package com.uas.sso.controller; import com.uas.sso.core.Status; import com.uas.sso.entity.*; import com.uas.sso.service.ChangeAdminService; import com.uas.sso.service.UserService; import com.uas.sso.service.UserspaceService; import com.uas.sso.support.SystemSession; import com.uas.sso.util.CollectionUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.ui.ModelMap; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import java.util.HashMap; import java.util.List; import java.util.Map; /** * @author wangmh * @create 2018-01-15 10:24 * @desc 更换管理员controller(需要登录) **/ @RestController @RequestMapping("/sso/change/admin") public class ChangeAdminController extends BaseController { @Autowired private UserService userService; @Autowired private UserspaceService userspaceService; @Autowired private ChangeAdminService changeAdminService; @Autowired private static final String STEP_SECONT_TOKEN = "changeAdmin"; /** * 获取校验类型 * * @return */ @RequestMapping(value = "/checkType", method = RequestMethod.GET) public ModelMap getCheckType() { // 获取用户信息 UserAccount userAccount = SystemSession.getUserAccount(); User user = userService.findOne(userAccount.getUserUU()); // 判断是否未企业管理员 Userspace userspace = userspaceService.findOne(userAccount.getSpaceUU()); if (!userspace.getAdminUU().equals(user.getUserUU())) { return success(); } // 设置返回数据 ModelMap data = new ModelMap(); data.put("mobile", Status.AUTHENTICATED.getCode() == user.getMobileValidCode() ? user.getMobile() : null); data.put("email", Status.AUTHENTICATED.getCode() == user.getEmailValidCode() ? user.getEmail() : null); data.put("questions", !CollectionUtils.isEmpty(user.getQuestions()) ? user.getQuestions() : null); request.getSession().setAttribute("user", user); return success(data); } /** * 手机号获取验证码 * * @return * @author wangmh * @date 2018/1/15 11:52 */ @RequestMapping(value = "/check/mobile", method = RequestMethod.GET) public ModelMap checkByMobile() { UserAccount userAccount = SystemSession.getUserAccount(); // 获取验证码 String token = getMobileToken(userAccount.getMobile()); // 设置返回值 ModelMap data = new ModelMap(); data.put("token", token); data.put("code", request.getSession().getAttribute("code")); return success(data); } /** * 手机号校验验证码 * * @return * @author wangmh * @date 2018/1/15 11:53 */ @RequestMapping(value = "/check/mobile", method = RequestMethod.POST) public ModelMap checkByMobile(@RequestParam String token, @RequestParam String code) { UserAccount userAccount = SystemSession.getUserAccount(); // 校验验证码 checkMobileCode(token, userAccount.getMobile(), code); tokenService.delete(token); // 设置返回值 Token existToken = new Token(userAccount, 7 * 24 * 60 * 60); request.getSession().setAttribute("existToken", existToken); tokenService.save(existToken); return success(new ModelMap("token", existToken.getId())); } /** * 获取邮箱验证 * * @return * @author wangmh * @date 2018/1/15 13:56 */ @RequestMapping(value = "/check/email", method = RequestMethod.GET) public ModelMap checkByEmail() { UserAccount userAccount = SystemSession.getUserAccount(); // 设置发送邮件信息 Token existToken = new Token(userAccount, 7 * 24 * 60 * 60); tokenService.save(existToken); ModelMap data = new ModelMap(); data.put("vipName", userAccount.getVipName()); data.put("type", "更换管理员"); // TODO 邮件认证地址 data.put("url", "http://192.168.253.66:8081/sso/resetPwd/check/question?token="+existToken.getId()); // 发送邮件 String email = userAccount.getEmail(); if (!StringUtils.isEmpty(email)) { Setting mailTplId = settingService.findOne("templateForSendMailWhenResetPassword"); if (!StringUtils.isEmpty(mailTplId)) { mailService.send(mailTplId.getValue(), email, data); } } // 设置返回值 request.getSession().setAttribute("existToken", existToken); return success(); } /** * 获取用户的密保问题 * * @author wangmh * @date 2018/1/15 16:19 * @return */ @RequestMapping(value = "/check/question", method = RequestMethod.GET) public ModelMap checkByQuestion() { UserAccount userAccount = SystemSession.getUserAccount(); // 查询密保 User user = userService.findOne(userAccount.getUserUU()); List questions = user.getQuestions(); // 将问题返回用户,答案放入session Map userAnswer = new HashMap<>(questions.size()); for (UserQuestion question : questions) { userAnswer.put(question.getId(), question.getAnswer()); } request.getSession().setAttribute("answers", userAnswer); ModelMap data = new ModelMap(); data.put("questions", questions); return success(data); } /** * 校验用户密保答案 * * @author wangmh * @date 2018/1/15 16:20 * @param answers 用户输入的答案 * @return */ @RequestMapping(value = "/check/question", method = RequestMethod.POST) public ModelMap checkByQuestion(List> answers) { UserAccount userAccount = SystemSession.getUserAccount(); // 校验密保答案 Map userAnswer = (Map) request.getSession().getAttribute("answers"); for (Map answer : answers) { if (!answer.get("answer").equals(userAnswer.get(answer.get("id")))){ return error("答案错误"); } } // 返回token Token existToken = new Token(userAccount, 7 * 24 * 60 * 60); request.getSession().setAttribute("existToken", existToken); tokenService.save(existToken); ModelMap data = new ModelMap(); data.put("token", existToken.getId()); return success(data); } /** * 校验第一步传的token * @param token 第一步返回的token * @return */ @RequestMapping(value = "/apply", method = RequestMethod.GET) public ModelMap checkToken(@RequestParam String token) { if (StringUtils.isEmpty(token)) { return error("验证信息已过期,请重新验证"); } Token existToken = tokenService.findOne(token); if (existToken == null) { return error("验证信息已过期,请重新验证"); } return success(); } /** * 获取验证码 * * @author wangmh * @date 2018/1/15 18:09 * @param mobile 新管理员手机号 * @param token 第一步返回的token * @return */ @RequestMapping(value = "/check/newMobile", method = RequestMethod.GET) public ModelMap checkByNewMobile(String mobile, @RequestParam String token) { // 校验第一步返回的token checkToken(token); // 获取token并返回 ModelMap data = new ModelMap(); data.put("token", getMobileToken(mobile)); data.put("code", request.getSession().getAttribute("code")); return success(data); } /** * 提交更换管理员信息 * * @author wangmh * @date 2018/1/15 18:22 * @param mobile 手机号 * @param token 获取验证码返回的token * @param code 验证码 * @param codeToken 验证码token * @param changeReason 更换管理员原因 * @param contactTel 联系电话 * @return */ @RequestMapping(method = RequestMethod.POST) public ModelMap changeAdmin(String mobile, @RequestParam String token, String code, @RequestParam String codeToken, String changeReason, String contactTel) { // 校验第一步返回的token if (StringUtils.isEmpty(token)) { return error("验证信息已过期,请重新验证"); } Token existToken = tokenService.findOne(token); if (existToken == null) { return error("验证信息已过期,请重新验证"); } // 校验空参数 if (StringUtils.isEmpty(changeReason.trim())) { return error("更换原因不能为空"); } if (StringUtils.isEmpty(contactTel.trim())) { return error("联系电话不能为空"); } // 校验验证码 checkMobileCode(codeToken, mobile, code); // 获取新管理员 User afterAdmin = userService.findByMobile(mobile); // 获取提交者 UserAccount userAccount = (UserAccount) existToken.getBind(); // 获取之前的管理员 Userspace userspace = userspaceService.findOne(userAccount.getSpaceUU()); User beforeAdmin = userService.findOne(userspace.getAdminUU()); ChangeAdmin changeAdmin = new ChangeAdmin(); changeAdmin.setSubmitterUU(userAccount.getUserUU()); changeAdmin.setBeforeAdminUU(beforeAdmin.getUserUU()); changeAdmin.setAfterAdminUU(afterAdmin.getUserUU()); changeAdmin.setChangeReason(changeReason); changeAdmin.setContactTel(contactTel); changeAdminService.submit(changeAdmin); return success(); } @RequestMapping(value = "/check/newMobile", method = RequestMethod.POST) public ModelMap checkByNewMobile(String mobile, @RequestParam String token, String code) { // 校验验证码 checkMobileCode(token, mobile, code); return success(); } }