8 hónapja · 4ff2ba3e09
--- a/src/main/java/com/aizuda/boot/modules/auth/controller/LoginController.java
+++ b/src/main/java/com/aizuda/boot/modules/auth/controller/LoginController.java
@@ -12,10 +12,7 @@ import com.baomidou.kisso.annotation.LoginIgnore;
 
				 import io.swagger.v3.oas.annotations.Operation;
			
 
				 import io.swagger.v3.oas.annotations.tags.Tag;
			
 
				 import lombok.AllArgsConstructor;
			
 
				-import org.springframework.web.bind.annotation.PostMapping;
			
 
				-import org.springframework.web.bind.annotation.RequestBody;
			
 
				-import org.springframework.web.bind.annotation.RequestMapping;
			
 
				-import org.springframework.web.bind.annotation.RestController;
			
 
				+import org.springframework.web.bind.annotation.*;
			
 
				 
			
 
				 import java.util.Map;
			
 
				 
			
@@ -38,4 +35,11 @@ public class LoginController extends ApiController {
 
				     public Map<String, Object> loginSystem(@RequestBody LoginParam loginParam) {
			
 
				         return authService.login(request, response, loginParam);
			
 
				     }
			
 
				+
			
 
				+    @Operation(summary = "通过票据登录")
			
 
				+    @LoginIgnore
			
 
				+    @PostMapping("/token")
			
 
				+    public Map<String, Object> tokenLogin(@RequestBody LoginParam loginParam) {
			
 
				+        return authService.tokenLogin(request, response, loginParam);
			
 
				+    }
			
 
				 }
			
--- a/src/main/java/com/aizuda/boot/modules/auth/param/LoginParam.java
+++ b/src/main/java/com/aizuda/boot/modules/auth/param/LoginParam.java
@@ -22,6 +22,9 @@ import java.io.Serializable;
 
				 @Schema(name = "LoginParam", description = "登录参数")
			
 
				 public class LoginParam implements Serializable {
			
 
				 
			
 
				+    @Schema(description = "AES登录票据")
			
 
				+    private String token;
			
 
				+
			
 
				     @Schema(description = "登录名称")
			
 
				     private String username;
			
 
				 
			
--- a/src/main/java/com/aizuda/boot/modules/auth/service/IAuthService.java
+++ b/src/main/java/com/aizuda/boot/modules/auth/service/IAuthService.java
@@ -25,8 +25,17 @@ public interface IAuthService {
 
				      * @param request    请求
			
 
				      * @param response   响应
			
 
				      * @param loginParam 登录参数
			
 
				-     * @return 菜单权限 Map
			
 
				+     * @return 登录信息 MAP
			
 
				      */
			
 
				     Map<String, Object> login(HttpServletRequest request, HttpServletResponse response, LoginParam loginParam);
			
 
				 
			
 
				+    /**
			
 
				+     * 通过票据登录系统
			
 
				+     *
			
 
				+     * @param request    请求
			
 
				+     * @param response   响应
			
 
				+     * @param loginParam 登录参数
			
 
				+     * @return 登录信息 MAP
			
 
				+     */
			
 
				+    Map<String, Object> tokenLogin(HttpServletRequest request, HttpServletResponse response, LoginParam loginParam);
			
 
				 }
			
--- a/src/main/java/com/aizuda/boot/modules/auth/service/impl/AuthServiceImpl.java
+++ b/src/main/java/com/aizuda/boot/modules/auth/service/impl/AuthServiceImpl.java
@@ -13,6 +13,7 @@ import com.aizuda.core.api.ApiAssert;
 
				 import com.baomidou.kisso.common.encrypt.MD5Salt;
			
 
				 import com.baomidou.kisso.enums.TokenOrigin;
			
 
				 import com.baomidou.kisso.security.token.SSOToken;
			
 
				+import com.baomidou.mybatisplus.core.toolkit.AES;
			
 
				 import com.baomidou.mybatisplus.core.toolkit.IdWorker;
			
 
				 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
			
 
				 import jakarta.servlet.http.HttpServletRequest;
			
@@ -21,10 +22,8 @@ import lombok.AllArgsConstructor;
 
				 import org.apache.commons.lang3.StringUtils;
			
 
				 import org.springframework.stereotype.Service;
			
 
				 
			
 
				-import java.util.HashMap;
			
 
				-import java.util.List;
			
 
				-import java.util.Map;
			
 
				-import java.util.Objects;
			
 
				+import java.nio.charset.StandardCharsets;
			
 
				+import java.util.*;
			
 
				 
			
 
				 /**
			
 
				  * 授权 服务实现类
			
@@ -50,6 +49,13 @@ public class AuthServiceImpl implements IAuthService {
 
				                 , user.getPassword(), loginParam.getPassword()), "登录密码错误");
			
 
				 
			
 
				         // 登录信息
			
 
				+        return loginInfo(request, user);
			
 
				+    }
			
 
				+
			
 
				+    /**
			
 
				+     * 设置登录信息
			
 
				+     */
			
 
				+    private Map<String, Object> loginInfo(HttpServletRequest request, SysUser user) {
			
 
				         Map<String, Object> loginInfo = new HashMap<>(4);
			
 
				         loginInfo.put("token", new SSOToken().id(user.getId()).issuer(user.getUsername())
			
 
				                 .userAgent(request).origin(TokenOrigin.HTML5).data(new HashMap<>() {{
			
@@ -63,4 +69,29 @@ public class AuthServiceImpl implements IAuthService {
 
				         return loginInfo;
			
 
				     }
			
 
				 
			
 
				+    @Override
			
 
				+    public Map<String, Object> tokenLogin(HttpServletRequest request, HttpServletResponse response, LoginParam loginParam) {
			
 
				+        ApiAssert.fail(StringUtils.isBlank(loginParam.getToken()), "授权票据不能为空");
			
 
				+
			
 
				+        try {
			
 
				+            // 校验票据合法性，Token 为 Base64 URL 加密
			
 
				+            byte[] bytes = Base64.getUrlDecoder().decode(loginParam.getToken());
			
 
				+            String text = new String(AES.decrypt(bytes, "AIjOCLBy8D0BlSdC".getBytes(StandardCharsets.UTF_8)));
			
 
				+            long timestamp = Long.parseLong(text.substring(0, 10));
			
 
				+            long currentTime = System.currentTimeMillis() / 1000;
			
 
				+            if ((currentTime - timestamp) > 600) {
			
 
				+                ApiAssert.fail("授权票据已失效");
			
 
				+            }
			
 
				+        } catch (Throwable t) {
			
 
				+            ApiAssert.fail("授权票据验证失败");
			
 
				+        }
			
 
				+
			
 
				+        // 固定进入 admin 账号
			
 
				+        SysUser user = new SysUser();
			
 
				+        user.setId(0L);
			
 
				+        user.setUsername("admin");
			
 
				+        user.setNickName("admin");
			
 
				+        return loginInfo(request, user);
			
 
				+    }
			
 
				+
			
 
				 }