登录"); } WebSocketMessageServer.publishMessageToRedis(messageInfo); } } } } private String genToken(String pwd, String usercode, int dbid) { TokenInfo tokenInfo = new TokenInfo(); tokenInfo.setUsercode(usercode); tokenInfo.setDbid(dbid); try { String key = "Lg_Token:" + tokenInfo.getDbid() + ":" + tokenInfo.getUsercode(); Object object = redisTemplate.opsForValue().get(key); //if (object == null) { //不存在则加到redis里,过期时间设置为12小时 final int OVERTIME = 12; redisTemplate.opsForValue().set(key, pwd, OVERTIME, TimeUnit.HOURS); //} String token = AESUtils.encrypt(GridUtils.toJson(tokenInfo));//dbid+usercode加密返回给APP客户端保存 return token; } catch (Exception ex) { ex.printStackTrace(); return ""; } } public boolean processLoginUserToSession(String ip, String dbId, HttpSession session, UserAccountEntity userAccount) throws Exception { // 设置权限 PerssionEntity perssionEntity = new PerssionEntity(); try { SpObserver.setDBtoInstance("_" + dbId); perssionEntity.setRole(rIfc.getRole(userAccount.getUserCode())); } finally { SpObserver.setDBtoInstance(); } try { SpObserver.setDBtoInstance("_" + dbId); perssionEntity.setPerssion(userAccountService.getUserProfiles(userAccount.getUserCode())); // 保存会话 session信息 setSessionValues(dbId, userAccount, session, perssionEntity); // 登录成功清除登录错误信息 record.clearLoginRecord(userAccount.getUserCode()); // 记录登录信息 userAccountService.loginLog(userAccount.getUserCode(), userAccount.getUserName(), ip, session.getId()); } finally { SpObserver.setDBtoInstance(); } if (userAccount.getDefaultSet() != null && !"".equals(userAccount.getDefaultSet())) { try { SpObserver.setDBtoInstance("_" + dbId); perssionEntity.setDefaultSet(userAccountService.getDefaultSet(userAccount.getDefaultSet())); } finally { SpObserver.setDBtoInstance(); } } return true; } public boolean processLoginUserToSessionV2( String ip, String dbId, HttpServletRequest request, UserAccountEntity userAccount) throws Exception { HttpSession session = request.getSession(); // 设置权限 LoginUserEntity userEntity = new LoginUserEntity(); final DataSourceEntity dataSourceMap = MultiDataSource.getDataSourceMap(dbId); try { userEntity.setDbid(dbId); userEntity.setSystemDescribe(dataSourceMap.getSystemDescribe()); userEntity.setLogonDomain(request.getHeader("host")); if (request.getParameter("isApp") != null || request.getAttribute("isApp") != null) { // 手机app传过来 getAppHardwareInfo(request, userEntity); } else { //pc ,小程序 int userLoginType = session.getAttribute(SessionKey.USER_LOGIN_TYPE)==null?1:Integer.parseInt(session.getAttribute(SessionKey.USER_LOGIN_TYPE)+""); if (userLoginType==3) { userEntity.setUserLoginType("minapp"); } else { userEntity.setUserLoginType("web"); } String userAgentString = UserAgentUtil.getUaInfo(request); // request.getHeader("User-Agent"); UserAgent userAgent = UserAgent.parseUserAgentString(userAgentString); String os = userAgent.getOperatingSystem().getGroup().getName(); //String osName = userAgent.getOperatingSystem().getName() ; String manufacturer = userAgent.getOperatingSystem().getManufacturer().getName(); String model = UserAgentUtil.getPhoneModel(userAgentString); //String mobileOS = UserAgentUtil.getMobileOS(userAgentString); userEntity.setOSType(os); userEntity.setManufacturer(manufacturer); userEntity.setEquipmentModel(model); userEntity.setUserAgent(userAgentString); } String longitude = request.getHeader("x-app-longitude"); String latitude = request.getHeader("x-app-latitude"); //---通过经纬度,IP 获取地理信息(国,省,市,区) LocationEntity ipLocationEntity = MapService.getMapFactory().reverseGeocode(longitude, latitude, ip); if (ipLocationEntity != null) { userEntity.setCountryName(ipLocationEntity.getCountryName()); userEntity.setProvinceName(ipLocationEntity.getProvinceName()); userEntity.setCityName(ipLocationEntity.getCityName()); userEntity.setCountyName(ipLocationEntity.getCityName()); } userEntity.setLongitude(longitude); userEntity.setLatitude(latitude); userEntity.setIp(ip); PerssionEntity perssionEntity = new PerssionEntity(); SpObserver.setDBtoInstance("_" + dbId); perssionEntity.setRole(rIfc.getRole(userAccount.getUserCode())); perssionEntity.setPerssion(userAccountService.getUserProfiles(userAccount.getUserCode())); if (userAccount.getDefaultSet() != null && !"".equals(userAccount.getDefaultSet())) { perssionEntity.setDefaultSet(userAccountService.getDefaultSet(userAccount.getDefaultSet())); } // 保存会话 session信息 setSessionValues(dbId, userAccount, session, perssionEntity); // 登录成功清除登录错误信息 record.clearLoginRecord(userAccount.getUserCode()); // 记录登录信息 userAccountService.loginLogV2(userAccount, userEntity, session.getId()); } finally{ SpObserver.setDBtoInstance(); } // if (dataSourceMap.isLoginOnceForOneUserCode() &&request.getAttribute("loginByCode") != null) { //启用限制多设备登录,且通过短信二次验证登录 try { SpObserver.setDBtoDemo(); userEntity.setTelePhone(userAccount.getApp_userCode());//手机号 loginEquipmentIfc.updateUserLoginEquipmentInfo(userEntity); } finally { SpObserver.setDBtoInstance(); } // } return true; } private static void getAppHardwareInfo(HttpServletRequest request, LoginUserEntity userEntity) { userEntity.setOSType(request.getHeader("x-app-type"));//ios,android String equipmentCode = request.getHeader("x-app-equipmentCode"); String appVersion = request.getHeader("x-app-version");//app版本号 String uniqueIdentifier = request.getHeader("x-app-uniqueIdentifier");//设备唯一码 userEntity.setUniqueIdentifier(uniqueIdentifier); userEntity.setAppVersion(appVersion); userEntity.setEquipmentModel(equipmentCode);//设备型号 userEntity.setUserLoginType("app"); //--从设备型号提取生产商名称, if (org.apache.commons.lang3.StringUtils.isNotBlank(equipmentCode)) { String[] equipment = equipmentCode.split("\\s+?");//空格分隔,取第一个作为生产商 userEntity.setManufacturer(equipment[0]); } } /** * APP 自动登录接口 * * @param request * @param response */ @RequestMapping("/autoLogin.do") public String autoLogin(String token, HttpServletRequest request, HttpServletResponse response) { if (token == null || "".equalsIgnoreCase(token)) { this.printJson(response, "{\"error\":\"token不能为空\"}"); return ""; } try { String value = AESUtils.decrypt(EncodeUtil.replaceUrlChar(token));//解密 Gson gson = new Gson(); TokenInfo tokenInfo = gson.fromJson(value, new com.google.gson.reflect.TypeToken() { }.getType()); Object object = redisTemplate.opsForValue().get("Lg_Token:" + tokenInfo.getDbid() + ":" + tokenInfo.getUsercode()); if (object == null) { this.printJson(response, "{\"error\":\"token已失效,请重新登录\"}"); return ""; } String[] tokenStr = ((String) object).split("#");//0是密码,1是随机数 //进行登录操作 tokenInfo.setPwd(tokenStr[0]); request.setAttribute("account", tokenInfo.getUsercode()); request.setAttribute("pwd", tokenInfo.getPwd()); request.setAttribute("isApp", "1"); request.setAttribute("dataName", tokenInfo.getDbid() + ""); request.setAttribute("isone", tokenInfo.getDbid() + ""); } catch (Exception ex) { this.printJson(response, "{\"error\":\"" + this.getErrorMsg(ex) + "\"}"); return ""; } return login(request, response); } @RequestMapping("/autoLoginV2.do") /** * by danaus 2020/1/13 9:59 */ public String autoLoginV2(String token, HttpServletRequest request, HttpServletResponse response) { CallBackMessage callBackMessage = new CallBackMessage(); if (token == null || "".equalsIgnoreCase(token)) { this.printJson(response, callBackMessage.sendErrorMessage("token不能为空", -1)); return ""; } try { String value = AESUtils.decrypt(EncodeUtil.replaceUrlChar(token));//解密 Gson gson = new Gson(); TokenInfo tokenInfo = gson.fromJson(value, new com.google.gson.reflect.TypeToken() { }.getType()); //System.out.println("aaaaaa>>>>"+value); //System.out.println("bbbbb>>>>"+InvitationCode.TOKEN_STR + tokenInfo.getDbid() + ":" + tokenInfo.getUsercode()); Object object = redisTemplate.opsForValue().get(InvitationCode.TOKEN_STR + tokenInfo.getDbid() + ":" + tokenInfo.getUsercode()); //System.out.println("cccc>>>>"+object); if (object == null) { //设置会话失效 request.getSession().invalidate(); this.printJson(response, callBackMessage.sendErrorMessage("token已失效,请重新登录", -1002)); return ""; } //405调用需要刷新过期时间 if (request.getParameter("refresh") != null && "1".equalsIgnoreCase(request.getParameter("refresh"))) { //刷新key过期时间 redisTemplate.opsForValue().getOperations().expire(InvitationCode.TOKEN_STR + tokenInfo.getDbid() + ":" + tokenInfo.getUsercode(), 12, TimeUnit.HOURS); } //验证token合法性,对比随机数 String[] tokenStr = ((String) object).split("#");//0是密码,1是随机数 by danaus 2020/9/24 10:18 // if (tokenStr[1] == null || "".equals(tokenStr[1]) || tokenInfo.getRand() != Double.parseDouble(tokenStr[1])) { // this.printJson(response, callBackMessage.sendErrorMessage("不是合法的token", -1001)); // return null; // } //检查数据源是否已禁用 final DataSourceEntity dataSourceMap = MultiDataSource.getDataSourceMap("" + tokenInfo.getDbid()); if(dataSourceMap!=null){ Integer expiredMinute = (dataSourceMap.getExpiredMinute() == null ? null : (Integer) dataSourceMap.getExpiredMinute());//过期时间:null或负数表示未过期,正数表示已过期 boolean actived = dataSourceMap.getActived(); if ((expiredMinute != null && expiredMinute.intValue() > 0) || !actived) { throw new ApplicationException("系统已过期,请联络服务提供商"); } } //进行登录操作 tokenInfo.setPwd(tokenStr[0]); request.setAttribute("account", tokenInfo.getUsercode()); request.setAttribute("pwd", tokenInfo.getPwd()); request.setAttribute("isApp", "1"); request.setAttribute("dataName", tokenInfo.getDbid() + ""); request.setAttribute("isone", tokenInfo.getDbid() + ""); request.setAttribute("postTokenV2", "1");//说明是通过V2版提交,之后在登录成功后就不返回token。 if(org.apache.commons.lang3.StringUtils.isNotBlank(request.getParameter("loginByCode"))) { request.setAttribute("loginByCode", 1);//限制设备功能新增 } } catch (Exception ex) { this.printJson(response, callBackMessage.sendErrorMessage(this.getErrorMsg(ex))); return ""; } return login(request, response); } /** * SMS验证码进行登录 * @param code * @param request * @param response * @return */ @RequestMapping("/api/loginByCode.do") public String loginByCode(String tel, String code, HttpServletRequest request, HttpServletResponse response) { CallBackMessage callBackMessage = new CallBackMessage(); if (org.apache.commons.lang3.StringUtils.isBlank(code)) { this.printJson(response, callBackMessage.sendErrorMessage("验证码不能为空", -1)); return ""; } if (org.apache.commons.lang3.StringUtils.isBlank(tel)) { this.printJson(response, callBackMessage.sendErrorMessage("手机号不能为空", -1)); return ""; } if(org.apache.commons.lang3.StringUtils.isNotBlank(request.getHeader("x-app-loginCode"))) { String token=request.getHeader("x-app-loginCode"); if (org.apache.commons.lang3.StringUtils.isBlank(token)) { this.printJson(response, callBackMessage.sendErrorMessage("token不能为空", -1)); return ""; } try { String value = AESUtils.decrypt(EncodeUtil.replaceUrlChar(token));//解密 Gson gson = new Gson(); TokenInfo tokenInfo = gson.fromJson(value, new com.google.gson.reflect.TypeToken() { }.getType()); if (!tel.equals(tokenInfo.getUsercode())) { this.printJson(response, callBackMessage.sendErrorMessage("注册手机号与传过来的手机号不相符", -1)); return ""; } } catch (Exception e) { printJson(response, callBackMessage.sendErrorMessage(e.getMessage(), -1)); return ""; } } String verifyCode = (String) redisTemplate.opsForValue().get(VerificationCodes.getCodeKey(tel)); if (verifyCode==null) { printJson(response, callBackMessage.sendErrorMessage("验证码已失效,请重新获取验证码。",-1)); return ""; } if (!code.equals(verifyCode)) { printJson(response, callBackMessage.sendErrorMessage("验证码错误,请输入正确的验证码",-1)); return ""; }else { redisTemplate.delete(VerificationCodes.getCodeKey(tel));//删除 printJson(response, callBackMessage.sendSuccessMessageByDefault()); return ""; } } /** * 处理极光别名 * 先查询当前别名已绑定的设备数,如果超过8个则删除最后一个别人 * @param usercode * @param dbid */ public void processJiguangAliases(String usercode,String dbid){ try { //查询别名绑定的设备列表 String aliase=dbid+"_"+usercode; String url = JpushAction.URL + "/v3/aliases/"+aliase+"?new_format=true"; final HttpGet httpGet = HttpClientUtil.CreateHttpGetByAuthorization(url, null, JpushAction.appKey, JpushAction.masterSecret); CloseableHttpResponse response = HttpClientUtil.getClient().execute(httpGet); if (response.getStatusLine().getStatusCode() == 200) { final Map map = JSON.parseObject(EntityUtils.toString(response.getEntity(), "UTF-8"), Map.class); List list= JSON.parseArray(map.get("data") + "",JiGuangAliaseEntity.class); if(list!=null&&list.size()>8){ //--处理为只保留最新活跃天数的8个设备 StringJoiner joiner=new StringJoiner(","); int index=0; list= list.stream().sorted(Comparator.comparing(JiGuangAliaseEntity::getLast_online_date).reversed()).collect(Collectors.toList()); for (JiGuangAliaseEntity entity:list){ if(index>8){ joiner.add("\""+entity.getRegistration_id()+"\""); } index++; }; //---解绑多出来的设备 url=JpushAction.URL+"/v3/aliases/"+aliase; String data="{\n" + " \"registration_ids\":{\"remove\": ["+joiner.toString()+"]}\n" + "}"; final HttpPost httpPost = HttpClientUtil.CreateHttpPostByAuthorization(url, data, false, JpushAction.appKey, JpushAction.masterSecret); response = HttpClientUtil.getClient().execute(httpPost); if (response.getStatusLine().getStatusCode() !=200) { log.info(usercode+"需要删除的极光别名关联设备ID:"+data); String msg= EntityUtils.toString(response.getEntity(), "UTF-8"); throw new ApplicationException("删除极光别名关联设备出错:"+msg); } } } else { throw new ApplicationException("获取极光别名出错:" + response.getStatusLine().getStatusCode() + "[" + response.getStatusLine().getReasonPhrase() + "]"); } }catch (Exception e){ System.out.println(e.getCause()==null?e.getMessage():e.getCause().getMessage()); } } private void print2(HttpServletResponse response, String sb, String redirect, Boolean isApp) { CallBackMessage callBackMessage = new CallBackMessage(); // redirect Added by Johns Wang, 2016-03-06 if (redirect != null && !"".equals(redirect)) { redirect = URIUtil.encodeURIComponent(redirect); callBackMessage.setData("{\"redirect\":\"" + redirect + "\"}"); } callBackMessage.sendErrorMessage(sb); if (isApp != null && isApp) { if ("密码错误".equalsIgnoreCase(sb)) { //密码不正确 以状态码为-1004返回给app,弹出登录界面 callBackMessage.sendErrorMessage(sb, -1004); } this.print(response, callBackMessage.toString()); } else { this.print(response, callBackMessage.toString()); } // // this.print(response, ""); // if (redirect == null || redirect.equals("")) // this.print(response, ""); // else // this.print(response, ""); // } } private Map getSessionInfo(HttpSession session) { Map map = new HashMap(); map.put(SessionKey.HRCODE.replace("@", ""), session.getAttribute(SessionKey.HRCODE)); map.put(SessionKey.HRNAME.replace("@", ""), session.getAttribute(SessionKey.HRNAME)); map.put(SessionKey.USERNAME.replace("@", ""), session.getAttribute(SessionKey.USERNAME)); map.put(SessionKey.USER_NAME.replace("@", ""), session.getAttribute(SessionKey.USER_NAME)); map.put(SessionKey.ORIGINAL_USERNAME.replace("@", ""), session.getAttribute(SessionKey.ORIGINAL_USERNAME)); map.put(SessionKey.USER.replace("@", ""), session.getAttribute(SessionKey.USER)); map.put(SessionKey.ORIGINAL_USERCODE.replace("@", ""), session.getAttribute(SessionKey.ORIGINAL_USERCODE)); map.put(SessionKey.USERCODE.replace("@", ""), session.getAttribute(SessionKey.USERCODE)); map.put(SessionKey.COMPANY_ID.replace("@", ""), session.getAttribute(SessionKey.COMPANY_ID)); map.put(SessionKey.COMPANY_NAME.replace("@", ""), session.getAttribute(SessionKey.COMPANY_NAME)); map.put(SessionKey.COMPANYMEMO.replace("@", ""), session.getAttribute(SessionKey.COMPANYMEMO)); map.put(SessionKey.VERSION_ID.replace("@", ""), session.getAttribute(SessionKey.VERSION_ID)); map.put(SessionKey.DEPARTMENT.replace("@", ""), session.getAttribute(SessionKey.DEPARTMENT)); map.put(SessionKey.CCCODE.replace("@", ""), session.getAttribute(SessionKey.CCCODE)); map.put(SessionKey.CCNAME.replace("@", ""), session.getAttribute(SessionKey.CCNAME)); map.put(SessionKey.SUPPER_USER.replace("@", ""), session.getAttribute(SessionKey.SUPPER_USER)); map.put(SessionKey.ROLE_NAME.replace("@", ""), session.getAttribute(SessionKey.ROLE_NAME)); map.put(SessionKey.DEFAULT_SET.replace("@", ""), session.getAttribute(SessionKey.DEFAULT_SET)); map.put(SessionKey.LOGIN_TYPE.replace("@", ""), session.getAttribute(SessionKey.LOGIN_TYPE)); map.put(SessionKey.isStopSystem.replace("@", ""), session.getAttribute(SessionKey.isStopSystem)); map.put(SessionKey.OPEN_ID.replace("@", ""), session.getAttribute(SessionKey.OPEN_ID)); map.put(SessionKey.CURRENCY.replace("@", ""), session.getAttribute(SessionKey.CURRENCY)); map.put(SessionKey.SHOP_CCCDOE.replace("@", ""), session.getAttribute(SessionKey.SHOP_CCCDOE)); ; map.put(SessionKey.SYSTEM_LANGUAGE.replace("@", ""), session.getAttribute(SessionKey.SYSTEM_LANGUAGE)); map.put(SessionKey.DEFAULT_STCODE.replace("@", ""), session.getAttribute(SessionKey.DEFAULT_STCODE)); map.put(SessionKey.DEFAULT_ACCTCODE.replace("@", ""), session.getAttribute(SessionKey.DEFAULT_ACCTCODE)); map.put(SessionKey.UserCodePermission.replace("@", ""), session.getAttribute(SessionKey.UserCodePermission)); map.put(SessionKey.COMPANY_PERMISSION.replace("@", ""), session.getAttribute(SessionKey.COMPANY_PERMISSION)); map.put(SessionKey.AT_TODAY.replace("@", ""), session.getAttribute(SessionKey.AT_TODAY)); map.put(SessionKey.AT_NOW.replace("@", ""), session.getAttribute(SessionKey.AT_NOW)); map.put(SessionKey.DEFAULT_BRAND.replace("@", ""), session.getAttribute(SessionKey.DEFAULT_BRAND)); map.put(SessionKey.CCCODEPERMISSION.replace("@", ""), session.getAttribute(SessionKey.CCCODEPERMISSION)); map.put(SessionKey.USERTYPE.replace("@", ""), session.getAttribute(SessionKey.USERTYPE)); map.put(SessionKey.ISMODIFYPRICEWHENSCANQRCODE, session.getAttribute(SessionKey.ISMODIFYPRICEWHENSCANQRCODE)); map.put(SessionKey.ISMODIFYPRICEWHENSALESORDER, session.getAttribute(SessionKey.ISMODIFYPRICEWHENSALESORDER)); map.put(SessionKey.ISMODIFYPRICEWHENPURCHASEORDER, session.getAttribute(SessionKey.ISMODIFYPRICEWHENPURCHASEORDER)); map.put(SessionKey.SWITCHTOPAGEWHENLOGONAPP, session.getAttribute(SessionKey.SWITCHTOPAGEWHENLOGONAPP)); map.put(SessionKey.LISTDISPLAYSTYLEFORTODO, session.getAttribute(SessionKey.LISTDISPLAYSTYLEFORTODO)); map.put(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED, session.getAttribute(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED)); map.put(SessionKey.ISSTARTUPPOPUPMESSAGES, session.getAttribute(SessionKey.ISSTARTUPPOPUPMESSAGES)); map.put("day", DateUtil.getDay(0)); map.put("month", DateUtil.getMonth(0)); map.put("year", DateUtil.getYear(0)); return map; } private void proccError(String account, String pwd, HttpServletRequest request, HttpServletResponse response) { Boolean isApp = Boolean.valueOf((request.getParameter("isApp") == null&&request.getAttribute("isApp") == null) ? false : true);// 手机app传过来 try { SpObserver.setDBtoInstance("_" + request.getSession().getAttribute(SessionKey.DATA_BASE_ID)); record.loginRecord(account, pwd, IPUtil.getIpAddr(request));// 记录登录登录失败的信息 } catch (Exception e2) { e2.printStackTrace(); this.print2(response, e2.getMessage().replace("\"", ""), request.getParameter("redirect"), isApp); } finally { SpObserver.setDBtoInstance(); } this.print2(response, "用户账号或密码错误!", request.getParameter("redirect"), isApp); } @RequestMapping("/logout.do") public void logout(HttpServletRequest request, HttpServletResponse response) { try { HttpSession session = request.getSession(); if(session!=null){ session.setAttribute("isClose", true); session.invalidate(); } this.printJson(response, "{\"success\":\"ok\"}"); } catch (Exception e) { e.printStackTrace(); this.printJson(response, "{\"error\":\"" + e.getMessage() + "\"}"); } } @RequestMapping("/GetLoginUser.do") public void getLoginUser(HttpServletRequest request, HttpServletResponse response) { int pageSize = 0; int curPage = 0; int total = 0; List> list = null; try { pageSize = Integer.parseInt(request.getParameter("rows"));// 每页大小 curPage = Integer.parseInt(request.getParameter("page")); // 当前页 } catch (Exception e) { return; } // 搜索条件 String companyname = request.getParameter("companyname"); String usercode = request.getParameter("usercode"); String username = request.getParameter("username"); try { SpObserver.setDBtoInstance("_" + request.getSession().getAttribute(SessionKey.DATA_BASE_ID)); if (StringUtils.isBlank(companyname) && StringUtils.isBlank(usercode) && StringUtils.isBlank(username)) { total = userAccountService.getUserTotal(); list = userAccountService.getLoginUser(curPage, pageSize); } else { total = userAccountService.getUserTotal(companyname, usercode, username); list = userAccountService.getLoginUser(curPage, pageSize, companyname, usercode, username); } } finally { SpObserver.setDBtoInstance(); } Gson gson = new Gson(); String data = gson.toJson(list); StringBuilder sb = new StringBuilder(); sb.append("{\"total\":").append(total).append(",\"rows\":").append(data).append("}"); try { printText(response, sb.toString()); } catch (IOException e) { e.printStackTrace(); } data = null; sb = null; list = null; gson = null; } /** * 输出信息到客户端 * * @param response * @param str * @throws IOException */ public void printText(HttpServletResponse response, String str) throws IOException { response.setCharacterEncoding("utf-8"); PrintWriter out = response.getWriter(); out.write(str); out.flush(); out.close(); } /** * 设置session 相关值(添加新的session标识符时应在切换用户功能添加相应的session标识符com.yc.action.login.SwitchUserCodeAction) * * @param dbId * @param userAccount * @param session * @return * @throws Exception */ public static String setSessionValues(String dbId, UserAccountEntity userAccount, HttpSession session, PerssionEntity perssionEntity) throws Exception { // ------------用SessionKey类来存储session标识符 避免大小写或者忘记session标识符的情况------- Map role = perssionEntity.getRole(); // rIfc.getRole(userAccount.getUserCode()); String userCode = (String) userAccount.getUserCode(); session.setAttribute(SessionKey.HRCODE, ((String) userAccount.getHrCode()).replaceAll("\\s", ""));// 用户ID session.setAttribute(SessionKey.HRNAME, ((String) userAccount.getHrName()).replaceAll("\\s", ""));// 用户ID String userName = (String) userAccount.getUserName();// 用户名 session.setAttribute(SessionKey.USERNAME, userName.replaceAll("\\s", "")); session.setAttribute(SessionKey.USER_NAME, userName.replaceAll("\\s", "")); session.setAttribute(SessionKey.PASSWORD, userAccount.getPassword()); session.setAttribute(SessionKey.ORIGINAL_USERNAME, userName.replaceAll("\\s", "")); session.setAttribute(SessionKey.USER, userCode.replaceAll("\\s", ""));// 用户ID session.setAttribute(SessionKey.ORIGINAL_USERCODE, userCode.replaceAll("\\s", "")); session.setAttribute(SessionKey.USERCODE, userCode.replaceAll("\\s", ""));// 用户ID session.setAttribute(SessionKey.COMPANY_ID, userAccount.getCompanyId());// 公司代码 session.setAttribute(SessionKey.COMPANY_NAME, userAccount.getCompanyName());// 公司代码 session.setAttribute(SessionKey.COMPANYMEMO, userAccount.getCompanyMemo());// 适合于多公司 session.setAttribute(SessionKey.VERSION_ID, 0);// 版本号 session.setAttribute(SessionKey.DEPARTMENT, userAccount.getCcName()); session.setAttribute(SessionKey.CCCODE, userAccount.getCcCode()); session.setAttribute(SessionKey.CCNAME, userAccount.getCcName()); session.setAttribute(SessionKey.USER_TELE_PHONE, userAccount.getApp_userCode());//手机号 session.setAttribute(SessionKey.SUPPER_USER, ("SuperUser".equalsIgnoreCase(userAccount.getUserType()) || "DeveloperUser".equalsIgnoreCase(userAccount.getUserType())) ? "1" : "0");// 系统管理员 session.setAttribute(SessionKey.isStopSystem, userAccount.isStopSystem() ? "1" : "0"); session.setAttribute(SessionKey.OPEN_ID, userAccount.getOpenId());// openid号 session.setAttribute(SessionKey.CURRENCY, userAccount.getCurrency()); session.setAttribute(SessionKey.SHOP_CCCDOE, userAccount.getShopCcCode());// shopcccode session.setAttribute(SessionKey.COMPANY_PERMISSION, userAccount.getCompanyPermission());// CompanyPermission session.setAttribute(SessionKey.ROLE_NAME, role == null ? "未设置" : role.get("RoleName") == null ? "" : role.get("RoleName"));// 如超级用户 // 根据账号获取相关权限集合 Map> perssion = perssionEntity.getPerssion(); // userAccountService.getUserProfiles(userCode); // 获得缺省集合 if (userAccount.getDefaultSet() != null && !"".equals(userAccount.getDefaultSet())) { // DefaultSet.defaultSet2Session(userAccountService.getDefaultSet(userAccount.getDefaultSet()), // session); DefaultSet.defaultSet2Session(perssionEntity.getDefaultSet(), session); } // 构建账号对应的系统菜单 session.setAttribute(SessionKey.PERSSION, perssion);// 权限集合 session.setAttribute(SessionKey.LOGIN_TYPE, userAccount.getLogonType() + ""); session.setAttribute(SessionKey.SYSTEM_LANGUAGE, "cnzh");// 设置语言 session.setAttribute(SessionKey.DIBANG, userAccount.isEnableLoadCollection() ? "1" : "0");// 设置地磅权限 // 添加地磅需要信息 默认先给空白 session.setAttribute(SessionKey.LOADER_NAME, ""); session.setAttribute(SessionKey.IP_ADDRESS, ""); session.setAttribute(SessionKey.HOSTNAME, ""); session.setAttribute(SessionKey.MAC_ADDRESS, ""); session.setAttribute(SessionKey.AT_TODAY, DateUtil.toDayDate()); session.setAttribute(SessionKey.AT_NOW, DateUtil.toDay()); session.setAttribute(SessionKey.DEFAULT_STCODE, userAccount.getDefaultStcode()); session.setAttribute(SessionKey.DEFAULT_ACCTCODE, userAccount.getDefaultAcctCode()); session.setAttribute(SessionKey.UserCodePermission, userAccount.getUserCodePermission()); session.setAttribute(SessionKey.DEFAULT_BRAND, userAccount.getDefaultBrand()); session.setAttribute(SessionKey.CCCODEPERMISSION, userAccount.getCcCodePermission()); session.setAttribute(SessionKey.ISMODIFYPRICEWHENSCANQRCODE, userAccount.getIsModifyPriceWhenScanQrCode()); session.setAttribute(SessionKey.ISMODIFYPRICEWHENSALESORDER, userAccount.getIsModifyPriceWhenSalesOrder()); session.setAttribute(SessionKey.ISMODIFYPRICEWHENPURCHASEORDER, userAccount.getIsModifyPriceWhenPurchaseOrder()); session.setAttribute(SessionKey.SWITCHTOPAGEWHENLOGONAPP, userAccount.getSwitchToPageWhenLogonApp()); session.setAttribute(SessionKey.LISTDISPLAYSTYLEFORTODO, userAccount.getListDisplayStyleForToDo()); session.setAttribute(SessionKey.SELECTNEXTDOCUMENTWHENAPPROVED, userAccount.getSelectNextDocumentWhenApproved()); session.setAttribute(SessionKey.ISSTARTUPPOPUPMESSAGES, userAccount.getIsStartupPopupMessages()); session.setAttribute(SessionKey.USERTYPE, userAccount.getUserType()); if(org.apache.commons.lang3.StringUtils.isBlank(session.getAttribute(SessionKey.USER_TELE_PHONE)+"")) { session.setAttribute(SessionKey.USER_TELE_PHONE, userAccount.getTel()); } session.setAttribute(SessionKey.PAGE_PATH, File.separator + "app" + File.separator + session.getAttribute(SessionKey.DATA_BASE_ID) + File.separator + session.getAttribute(SessionKey.VERSION_ID) + File.separator + session.getAttribute(SessionKey.SYSTEM_LANGUAGE)); String realpath = session.getServletContext().getRealPath("/") + session.getAttribute(SessionKey.PAGE_PATH); session.setAttribute(SessionKey.REAL_PATH, realpath.replaceAll("\\\\", "/")); session.setAttribute(SessionKey.DATA_PATH, File.separator + "app" + File.separator + session.getAttribute(SessionKey.DATA_BASE_ID) + File.separator + session.getAttribute(SessionKey.VERSION_ID) + File.separator + session.getAttribute(SessionKey.SYSTEM_LANGUAGE)); InitSystem.getInstance().setMailSavePath(session.getServletContext() .getRealPath(File.separator + "WEB-INF" + File.separator + "MAIL" + File.separator)); // 结束地磅所需信息 // 增加读取授权门店数 DataSourceEntity dataSourceEntity = MultiDataSource.getDataSourceMap(dbId); if (dataSourceEntity != null) { session.setAttribute(SessionKey.LimitDepartmentNumber, dataSourceEntity.getLimitDepartmentNumber()); session.setAttribute(SessionKey.DATACHECK_PAGENUM, dataSourceEntity.getDataCheckPageNum()); } SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");//设置日期格式 session.setAttribute(SessionKey.LOGIN_TIME, df.format(new Date()));//登录时间 xin 2020-8-31 11:35:22 session.setAttribute(SessionKey.WEIXIN_USERID,userAccount.getWeiXinCorpUserId()); //企业微信登录userid ,Added by Johns Wang,2022-12-23 return userName; } public void setRecord(LoginRecordIfc record) { this.record = record; } // 检查session是否失效 @RequestMapping("/checkSession.do") public void sessionCheck(HttpServletRequest request, HttpServletResponse response) throws IOException { HttpSession session = request.getSession(); String result = ""; if (session.getAttribute(SessionKey.HRCODE) == null) { // userAccountService.doQuitLog(request.getParameter("usercode")); by 2014-8-5 // danaus 会话失效写插进数据无意义且会出错 result = "fail"; } else { result = "success"; } printText(response, "{\"status\":\"" + result + "\"}"); } /** * session失效后弹出登录框登录 * * @param request * @param response 2012-09-20 */ @RequestMapping("/againLogin.do") public String againLogin(String usercode, String password, String dbid, String dbstr, String domain, HttpServletRequest request, HttpServletResponse response) { // System.out.println("againLogin..."+request.getSession().getId()+",时间:"+request.getSession().getCreationTime()); StringBuilder sb = new StringBuilder(); HttpSession session = request.getSession(); CallBackMessage callBackMessage = new CallBackMessage(); if (dbid == null || "".equals(dbid)) { List dataSourceList = MultiDataSource.getDataSourceMapsByDomain(domain); if (dataSourceList != null && dataSourceList.size() > 0) { dbid = dataSourceList.get(0).getDbId() + ""; } } try { if (dbid == null || "".equals(dbid)) { sb.append("数据库ID不能为空\\n"); } if (StringUtils.isBlank(usercode)) { sb.append("账号不能为空\\n"); } if (StringUtils.isBlank(password)) { sb.append("密码不能为空\\n"); } if (sb.length() > 0) { callBackMessage.sendErrorMessage(sb.toString()); this.printJson(response, callBackMessage.toString()); return null;// 验证出错返回' } session.setAttribute(SessionKey.DATA_BASE_ID, dbid); session.setAttribute(SessionKey.DATABASE_DIS, dbstr); session.setAttribute(SessionKey.DOMAIN, request.getParameter("domain")); // -------------------- // 判断是否超出人数限制 if (SessionListener.checkUserLimit(request, dbid)) { String s = "当前登录人数已超过系统最大登录人数,如有需要增加登录人数,请联系软件公司"; this.print2(response, s, null, null); session.invalidate(); return null;// 验证出错返回' } Boolean isApp = Boolean.valueOf(request.getParameter("isApp") == null ? false : true);// 手机app传过来 if (usercode != null && usercode.length() > 30) {//解密为明文 try { usercode = ChangePassword.getDecryptPassword(usercode); } catch (Exception e) { e.printStackTrace(); print2(response, this.getErrorMsg(e), null, isApp); return null;// 验证出错返回' } } // ---------------- // String dbid=session.getAttribute(SessionKey.DATA_BASE_ID)+""; int recordeCount = 0; try { SpObserver.setDBtoInstance("_" + dbid); recordeCount = record.getRecordCountIn10min(usercode); } finally { SpObserver.setDBtoInstance(); } if (recordeCount >= 5) { try { SpObserver.setDBtoInstance("_" + dbid); record.loginRecord(usercode, password, IPUtil.getIpAddr(request));// 登录次数过多再行登陆作为登录失败处理 } finally { SpObserver.setDBtoInstance(); } this.print2(response, usercode + "在短时间内登录错误次数过多!请耐心的等10分钟后再登录!", null, null); return null;// 验证出错返回 } // session.setAttribute(SessionKey.ONLINE_USERS, new // OnLineUser(usercode,userName,dbid,request.getParameter("domain")));//在线人数统计 // 设置session String ip = IPUtil.getIpAddr(request); // 检查限制用户登录时间和登录IP int s = 0; try { SpObserver.setDBtoInstance("_" + dbid); s = userAccountService.checkUserLoginTimeAndIp(usercode, ip); } finally { SpObserver.setDBtoInstance(); } if (s == 0) { print2(response, "该用户只能在工作时间或固定场所使用本系统[" + ip + "]", null, isApp); return null; } // // -------------- // String ucode = usercode + Math.random();// 是为了区分用户重复问题,同一用户可以多人使用。 // session.setAttribute(SessionKey.SAIL_USERCODE, ucode); // OnLineUser.setOnlineUser(dataString, ucode, session); // session.setAttribute(SessionKey.ONLINE_USERS, new OnLineUser());// 在线人数统计 // ------------------ UserAccountEntity userAccount = null; try { SpObserver.setDBtoInstance("_" + dbid); userAccount = userAccountService.getUserInfoByUserCode(usercode); if (userAccount == null) { List userAccounts = userAccountService.getUserInfoByTelephone(usercode); //允许电话登录 if (userAccounts != null) { if(userAccounts.size()==1) { userAccount = userAccounts.get(0); if (userAccount.isInActive()) { print2(response, "【" + usercode + "】手机号码已被停用,禁止登录本系统", request.getParameter("redirect"), isApp); return null;// 验证出错返回' } usercode = userAccount.getUserCode();//转成ERP的usercode进行登陆 password = userAccount.getPassword();//转成ERP的密码进行登陆 }else { //处理输入的密码在不在所列出账号里面,不存在说明密码错误,存在则标记是哪一个账号 final String pwd=password; boolean errorPwd = userAccounts.stream().noneMatch(x -> x.getPassword().equals(pwd)); if(errorPwd){ print2(response, "【" + usercode + "】密码不正确,登录失败", request.getParameter("redirect"), isApp); return null;// 密码不正确出错返回 } this.processMultpleAccount(userAccounts,response,isApp,pwd,dbid); } } else { if(!usercode.contains("@")) {//不是邮箱登录,因为下面还要处理邮箱登录,不能直接返回 print2(response, "【" + usercode + "】手机号码未开通ERP系统服务,登录失败", request.getParameter("redirect"), isApp); return null;// 验证出错返回 } } } if (userAccount == null) { userAccount = userAccountService.getUserInfoByEmail(usercode); //允许邮箱号登录 } } finally { SpObserver.setDBtoInstance(); } if (userAccount == null) { try { SpObserver.setDBtoInstance("_" + dbid); record.loginRecord(usercode, password, IPUtil.getIpAddr(request));// 记录登录登录失败的信息 } finally { SpObserver.setDBtoInstance(); } this.print2(response, usercode+"未开通ERP系统服务,登录失败", request.getParameter("redirect"), isApp); return null; }else { if(userAccount.isInActive()){ this.print2(response, usercode+"已被停用,禁止登录本系统!", request.getParameter("redirect"), isApp); return null; } } try { if (!userAccount.checkPassword(password)) { try { SpObserver.setDBtoInstance("_" + dbid); record.loginRecord(usercode, password, IPUtil.getIpAddr(request));// 记录登录登录失败的信息 } finally { SpObserver.setDBtoInstance(); } this.print2(response, "用户密码不正确!", request.getParameter("redirect"), isApp); return null; } } catch (Exception ex) { this.print2(response, ex.getMessage(), request.getParameter("redirect"), isApp); } if (isApp) { session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_APP);//app 类型 //判断当前登录设备是否与最新一次登录设备是一样,不一样需要返回给前端,输出短信进行验证登录 } else { session.setAttribute(SessionKey.USER_LOGIN_TYPE, SessionKey.USER_LOGIN_TYPE_WEB);//web 类型 } final DataSourceEntity dataSourceMap = MultiDataSource.getDataSourceMap(dbid); //--------------------------------- if(dataSourceMap.isLoginOnceForOneUserCode()) { //限制多设备登录 this.singleAccount(isApp ? "2" : "1", dbid, userAccount, request); } // 设置权限 processLoginUserToSessionV2(ip, dbid, request, userAccount); //把新会话id替换websocket中对应用户的会话id, //--同一用户重新连接,如果存在已有会话是打开状态,则删除这个会话,启用新会话 if(WebSocketMessageServer.getOnlineUserList()!=null&&WebSocketMessageServer.getOnlineUserList().size()>0) { String key = RedisSocket.CHANEL_WS_MESSAGES + ":" + dbid + ":1:" + usercode + ":"; for (Map.Entry entry : WebSocketMessageServer.getOnlineUserList().entrySet()) { if (entry.getKey().contains(key)) { if (entry.getValue().getSession().isOpen()) { WsMessageUserEntity wsMessageUser= entry.getValue(); wsMessageUser.setSessionId(session.getId()); WebSocketMessageServer.getOnlineUserList().put(key+session.getId(),wsMessageUser); break; } } } } callBackMessage.sendSuccessMessage("登录成功"); this.printJson(response, callBackMessage.toString()); return null; } catch (NullPointerException e) {// 不存在此账号 e.printStackTrace(); proccError(usercode, password, request, response); return null; } catch (RuntimeException e) { e.printStackTrace(); if (e.getMessage().equals(SessionKey.DEMO_REF)) { session.setAttribute(SessionKey.DEMO_REF, SessionKey.DEMO_REF); this.print(response, ""); } return null; } catch (Exception e) {// 不存在此账号 e.printStackTrace(); proccError(usercode, password, request, response); return null; } } }