新增：

1.【ic基层治理平台】登录相关接口
4 years ago · f8ce7eb67a
23 changed files with 692 additions and 3 deletions
--- a/epmet-auth/src/main/java/com/epmet/controller/IcLoinController.java
+++ b/epmet-auth/src/main/java/com/epmet/controller/IcLoinController.java
@ -0,0 +1,170 @@
+package com.epmet.controller;
+
+import cn.hutool.core.bean.BeanUtil;
+import com.epmet.commons.tools.constant.AppClientConstant;
+import com.epmet.commons.tools.constant.ServiceConstant;
+import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.feign.ResultDataResolver;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.commons.tools.security.password.PasswordUtils;
+import com.epmet.commons.tools.utils.ConvertUtils;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.commons.tools.validator.ValidatorUtils;
+import com.epmet.dto.CustomerStaffDTO;
+import com.epmet.dto.form.LoginByPassWordFormDTO;
+import com.epmet.dto.form.RootOrgListByStaffIdFormDTO;
+import com.epmet.dto.form.StaffBasicInfoByMobileFromDTO;
+import com.epmet.dto.result.BasicInfoResultDTO;
+import com.epmet.dto.result.StaffOrgsResultDTO;
+import com.epmet.dto.result.UserTokenResultDTO;
+import com.epmet.feign.EpmetUserFeignClient;
+import com.epmet.feign.EpmetUserOpenFeignClient;
+import com.epmet.feign.GovOrgOpenFeignClient;
+import com.epmet.redis.CaptchaRedis;
+import com.epmet.redis.IcLoginTicketCacheBean;
+import com.epmet.service.IcLoginService;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.BeanUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.validation.constraints.NotBlank;
+import java.beans.IntrospectionException;
+import java.lang.reflect.InvocationTargetException;
+import java.util.*;
+
+@RestController
+@RequestMapping("ic")
+public class IcLoinController implements ResultDataResolver {
+
+    public static final long IC_LOGIN_TICKET_EXPIRE_SECONDS = 2 * 60l;
+
+    @Autowired
+    private EpmetUserFeignClient epmetUserFeignClient;
+
+    @Autowired
+    private GovOrgOpenFeignClient govOrgOpenFeignClient;
+
+    @Autowired
+    private CaptchaRedis captchaRedis;
+
+    @Autowired
+    private IcLoginService icLoginService;
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    /**
+     * @description 基层治理赋能平台-根据手机号密码获取组织列表
+     *
+     * @param input
+     * @return
+     * @author wxz
+     * @date 2021.10.25 09:56:33
+     */
+    @PostMapping("getmyorgsbypassword")
+    public Result<HashMap<String, Object>> getMyOrgsByPassword(@RequestBody LoginByPassWordFormDTO input) {
+        ValidatorUtils.validateEntity(input, LoginByPassWordFormDTO.IcGetOrgsByPwdGroup.class);
+        String captcha = input.getCaptcha();
+        String mobile = input.getMobile();
+        String password = input.getPassword();
+        String uuid = input.getUuid();
+
+        // 图片验证码
+        String captchaInCache = captchaRedis.getIcLoginCaptcha(uuid);
+        if (StringUtils.isBlank(captchaInCache) || !captcha.equals(captchaInCache)) {
+            throw new RenException(EpmetErrorCode.ERR10019.getCode());
+        }
+
+        // 获取用户信息
+        Result<List<CustomerStaffDTO>> staffResult = epmetUserFeignClient.checkCustomerStaff(mobile);
+        List<CustomerStaffDTO> staffList = getResultDataOrThrowsException(staffResult, ServiceConstant.EPMET_USER_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【基层治理平台登录】获取用户信息失败");
+        if (CollectionUtils.isEmpty(staffList)) {
+            throw new RenException(EpmetErrorCode.ERR10003.getCode());
+        }
+
+        CustomerStaffDTO staffInfo = staffList.get(0);
+
+        if (!PasswordUtils.matches(password, staffInfo.getPassword())) {
+            throw new RenException(EpmetErrorCode.ERR10004.getCode());
+        }
+
+        String staffId = staffInfo.getUserId();
+
+        // 查询跟组织列表
+        RootOrgListByStaffIdFormDTO orgListForm = new RootOrgListByStaffIdFormDTO();
+        orgListForm.setStaffId(staffId);
+        Result<List<StaffOrgsResultDTO>> orgListResult = govOrgOpenFeignClient.getStaffOrgListByStaffId(orgListForm);
+        List<StaffOrgsResultDTO> orgs = getResultDataOrThrowsException(orgListResult, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【基层治理平台登录】根据staffId查询所属客户跟组织列表失败");
+
+        // 生成登录票据
+        String ticket = UUID.randomUUID().toString().replace("-", "");
+        IcLoginTicketCacheBean ticketCacheBean = new IcLoginTicketCacheBean();
+        ticketCacheBean.setMobile(mobile);
+        ticketCacheBean.setStaffId(staffId);
+        cacheTicket(ticket, ticketCacheBean);
+
+        HashMap<String, Object> resultMap = new HashMap<>();
+        resultMap.put("staffId", staffId);
+        resultMap.put("ticket", ticket);
+        resultMap.put("orgs", orgs);
+
+        return new Result<HashMap<String, Object>>().ok(resultMap);
+    }
+
+    /**
+     * @description IC登录
+     *
+     * @param input
+     * @return
+     * @author wxz
+     * @date 2021.10.25 21:14:22
+     */
+    @PostMapping("login")
+    public Result<UserTokenResultDTO> login(@RequestBody LoginByPassWordFormDTO input) {
+        ValidatorUtils.validateEntity(input, LoginByPassWordFormDTO.IcLoginGroup.class);
+        String ticket = input.getTicket();
+        String orgId = input.getOrgId();
+        String staffId = input.getStaffId();
+
+        // ticket校验
+        IcLoginTicketCacheBean ticketCache = getTicketCache(ticket);
+        if (ticketCache == null || !ticketCache.getStaffId().equals(staffId)) {
+            // ticket&userId不对应
+            throw new RenException(EpmetErrorCode.ERR10008.getCode());
+        }
+
+        UserTokenResultDTO tokenInfo = icLoginService.login(staffId, orgId);
+        return new Result<UserTokenResultDTO>().ok(tokenInfo);
+    }
+
+    private void cacheTicket(String ticket, IcLoginTicketCacheBean cacheBean) {
+        Map<String, Object> stringObjectMap = BeanUtil.beanToMap(cacheBean, false, true);
+        redisUtils.hMSet(RedisKeys.loginTicket(AppClientConstant.APP_IC, ticket), stringObjectMap, IC_LOGIN_TICKET_EXPIRE_SECONDS);
+    }
+
+    /**
+     * @description 从缓存中取出ticket，并删除
+     *
+     * @param ticket
+     * @return
+     * @author wxz
+     * @date 2021.10.26 08:58:27
+     */
+    private IcLoginTicketCacheBean getTicketCache(String ticket) {
+        String key = RedisKeys.loginTicket(AppClientConstant.APP_IC, ticket);
+        Map<String, Object> map = redisUtils.hGetAll(key);
+        if (CollectionUtils.sizeIsEmpty(map)) {
+            return null;
+        }
+        redisUtils.expire(key, 0);
+        return BeanUtil.mapToBean(map, IcLoginTicketCacheBean.class, false);
+    }
+
+}
--- a/epmet-auth/src/main/java/com/epmet/controller/LoginController.java
+++ b/epmet-auth/src/main/java/com/epmet/controller/LoginController.java
@ -65,6 +65,30 @@ public class LoginController {
 		}
 	}

+	/**
+	 * @description 基层治理平台登录验证码
+	 *
+	 * @param response
+	 * @return
+	 * @author wxz
+	 * @date 2021.10.25 14:19:40
+	 */
+	@GetMapping("ic-login-captcha")
+	public void icLoginCaptcha(HttpServletResponse response, String uuid) throws IOException {
+		try {
+			//生成图片验证码
+			BufferedImage image = captchaService.createIcLoginCaptcha(uuid);
+			response.reset();
+			response.setHeader("Cache-Control", "no-store, no-cache");
+			response.setContentType("image/jpeg");
+			ServletOutputStream out = response.getOutputStream();
+			ImageIO.write(image, "jpg", out);
+			out.close();
+		} catch (IOException e) {
+			log.error("获取登陆验证码异常", e);
+		}
+	}
+
 	/**
 	 * @param formDTO
 	 * @return com.epmet.commons.tools.utils.Result<java.lang.String>
--- a/epmet-auth/src/main/java/com/epmet/dto/form/LoginByPassWordFormDTO.java
+++ b/epmet-auth/src/main/java/com/epmet/dto/form/LoginByPassWordFormDTO.java
@ -14,27 +14,53 @@ import java.io.Serializable;
 public class LoginByPassWordFormDTO extends LoginCommonFormDTO implements Serializable {
 	private static final long serialVersionUID = -7507437651048051183L;

+	// 基层治理平台账号密码获取组织列表分组
+	public interface IcGetOrgsByPwdGroup {}
+	// 基层治理平台登录分组
+	public interface IcLoginGroup {}
+
 	/**
 	 * 手机号
 	 */
 	@NotBlank(message = "手机号不能为空",groups = {AddUserShowGroup.class})
 	private String phone;

+	@NotBlank(message = "手机号不能为空",groups = {IcGetOrgsByPwdGroup.class})
+	private String mobile;
+
 	/**
 	 * 密码
 	 */
-	@NotBlank(message = "密码不能为空",groups = {AddUserShowGroup.class})
+	@NotBlank(message = "密码不能为空",groups = {AddUserShowGroup.class, IcGetOrgsByPwdGroup.class})
 	private String password;

 	/**
 	 * 验证码
 	 */
-	@NotBlank(message="验证码不能为空",groups = {AddUserShowGroup.class})
+	@NotBlank(message="验证码不能为空",groups = {AddUserShowGroup.class, IcGetOrgsByPwdGroup.class})
 	private String captcha;

 	/**
 	 * 唯一标识
 	 */
-	@NotBlank(message="唯一标识不能为空",groups = {AddUserInternalGroup.class})
+	@NotBlank(message="唯一标识不能为空",groups = {AddUserInternalGroup.class, IcGetOrgsByPwdGroup.class})
 	private String uuid;
+
+	/**
+	 * 登录票据，目前ic基层治理平台用到了
+	 */
+	@NotBlank(message="登录票据ticket不能为空", groups = {IcLoginGroup.class})
+	private String ticket;
+
+	/**
+	 * 所选的要登录的组织id
+	 */
+	@NotBlank(message = "要登录的orgId不能为空", groups = { IcLoginGroup.class })
+	private String orgId;
+
+	/**
+	 * 工作人员id
+	 */
+	@NotBlank(message = "人员Id不能为空", groups = { IcLoginGroup.class })
+	private String staffId;
 }
--- a/epmet-auth/src/main/java/com/epmet/redis/CaptchaRedis.java
+++ b/epmet-auth/src/main/java/com/epmet/redis/CaptchaRedis.java
@ -45,6 +45,12 @@ public class CaptchaRedis {
        redisUtils.set(key, captcha, EXPIRE);
    }

+    public void setIcLoginCaptcha(String uuid, String captcha) {
+        String key = RedisKeys.getIcLoginCaptchaKey(uuid);
+        logger.info("保存验证码key=["+key+"]");
+        redisUtils.set(key, captcha, EXPIRE);
+    }
+
    public String get(String uuid){
        String key = RedisKeys.getLoginCaptchaKey(uuid);
        String captcha = (String)redisUtils.get(key);
@ -57,6 +63,25 @@ public class CaptchaRedis {
        return captcha;
    }

+    /**
+     * @description 基层治理平台登录验证码查询
+     *
+     * @param uuid
+     * @return
+     * @author wxz
+     * @date 2021.10.25 14:28:28
+     */
+    public String getIcLoginCaptcha(String uuid) {
+        String key = RedisKeys.getIcLoginCaptchaKey(uuid);
+        String captcha = (String)redisUtils.get(key);
+        //删除验证码
+        if(captcha != null){
+            redisUtils.delete(key);
+        }
+
+        return captcha;
+    }
+
    /**
     * @param sendSmsCodeFormDTO app、client、phone
     * @param smsCode            验证码
--- a/epmet-auth/src/main/java/com/epmet/redis/IcLoginTicketCacheBean.java
+++ b/epmet-auth/src/main/java/com/epmet/redis/IcLoginTicketCacheBean.java
@ -0,0 +1,9 @@
+package com.epmet.redis;
+
+import lombok.Data;
+
+@Data
+public class IcLoginTicketCacheBean {
+    private String staffId;
+    private String mobile;
+}
--- a/epmet-auth/src/main/java/com/epmet/service/CaptchaService.java
+++ b/epmet-auth/src/main/java/com/epmet/service/CaptchaService.java
@ -23,6 +23,16 @@ public interface CaptchaService {
     */
    BufferedImage create(String uuid);

+    /**
+     * @description 基层治理平台登录验证码
+     *
+     * @param
+     * @return
+     * @author wxz
+     * @date 2021.10.25 14:15:30
+     */
+    BufferedImage createIcLoginCaptcha(String uuid);
+
    /**
     * 验证码效验
     * @param uuid  uuid
--- a/epmet-auth/src/main/java/com/epmet/service/IcLoginService.java
+++ b/epmet-auth/src/main/java/com/epmet/service/IcLoginService.java
@ -0,0 +1,9 @@
+package com.epmet.service;
+
+import com.epmet.dto.result.UserTokenResultDTO;
+
+public interface IcLoginService {
+
+
+    UserTokenResultDTO login(String staffId, String orgId);
+}
--- a/epmet-auth/src/main/java/com/epmet/service/impl/CaptchaServiceImpl.java
+++ b/epmet-auth/src/main/java/com/epmet/service/impl/CaptchaServiceImpl.java
@ -17,6 +17,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

 import java.awt.image.BufferedImage;
+import java.util.UUID;

 /**
 * 验证码
@ -43,6 +44,17 @@ public class CaptchaServiceImpl implements CaptchaService {
        return producer.createImage(captcha);
    }

+    @Override
+    public BufferedImage createIcLoginCaptcha(String uuid) {
+        //生成验证码
+        String captchaText = producer.createText();
+        //logger.info("uuid:"+uuid+",生成的验证码:"+captcha);
+        //保存验证码
+        captchaRedis.setIcLoginCaptcha(uuid, captchaText);
+
+        return producer.createImage(captchaText);
+    }
+
    @Override
    public boolean validate(String uuid, String code) {
        String captcha = captchaRedis.get(uuid);
--- a/epmet-auth/src/main/java/com/epmet/service/impl/IcLoginServiceImpl.java
+++ b/epmet-auth/src/main/java/com/epmet/service/impl/IcLoginServiceImpl.java
@ -0,0 +1,183 @@
+package com.epmet.service.impl;
+
+import cn.hutool.core.bean.BeanUtil;
+import com.epmet.auth.constants.AuthOperationConstants;
+import com.epmet.common.token.constant.LoginConstant;
+import com.epmet.commons.rocketmq.messages.LoginMQMsg;
+import com.epmet.commons.tools.constant.AppClientConstant;
+import com.epmet.commons.tools.constant.ServiceConstant;
+import com.epmet.commons.tools.exception.EpmetErrorCode;
+import com.epmet.commons.tools.exception.ExceptionUtils;
+import com.epmet.commons.tools.exception.RenException;
+import com.epmet.commons.tools.feign.ResultDataResolver;
+import com.epmet.commons.tools.redis.RedisKeys;
+import com.epmet.commons.tools.redis.RedisUtils;
+import com.epmet.commons.tools.security.dto.IcTokenDto;
+import com.epmet.commons.tools.utils.CpUserDetailRedis;
+import com.epmet.commons.tools.utils.IpUtils;
+import com.epmet.commons.tools.utils.Result;
+import com.epmet.dto.CustomerAgencyDTO;
+import com.epmet.dto.form.SystemMsgFormDTO;
+import com.epmet.dto.result.DepartmentListResultDTO;
+import com.epmet.dto.result.GridByStaffResultDTO;
+import com.epmet.dto.result.UserTokenResultDTO;
+import com.epmet.feign.EpmetMessageOpenFeignClient;
+import com.epmet.feign.GovOrgOpenFeignClient;
+import com.epmet.jwt.JwtTokenProperties;
+import com.epmet.jwt.JwtTokenUtils;
+import com.epmet.service.IcLoginService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.util.CollectionUtils;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.*;
+import java.util.stream.Collectors;
+
+@Service
+@Slf4j
+public class IcLoginServiceImpl implements IcLoginService, ResultDataResolver {
+
+    @Autowired
+    private JwtTokenUtils jwtTokenUtils;
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+    @Autowired
+    private CpUserDetailRedis cpUserDetailRedis;
+
+    @Autowired
+    private JwtTokenProperties jwtTokenProperties;
+
+    @Autowired
+    private EpmetMessageOpenFeignClient messageOpenFeignClient;
+
+    @Autowired
+    private GovOrgOpenFeignClient govOrgOpenFeignClient;
+
+    @Autowired
+    private ThirdLoginServiceImpl thirdLoginService;
+
+    @Override
+    public UserTokenResultDTO login(String staffId, String orgId) {
+        String app = AppClientConstant.APP_IC;
+        String client = AppClientConstant.CLIENT_WEB;
+
+        // 1.获取用户token
+        String token = this.generateIcToken(staffId, app, client);
+
+        Result<CustomerAgencyDTO> agencyResult = govOrgOpenFeignClient.getAgencyById(orgId);
+        CustomerAgencyDTO agencyInfo = getResultDataOrThrowsException(agencyResult, ServiceConstant.GOV_ORG_SERVER, EpmetErrorCode.SERVER_ERROR.getCode(), "【IC平台登录】获取组织信息失败");
+
+        // 2.缓存token
+        cacheToken(app, client, staffId, token, orgId, agencyInfo.getCustomerId());
+
+        UserTokenResultDTO userTokenResultDTO = new UserTokenResultDTO();
+        userTokenResultDTO.setToken(token);
+        userTokenResultDTO.setCustomerId(agencyInfo.getCustomerId());
+
+        //7.发送登录事件
+        try {
+            sendLoginEvent(staffId, app, client);
+        } catch (RenException e) {
+            log.error(e.getInternalMsg());
+        } catch (Exception e) {
+            log.error("【工作端workLogin登录】发送登录事件失败，程序继续执行。");
+        }
+
+        return userTokenResultDTO;
+    }
+
+    /**
+     * @param staffId
+     * @return
+     * @description 生成Ic平台的Token
+     * @author wxz
+     * @date 2021.10.26 13:42:36
+     */
+    private String generateIcToken(String staffId, String app, String client) {
+        Map<String, Object> map = new HashMap<>();
+        map.put("app", app);
+        map.put("client", client);
+        map.put("userId", staffId);
+        String token = jwtTokenUtils.createToken(map);
+        return token;
+    }
+
+    /**
+     * @param userId
+     * @param fromApp
+     * @param fromClient
+     * @return
+     * @description 发布登录时间
+     * @author wxz
+     * @date 2021.10.26 13:45:59
+     */
+    private void sendLoginEvent(String userId, String fromApp, String fromClient) {
+        HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+
+        LoginMQMsg loginMQMsg = new LoginMQMsg();
+        loginMQMsg.setUserId(userId);
+        loginMQMsg.setLoginTime(new Date());
+        loginMQMsg.setIp(IpUtils.getIpAddr(request));
+        loginMQMsg.setFromApp(fromApp);
+        loginMQMsg.setFromClient(fromClient);
+
+        SystemMsgFormDTO form = new SystemMsgFormDTO();
+        form.setMessageType(AuthOperationConstants.LOGIN);
+        form.setContent(loginMQMsg);
+        messageOpenFeignClient.sendSystemMsgByMQ(form);
+    }
+
+    /**
+     * @description 缓存token到redis
+     *
+     * @param app
+     * @param client
+     * @param userId
+     * @param token
+     * @param rootAgencyId
+     * @return
+     * @author wxz
+     * @date 2021.10.26 14:19:07
+     */
+    private void cacheToken(String app,
+                            String client,
+                            String userId,
+                            String token,
+                            String rootAgencyId,
+                            String customerId) {
+
+        IcTokenDto tokenDto = new IcTokenDto();
+        int expire = jwtTokenProperties.getExpire();
+        long expireTime = jwtTokenUtils.getExpiration(token).getTime();
+
+        tokenDto.setApp(app);
+        tokenDto.setClient(client);
+        tokenDto.setUserId(userId);
+        tokenDto.setToken(token);
+        tokenDto.setExpireTime(expireTime);
+        tokenDto.setRootAgencyId(rootAgencyId);
+        tokenDto.setCustomerId(customerId);
+
+        //设置部门，网格，角色列表
+        tokenDto.setDeptIdList(thirdLoginService.getDeptartmentIdList(userId));
+        tokenDto.setGridIdList(thirdLoginService.getGridIdList(userId));
+        CustomerAgencyDTO agency = thirdLoginService.getAgencyByStaffId(userId);
+        if (agency != null) {
+            tokenDto.setAgencyId(agency.getId());
+            tokenDto.setRoleList(thirdLoginService.queryGovStaffRoles(userId, agency.getId()));
+        }
+        tokenDto.setOrgIdPath(thirdLoginService.getOrgIdPath(userId));
+
+        String key = RedisKeys.getCpUserKey(app, client, userId);
+        Map<String, Object> map = BeanUtil.beanToMap(tokenDto, false, true);
+        redisUtils.hMSet(key, map, expire);
+    }
+
+
+}
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/AppClientConstant.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/constant/AppClientConstant.java
@ -17,6 +17,12 @@ public interface AppClientConstant {
     * app类型-运营端
     */
    String APP_OPER = "oper";
+
+    /**
+     * 基层治理平台端
+     */
+    String APP_IC = "ic";
+
    /**
     * PC端:web
     */
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/exception/EpmetErrorCode.java
@ -19,6 +19,7 @@ public enum EpmetErrorCode {
 	ERR10005(10005, "token不能为空"),
 	ERR10006(10006, "登录超时，请重新登录"),
 	ERR10007(10007, "当前帐号已在别处登录"),
+	ERR10008(10008, "Ticket错误"),
 	ERR10019(10019, "验证码不正确"),
 	SYSTEM_MQ_MSG_SEND_FAIL(10020, "MQ消息发送失败"),
 	ERR401(401, "未授权"),
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/redis/RedisKeys.java
@ -38,6 +38,13 @@ public class RedisKeys {
 		return rootPrefix.concat("sys:captcha:").concat(uuid);
 	}

+	/**
+	 * 登录验证码Key
+	 */
+	public static String getIcLoginCaptchaKey(String uuid) {
+		return rootPrefix.concat("sys:captcha:iclogin:").concat(uuid);
+	}
+
 	/**
 	 * 登录用户Key
 	 */
@ -559,4 +566,17 @@ public class RedisKeys {
 	public static String blockedMqMsgKey(String blockedMsgLabel) {
    	return rootPrefix.concat("message:mq:blocked:").concat(blockedMsgLabel);
 	}
+
+	/**
+	 * @description 登录票据。目前只有IC基层治理平台用到
+	 *
+	 * @param app
+	 * @param ticket
+	 * @return
+	 * @author wxz
+	 * @date 2021.10.25 17:49:43
+	 */
+	public static String loginTicket(String app, String ticket) {
+		return rootPrefix.concat("sys:security:ticket:").concat(app).concat(":").concat(ticket);
+	}
 }
--- a/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/IcTokenDto.java
+++ b/epmet-commons/epmet-commons-tools/src/main/java/com/epmet/commons/tools/security/dto/IcTokenDto.java
@ -0,0 +1,81 @@
+package com.epmet.commons.tools.security.dto;
+
+import com.alibaba.fastjson.JSON;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.List;
+import java.util.Set;
+
+/**
+ * @Description ic平台token
+ * @author wxz
+ * @date 2021.10.26 13:58:03
+*/
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class IcTokenDto extends BaseTokenDto {
+
+    /**
+     * 当前登录的组织id(顶级)
+     */
+    private String rootAgencyId;
+
+    /**
+     * 当前用户所属的机关单位id
+     */
+    private String agencyId;
+
+    /**
+     * 当前网格对应的组织结构id的全路径用:隔开
+     */
+    private String orgIdPath;
+
+    /**
+     * 当前所在网格id
+     */
+    private String gridId;
+
+    /***
+     * 所在网格列表
+     */
+    private Set<String> gridIdList;
+
+    /**
+     * 部门id列表
+     */
+    private Set<String> deptIdList;
+
+    /**
+     * 功能权限列表，实际上是gov_staff => staff_role => role_operation查询到的operationKey
+     */
+    private Set<String> permissions;
+
+    /**
+     * 角色ID列表
+     */
+    private List<GovTokenDto.Role> roleList;
+
+    /**
+     * 过期时间戳
+     */
+    private Long expireTime;
+
+    @Data
+    public static class Role {
+
+        private String id;
+        private String roleKey;
+        private String roleName;
+
+        public Role() {
+        }
+    }
+
+    @Override
+    public String toString() {
+        return JSON.toJSONString(this);
+    }
+}
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/RootOrgListByStaffIdFormDTO.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/dto/form/RootOrgListByStaffIdFormDTO.java
@ -0,0 +1,19 @@
+package com.epmet.dto.form;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @Description 客户id查询跟组织列表
+ * @author wxz
+ * @date 2021.10.25 14:53:09
+*/
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class RootOrgListByStaffIdFormDTO {
+
+    private String staffId;
+
+}
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/feign/GovOrgOpenFeignClient.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/feign/GovOrgOpenFeignClient.java
@ -187,6 +187,17 @@ public interface GovOrgOpenFeignClient {
    @PostMapping(value = "/gov/org/customeragency/getStaffOrgList",consumes = MediaType.APPLICATION_JSON_VALUE)
    Result<List<StaffOrgsResultDTO>> getStaffOrgList(StaffOrgFormDTO staffOrgFormDTO);

+    /**
+     * @description 通过staffId查询跟组织列表
+     *
+     * @param input
+     * @return
+     * @author wxz
+     * @date 2021.10.25 14:53:53
+     */
+    @PostMapping("/gov/org/customeragency/root-orglist-by-staffid")
+    Result<List<StaffOrgsResultDTO>> getStaffOrgListByStaffId(@RequestBody RootOrgListByStaffIdFormDTO input);
+
    /**
     * @Description  查询一个网格下的所有工作人员
     * @param gridIdFormDTO
--- a/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/feign/fallback/GovOrgOpenFeignClientFallback.java
+++ b/epmet-module/gov-org/gov-org-client/src/main/java/com/epmet/feign/fallback/GovOrgOpenFeignClientFallback.java
@ -113,6 +113,11 @@ public class GovOrgOpenFeignClientFallback implements GovOrgOpenFeignClient {
        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getStaffOrgList", staffOrgFormDTO);
    }

+    @Override
+    public Result<List<StaffOrgsResultDTO>> getStaffOrgListByStaffId(RootOrgListByStaffIdFormDTO input) {
+        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getStaffOrgListByStaffId", input);
+    }
+
    @Override
    public Result<List<String>> getGridStaffs(CommonGridIdFormDTO gridIdFormDTO) {
        return ModuleUtils.feignConError(ServiceConstant.GOV_ORG_SERVER, "getGridStaffs", gridIdFormDTO);
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/CustomerAgencyController.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/controller/CustomerAgencyController.java
@ -339,4 +339,22 @@ public class CustomerAgencyController {
        return new Result<AgencyTreeResultDTO>().ok(customerAgencyService.getAgencyList(formDTO));
    }

+    /**
+     * @description 通过staffId查询跟组织列表
+     *
+     * @param input
+     * @return
+     * @author wxz
+     * @date 2021.10.25 14:53:53
+     */
+    @PostMapping("root-orglist-by-staffid")
+    public Result<List<StaffOrgsResultDTO>> getStaffOrgListByStaffId(@RequestBody RootOrgListByStaffIdFormDTO input) {
+
+        ValidatorUtils.validateEntity(input);
+        String staffId = input.getStaffId();
+
+        List<StaffOrgsResultDTO> orgList = customerAgencyService.getStaffOrgListByStaffId(staffId);
+        return new Result<List<StaffOrgsResultDTO>>().ok(orgList);
+    }
+
 }
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/dao/CustomerAgencyDao.java
@ -244,6 +244,8 @@ public interface CustomerAgencyDao extends BaseDao<CustomerAgencyEntity> {

    List<AgencyTreeResultDTO> getSubAgencyList(@Param("pid") String pid);

+    List<StaffOrgsResultDTO> getStaffOrgListByStaffId(@Param("staffId") String staffId);
+
    /**
     * @Description  【地图配置】删除
     * @param orgId
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerAgencyService.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/CustomerAgencyService.java
@ -255,4 +255,6 @@ public interface CustomerAgencyService extends BaseService<CustomerAgencyEntity>
     * @Date 2021/9/8 15:21
     */
    AgencyTreeResultDTO getAgencyList(GetAgencyListFormDTO formDTO);
+
+    List<StaffOrgsResultDTO> getStaffOrgListByStaffId(String staffId);
 }
--- a/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerAgencyServiceImpl.java
+++ b/epmet-module/gov-org/gov-org-server/src/main/java/com/epmet/service/impl/CustomerAgencyServiceImpl.java
@ -1124,4 +1124,8 @@ public class CustomerAgencyServiceImpl extends BaseServiceImpl<CustomerAgencyDao
        }
    }

+    @Override
+    public List<StaffOrgsResultDTO> getStaffOrgListByStaffId(String staffId) {
+        return baseDao.getStaffOrgListByStaffId(staffId);
+    }
 }
--- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml
+++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml
@ -577,6 +577,17 @@
            AND CUSTOMER_ID = #{customerId}
    </select>

+    <select id="getStaffOrgListByStaffId" resultType="com.epmet.dto.result.StaffOrgsResultDTO">
+        select ca.id                AS rootAgencyId,
+               ca.ORGANIZATION_NAME AS rootAgencyName,
+               ca.CUSTOMER_ID       AS customerId
+        from customer_staff_agency csa
+                 inner join customer_agency ca
+                            on (csa.DEL_FLAG = 0 and ca.DEL_FLAG = 0 and csa.AGENCY_ID = ca.ID)
+                 inner join customer_agency root on (root.DEL_FLAG = 0 and ca.CUSTOMER_ID = root.CUSTOMER_ID and root.PID = '0')
+        where csa.USER_ID = #{staffId}
+    </select>
+
    <!-- 地图查询下级组织 -->
    <select id="selectSonOrg" resultType="com.epmet.dto.result.MapSonOrgResultDTO">
        SELECT
--- a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml.rej
+++ b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml.rej
@ -0,0 +1,18 @@
+diff a/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml b/epmet-module/gov-org/gov-org-server/src/main/resources/mapper/CustomerAgencyDao.xml	(rejected hunks)
+@@ -539,4 +539,15 @@
+             AND CUSTOMER_ID = #{customerId}
+     </select>
+ 
+    <select id="getStaffOrgListByStaffId" resultType="com.epmet.dto.result.StaffOrgsResultDTO">
+        select ca.id                AS rootAgencyId,
+               ca.ORGANIZATION_NAME AS rootAgencyName,
+               ca.CUSTOMER_ID       AS customerId
+        from customer_staff_agency csa
+                 inner join customer_agency ca
+                            on (csa.DEL_FLAG = 0 and ca.DEL_FLAG = 0 and csa.AGENCY_ID = ca.ID)
+                 inner join customer_agency root on (root.DEL_FLAG = 0 and ca.CUSTOMER_ID = root.CUSTOMER_ID and root.PID = '0')
+        where csa.USER_ID = #{staffId}
+    </select>
+
+ </mapper>
+\ No newline at end of file
--- a/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/StaffBasicInfoByMobileFromDTO.java
+++ b/epmet-user/epmet-user-client/src/main/java/com/epmet/dto/form/StaffBasicInfoByMobileFromDTO.java
@ -0,0 +1,23 @@
+package com.epmet.dto.form;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import java.io.Serializable;
+
+/**
+ * @Description
+ * @author wxz
+ * @date 2021.10.25 14:00:11
+*/
+@Data
+public class StaffBasicInfoByMobileFromDTO implements Serializable {
+	private static final long serialVersionUID = 1L;
+
+	@NotBlank(message = "缺少手机号码信息")
+	private String mobile;
+
+	@NotBlank(message = "缺少密码")
+	private String password;
+
+}