'commit'

5 years ago · 1116203341
parent a8888c1caa
commit 1116203341
5 changed files with 129 additions and 10 deletions
--- a/dsBaseRpc/Jira地址.txt
+++ b/dsBaseRpc/Jira地址.txt
@ -1,4 +1,8 @@
 http://10.10.6.162:8000/secure/Dashboard.jspa

 wubin
-123456
+123456
+
+
+tea7197
+980212
--- a/dsSso/Controller/ControllerOauth2/ControllerOauth2.go
+++ b/dsSso/Controller/ControllerOauth2/ControllerOauth2.go
@ -64,6 +64,12 @@ func Routers(r *gin.RouterGroup) {
 // @Success 200 {object} Model.Res
 // @Router /oauth2/getCaptcha [get]
 func getCaptcha(c *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	//自定义redis为存储器
 	captcha.SetCustomStore(&ControllerRecaptcha.RedisStoreBean)

@ -97,6 +103,12 @@ func getCaptcha(c *gin.Context) {
 // @Router /oauth2/getCaptchaPng [get]
 // @X-LengthLimit [{"captchaId":"20,20"}]
 func getCaptchaPng(c *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	ControllerRecaptcha.ServeHTTP(c.Writer, c.Request)
 }

@ -106,6 +118,12 @@ func getCaptchaPng(c *gin.Context) {
 时间：2020-03-13
 */
 func generateAuthCode(context *gin.Context, identityId string, personId string, deviceId string, typeId string) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	//1、生成加密串
 	r, _ := AesUtil.Encrypt([]byte(identityId + "_" + personId + "_" + deviceId + "_" + ConvertUtil.Int64ToString(CommonUtil.GetCurrentTimestamp())))
 	//2、转base64
@ -177,6 +195,12 @@ func generateAuthCode(context *gin.Context, identityId string, personId string,
 // @Success 200 {string} string
 // @Router /oauth2/access_token [post]
 func accessToken(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	req := context.Request
 	resp := RedisStorage.OsinServer.NewResponse()
 	defer resp.Close()
@ -303,6 +327,12 @@ func accessToken(context *gin.Context) {
 // @X-IntLimit ["device_id"]
 // @X-EmptyLimit ["username","password","captchaId","value"]
 func authorizePost(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	var identityId string
 	var personId string
 	var success bool
@ -382,6 +412,12 @@ func authorizePost(context *gin.Context) {
 // @Router /oauth2/authorize [get]
 // @X-EmptyLimit ["client_id","redirect_uri","device_id","oauth_callback"]
 func authorizeGet(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	//客户端的client_id
 	var paraClientId = context.Query("client_id")
 	//回调接口地址
@ -437,6 +473,12 @@ func authorizeGet(context *gin.Context) {
 // @Success 200 {string} string
 // @Router /oauth2/logout [get]
 func logout(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	//取出现在的cookie中的accessToken
 	accessToken := SsoUtil.ReadSsoCookie(context)
 	//获取所有接入系统的
@ -494,6 +536,12 @@ func logout(context *gin.Context) {
 // @Router /oauth2/resetRemainCount [get]
 // @X-EmptyLimit ["userName"]
 func resetRemainCount(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	userName := context.Query("userName")
 	RedisUtil.DEL(Const.RemainCountRedisPrefix + userName)
 	msg := "成功清除禁用标识！"
@ -511,6 +559,12 @@ func resetRemainCount(context *gin.Context) {
 // @Router /oauth2/wxLogin [post]
 // @X-EmptyLimit ["code"]
 func wxLogin(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	var code = context.PostForm("code")
 	//对接微信，腾讯给的AK+SK
 	appId := "wx3e0449144386938a"
@ -529,7 +583,7 @@ func wxLogin(context *gin.Context) {
 	if resp.StatusCode == 200 {
 		//将返回结果转为json
 		openid := gjson.Get(string(body), "openid")
-		context.Redirect(301, "/sso/static/bindUser.html?openid="+openid.Str)
+		context.JSON(http.StatusOK, map[string]interface{}{"success": true, "openid": openid})
 	} else {
 		context.JSON(http.StatusOK, map[string]interface{}{"success": false, "openid": ""})
 	}
@ -543,6 +597,12 @@ func wxLogin(context *gin.Context) {
 // @Success 200 {string} string
 // @Router /oauth2/wxShowImg [get]
 func wxShowImg(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
 	url := `https://open.weixin.qq.com/connect/qrconnect?appid=wx3e0449144386938a&redirect_uri=http://fort.edusoa.com:7777/sso/static/jumpWx.html&response_type=code&scope=snsapi_login&state=STATE#wechat_redirect`
 	//获取http代码
 	p, err := goquery.ParseUrl(url)
@ -570,3 +630,44 @@ func wxShowImg(context *gin.Context) {
 		context.File(pngFile)
 	}
 }
+
+// @Summary 		检查OPENID的是否已经绑定
+// @Description 	检查OPENID的是否已经绑定
+// @Tags			登录验证类
+// @Accept application/x-www-form-urlencoded
+// @Produce  json
+// @Param openid query string true "OpenId"
+// @Success 200 {string} string
+// @Router /oauth2/checkOpenId [get]
+func checkOpenId(context *gin.Context) {
+	//异常处理
+	defer func() {
+		if err := recover(); err != nil {
+			fmt.Printf("%s\n", err)
+		}
+	}()
+	openId := context.Query("openid")
+	found, err, identityId, personId := ServiceLoginPerson.CheckOpenId(openId)
+	if err != nil {
+		context.JSON(http.StatusOK, map[string]interface{}{"success": false, "message": "检查OpenId失败！"})
+		return
+	}
+	//1、此OpenId已经存在挂接关系，那么写入相应的登录标识，并跳转到指定的页面
+	if found {
+		//1、生成加密串
+		r, _ := AesUtil.Encrypt([]byte(CommonUtil.ConvertInt64ToString(identityId) + "_" + personId + "_1_" + ConvertUtil.Int64ToString(CommonUtil.GetCurrentTimestamp())))
+		//2、转base64
+		encodeString := base64.RawURLEncoding.EncodeToString([]byte(r))
+		//3、写cookie
+		context.SetCookie(ConfigUtil.AccessToken, encodeString, 0, "/", "", false, true)
+		//4、跳转到XXX页面，比如集成页，或者管理员的首页
+		if identityId==1{
+			context.Redirect(301, "/dsBaseWeb/#/organization/bureau")
+		}else{
+			context.Redirect(301, "/dsBaseWeb/pages/personPortal/")
+		}
+	} else {
+		//2、如果此OpenId没有实现过挂接，应该跳转到绑定用户页面
+		context.Redirect(301, "/sso/static/bindUser.html?openId="+openId)
+	}
+}
--- a/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
+++ b/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
@ -95,7 +95,7 @@ func Login(username string, password string, ip string) (bool, string, string, s
 			RedisUtil.SET(key, CommonUtil.ConvertIntToString(remainCount-1), 2*time.Hour)
 			//记录日志
 			WriteLoginLog(identityId, personId, ip, -1, username)
-			return false, identityId, personId, personName, remainCount-1
+			return false, identityId, personId, personName, remainCount - 1
 		}
 	}
 }
@ -238,3 +238,16 @@ func GetLoginNameByPersonId(personId string) (string, error) {
 	}
 	return list[0]["login_name"].(string), nil
 }
+
+// 对OpenId进行检查，如果已存在，则模拟登录，如果不存在，返回false,让其跳转到绑定用户页面
+func CheckOpenId(openId string) (bool, error, int64, string) {
+	sql := `select * from t_sys_loginperson where wx_open_id=?`
+	list, err := db.SQL(sql, openId).Query().List()
+	if err != nil {
+		return false, err, -1, ""
+	}
+	if len(list) == 0 {
+		return false, nil, -1, ""
+	}
+	return true, nil, list[0]["identity_id"].(int64),list[0]["person_id"].(string)
+}
--- a/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
+++ b/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
@ -50,3 +50,9 @@ func Login(username string, password string, ip string) (bool, string, string, s
 	result, identityId, personId, personName, remainCount := DaoSysLoginPerson.Login(username, password, ip)
 	return result, identityId, personId, personName, remainCount
 }
+
+// 对OpenId进行检查，如果已存在，则模拟登录，如果不存在，返回false,让其跳转到绑定用户页面
+func CheckOpenId(openId string) (bool, error, int64, string) {
+	found, err, identityId, personId := DaoSysLoginPerson.CheckOpenId(openId)
+	return found, err, identityId, personId
+}
--- a/dsSso/static/jumpWx.html
+++ b/dsSso/static/jumpWx.html
@ -14,8 +14,6 @@
 <script type="text/javascript">
    $(function () {
        var code = getUrlParam("code");
-        var default_redirect_url = getDefaultRedirectUrl();
-        var store = new Persist.Store('store_name');
        $.ajax({
            type: "POST",
            dataType: "json",
@ -26,13 +24,10 @@
            async: false,
            success: function (result) {
                var open_id = Base64.encode(aesEncrypt(result.openid));
-                alert(open_id);
-                alert("接下来要判断是不是此openId在数据库中已经完成了账号绑定，如果完成了，直接模拟登录；如果没有完成，需要进入绑定界面。")
                if (result.success) {
-                    //window.location.href = store.get("url")  + "?ds_sso_sessionid=" + result.sessionId;
-                    //store.set("url","")
+                    alert("接下来要判断是不是此openId在数据库中已经完成了账号绑定，如果完成了，直接模拟登录；如果没有完成，需要进入绑定界面。")
+                    //window.location.href ="/sso/static/bindUser.html?openid="+open_id;
                } else {
-
                    //window.location.href = "bindUser.html?open_id="+open_id+"&type_id="+aesEncrypt("2")+"&redirect_url="+default_redirect_url;
                }
            }