From 611b6415c9f45dcbb36d7429aa4c26472b5dc88e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E5=91=A8=E7=AB=9E=E7=94=B1?= <1193626695@qq.com> Date: Tue, 9 Dec 2025 16:05:11 +0800 Subject: [PATCH] =?UTF-8?q?token=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../campus/water/service/LoginService.java | 66 +++++++++++-------- 1 file changed, 40 insertions(+), 26 deletions(-) diff --git a/src/main/java/com/campus/water/service/LoginService.java b/src/main/java/com/campus/water/service/LoginService.java index 37fcdfc..0755d71 100644 --- a/src/main/java/com/campus/water/service/LoginService.java +++ b/src/main/java/com/campus/water/service/LoginService.java @@ -3,19 +3,19 @@ package com.campus.water.service; import com.campus.water.entity.Admin; import com.campus.water.entity.RepairerAuth; -import com.campus.water.entity.User; // 引入User实体类 +import com.campus.water.entity.User; import com.campus.water.entity.vo.LoginVO; import com.campus.water.mapper.AdminRepository; import com.campus.water.mapper.RepairerAuthRepository; import com.campus.water.mapper.UserRepository; import com.campus.water.entity.dto.request.LoginRequest; +import com.campus.water.security.RoleConstants; +import com.campus.water.security.JwtTokenProvider; import lombok.RequiredArgsConstructor; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import org.springframework.util.DigestUtils; -import java.util.UUID; - @Service @RequiredArgsConstructor public class LoginService { @@ -24,6 +24,7 @@ public class LoginService { private final UserRepository userRepository; private final RepairerAuthRepository repairerAuthRepository; private final PasswordEncoder passwordEncoder; + private final JwtTokenProvider jwtTokenProvider; public LoginVO login(LoginRequest loginRequest) { String username = loginRequest.getUsername(); @@ -39,43 +40,39 @@ public class LoginService { } private LoginVO handleAdminLogin(String username, String password) { - Admin admin = adminRepository.findByAdminName(username) - .orElseThrow(() -> new RuntimeException("管理员不存在")); - - boolean matches; - // 临时支持 MD5 验证(仅用于测试环境) - if (admin.getPassword().startsWith("$2a$") || admin.getPassword().startsWith("$2y$")) { - // BCrypt 格式密码 - matches = passwordEncoder.matches(password, admin.getPassword()); - } else { - // MD5 格式密码 - String md5Password = DigestUtils.md5DigestAsHex(password.getBytes()); - matches = md5Password.equals(admin.getPassword()); - } + Admin admin = adminRepository.findByAdminName(username) + .orElseThrow(() -> new RuntimeException("管理员不存在")); + + boolean matches; + // 临时支持 MD5 验证(仅用于测试环境) + if (admin.getPassword().startsWith("$2a$") || admin.getPassword().startsWith("$2y$")) { + // BCrypt 格式密码 + matches = passwordEncoder.matches(password, admin.getPassword()); + } else { + // MD5 格式密码 + String md5Password = DigestUtils.md5DigestAsHex(password.getBytes()); + matches = md5Password.equals(admin.getPassword()); + } - if (!matches) { - throw new RuntimeException("密码错误"); - } + if (!matches) { + throw new RuntimeException("密码错误"); + } - return createLoginVO(admin.getAdminId(), username, "admin"); -} + return createLoginVO(admin.getAdminId(), username, "admin"); + } private LoginVO handleUserLogin(String username, String password) { - // 改为查询User实体,使用studentName字段匹配用户名 User user = userRepository.findByStudentName(username) .orElseThrow(() -> new RuntimeException("用户不存在")); - // 验证密码(User的password字段与UserPO一致) if (!passwordEncoder.matches(password, user.getPassword())) { throw new RuntimeException("密码错误"); } - // 使用User的studentId作为用户ID return createLoginVO(user.getStudentId(), username, "user"); } private LoginVO handleRepairmanLogin(String username, String password) { - // 此处将RepairerAuthPO改为RepairerAuth RepairerAuth repairer = repairerAuthRepository.findByUsername(username) .orElseThrow(() -> new RuntimeException("维修人员不存在")); @@ -86,12 +83,29 @@ public class LoginService { return createLoginVO(repairer.getRepairmanId(), username, "repairman"); } + /** + * 生成包含JWT令牌和角色信息的登录响应 + * 角色映射: + * - admin -> ROLE_ADMIN + * - user -> ROLE_STUDENT + * - repairman -> ROLE_REPAIRMAN + */ private LoginVO createLoginVO(String userId, String username, String userType) { LoginVO vo = new LoginVO(); vo.setUserId(userId); vo.setUsername(username); vo.setUserType(userType); - vo.setToken(UUID.randomUUID().toString().replace("-", "")); + + // 根据用户类型获取对应的角色 + String role = switch (userType) { + case "admin" -> RoleConstants.ROLE_ADMIN; + case "user" -> RoleConstants.ROLE_STUDENT; + case "repairman" -> RoleConstants.ROLE_REPAIRMAN; + default -> throw new RuntimeException("不支持的用户类型:" + userType); + }; + + // 使用JWT生成包含角色信息的令牌 + vo.setToken(jwtTokenProvider.generateToken(username, role)); return vo; } } \ No newline at end of file -- 2.34.1