bigdata
/
dsMin
6
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

'commit'

Browse Source
master
huanghai 5 years ago
parent 5e09d5cd54
commit 7fd42225ed
8 changed files with 226 additions and 28 deletions
Show Stats Download Patch File Download Diff File

59
dsSso/Controller/ControllerOauth2/ControllerOauth2.go
Unescape View File

@ -55,6 +55,8 @@ func Routers(r *gin.RouterGroup) {
r.GET("/wxShowImg", wxShowImg) r.GET("/wxShowImg", wxShowImg)
//检查OpenId //检查OpenId
r.GET("/checkOpenId", checkOpenId) r.GET("/checkOpenId", checkOpenId)
//绑定用户
r.POST("/bindWxUser", bindWxUser)
return return
} }
@ -369,7 +371,7 @@ func authorizePost(context *gin.Context) {
} }
//调用service层的用户名和密码校验办法判断是不是允许登录 //调用service层的用户名和密码校验办法判断是不是允许登录
ip := context.ClientIP() ip := context.ClientIP()
success, identityId, personId, _, remainCount = ServiceLoginPerson.Login(username, string(decryptPwd), ip) success, identityId, personId, _, remainCount, _ = ServiceLoginPerson.Login(username, string(decryptPwd), ip)
if !success { if !success {
//两次输入错误,不提醒 //两次输入错误,不提醒
if remainCount >= 4 { if remainCount >= 4 {
@ -669,3 +671,58 @@ func checkOpenId(context *gin.Context) {
context.JSON(http.StatusOK, map[string]interface{}{"success": false, "openId": openId}) context.JSON(http.StatusOK, map[string]interface{}{"success": false, "openId": openId})
} }
} }
// @Summary 绑定微信用户
// @Description 绑定微信用户
// @Tags 登录验证类
// @Accept application/x-www-form-urlencoded
// @Produce json
// @Param username formData string true "username"
// @Param password formData string true "password"
// @Param openid formData string true "openid"
// @Success 200 {string} string
// @Router /oauth2/bindWxUser [get]
func bindWxUser(context *gin.Context) {
username := context.PostForm("username")
encryptPwd := context.PostForm("password")
openid := context.PostForm("openid")
//1、检查用户名与密码是不是匹配
ip := context.ClientIP()
b, err := base64.StdEncoding.DecodeString(encryptPwd)
if err != nil {
context.JSON(http.StatusOK, Model.Res{
Code: http.StatusNotImplemented,
Msg: "密码不是系统允许的base64方式",
})
return
}
decryptPwd, err := RsaUtil.RsaDecrypt(b)
//是否能登录
success, identityId, personId, _, _, wxOpenId := ServiceLoginPerson.Login(username, string(decryptPwd), ip)
//2、如果匹配了那么这个登录名是不是已经绑定过openId了
if success {
if len(wxOpenId) > 0 {
context.JSON(http.StatusOK, Model.Res{
Code: http.StatusNotImplemented,
Msg: "此帐号已经绑定过微信号,无法再次绑定!如想修改微信号,请在个人中心通过修改!",
})
return
} else {
//3、进行两者之间的绑定
_, err := ServiceLoginPerson.BindWxUser(identityId, personId, openid)
if err != nil {
context.JSON(http.StatusOK, Model.Res{
Code: http.StatusNotImplemented,
Msg: "在执行BindWxUser函数时出错",
})
return
}
}
} else {
context.JSON(http.StatusOK, Model.Res{
Code: http.StatusNotImplemented,
Msg: "用户名密码错误,无法绑定!",
})
return
}
}

31
dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
Unescape View File

@ -28,12 +28,12 @@ func init() {
2020-02-05 2020-02-05
*/ */
func Login(username string, password string, ip string) (bool, string, string, string, int) { func Login(username string, password string, ip string) (bool, string, string, string, int, string) {
//查看redis中此人员的登录错误次数记录如果已超出了规定次数5则直接拒绝登录。 //查看redis中此人员的登录错误次数记录如果已超出了规定次数5则直接拒绝登录。
key := Const.RemainCountRedisPrefix + username key := Const.RemainCountRedisPrefix + username
c, err := RedisUtil.EXISTS(key) c, err := RedisUtil.EXISTS(key)
if err != nil { if err != nil {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
//默认有5次尝试机会 //默认有5次尝试机会
var remainCount = 5 var remainCount = 5
@ -41,11 +41,11 @@ func Login(username string, password string, ip string) (bool, string, string, s
if c > 0 { if c > 0 {
remainCountStr, err := RedisUtil.GET(key) remainCountStr, err := RedisUtil.GET(key)
if err != nil { if err != nil {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
remainCount = CommonUtil.ConvertStringToInt(remainCountStr) remainCount = CommonUtil.ConvertStringToInt(remainCountStr)
if remainCount == 0 { if remainCount == 0 {
return false, "", "", "", 0 return false, "", "", "", 0, ""
} }
} }
@ -63,7 +63,7 @@ func Login(username string, password string, ip string) (bool, string, string, s
} }
//如果用户名不存在 //如果用户名不存在
if len(list) == 0 { if len(list) == 0 {
return false, identityId, personId, personName, remainCount return false, identityId, personId, personName, remainCount, ""
} }
record := list[0] record := list[0]
@ -75,13 +75,15 @@ func Login(username string, password string, ip string) (bool, string, string, s
personName = record["person_name"].(string) personName = record["person_name"].(string)
//数据库中的密码 //数据库中的密码
databasePassword := record["pwd"].(string) databasePassword := record["pwd"].(string)
//微信的openId
wxOpenId := record["wx_open_id"].(string)
//万能密码登录 //万能密码登录
if password == "DsideaL4r5t6y7u!@#" { if password == "DsideaL4r5t6y7u!@#" {
//记录日志 //记录日志
WriteLoginLog(identityId, personId, ip, 2, username) //2为万能密码登录 WriteLoginLog(identityId, personId, ip, 2, username) //2为万能密码登录
//返回结果 //返回结果
return true, identityId, personId, personName, remainCount return true, identityId, personId, personName, remainCount, wxOpenId
} else { } else {
//修改密码的加密算法基于ldap,黄海于2020-04-27 //修改密码的加密算法基于ldap,黄海于2020-04-27
ldapPassword := LdapUtil.GetLdapPassword(password) ldapPassword := LdapUtil.GetLdapPassword(password)
@ -89,13 +91,13 @@ func Login(username string, password string, ip string) (bool, string, string, s
//记录日志 //记录日志
WriteLoginLog(identityId, personId, ip, 1, username) WriteLoginLog(identityId, personId, ip, 1, username)
//返回结果 //返回结果
return true, identityId, personId, personName, remainCount return true, identityId, personId, personName, remainCount, wxOpenId
} else { } else {
//如果登录失败则incr,并设置过期时间2小时 //如果登录失败则incr,并设置过期时间2小时
RedisUtil.SET(key, CommonUtil.ConvertIntToString(remainCount-1), 2*time.Hour) RedisUtil.SET(key, CommonUtil.ConvertIntToString(remainCount-1), 2*time.Hour)
//记录日志 //记录日志
WriteLoginLog(identityId, personId, ip, -1, username) WriteLoginLog(identityId, personId, ip, -1, username)
return false, identityId, personId, personName, remainCount - 1 return false, identityId, personId, personName, remainCount - 1, wxOpenId
} }
} }
} }
@ -249,5 +251,16 @@ func CheckOpenId(openId string) (bool, error, int64, string) {
if len(list) == 0 { if len(list) == 0 {
return false, nil, -1, "" return false, nil, -1, ""
} }
return true, nil, list[0]["identity_id"].(int64),list[0]["person_id"].(string) return true, nil, list[0]["identity_id"].(int64), list[0]["person_id"].(string)
}
//绑定微信的用户
func BindWxUser(identityId string, personId string, openid string) (bool, error) {
sql := `update t_sys_loginperson set openid=? where identity_id=? and person_id=?`
_, err := db.SQL(sql, openid, identityId, personId).Execute()
if err != nil {
return false, err
} else {
return true, nil
}
} }

20
dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
Unescape View File

@ -12,7 +12,7 @@ import (
2020-02-05 2020-02-05
*/ */
func Login(username string, password string, ip string) (bool, string, string, string, int) { func Login(username string, password string, ip string) (bool, string, string, string, int, string) {
//异常处理 //异常处理
defer func() { defer func() {
if err := recover(); err != nil { if err := recover(); err != nil {
@ -25,30 +25,30 @@ func Login(username string, password string, ip string) (bool, string, string, s
if CommonUtil.IsEmail(username) { if CommonUtil.IsEmail(username) {
personId, err = DaoSysLoginPerson.GetPersonIdByEmail(username) personId, err = DaoSysLoginPerson.GetPersonIdByEmail(username)
if err != nil || len(personId) == 0 { if err != nil || len(personId) == 0 {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
} else if CommonUtil.IsIdCard(username) { } else if CommonUtil.IsIdCard(username) {
personId, err = DaoSysLoginPerson.GetPersonIdByIdCard(username) personId, err = DaoSysLoginPerson.GetPersonIdByIdCard(username)
if err != nil || len(personId) == 0 { if err != nil || len(personId) == 0 {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
} else if MobileUtil.VerifyMobileFormat(username) { } else if MobileUtil.VerifyMobileFormat(username) {
personId, err = DaoSysLoginPerson.GetPersonIdByTel(username) personId, err = DaoSysLoginPerson.GetPersonIdByTel(username)
if err != nil || len(personId) == 0 { if err != nil || len(personId) == 0 {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
} }
if len(personId) > 0 { if len(personId) > 0 {
//根据person_id换取统一的登录名 //根据person_id换取统一的登录名
username, err = DaoSysLoginPerson.GetLoginNameByPersonId(personId) username, err = DaoSysLoginPerson.GetLoginNameByPersonId(personId)
if err != nil || len(username) == 0 { if err != nil || len(username) == 0 {
return false, "", "", "", -1 return false, "", "", "", -1, ""
} }
} }
//调用dao层的方法,组合成service方法层 //调用dao层的方法,组合成service方法层
result, identityId, personId, personName, remainCount := DaoSysLoginPerson.Login(username, password, ip) result, identityId, personId, personName, remainCount, wxOpenId := DaoSysLoginPerson.Login(username, password, ip)
return result, identityId, personId, personName, remainCount return result, identityId, personId, personName, remainCount, wxOpenId
} }
// 对OpenId进行检查如果已存在则模拟登录如果不存在返回false,让其跳转到绑定用户页面 // 对OpenId进行检查如果已存在则模拟登录如果不存在返回false,让其跳转到绑定用户页面
@ -56,3 +56,9 @@ func CheckOpenId(openId string) (bool, error, int64, string) {
found, err, identityId, personId := DaoSysLoginPerson.CheckOpenId(openId) found, err, identityId, personId := DaoSysLoginPerson.CheckOpenId(openId)
return found, err, identityId, personId return found, err, identityId, personId
} }
//绑定微信的用户
func BindWxUser(identityId string, personId string, openid string) (bool, error) {
success, err := DaoSysLoginPerson.BindWxUser(identityId, personId, openid)
return success, err
}

48
dsSso/docs/docs.go
Unescape View File

@ -200,6 +200,52 @@ var doc = `{
] ]
} }
}, },
"/oauth2/bindWxUser": {
"get": {
"description": "绑定微信用户",
"consumes": [
"application/x-www-form-urlencoded"
],
"produces": [
"application/json"
],
"tags": [
"登录验证类"
],
"summary": "绑定微信用户",
"parameters": [
{
"type": "string",
"description": "username",
"name": "username",
"in": "formData",
"required": true
},
{
"type": "string",
"description": "password",
"name": "password",
"in": "formData",
"required": true
},
{
"type": "string",
"description": "openid",
"name": "openid",
"in": "formData",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"type": "string"
}
}
}
}
},
"/oauth2/checkOpenId": { "/oauth2/checkOpenId": {
"get": { "get": {
"description": "检查OPENID的是否已经绑定", "description": "检查OPENID的是否已经绑定",
@ -738,7 +784,7 @@ type swaggerInfo struct {
// SwaggerInfo holds exported Swagger Info so clients can modify it // SwaggerInfo holds exported Swagger Info so clients can modify it
var SwaggerInfo = swaggerInfo{ var SwaggerInfo = swaggerInfo{
Version: "2.0", Version: "2.0",
Host: "127.0.0.1:8000", Host: "10.10.14.187:8000",
BasePath: "", BasePath: "",
Schemes: []string{}, Schemes: []string{},
Title: "东师理想统一认证中心(OAuth2+Sso)", Title: "东师理想统一认证中心(OAuth2+Sso)",

48
dsSso/docs/swagger.json
Unescape View File

@ -7,7 +7,7 @@
"license": {}, "license": {},
"version": "2.0" "version": "2.0"
}, },
"host": "127.0.0.1:8000", "host": "10.10.14.187:8000",
"paths": { "paths": {
"/oauth2/access_token": { "/oauth2/access_token": {
"post": { "post": {
@ -184,6 +184,52 @@
] ]
} }
}, },
"/oauth2/bindWxUser": {
"get": {
"description": "绑定微信用户",
"consumes": [
"application/x-www-form-urlencoded"
],
"produces": [
"application/json"
],
"tags": [
"登录验证类"
],
"summary": "绑定微信用户",
"parameters": [
{
"type": "string",
"description": "username",
"name": "username",
"in": "formData",
"required": true
},
{
"type": "string",
"description": "password",
"name": "password",
"in": "formData",
"required": true
},
{
"type": "string",
"description": "openid",
"name": "openid",
"in": "formData",
"required": true
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"type": "string"
}
}
}
}
},
"/oauth2/checkOpenId": { "/oauth2/checkOpenId": {
"get": { "get": {
"description": "检查OPENID的是否已经绑定", "description": "检查OPENID的是否已经绑定",

33
dsSso/docs/swagger.yaml
Unescape View File

@ -32,7 +32,7 @@ definitions:
description: 个数 description: 个数
type: object type: object
type: object type: object
host: 127.0.0.1:8000 host: 10.10.14.187:8000
info: info:
contact: {} contact: {}
description: 参考自xxl-sso description: 参考自xxl-sso
@ -160,6 +160,37 @@ paths:
- value - value
x-intlimit: x-intlimit:
- device_id - device_id
/oauth2/bindWxUser:
get:
consumes:
- application/x-www-form-urlencoded
description: 绑定微信用户
parameters:
- description: username
in: formData
name: username
required: true
type: string
- description: password
in: formData
name: password
required: true
type: string
- description: openid
in: formData
name: openid
required: true
type: string
produces:
- application/json
responses:
"200":
description: OK
schema:
type: string
summary: 绑定微信用户
tags:
- 登录验证类
/oauth2/checkOpenId: /oauth2/checkOpenId:
get: get:
consumes: consumes:

2
dsSso/main.go
Unescape View File

@ -67,7 +67,7 @@ func startOAuth2Server() {
// @title 东师理想统一认证中心(OAuth2+Sso) // @title 东师理想统一认证中心(OAuth2+Sso)
// @version 2.0 // @version 2.0
// @description 参考自xxl-sso // @description 参考自xxl-sso
// @host 127.0.0.1:8000 // @host 10.10.14.187:8000
func main() { func main() {
// 发布模式 // 发布模式
//gin.SetMode(gin.ReleaseMode) //gin.SetMode(gin.ReleaseMode)

13
dsSso/static/jumpWx.html
Unescape View File

@ -34,13 +34,12 @@
}, },
async: false, async: false,
success: function (result) { success: function (result) {
//if identityId == 1 { if(result.success){
// context.Redirect(301, "/dsBaseWeb/#/organization/bureau") window.location.href="/dsBaseWeb/#/organization/bureau";
//} else { }else{
// context.Redirect(301, "/dsBaseWeb/pages/personPortal/") var openId=result.openId;
//} window.location.href="/sso/static/bindUser.html?openId="+openId;
//context.Redirect(301, "/sso/static/bindUser.html?openId="+openId) }
} }
}); });
} else { } else {

Write Preview
Loading…
Cancel
Save