wlyy2.0/src/main/java/com/yihu/wlyy/web/common/account/LoginController.java

package com.yihu.wlyy.web.common.account;

import com.yihu.wlyy.entity.doctor.profile.Doctor;
import com.yihu.wlyy.entity.patient.Patient;
import com.yihu.wlyy.entity.security.Token;
import com.yihu.wlyy.repository.security.TokenDao;
import com.yihu.wlyy.service.common.SMSService;
import com.yihu.wlyy.service.common.account.DoctorService;
import com.yihu.wlyy.service.common.account.PatientService;
import com.yihu.wlyy.service.common.account.RoleService;
import com.yihu.wlyy.service.common.account.TokenService;
import com.yihu.wlyy.util.DateUtil;
import com.yihu.wlyy.util.RSAUtils;
import com.yihu.wlyy.util.SystemData;
import com.yihu.wlyy.web.BaseController;
import io.swagger.annotations.Api;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONObject;
import org.patchca.color.SingleColorFactory;
import org.patchca.filter.predefined.*;
import org.patchca.service.ConfigurableCaptchaService;
import org.patchca.utils.encoder.EncoderHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.*;
import java.io.IOException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.*;
import java.util.List;

//import io.swagger.annotations.Api;

/**
 * @author calvin
 */
@Controller
@RequestMapping(value = "/login")
@Api(description = "患者、医生及管理员登录")
public class LoginController extends BaseController {

    @Autowired
    private DoctorService doctorService;

    @Autowired
    private PatientService patientService;

    @Autowired
    private TokenService tokenService;

    @Autowired
    private SMSService smsService;

    @Autowired
    public TokenDao tokenDao;

    @Autowired
    private RoleService roleService;

    /**
     * 公钥生成并返回接口
     *
     * @return
     */
    @RequestMapping(value = "public_key")
    @ResponseBody
    public String publicKey() {
        try {
            String modulus = RSAUtils.getInstance(smsService).getModulus();
            String exponent = RSAUtils.getInstance(smsService).getExponent();
            if (StringUtils.isEmpty(modulus) || StringUtils.isEmpty(exponent)) {
                return error(-1, "公钥获取失败！");
            } else {
                JSONObject json = new JSONObject();
                json.put("modulus", modulus);
                json.put("exponent", exponent);
                return write(200, "公钥获取成功！", "data", json);
            }
        } catch (Exception e) {
            return error(-1, "公钥获取失败！");
        }
    }

    // @RequestMapping(value = "testPush")
    // @ResponseBody
    // public String testPush(String receiver, String type, String title, String msg, String data) throws JSONException, InterruptedException {
    // PushMsgTask.getInstance().put(receiver, type, title, msg, data);
    // return "OK";
    // }
    //
    // @RequestMapping(value = "test_public_key")
    // @ResponseBody
    // public String testPublicKey(String str) {
    // try {
    // String modulus = RSAUtils.getInstance(smsService).getModulus();
    // String exponent = RSAUtils.getInstance(smsService).getExponent();
    //
    // String temp = RSAUtils.getInstance(smsService).decryptStringByJs(str);
    // System.out.println(temp);
    // temp = URLDecoder.decode(temp, "UTF-8");
    // System.out.println(temp);
    //
    // if (StringUtils.isEmpty(modulus) || StringUtils.isEmpty(exponent)) {
    // return error(-1, "公钥获取失败！");
    // } else {
    // JSONObject json = new JSONObject();
    // json.put("modulus", modulus);
    // json.put("exponent", exponent);
    // return write(200, "公钥获取成功！", "data", json);
    // }
    // } catch (Exception e) {
    // return error(-1, "公钥获取失败！");
    // }
    // }

    /**
     * 医生登录接口
     *
     * @param mobile  手机号
     * @param captcha 短信验证码
     * @return
     */
    @RequestMapping(value = "doctor")
    @ResponseBody
    public String doctor(String mobile, String captcha) {
        try {
            if (StringUtils.isEmpty(getIMEI())) {
                return error(-1, "获取手机IMEI码失败！");
            }
            // 对验证码进行校验
            int res = smsService.check(mobile, 5, captcha);
            switch (res) {
                case -2:
                    return error(-1, "验证码已过期！");
                case -1:
                    return error(-1, "请输入正确的验证码！");
                case 0:
                    return error(-1, "验证码无效！");
            }
            Doctor doctor = doctorService.findDoctorByMobile(mobile);
            if (doctor == null) {
                return error(-1, "该手机号未注册，请确认！");
            } else {
                // 用户校验通过，生成token
                Token token = tokenService.newToken(doctor.getCode(), getIMEI(), 2);
                Map<String, Object> map = new HashMap<>();
                map.put("id", doctor.getId());
                map.put("uid", doctor.getCode());
                map.put("token", token.getToken());
                map.put("name", doctor.getName());
                map.put("hospital", doctor.getHospital());
                map.put("photo", doctor.getPhoto());
                // 设置医生类型：1专科医生，2全科医生，3健康管理师
                map.put("doctorType", doctor.getLevel());
                //获取医生角色和区域权限
                List<Map<String, String>> roleMap = roleService.getUserRoleAndArea(doctor.getCode());
                map.put("userRole", roleMap);
                if("10".equals(doctor.getLevel())&&roleMap.size()==0){
                    return error(-1, "改用户没有管理员权限");
                }
                return write(200, "登录成功", "data", map);
            }
        } catch (Exception e) {
            error(e);
            return error(-1, "系统异常，登录失败");
        }
    }

    /**
     * 患者登录接口
     *
     * @param mobile  手机号
     * @param captcha 短信验证码
     * @return
     */
    @RequestMapping(value = "patient")
    @ResponseBody
    public String patient(String mobile, String captcha) {
        try {
            if (StringUtils.isEmpty(getIMEI())) {
                return error(-1, "获取手机IMEI码失败！");
            }
            // 对验证码进行校验
            int res = smsService.check(mobile, 4, captcha);
            switch (res) {
                case -2:
                    return error(-1, "验证码已过期！");
                case -1:
                    return error(-1, "请输入正确的验证码！");
                case 0:
                    return error(-1, "验证码无效！");
            }
            // password = RSAUtils.getInstance(doctorService).decryptString(password);
            // password = URLDecoder.decode(password, "UTF-8");
            // password = StringUtils.reverse(password);
            // idcard = RSAUtils.getInstance(doctorService).decryptString(idcard);
            // idcard = URLDecoder.decode(idcard, "UTF-8");
            // idcard = StringUtils.reverse(idcard);
            Patient patient = patientService.findByMobile(mobile);
            if (patient == null) {
                return error(-1, "该手机号暂未注册帐号，请确认后重新输入！");
            } else if (patient.getStatus() == 0) {
                return error(-1, "该手机号已被禁止使用！");
            } else if (patient.getStatus() == 2) {
                return error(-1, "该帐号正在审核中，请确认审核通过后再登录，“如有疑问，拨打400-6677-400转2人工客服”");
            } else {
                // 用户校验通过，生成token
                Token token = tokenService.newToken(patient.getCode(), getIMEI(), 1);
                Map<Object, Object> map = new HashMap<Object, Object>();
                map.put("id", patient.getId());
                map.put("uid", patient.getCode());
                map.put("name", URLEncoder.encode(patient.getName(), "UTF-8"));
                map.put("token", token.getToken());
                map.put("photo", patient.getPhoto());
                return write(200, "登录成功", "data", map);
            }
        } catch (Exception e) {
            error(e);
            return error(-1, "系统异常，登录失败");
        }
    }

    /**
     * 忘记密码
     *
     * @param type    1患者端，2医生端
     * @param idcard  患者身份证号
     * @param mobile  手机号
     * @param captcha 手机验证码
     * @param newpwd  新密码
     * @return
     */
    @RequestMapping(value = "forgetpwd")
    @ResponseBody
    public String forgetpwd(int type, @RequestParam(required = false) String idcard, String mobile, String captchaToken, String captcha, String newpwd) {
        try {
            String ct = request.getSession().getAttribute("captchaToken").toString();
            if (StringUtils.isEmpty(captchaToken)) {
                return error(-1, "图形验证码不允许为空！");
            }
            if (!StringUtils.equalsIgnoreCase(captchaToken, ct)) {
                return error(-1, "图形验证码错误！");
            }
            idcard = RSAUtils.getInstance(doctorService).decryptString(idcard);
            idcard = URLDecoder.decode(idcard, "UTF-8");
            idcard = StringUtils.reverse(idcard);
            newpwd = RSAUtils.getInstance(doctorService).decryptString(newpwd);
            newpwd = URLDecoder.decode(newpwd, "UTF-8");
            newpwd = StringUtils.reverse(newpwd);
            // 对验证码进行校验
            int res = smsService.check(mobile, type, captcha);
            switch (res) {
                case -2:
                    return error(-1, "验证码已过期！");
                case -1:
                    return error(-1, "验证码错误！");
                case 0:
                    return error(-1, "验证码无效！");
            }
            if (type == 2) {
                // 医生端
                Doctor doctor = doctorService.findDoctorByMobile(mobile);
                if (doctor == null) {
                    return error(-1, "操作失败：此用户未注册");
                } else {
                    doctor.setPassword(newpwd);
                    doctorService.updateDoctorPwd(doctor);
                    return success("操作成功！");
                }
            } else {
                // 患者端
                Patient patient = patientService.findByIdcard(idcard);
                if (patient == null) {
                    return error(-1, "操作失败：此用户未注册");
                } else {
                    patient.setPassword(newpwd);
                    patientService.updatePatientPwd(patient);
                    return success("操作成功！");
                }
            }
        } catch (Exception e) {
            error(e);
            return error(-1, "系统异常，操作失败");
        }
    }

    /**
     * 退出登录
     *
     * @param type 1患者，2医生，3微信公众号
     * @return
     */
    @RequestMapping(value = "exit")
    @ResponseBody
    public String logout(int type) {
        try {
            tokenService.delToken(type, getUID());
            return success("已成功退出！");
        } catch (Exception e) {
            error(e);
            return invalidUserException(e, -1, "操作失败！");
        }
    }

    @RequestMapping(value = "/third/login")
    @ResponseBody
    public String thirdLogin(
            @RequestParam(value = "id") int id,
            @RequestParam(value = "uid") String uid,
            @RequestParam(value = "imei") String imei,
            @RequestParam(value = "token") String tokenStr,
            @RequestParam(value = "platform") int platform) {

        try {
            if (StringUtils.isEmpty(tokenStr) || StringUtils.isEmpty(imei) || StringUtils.isEmpty(uid)) {
                // response.getWriter().write(error(SystemConf.NOT_LOGIN, "请登录后再操作！"));
                return error(-1, "系统异常，操作失败");
            }

            Token token = SystemData.doctorTokens.get(uid);
            if (token == null) {
                token = tokenDao.findByToken(tokenStr);
                if (token != null) {
                    // 加入缓存
                    SystemData.doctorTokens.put(uid, token);
                }
            }
            if (token == null || token.getPlatform() != 2) {
                // 未登录

                return error(-1, "系统异常，操作失败");
            } else {
                if (token.getTimeout().getTime() < new Date().getTime()) {
                    // 登录超时

                    return error(-1, "系统异常，操作失败");
                } else if (!StringUtils.equals(uid, token.getUser()) || !StringUtils.equals(imei, token.getImei())) {
                    // 别处登录

                    return error(-1, "系统异常，操作失败");
                } else {
                    // 一天只更新一次
                    if (DateUtil.getDays(token.getCzrq(), DateUtil.getNowDateShort()) != 0) {
                        // 今天未更新，则更新缓存
                        token.setCzrq(new Date());
                        // 更新内存
                        SystemData.doctorTokens.put(uid, token);
                        // 更新数据库
                        tokenDao.save(token);
                    }
                }
            }
            return success("登陆成功");
        } catch (Exception ex) {
            error(ex);
            return error(-1, "系统异常，操作失败");
        }
    }

    // public String getLoginInfo()
    // {
    // try{
    // Token token = SystemData.doctorTokens.get(tokenStr);
    // return "";
    // }
    // catch(Exception ex)
    // {
    // error(ex);
    // return error(-1, "系统异常，操作失败");
    // }
    // }

    /**
     * 验证码地址
     *
     * @param request
     * @param response
     * @throws IOException
     */
    @RequestMapping("pcrimg")
    public void crimg(HttpServletRequest request, HttpServletResponse response) throws IOException {
        ConfigurableCaptchaService cs = new ConfigurableCaptchaService();
        cs.setColorFactory(new SingleColorFactory(new Color(25, 60, 170)));
        Random random = new Random();
        switch (random.nextInt(5)) {
            case 0:
                cs.setFilterFactory(new CurvesRippleFilterFactory(cs.getColorFactory()));
                break;
            case 1:
                cs.setFilterFactory(new MarbleRippleFilterFactory());
                break;
            case 2:
                cs.setFilterFactory(new DoubleRippleFilterFactory());
                break;
            case 3:
                cs.setFilterFactory(new WobbleRippleFilterFactory());
                break;
            case 4:
                cs.setFilterFactory(new DiffuseRippleFilterFactory());
                break;
        }
        HttpSession session = request.getSession(false);
        if (session == null) {
            session = request.getSession();
        }
        setResponseHeaders(response);
        String token = EncoderHelper.getChallangeAndWriteImage(cs, "png", response.getOutputStream());
        session.setAttribute("captchaToken", token);
    }

    protected void setResponseHeaders(HttpServletResponse response) {
        response.setContentType("image/png");
        response.setHeader("Cache-Control", "no-cache, no-store");
        response.setHeader("Pragma", "no-cache");
        long time = System.currentTimeMillis();
        response.setDateHeader("Last-Modified", time);
        response.setDateHeader("Date", time);
        response.setDateHeader("Expires", time);
    }

    // @RequestMapping(value = "test_sms")
    // @ResponseBody
    // public String testSms() {
    // try {
    // JSONObject params = new JSONObject();
    // params.put("SpCode", SystemConf.SMS_SP_CODE);
    // params.put("LoginName", SystemConf.SMS_LOGIN_NAME);
    // params.put("Password", SystemConf.SMS_PASSWORD);
    // params.put("MessageContent", "您的找回密码验证码为：123456");
    // params.put("UserNumber", "18559687019");
    // params.put("SerialNumber", "");
    // params.put("ScheduleTime", "");
    // params.put("f", 1);
    // String result = HttpClientUtil.post(SystemConf.SMS_URL, SMSService.buildSmsParams("您的找回密码验证码为：123456", "18559687019"), "GBK");
    // JSONObject json = SMSService.toJson(result);
    // System.out.println(json.toString());
    // System.out.println(json.getInt("result"));
    // if (json.getInt("result") != 0) {
    // return error(-1, "短信发送失败！");
    // }
    // return success("短信发送成功！");
    // } catch (Exception e) {
    // error(e);
    // return error(-1, "短信发送失败！");
    // }
    // }

}