接口统一身份认证

applications/school/school-server/src/main/java/com/usoftchina/smartschool/school/wxschool/basic/controller/WxUserController.java

@@ -2,12 +2,18 @@ package com.usoftchina.smartschool.school.wxschool.basic.controller;
 
 import com.alibaba.fastjson.JSON;
 import com.github.kevinsawicki.http.HttpRequest;
+import com.usoftchina.smartschool.auth.dto.TokenDTO;
+import com.usoftchina.smartschool.auth.jwt.JwtHelper;
+import com.usoftchina.smartschool.auth.jwt.JwtInfo;
+import com.usoftchina.smartschool.auth.jwt.JwtToken;
+import com.usoftchina.smartschool.school.po.ParentsDO;
 import com.usoftchina.smartschool.school.po.SchoolDO;
 import com.usoftchina.smartschool.school.po.TeacherDO;
 import com.usoftchina.smartschool.school.wxschool.basic.service.WxSchoolService;
 import com.usoftchina.smartschool.school.wxschool.basic.service.WxUserService;
 import com.usoftchina.smartschool.school.wxschool.utils.ObjectUtils;
 import com.usoftchina.smartschool.school.wxschool.utils.ResultBean;
+import com.usoftchina.smartschool.utils.BeanMapper;
 import org.apache.ibatis.annotations.Param;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -48,6 +54,11 @@ public class WxUserController {
 	@Autowired
 	private WxSchoolService schoolService;
 
+    @Value("${auth.private-key}")
+    private String privateKeyPath;
+
+    @Value("${auth.expire:72000}")
+    private int expire;
 
 	@Value("${smartschool.domain.wechat}")
 	private String wechatUrl;
@@ -79,6 +90,16 @@ public class WxUserController {
 			Assert.notNull(code,"请输入验证码");
 			Assert.notNull(openid,"openid不能为空");
 			Map<String, Object> map = userService.bindOpenid(userPhone, code, openid,headimgurl);
+            Object teacherDOS =  map.get("teacherDOS");
+            Object parentsDOS = map.get("parentsDOS");
+            TokenDTO tokenDTO = null;
+            //如果家长存在,APP进入后默认是家长身份
+            if (ObjectUtils.isNotEmpty(parentsDOS)) {
+                tokenDTO = generateToken(((List<ParentsDO>) parentsDOS).get(0));
+            }else {
+                tokenDTO = generateToken(((List<TeacherDO>) teacherDOS).get(0));
+            }
+            map.put("token", tokenDTO);
 			return new ResultBean(map);
 		}catch (Exception e){
 			return new ResultBean(e);
@@ -95,6 +116,14 @@ public class WxUserController {
 			if (ObjectUtils.isEmpty(teacherDOS)&&ObjectUtils.isEmpty(parentsDOS)){
 				return new ResultBean(false);
 			}else {
+                TokenDTO tokenDTO = null;
+			    //如果家长存在,APP进入后默认是家长身份
+			    if (ObjectUtils.isNotEmpty(parentsDOS)) {
+                    tokenDTO = generateToken(((List<ParentsDO>) parentsDOS).get(0));
+                }else {
+			        tokenDTO = generateToken(((List<TeacherDO>) teacherDOS).get(0));
+                }
+                map.put("token", tokenDTO);
 				return new ResultBean(map);
 			}
 		}catch (Exception e){
@@ -102,6 +131,45 @@ public class WxUserController {
 		}
 	}
 
+    /**
+     * 身份切换
+     * @param personId  用户ID
+     * @param type      1： 教师   0：家长
+     * @return
+     */
+    @PostMapping("/switchIdentity")
+    public ResultBean switchIdentify(Long personId, Long type){
+        return new ResultBean(userService.switchIdentify(personId, type, privateKeyPath, expire));
+    }
+
+    /**
+     * 创建token
+     * @param object
+     * @return
+     */
+	private TokenDTO generateToken(Object object){
+        Long schoolId = -1L, userId = -1L;
+        String username = null, mobile = null;
+	    if (object instanceof ParentsDO) {
+            ParentsDO parentsDO = ((ParentsDO) object);
+            schoolId = parentsDO.getSchoolId();
+            userId = parentsDO.getUserId();
+            username = parentsDO.getParentsName();
+            mobile = parentsDO.getPaPhone();
+        }else if (object instanceof TeacherDO) {
+            TeacherDO teacherDO = ((TeacherDO) object);
+            schoolId = teacherDO.getSchoolId();
+            userId = teacherDO.getUserId();
+            username = teacherDO.getTeacherName();
+            mobile = teacherDO.getTeacherPhone();
+        }else {
+	        return null;
+        }
+        JwtInfo jwtInfo = new JwtInfo("school", schoolId, userId, username, mobile);
+        JwtToken jwtToken = JwtHelper.generateToken(jwtInfo, privateKeyPath, expire);
+        return BeanMapper.map(jwtToken, TokenDTO.class);
+    }
+
 	/**
 	 * 首页数据
 	 * @param schoolId

applications/school/school-server/src/main/resources/application.yml

@@ -73,6 +73,7 @@ mybatis:
   mapper-locations: classpath:mapper/*.xml
 auth:
   public-key: auth/pub.key
+  private-key: auth/pri.key
 ribbon:
   ReadTimeout: 10000
   ConnectTimeout: 10000

applications/school/school-server/src/main/resources/mapper/WxParentsMapper.xml

@@ -4,7 +4,7 @@
 <mapper namespace="com.usoftchina.smartschool.school.wxschool.mapper.WxParentsMapper">
 
     <sql id="ParentsVo">
-    select `parent_id`,`user_id`,`openid`,`school_id`,`parents_name`,`parents_birthday`,`parents_sex`,`parents_photo`,`parents_status`,`parents_job`,`parents_address`,`parents_honor`,`parents_remarks` from sys_parents
+    select `parent_id`,`user_id`,`openid`,`school_id`,`parents_name`,`parents_birthday`,`parents_sex`,`parents_photo`,`parents_status`,`parents_job`,`parents_address`,`parents_honor`,`parents_remarks`,`pa_phone` from sys_parents
     </sql>
 
 	<select id="get" resultType="com.usoftchina.smartschool.school.po.ParentsDO">
@@ -27,6 +27,7 @@
 		  		  <if test="parentsAddress != null and parentsAddress != ''"> and parents_address = #{parentsAddress} </if>
 		  		  <if test="parentsHonor != null and parentsHonor != ''"> and parents_honor = #{parentsHonor} </if>
 		  		  <if test="parentsRemarks != null and parentsRemarks != ''"> and parents_remarks = #{parentsRemarks} </if>
+		  		  <if test="paPhone != null and paPhone != ''"> and pa_phone = #{paPhone} </if>
 		  		</where>
         <choose>
             <when test="sort != null and sort.trim() != ''">

applications/school/school-server/src/main/resources/mapper/WxTeacherMapper.xml

@@ -4,7 +4,7 @@
 <mapper namespace="com.usoftchina.smartschool.school.wxschool.mapper.WxTeacherMapper">
 
     <sql id="TeacherVo">
-    select `teacher_id`,`user_id`,`openid`,`school_id`,`teacher_number`,`teacher_name`,`teacher_sex`,`teacher_birthday`,`teacher_photo`,`teacher_working_age`,`teacher_experience`,`teacher_status`,`teacher_address`,`teacher_entry`,`teacher_honor`,`teacher_remarks` from sys_teacher
+    select `teacher_id`,`user_id`,`openid`,`school_id`,`teacher_number`,`teacher_name`,`teacher_sex`,`teacher_birthday`,`teacher_photo`,`teacher_working_age`,`teacher_experience`,`teacher_status`,`teacher_address`,`teacher_entry`,`teacher_honor`,`teacher_remarks`,`teacher_phone` from sys_teacher
     </sql>
 
 	<select id="get" resultType="com.usoftchina.smartschool.school.po.TeacherDO">

base-servers/gateway-server/src/main/java/com/usoftchina/smartschool/gateway/config/AuthFilter.java

@@ -7,6 +7,7 @@ import com.usoftchina.smartschool.auth.jwt.JwtInfo;
 import com.usoftchina.smartschool.context.BaseContextHolder;
 import com.usoftchina.smartschool.exception.BizException;
 import com.usoftchina.smartschool.exception.ExceptionCode;
+import com.usoftchina.smartschool.gateway.util.AntPathRequestMatcher;
 import com.usoftchina.smartschool.utils.CollectionUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -39,10 +40,10 @@ public class AuthFilter implements GlobalFilter, Ordered {
     @Override
     public Mono<Void> filter(ServerWebExchange exchange, GatewayFilterChain chain) {
         try {
-            // 鉴别身份信息
-            String token = getAuthToken(exchange.getRequest());
-            JwtInfo jwt = null;
-            if (token != null) {
+            if (!isIgnore(exchange.getRequest())) {
+                // 鉴别身份信息
+                String token = getAuthToken(exchange.getRequest());
+                JwtInfo jwt = null;
                 try {
                     jwt = JwtHelper.getInfoFromToken(token, authConfig.getPublicKey());
                 } catch (BizException e) {
@@ -72,6 +73,17 @@ public class AuthFilter implements GlobalFilter, Ordered {
         return null;
     }
 
+    /**
+     * 是否设置为忽略鉴权的请求
+     *
+     * @param request
+     * @return
+     */
+    private boolean isIgnore(ServerHttpRequest request) {
+        return authConfig.getIgnores().stream().anyMatch(ignore ->
+                new AntPathRequestMatcher(ignore).matches(request));
+    }
+
     @Override
     public int getOrder() {
         return -100;

base-servers/gateway-server/src/main/resources/application.yml

@@ -135,3 +135,11 @@ auth:
   ignores:
     - /api/auth/authorize
     - /api/account/account/register
+    - /api/school/wxSchool/user/bindOpenid*
+    - /api/school/wxSchool/user/isBinding*
+    - /api/school/wxSchool/user/sendCodeUpdate*
+    - /api/school/wxSchool/meeting/getMeetingDetails*
+    - /api/school/wxSchool/notify/getNotify*
+    - /api/school/wxSchool/stuScore/getScoreByStu*
+    - /api/school/wxSchool/taskNotify/taskDetail*
+    - /api/school/wxSchool/outInRecord/inout/detail*