package com.izouma.nineth.web; import com.izouma.nineth.domain.User; import com.izouma.nineth.dto.PageQuery; import com.izouma.nineth.dto.UserDTO; import com.izouma.nineth.dto.UserRegister; import com.izouma.nineth.enums.AuthorityName; import com.izouma.nineth.exception.BusinessException; import com.izouma.nineth.repo.UserRepo; import com.izouma.nineth.security.Authority; import com.izouma.nineth.security.JwtTokenUtil; import com.izouma.nineth.security.JwtUserFactory; import com.izouma.nineth.service.FollowService; import com.izouma.nineth.service.UserService; import com.izouma.nineth.utils.ObjUtils; import com.izouma.nineth.utils.SecurityUtils; import com.izouma.nineth.utils.excel.ExcelUtils; import io.swagger.annotations.ApiOperation; import lombok.AllArgsConstructor; import org.springframework.data.domain.Page; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.Collections; import java.util.List; @AllArgsConstructor @RestController @RequestMapping("/user") public class UserController extends BaseController { private UserRepo userRepo; private UserService userService; private JwtTokenUtil jwtTokenUtil; private FollowService followService; @PostMapping("/register") public User register(@RequestParam String username, @RequestParam String password) { UserRegister user = UserRegister.builder() .username(username) .nickname(username) .password(new BCryptPasswordEncoder().encode(password)) .authorities(Collections.singleton(Authority.get(AuthorityName.ROLE_USER))) .build(); return userService.create(user); } @PreAuthorize("hasRole('ADMIN')") @PostMapping("/create") public User create(@RequestBody UserRegister userRegister) { return userService.create(userRegister); } @PostMapping("/save") public User save(@RequestBody User user) { if (user.getId() != null) { return userService.update(user); } return userRepo.save(user); } @GetMapping("/my") public User my() { return userRepo.findById(SecurityUtils.getAuthenticatedUser().getId()) .orElseThrow(new BusinessException("用户不存在")); } @GetMapping("/myAdmin") @PreAuthorize("hasRole('ADMIN')") public User myAdmin() { return userRepo.findById(SecurityUtils.getAuthenticatedUser().getId()) .orElseThrow(new BusinessException("用户不存在")); } // @PreAuthorize("hasRole('ADMIN')") @PostMapping("/all") public Page all(@RequestBody PageQuery pageQuery) { if (!SecurityUtils.hasRole(AuthorityName.ROLE_ADMIN)) { pageQuery.getQuery().put("hasRole", "ROLE_MINTER"); } return userService.toDTO(userService.all(pageQuery)); } // @PreAuthorize("hasRole('ADMIN')") @GetMapping("/get/{id}") public UserDTO get(@PathVariable Long id) { return userService.toDTO(userRepo.findById(id).orElseThrow(new BusinessException("无记录")), true); } @PreAuthorize("hasRole('ADMIN')") @PostMapping("/del/{id}") public void del(@PathVariable Long id) { userService.del(id); } @GetMapping("/excel") @ResponseBody public void excel(HttpServletResponse response, PageQuery pageQuery) throws IOException { List data = userService.all(pageQuery).getContent(); ExcelUtils.export(response, data); } @PostMapping("/getMaUserInfo") @ApiOperation(value = "获取小程序用户信息") public User getMaUserInfo(String sessionKey, String rawData, String signature, String encryptedData, String iv) { User user = userService.getMaUserInfo(sessionKey, rawData, signature, encryptedData, iv); if (user != null) { return user; } throw new BusinessException("获取用户信息失败"); } @PreAuthorize("hasRole('ADMIN')") @PostMapping("/setPasswordAdmin") public String setPasswordAdmin(@RequestParam Long userId, @RequestParam String password) { return userService.setPassword(userId, password); } @PostMapping("/changePassword") public String changePassword(@RequestParam String password, @RequestParam String code) { return userService.setPassword(SecurityUtils.getAuthenticatedUser().getId(), code, password); } @PostMapping("/forgotPassword") @ApiOperation("忘记密码") public String forgotPassword(@RequestParam String phone, @RequestParam String password, @RequestParam String code) { return userService.forgotPassword(phone, password, code); } @PreAuthorize("hasRole('ADMIN')") @GetMapping("/getToken/{userId}") public String getToken(@PathVariable Long userId) { return jwtTokenUtil.generateToken(JwtUserFactory.create(userRepo.findById(userId) .orElseThrow(new BusinessException("用户不存在")))); } @PostMapping("/bindPhone") public void bindPhone(@RequestParam String phone) { userService.bindPhone(SecurityUtils.getAuthenticatedUser().getId(), phone); } @GetMapping("/{id}/follow") public void follow(@PathVariable Long id) { followService.follow(SecurityUtils.getAuthenticatedUser().getId(), id); } @GetMapping("/{id}/unfollow") public void unfollow(@PathVariable Long id) { followService.unfollow(SecurityUtils.getAuthenticatedUser().getId(), id); } @GetMapping("/myFollows") @ApiOperation("我的关注") public List myFollows() { return userService.toDTO(userRepo.userFollows(SecurityUtils.getAuthenticatedUser().getId())); } @GetMapping("/myFollowers") @ApiOperation("关注我的") public List myFollowers() { return userService.toDTO(userRepo.userFollowers(SecurityUtils.getAuthenticatedUser().getId())); } @PostMapping("/setTradeCode") public void setTradeCode(@RequestParam String code, @RequestParam String tradeCode) { userService.setTradeCode(SecurityUtils.getAuthenticatedUser().getId(), code, tradeCode); } @PostMapping("/verifyTradeCode") public void verifyTradeCode(@RequestParam String tradeCode) { userService.verifyTradeCode(SecurityUtils.getAuthenticatedUser().getId(), tradeCode); } }