epmet-cloud-lingshan/epmet-auth/src/main/java/com/epmet/controller/AuthController.java

/**
 * Copyright (c) 2018 人人开源 All rights reserved.
 *
 * https://www.renren.io
 *
 * 版权所有，侵权必究！
 */

package com.epmet.controller;

import com.epmet.commons.tools.constant.Constant;
import com.epmet.commons.tools.exception.ErrorCode;
import com.epmet.commons.tools.security.user.UserDetail;
import com.epmet.commons.tools.utils.Result;
import com.epmet.commons.tools.validator.AssertUtils;
import com.epmet.commons.tools.validator.ValidatorUtils;
import com.epmet.dto.AuthorizationDTO;
import com.epmet.dto.CustomerStaffDTO;
import com.epmet.dto.LoginDTO;
import com.epmet.feign.EpmetUserOpenFeignClient;
import com.epmet.service.AuthService;
import com.epmet.service.CaptchaService;
import com.epmet.service.ResourceService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;

import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.image.BufferedImage;
import java.io.IOException;

/**
 * 授权管理
 *
 * @author Mark sunlightcs@gmail.com
 * @since 1.0.0
 */
@RestController
@Api(tags="授权管理")
public class AuthController {
    @Autowired
    private AuthService authService;
    @Autowired
    private ResourceService resourceService;
    @Autowired
    private CaptchaService captchaService;

    @GetMapping("captcha")
    @ApiOperation(value = "验证码", produces="application/octet-stream")
    @ApiImplicitParam(paramType = "query", dataType="string", name = "uuid", required = true)
    public void captcha(HttpServletResponse response, String uuid)throws IOException {
        //uuid不能为空
        AssertUtils.isBlank(uuid, ErrorCode.IDENTIFIER_NOT_NULL);

        //生成图片验证码
        BufferedImage image = captchaService.create(uuid);

        response.setHeader("Cache-Control", "no-store, no-cache");
        response.setContentType("image/jpeg");
        ServletOutputStream out = response.getOutputStream();
        ImageIO.write(image, "jpg", out);
        out.close();
    }

    @PostMapping(value = "login")
    @ApiOperation(value = "登录")
    public Result<AuthorizationDTO> login(@RequestBody LoginDTO login){
        //效验数据
        ValidatorUtils.validateEntity(login);

        //验证码是否正确
        boolean flag = captchaService.validate(login.getUuid(), login.getCaptcha());
        if(!flag){
            return new Result<AuthorizationDTO>().error(ErrorCode.CAPTCHA_ERROR);
        }

        //获取登录授权信息
        AuthorizationDTO authorization = authService.login(login);

        return new Result<AuthorizationDTO>().ok(authorization);
    }

    @PostMapping(value = "logout")
    @ApiOperation(value = "退出")
    public Result logout(HttpServletRequest request){
        String userId = request.getHeader(Constant.USER_KEY);

        authService.logout(Long.parseLong(userId));

        return new Result();
    }

    /**
     * 是否有资源访问权限
     * @param token   token
     * @param url     资源URL
     * @param method  请求方式
     *
     * @return 有访问权限，则返回用户信息
     */
    @PostMapping("resource")
    public Result<UserDetail> resource(@RequestParam(value = "token", required = false) String token,
            @RequestParam("url") String url, @RequestParam("method") String method){
        UserDetail data = resourceService.resource(token, url, method);

        return new Result<UserDetail>().ok(data);
    }
}