verify_login_controller.go 13KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442
  1. package controllers
  2. import (
  3. "Xcx_New/enums"
  4. "Xcx_New/models"
  5. "Xcx_New/service"
  6. "Xcx_New/utils"
  7. "fmt"
  8. "github.com/astaxie/beego"
  9. "github.com/jinzhu/gorm"
  10. "net/url"
  11. "regexp"
  12. "strconv"
  13. "strings"
  14. "time"
  15. )
  16. func VerifyUserLoginControllerRegistRouters() {
  17. beego.Router("/login", &VerifyUserLoginController{}, "get:Login")
  18. beego.Router("/logout", &VerifyUserLoginController{}, "get,post:Logout")
  19. beego.Router("/handle_error", &VerifyUserLoginController{}, "get:HandleError")
  20. beego.Router("/api/token/verify", &VerifyUserLoginAPIController{}, "post:VerifyToken")
  21. beego.Router("/api/admin/edit_info", &VerifyUserLoginAPIController{}, "post:EditAdminUserInfo")
  22. beego.Router("/api/password/code", &PersonAPIController{}, "post:CodeOfModifyPwd")
  23. beego.Router("/api/password/modify", &PersonAPIController{}, "post:ModifyPwd")
  24. }
  25. type VerifyUserLoginController struct {
  26. BaseViewController
  27. }
  28. // /login [get]
  29. // @param token?:string
  30. // @param relogin?:bool
  31. func (this *VerifyUserLoginController) Login() {
  32. token := this.Ctx.Input.Query("token")
  33. if len(token) > 0 { // 带 token 参数的一般是从 SSO 回调回来的
  34. utils.TraceLog("SSO Login 回调: token=%v", token)
  35. xtFrontEndDomain := beego.AppConfig.String("front_end_domain") + "?lt=" + token
  36. this.Redirect302(xtFrontEndDomain)
  37. } else {
  38. relogin, _ := this.GetBool("relogin", false)
  39. returnURL := url.QueryEscape(fmt.Sprintf("%v%v", beego.AppConfig.String("httpdomain"), this.Ctx.Request.RequestURI))
  40. ssoDomain := beego.AppConfig.String("sso_domain")
  41. ssoLoginURL := fmt.Sprintf("%v/login?returnurl=%v&app_type=3&relogin=%v", ssoDomain, returnURL, relogin)
  42. this.Redirect302(ssoLoginURL)
  43. }
  44. }
  45. // /logout [get/post]
  46. func (this *VerifyUserLoginController) Logout() {
  47. if this.Ctx.Request.Method == "GET" {
  48. this.DelSession("admin_user_info")
  49. this.Redirect302(fmt.Sprintf("%v/logout", beego.AppConfig.String("sso_domain")))
  50. } else if this.Ctx.Request.Method == "POST" {
  51. this.DelSession("admin_user_info")
  52. }
  53. }
  54. // /handle_error [get]
  55. // @param code:int
  56. func (this *VerifyUserLoginController) HandleError() {
  57. code, _ := this.GetInt("code")
  58. if code == enums.ErrorCodeNeverCreateTypeApp {
  59. ssoDomain := beego.AppConfig.String("sso_domain")
  60. createAppURL := fmt.Sprintf("%v/org/app/create", ssoDomain)
  61. this.Redirect302(createAppURL)
  62. } else if code == enums.ErrorCodeContactSuperAdminCreateTypeApp {
  63. ssoDomain := beego.AppConfig.String("sso_domain")
  64. hitURL := fmt.Sprintf("%v/create_app_hint", ssoDomain)
  65. this.Redirect302(hitURL)
  66. } else {
  67. this.Abort404()
  68. }
  69. }
  70. type VerifyUserLoginAPIController struct {
  71. BaseAPIController
  72. }
  73. // /api/token/verify [post]
  74. // @param token:string
  75. func (this *VerifyUserLoginAPIController) VerifyToken() {
  76. if this.Ctx.Request.Method == "OPTIONS" {
  77. this.Abort("200")
  78. } else {
  79. token := this.GetString("token")
  80. if len(token) == 0 {
  81. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong)
  82. return
  83. }
  84. ip := utils.GetIP(this.Ctx.Request)
  85. sessionID := this.Ctx.GetCookie("s")
  86. adminUserInfo, err, errCode := service.VerifyToken(token, ip, sessionID)
  87. if err != nil {
  88. if errCode == 903 { // 未创建应用
  89. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeNeverCreateTypeApp)
  90. } else if errCode == 904 { // 联系超管来开通
  91. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeContactSuperAdminCreateTypeApp)
  92. } else {
  93. utils.ErrorLog("令牌验证失败:%v", err)
  94. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeInvalidToken)
  95. }
  96. return
  97. } else {
  98. adminUser := adminUserInfo.AdminUser
  99. appRole := adminUserInfo.AppRoles[adminUserInfo.CurrentAppId]
  100. userInfo := map[string]interface{}{
  101. "id": adminUser.Id,
  102. "mobile": adminUser.Mobile,
  103. "user_name": appRole.UserName,
  104. "avatar": appRole.Avatar,
  105. "intro": appRole.Intro,
  106. "user_type": appRole.UserType,
  107. "user_title": appRole.UserTitle,
  108. }
  109. curOrg := adminUserInfo.Orgs[adminUserInfo.CurrentOrgId]
  110. org := map[string]interface{}{
  111. "id": curOrg.Id,
  112. "org_name": curOrg.OrgName,
  113. "org_short_name": curOrg.OrgShortName,
  114. "org_intro": curOrg.OrgIntroduction,
  115. "org_logo": curOrg.OrgLogo,
  116. "province": curOrg.Province,
  117. "city": curOrg.City,
  118. "district": curOrg.District,
  119. "address": curOrg.Address,
  120. }
  121. var didRegistedForSCRM bool = false
  122. var didRegistedForCDM bool = false
  123. var didRegistedForMall bool = false
  124. tempInfo, _ := service.GetOrgInfoTemplate(curOrg.Id)
  125. template_info := map[string]interface{}{
  126. "id": tempInfo.ID,
  127. "org_id": tempInfo.OrgId,
  128. "template_id": tempInfo.TemplateId,
  129. }
  130. var FiledList []*models.FiledConfig
  131. FiledList, _ = service.FindFiledByOrgId(curOrg.Id)
  132. if len(FiledList) == 0 {
  133. err := service.BatchInsertFiledConfig(curOrg.Id)
  134. if err == nil {
  135. FiledList, _ = service.FindFiledByOrgId(curOrg.Id)
  136. } else {
  137. utils.ErrorLog("字段批量插入失败:%v", err)
  138. }
  139. }
  140. //产寻该机构是否有收缩压和舒张压
  141. pressure, err := service.GetDefaultSystolicPressure(curOrg.Id)
  142. fmt.Println(err)
  143. if len(pressure) == 0 {
  144. err = service.BathInsertQualityControlTwo(curOrg.Id)
  145. } else {
  146. utils.ErrorLog("字段批量插入失败:%v", err)
  147. }
  148. major, err := service.GetInspectionMajor(curOrg.Id)
  149. if len(major) == 0 {
  150. QualityeList, err := service.FindQualityByOrgId(curOrg.Id)
  151. if len(QualityeList) == 0 {
  152. err = service.BatchInsertQualityControl(curOrg.Id)
  153. } else {
  154. utils.ErrorLog("字段批量插入失败:%v", err)
  155. }
  156. InspectionList, err := service.FindeInspectionByOrgId(curOrg.Id)
  157. if len(InspectionList) == 0 {
  158. err = service.BatchInspectionConfiguration(curOrg.Id)
  159. } else {
  160. utils.ErrorLog("字段批量插入失败:%v", err)
  161. }
  162. } else {
  163. utils.ErrorLog("字段批量插入失败:%v", err)
  164. }
  165. //查询该机构是否存在医护排班
  166. _, errcode := service.GetDoctorScheduleByOrgId(curOrg.Id)
  167. fmt.Println("errcode2------------------", errcode)
  168. //如果没有就插入
  169. if errcode == gorm.ErrRecordNotFound {
  170. err = service.BatchInsertDoctorSchedule(curOrg.Id)
  171. } else {
  172. utils.ErrorLog("医护排班默认数据插入失败:%v", err)
  173. }
  174. //产询该机构是否连续排班的状态值
  175. _, errcodes := service.GetContinueScheduleByOrgId(curOrg.Id)
  176. if errcodes == gorm.ErrRecordNotFound {
  177. schedule := models.ContinueSchedule{
  178. IsStatus: 1,
  179. UserOrgId: curOrg.Id,
  180. Status: 1,
  181. Ctime: time.Now().Unix(),
  182. }
  183. err := service.CreateContinueSchedule(&schedule)
  184. if err == nil {
  185. utils.ErrorLog("创建连续排班值成功:%v", err)
  186. }
  187. } else {
  188. utils.ErrorLog("连续排班已存在数据:%v", err)
  189. }
  190. var pruviews []*models.Purview
  191. var curAppUrlfors []string
  192. if len(curAppUrlfors) == 0 {
  193. if adminUser.Id == curOrg.Creator { //超级管理员
  194. urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(3)
  195. urlforss, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(8)
  196. urlfors = append(urlfors, urlforss...)
  197. didRegistedForSCRM = true
  198. didRegistedForCDM = true
  199. didRegistedForMall = true
  200. //urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(4)
  201. //urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(5)
  202. //urlfors, _, _ := service.GetSuperAdminUsersPurviewTreeAndUrlfors(6)
  203. curAppUrlfors = urlfors
  204. } else {
  205. appRole, _ := service.FindAdminUserIDA(appRole.Id)
  206. if appRole.Id > 0 && len(appRole.RoleIds) > 0 {
  207. role_arr := strings.Split(appRole.RoleIds, ",")
  208. var ids string
  209. for _, role_id := range role_arr {
  210. id, _ := strconv.ParseInt(role_id, 10, 64)
  211. role, _ := service.GetRoleByRoleID(id)
  212. var system_ids = ""
  213. if role.RoleName == "子管理员" && role.IsSystem > 0 {
  214. purviews, _ := service.GetAllSystemPurview()
  215. for _, purview := range purviews {
  216. if len(system_ids) == 0 {
  217. system_ids = strconv.FormatInt(purview.Id, 10)
  218. } else {
  219. system_ids = system_ids + "," + strconv.FormatInt(purview.Id, 10)
  220. }
  221. }
  222. }
  223. purview_ids, _ := service.GetRolePurviewIds(id)
  224. if len(ids) == 0 {
  225. ids = purview_ids
  226. } else {
  227. if len(purview_ids) > 0 {
  228. ids = ids + "," + purview_ids
  229. }
  230. }
  231. if len(system_ids) > 0 {
  232. ids = ids + "," + system_ids
  233. }
  234. }
  235. if len(ids) != 0 {
  236. pruviews, _ = service.GetPurviewById(CompressStr(ids))
  237. for _, item := range pruviews {
  238. if item.Module == 3 && item.Parentid > 0 {
  239. fmt.Println(item.Urlfor)
  240. curAppUrlfors = append(curAppUrlfors, item.Urlfor)
  241. }
  242. }
  243. } else {
  244. curAppUrlfors = append(curAppUrlfors, "")
  245. }
  246. } else {
  247. curAppUrlfors = append(curAppUrlfors, "")
  248. }
  249. }
  250. }
  251. curAppUrlfors = append(curAppUrlfors, "/home")
  252. for _, item := range pruviews {
  253. if item.Module == 6 {
  254. didRegistedForSCRM = true
  255. }
  256. if item.Module == 4 {
  257. didRegistedForCDM = true
  258. }
  259. if item.Module == 7 {
  260. didRegistedForMall = true
  261. }
  262. }
  263. if adminUser.Id == curOrg.Creator { //超级管理员
  264. didRegistedForSCRM = true
  265. didRegistedForCDM = true
  266. didRegistedForMall = true
  267. }
  268. subscibe, _ := service.GetOrgSubscibe(adminUserInfo.CurrentOrgId)
  269. this.SetSession("admin_user_info", adminUserInfo)
  270. this.ServeSuccessJSON(map[string]interface{}{
  271. "user": userInfo,
  272. "org": org,
  273. "urlfors": curAppUrlfors,
  274. "current_org_id": adminUserInfo.CurrentOrgId,
  275. "current_app_id": adminUserInfo.CurrentAppId,
  276. "subscibe": subscibe,
  277. "scrm_role_exist": didRegistedForSCRM,
  278. "cdm_role_exist": didRegistedForCDM,
  279. "mall_role_exist": didRegistedForMall,
  280. "template_info": template_info,
  281. "fileds": FiledList,
  282. })
  283. return
  284. }
  285. }
  286. }
  287. // /api/admin/edit_info [post]
  288. // @param avatar:string
  289. // @param name:string
  290. // @param opwd?:string 没有原始密码的时候,认为不修改密码
  291. // @param npwd?:string
  292. func (this *VerifyUserLoginAPIController) EditAdminUserInfo() {
  293. adminUserInfo := this.GetAdminUserInfo()
  294. avatar := this.GetString("avatar")
  295. name := this.GetString("name")
  296. if len(name) == 0 {
  297. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeMissingUserName)
  298. return
  299. }
  300. // oldPwd := this.GetString("opwd")
  301. // newPwd := this.GetString("npwd")
  302. // modifyPwd := len(oldPwd) != 0
  303. // if modifyPwd {
  304. // if len(newPwd) == 0 {
  305. // this.Data["json"] = enums.MakeFailResponseJSONWithSGJErrorCode(enums.ErrorCodePasswordEmpty)
  306. // this.ServeJSON()
  307. // return
  308. // }
  309. // pwdRight, err := service.IsPasswordRight(adminUserInfo.AdminUser.Id, oldPwd)
  310. // if err != nil {
  311. // utils.ErrorLog("判断旧密码是否错误失败:%v", err)
  312. // this.Data["json"] = enums.MakeFailResponseJSONWithSGJErrorCode(enums.ErrorCodeDataException)
  313. // this.ServeJSON()
  314. // return
  315. // }
  316. // if !pwdRight {
  317. // this.Data["json"] = enums.MakeFailResponseJSONWithSGJErrorCode(enums.ErrorCodeOldPasswordWrong)
  318. // this.ServeJSON()
  319. // return
  320. // }
  321. // } else {
  322. // newPwd = ""
  323. // }
  324. modifyErr := service.ModifyAdminUserInfo(adminUserInfo.AdminUser.Id, adminUserInfo.CurrentOrgId, adminUserInfo.CurrentAppId, name, avatar, "")
  325. if modifyErr != nil {
  326. this.ErrorLog("修改个人信息失败:%v", modifyErr)
  327. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDBUpdate)
  328. } else {
  329. appRole := adminUserInfo.AppRoles[adminUserInfo.CurrentAppId]
  330. appRole.UserName = name
  331. appRole.Avatar = avatar
  332. this.ServeSuccessJSON(nil)
  333. }
  334. }
  335. type PersonAPIController struct {
  336. BaseAuthAPIController
  337. }
  338. // /api/password/code [post]
  339. func (this *PersonAPIController) CodeOfModifyPwd() {
  340. adminUserInfo := this.GetAdminUserInfo()
  341. mobile := adminUserInfo.AdminUser.Mobile
  342. if err := service.SMSSendVerificationCode(mobile); err != nil {
  343. utils.ErrorLog("修改密码发送验证码失败:%v", err)
  344. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
  345. return
  346. } else {
  347. this.ServeSuccessJSON(map[string]interface{}{
  348. "msg": "短信发送成功,有效期为10分钟",
  349. })
  350. }
  351. }
  352. // /api/password/modify [post]
  353. // @param password:string
  354. // @param code:string
  355. func (this *PersonAPIController) ModifyPwd() {
  356. new_pwd := this.GetString("password")
  357. code := this.GetString("code")
  358. if len(new_pwd) == 0 || len(code) == 0 {
  359. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeParamWrong)
  360. return
  361. }
  362. adminUserInfo := this.GetAdminUserInfo()
  363. mobile := adminUserInfo.AdminUser.Mobile
  364. redisClient := service.RedisClient()
  365. defer redisClient.Close()
  366. cachedCode, err := redisClient.Get("xt_modify_pwd_" + mobile).Result()
  367. if err != nil {
  368. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAccountOrVerCodeWrong)
  369. return
  370. }
  371. if code != cachedCode {
  372. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeAccountOrVerCodeWrong)
  373. return
  374. }
  375. if modifyErr := service.ModifyPassword(adminUserInfo.AdminUser.Id, new_pwd); modifyErr != nil {
  376. this.ErrorLog("修改密码失败:%v", modifyErr)
  377. this.ServeFailJSONWithSGJErrorCode(enums.ErrorCodeDataException)
  378. return
  379. }
  380. // 清除验证码
  381. redisClient.Del("xt_modify_pwd_" + mobile)
  382. this.ServeSuccessJSON(map[string]interface{}{
  383. "msg": "密码已修改",
  384. })
  385. }
  386. func CompressStr(str string) string {
  387. if str == "" {
  388. return ""
  389. }
  390. //匹配一个或多个空白符的正则表达式
  391. reg := regexp.MustCompile("\\s+")
  392. return reg.ReplaceAllString(str, "")
  393. }