登录优化

fys-admin/src/main/java/com/fuyuanshen/app/controller/AppAuthController.java

@@ -4,15 +4,24 @@ import cn.dev33.satoken.annotation.SaIgnore;
 import cn.dev33.satoken.exception.NotLoginException;
 import cn.hutool.core.collection.CollUtil;
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.RandomUtil;
+import com.fuyuanshen.app.model.AppRegisterBody;
 import com.fuyuanshen.app.model.AppSmsLoginBody;
 import com.fuyuanshen.app.service.AppLoginService;
+import com.fuyuanshen.app.service.AppRegisterService;
+import com.fuyuanshen.common.core.constant.Constants;
+import com.fuyuanshen.common.core.constant.GlobalConstants;
 import com.fuyuanshen.common.core.constant.SystemConstants;
 import com.fuyuanshen.common.core.domain.R;
+import com.fuyuanshen.common.core.domain.model.AppPasswordLoginBody;
 import com.fuyuanshen.common.core.domain.model.RegisterBody;
 import com.fuyuanshen.common.core.domain.model.SmsLoginBody;
+import com.fuyuanshen.common.core.enums.LoginType;
 import com.fuyuanshen.common.core.utils.*;
 import com.fuyuanshen.common.encrypt.annotation.ApiEncrypt;
 import com.fuyuanshen.common.json.utils.JsonUtils;
+import com.fuyuanshen.common.ratelimiter.annotation.RateLimiter;
+import com.fuyuanshen.common.redis.utils.RedisUtils;
 import com.fuyuanshen.common.satoken.utils.LoginHelper;
 import com.fuyuanshen.common.tenant.helper.TenantHelper;
 import com.fuyuanshen.system.domain.bo.SysTenantBo;
@@ -27,6 +36,7 @@ import com.fuyuanshen.web.domain.vo.TenantListVo;
 import com.fuyuanshen.web.service.IAuthStrategy;
 import com.fuyuanshen.web.service.SysRegisterService;
 import jakarta.servlet.http.HttpServletRequest;
+import jakarta.validation.constraints.NotBlank;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.dromara.sms4j.api.SmsBlend;
@@ -36,8 +46,12 @@ import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
 import java.net.URL;
+import java.time.Duration;
+import java.util.LinkedHashMap;
 import java.util.List;
 
+import static com.fuyuanshen.common.core.constant.GlobalConstants.DEVICE_SHARE_CODES_KEY;
+
 /**
  * APP认证
  *
@@ -51,7 +65,7 @@ import java.util.List;
 public class AppAuthController {
 
     private final AppLoginService loginService;
-    private final SysRegisterService registerService;
+    private final AppRegisterService registerService;
     private final ISysConfigService configService;
     private final ISysTenantService tenantService;
     private final ISysClientService clientService;
@@ -66,16 +80,34 @@ public class AppAuthController {
     @PostMapping("/login")
     public R<LoginVo> login(@RequestBody AppSmsLoginBody appSmsLoginBody) {
 //        SmsLoginBody loginBody = JsonUtils.parseObject(body, SmsLoginBody.class);
-        ValidatorUtils.validate(appSmsLoginBody);
-        SmsLoginBody loginBody = new SmsLoginBody();
-        loginBody.setPhonenumber(appSmsLoginBody.getPhonenumber());
-        loginBody.setSmsCode(appSmsLoginBody.getSmsCode());
-        loginBody.setTenantId(appSmsLoginBody.getTenantId());
-        loginBody.setClientId("ca839698e245d60aa2f0e59bd52b34f8");
-        loginBody.setGrantType("appSms");
+        String loginType = appSmsLoginBody.getLoginType();
+        String body = "";
         // 授权类型和客户端id
-        String clientId = loginBody.getClientId();
-        String grantType = loginBody.getGrantType();
+        String clientId = "";
+        String grantType = "";
+        String tenantId = appSmsLoginBody.getTenantId();
+        ValidatorUtils.validate(appSmsLoginBody);
+        if("2".equals(loginType)){
+            AppPasswordLoginBody loginBody = new AppPasswordLoginBody();
+            loginBody.setUsername(appSmsLoginBody.getPhonenumber());
+            loginBody.setPassword(appSmsLoginBody.getLoginPassword());
+            loginBody.setClientId("835b15335d389c9fcfdf99421fa8019b");
+            loginBody.setGrantType("appPassword");
+            clientId = loginBody.getClientId();
+            grantType = loginBody.getGrantType();
+            body = JsonUtils.toJsonString(loginBody);
+        }else{
+            SmsLoginBody loginBody = new SmsLoginBody();
+            loginBody.setPhonenumber(appSmsLoginBody.getPhonenumber());
+            loginBody.setSmsCode(appSmsLoginBody.getSmsCode());
+            loginBody.setTenantId(appSmsLoginBody.getTenantId());
+            loginBody.setClientId("ca839698e245d60aa2f0e59bd52b34f8");
+            loginBody.setGrantType("appSms");
+            clientId = loginBody.getClientId();
+            grantType = loginBody.getGrantType();
+            body = JsonUtils.toJsonString(loginBody);
+        }
+
         SysClientVo client = clientService.queryByClientId(clientId);
         // 查询不到 client 或 client 内不包含 grantType
         if (ObjectUtil.isNull(client) || !StringUtils.contains(client.getGrantType(), grantType)) {
@@ -85,9 +117,9 @@ public class AppAuthController {
             return R.fail(MessageUtils.message("auth.grant.type.blocked"));
         }
         // 校验租户
-        loginService.checkTenant(loginBody.getTenantId());
+//        loginService.checkTenant(loginBody.getTenantId());
+        loginService.checkTenant(tenantId);
         // 登录
-        String body = JsonUtils.toJsonString(loginBody);
         LoginVo loginVo = IAuthStrategy.login(body, client, grantType);
         return R.ok(loginVo);
     }
@@ -113,16 +145,68 @@ public class AppAuthController {
         return R.ok("用户注销成功");
     }
 
+
     /**
      * 用户注册
      */
-    @ApiEncrypt
     @PostMapping("/register")
-    public R<Void> register(@Validated @RequestBody RegisterBody user) {
-        if (!configService.selectRegisterEnabled(user.getTenantId())) {
-            return R.fail("当前系统没有开启注册功能！");
+    public R<Void> register(@Validated @RequestBody AppRegisterBody body) {
+        registerService.register(body);
+        return R.ok();
+    }
+
+
+    /**
+     * 找回密码
+     */
+    @PostMapping("/forgetPassword")
+    public R<Void> forgetPassword(@Validated @RequestBody AppRegisterBody body) {
+        registerService.forgetPassword(body);
+        return R.ok();
+    }
+
+
+    /**
+     * 用户注册短信验证码
+     *
+     * @param phonenumber 用户手机号
+     */
+    @SaIgnore
+    @RateLimiter(key = "#phonenumber", time = 60, count = 1)
+    @GetMapping("/registerSmsCode")
+    public R<Void> registerSmsCode(@NotBlank(message = "{user.phonenumber.not.blank}") String phonenumber) {
+        String key = GlobalConstants.REGISTER_CODE_KEY + phonenumber;
+        String code = RandomUtil.randomNumbers(4);
+        RedisUtils.setCacheObject(key, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION));
+        LinkedHashMap<String, String> map = new LinkedHashMap<>(1);
+        map.put("code", code);
+        SmsBlend smsBlend = SmsFactory.getSmsBlend("config1");
+        SmsResponse smsResponse = smsBlend.sendMessage(phonenumber, map);
+        if (!smsResponse.isSuccess()) {
+            return R.fail(smsResponse.getData().toString());
+        }
+        return R.ok();
+    }
+
+    /**
+     * 找回密码短信验证码
+     *
+     * @param phonenumber 用户手机号
+     */
+    @SaIgnore
+    @RateLimiter(key = "#phonenumber", time = 60, count = 1)
+    @GetMapping("/forgetPasswordSmsCode")
+    public R<Void> forgetPasswordSmsCode(@NotBlank(message = "{user.phonenumber.not.blank}") String phonenumber) {
+        String key = GlobalConstants.FORGET_PASSWORD_CODE_KEY + phonenumber;
+        String code = RandomUtil.randomNumbers(4);
+        RedisUtils.setCacheObject(key, code, Duration.ofMinutes(Constants.CAPTCHA_EXPIRATION));
+        LinkedHashMap<String, String> map = new LinkedHashMap<>(1);
+        map.put("code", code);
+        SmsBlend smsBlend = SmsFactory.getSmsBlend("config1");
+        SmsResponse smsResponse = smsBlend.sendMessage(phonenumber, map);
+        if (!smsResponse.isSuccess()) {
+            return R.fail(smsResponse.getData().toString());
         }
-        registerService.register(user);
         return R.ok();
     }