登陆时 如果用过不在boss用户表里 则登陆量星球，默认登陆量星球成功 即可使用boss系统

src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/ApiAuthService.java

+package cn.quantgroup.cashloanflowboss.api.login.auth;
+
+
+import cn.quantgroup.cashloanflowboss.api.login.auth.model.LoginUser;
+import cn.quantgroup.cashloanflowboss.spi.model.JsonResult;
+
+/**
+ * @author Jie.Feng
+ * @date 2017/12/22
+ */
+public interface ApiAuthService {
+    /**
+     * 查询系统用户
+     *
+     * @param token
+     * @param systemName
+     */
+    JsonResult<LoginUser> findUser(String token, String... systemName);
+
+    /**
+     * 本机测试自动登录;
+     *
+     * @param user
+     * @param password
+     * @param sessionKey
+     * @return
+     */
+    JsonResult<LoginUser> autoLogin(String user, String password, String sessionKey);
+
+    /**
+     * 查询系统用户
+     *
+     * @param token
+     * @return
+     */
+    JsonResult<LoginUser> findUser(String token);
+}

src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/ApiAuthServiceImpl.java

+package cn.quantgroup.cashloanflowboss.api.login.auth;
+
+import cn.quantgroup.cashloanflowboss.api.login.auth.model.LoginUser;
+import cn.quantgroup.cashloanflowboss.core.base.ServiceResult;
+import cn.quantgroup.cashloanflowboss.spi.model.JsonResult;
+import cn.quantgroup.cashloanflowboss.spi.util.HttpService;
+import com.alibaba.fastjson.JSONArray;
+import com.alibaba.fastjson.JSONObject;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.ValueOperations;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
+import org.springframework.util.Assert;
+import org.springframework.web.client.HttpClientErrorException;
+
+import javax.annotation.Resource;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Objects;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * @author Jie.Feng
+ * @date 2017/12/22
+ */
+@Slf4j
+@Service
+public class ApiAuthServiceImpl implements ApiAuthService {
+
+    private final static String REDIS_KEY_PREFIX = "login:user:";
+    /**
+     * 系统标识;
+     * 新运营系统;
+     */
+    private final static String YY_SYSTEM_NAME = "XYYXT";
+
+    /**
+     * 成功返回的code
+     */
+    private final static String RSP_SUCCESS = "0000";
+
+    @Resource(name = "redisTemplate")
+    private ValueOperations<String, LoginUser> operations;
+
+    @Autowired
+    private HttpService httpService;
+
+    @Value("${system.auth.host}")
+    private String authHost;
+
+    static Map<String, String> headers = new HashMap<>(1);
+
+    static {
+        headers.put("Content-Type", "application/x-www-form-urlencoded");
+    }
+
+    /**
+     * 查询系统用户; 权限是 XYYXT  + ZJYYXT
+     *
+     * @param token
+     * @return
+     */
+    @Override
+    public JsonResult<LoginUser> findUser(String token) {
+        return findUser(token, YY_SYSTEM_NAME);
+    }
+
+    @Override
+    public JsonResult<LoginUser> findUser(String token, String... systemName) {
+        Assert.notNull(token, "token is null!!");
+        Assert.notEmpty(systemName, "systemName is empty!!");
+        LoginUser user = operations.get(REDIS_KEY_PREFIX.concat(token));
+        if (user != null) {
+            return JsonResult.buildSuccess("登陆成功", user);
+        } else {
+            Map<String, String> param = new HashMap<>(4);
+            param.put("token", token);
+            param.put("x-requested-with", "XMLHttpRequest");
+            String rsp;
+            try {
+                rsp = httpService.post(authHost.concat("/user/info"), headers, param);
+            } catch (HttpClientErrorException e) {
+                log.error("鉴权失败,请重新登录: token={}; ", token, e);
+                if (e.getStatusCode() == HttpStatus.UNAUTHORIZED) {
+                    return JsonResult.buildError("登录失效,请重新登录");
+                }
+                return JsonResult.buildError("内部错误，请求异常");
+            }
+            return getLoginUser(token, rsp, systemName);
+        }
+    }
+
+    private JsonResult<LoginUser> getLoginUser(String token, String rsp, String... systemName) {
+        LoginUser user = operations.get(REDIS_KEY_PREFIX.concat(token));
+        if (user != null) {
+            return JsonResult.buildSuccess("success", user);
+        } else {
+            JSONObject json = JSONObject.parseObject(rsp);
+            String code = json.getString("code");
+            if (StringUtils.equals(code, RSP_SUCCESS)) {
+                //成功获取到用户
+                JSONObject data = json.getJSONObject("data");
+                if (data == null) {
+                    return JsonResult.buildError("用户不存在");
+                }
+                user = new LoginUser(data.getString("name"), data.getString("phone"),
+                        data.getString("user"), token);
+                JSONObject privilege = data.getJSONObject("privilege");
+                if (privilege == null) {
+                    log.info("无效的用户,用户不存在权限,token: {},username={}", token, user.getName());
+                    return JsonResult.buildError("无效的用户");
+                }
+                //获取系统权限
+                for (String n : systemName) {
+                    JSONObject systemPrivilege = privilege.getJSONObject(n);
+                    if (systemPrivilege == null) {
+                        continue;
+                    }
+                    JSONArray roles = systemPrivilege.getJSONArray("roles");
+                    if (roles == null || roles.isEmpty()) {
+                        continue;
+                    }
+                    for (Object role : roles) {
+                        //role
+                        String r = Objects.toString(role, null);
+                        user.addRole(n, r);
+                    }
+                }
+                operations.set(REDIS_KEY_PREFIX.concat(token), user, 1, TimeUnit.HOURS);
+            } else {
+                log.info("无效token: {}", token);
+                return JsonResult.buildError(json.getString("msg"));
+            }
+            return JsonResult.buildSuccess("success", user);
+        }
+    }
+
+    @Override
+    public JsonResult<LoginUser> autoLogin(String user, String password, String sessionKey) {
+        Map<String, String> params = new HashMap<>(4);
+        params.put("user", user);
+        params.put("password", password);
+        String rsp = httpService.get(authHost.concat("/user/login"), headers, params);
+        JSONObject jsonObject = JSONObject.parseObject(rsp);
+        String code = jsonObject.getString("code");
+        if ("0000".equals(code)) {
+            JSONObject data = JSONObject.parseObject(jsonObject.getString("data"));
+            if (data == null) {
+                return JsonResult.buildError("用户不存在");
+            }
+            String token = data.getString("token");
+            JsonResult<LoginUser> result = findUser(token, YY_SYSTEM_NAME);
+            if (result.isSuccess() && result.getData() != null)
+                operations.set(REDIS_KEY_PREFIX.concat(sessionKey), result.getData());
+            log.info("成功初始化用户信息 token {}", token);
+            return JsonResult.buildSuccess("success", result.getData());
+        }
+        return JsonResult.buildError(jsonObject.getString("msg"));
+    }
+}
+

src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/model/LoginUser.java

+package cn.quantgroup.cashloanflowboss.api.login.auth.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.io.Serializable;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * api 授权用户信息
+ *
+ * @author Jie.Feng
+ * @date 2017/12/22
+ */
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+public class LoginUser implements Serializable {
+    private static final long serialVersionUID = -2770987776683983348L;
+
+
+    private String name;
+    private String phone;
+    private String user;
+    private String token;
+    /**
+     * 一个用户在某个系统中可能有多个权限
+     * 系统名称_角色
+     */
+    private List<String> roles = new ArrayList<>();
+
+
+    public LoginUser(String name, String phone, String user, String token) {
+        this.name = name;
+        this.phone = phone;
+        this.user = user;
+        this.token = token;
+    }
+
+
+    public void addRole(String systemName, String role) {
+        String permission = systemName + "_" + role;
+        if (!this.roles.contains(permission)) {
+            this.roles.add(permission);
+        }
+    }
+
+}

src/main/java/cn/quantgroup/cashloanflowboss/api/login/auth/model/LxqSystemAuthInfo.java

+package cn.quantgroup.cashloanflowboss.api.login.auth.model;
+
+import lombok.Data;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.util.CollectionUtils;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @description: 量星球系统权限缩影
+ * @author:tao
+ * @create: 2020-07-22 11:29
+ */
+@Data
+public class LxqSystemAuthInfo {
+    /**
+     * 一个用户在某个系统中可能有多个权限
+     * key: systemName
+     * value:roles
+     */
+    private Map<String, List<String>> roles = new HashMap<>();
+
+    /**
+     * 构建
+     *
+     * @param systemName
+     * @param role
+     * @return
+     */
+    public LxqSystemAuthInfo build(String systemName, String... role) {
+        List<String> existRoles = roles.get(systemName);
+        if (CollectionUtils.isEmpty(existRoles)) {
+            roles.put(systemName, Arrays.asList(role));
+        }
+        return this;
+    }
+
+    /**
+     * 传入系统名称 和 角色名称 是否包含在权限里
+     * 需要判断的原因是 同一个系统
+     *
+     * @param systemName
+     * @param role
+     * @return
+     */
+    public boolean isContains(String systemName, String role) {
+        if (StringUtils.isAnyBlank(systemName, role)) {
+            return false;
+        }
+
+        for (Map.Entry<String, List<String>> entry : roles.entrySet()) {
+            if (entry.getKey().equals(systemName)) {
+                return entry.getValue().contains(role);
+            }
+        }
+        return false;
+    }
+
+
+}

src/main/java/cn/quantgroup/cashloanflowboss/api/login/controller/LogController.java

@@ -26,6 +26,7 @@ public class LogController {
     @Autowired
     private LoginService loginService;
 
+
     /**
      * 登入
      *

src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/LoginServiceImpl.java

 package cn.quantgroup.cashloanflowboss.api.login.service;
 
+import cn.quantgroup.cashloanflowboss.api.login.auth.ApiAuthService;
+import cn.quantgroup.cashloanflowboss.api.login.auth.model.LoginUser;
 import cn.quantgroup.cashloanflowboss.api.login.model.Principal;
+import cn.quantgroup.cashloanflowboss.api.role.entity.Role;
+import cn.quantgroup.cashloanflowboss.api.role.repository.RoleRepository;
+import cn.quantgroup.cashloanflowboss.api.user.dictionary.UserRank;
 import cn.quantgroup.cashloanflowboss.api.user.dictionary.UserStatus;
 import cn.quantgroup.cashloanflowboss.api.user.entity.User;
 import cn.quantgroup.cashloanflowboss.api.user.model.UserInfo;
 import cn.quantgroup.cashloanflowboss.api.user.service.UserService;
 import cn.quantgroup.cashloanflowboss.core.Application;
+import cn.quantgroup.cashloanflowboss.core.base.ServiceResult;
 import cn.quantgroup.cashloanflowboss.core.base.Tuple;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationDictionary;
 import cn.quantgroup.cashloanflowboss.core.dictionary.ApplicationStatus;
+import cn.quantgroup.cashloanflowboss.spi.model.JsonResult;
+import cn.quantgroup.cashloanflowboss.utils.IpUtil;
 import cn.quantgroup.cashloanflowboss.utils.MD5Tools;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.stereotype.Service;
 
 import javax.servlet.http.HttpServletRequest;
@@ -36,6 +45,15 @@ public class LoginServiceImpl implements LoginService {
     @Autowired
     private PrincipalService principalService;
 
+    @Autowired
+    private ApiAuthService apiAuthService;
+
+    @Autowired
+    private RoleRepository roleRepository;
+
+    @Autowired
+    private StringRedisTemplate redisTemplate;
+
     /**
      * 登入
      *
@@ -45,21 +63,38 @@ public class LoginServiceImpl implements LoginService {
      */
     @Override
     public Tuple<ApplicationStatus, String> login(String username, String password) {
+        String remoteIP = IpUtil.getRemoteIP(request);
+        Long increment = redisTemplate.opsForValue().increment("user:login:ip:" + remoteIP, 1);
+        if (increment > 1000) {
+            log.info("登陆失败，username={}, msg={}", username, "md有人在搞事情");
+            return new Tuple<>(ApplicationStatus.REENTRY_LOCK_EXCEPTION, "");
+        }
 
         User user = this.userService.getUser(username);
-
-        // 检查用户是否有效
         if (user == null) {
-            log.info("用户不存在username=" + username);
-            return new Tuple<>(ApplicationStatus.INVALID_USER, "");
+            // 如果没有user 查询量星球
+            JsonResult<LoginUser> result = apiAuthService.autoLogin(username + "@quantgroup.cn", password, "KA_MA");
+            if (!result.isSuccess() || result.getData() == null) {
+                log.info("登陆失败，username={}, msg={}", username, result.getMessage());
+                return new Tuple<>(ApplicationStatus.INVALID_USER, "");
+            } else {
+                LoginUser data = result.getData();
+                Role role = roleRepository.getByName("量化派操作员");
+                user = new User();
+                user.setId(-1L);
+                user.setUsername(username);
+                user.setNickname(data.getName());
+                user.setPassword(MD5Tools.md5(password));
+                user.setRank(UserRank.OPERATOR);
+                user.setRole(role);
+                user.setStatus(UserStatus.ENABLED);
+            }
         }
-
         // 检查用户是否被禁用
         if (UserStatus.DISABLED.equals(user.getStatus())) {
             log.info("用户已禁用username=" + username);
             return new Tuple<>(ApplicationStatus.DISABLED_USER, "");
         }
-
         // 检查密码是否正确
         final String passwordMd5 = MD5Tools.md5(password);
         if (!user.getPassword().equalsIgnoreCase(passwordMd5)) {
@@ -89,15 +124,12 @@ public class LoginServiceImpl implements LoginService {
         String token = StringUtils.isEmpty(bossToken) ? UUID.randomUUID().toString() : bossToken;
         principalService.pushPrincipal(token, principal);
 
-//        stringRedisTemplate.opsForValue().set(principal.getUserInfo().getUsername(), token, 3, TimeUnit.HOURS);
-//        session.setAttribute(ApplicationDictionary.PRINCIPAL, JSONTools.serialize(principal));
         // session登陆时间，毫秒值
         session.setAttribute(ApplicationDictionary.USER_SESSION_LOGIN_TIME, currentTimeMillis);
 
         // 保存用户最后登陆时间
         user.setLastLoginTime(new Date());
         userService.updateUser(user);
-//        log.info("登陆成功sessionId="+ session.getId());
         return new Tuple<>(ApplicationStatus.SUCCESS, token);
     }
 

src/main/java/cn/quantgroup/cashloanflowboss/api/login/service/PrincipalServiceImpl.java

@@ -36,7 +36,7 @@ public class PrincipalServiceImpl implements PrincipalService {
 
     @Override
     public void pushPrincipal(String token, Principal principal) {
-        loginOperations.set(token, principal, 3, TimeUnit.HOURS);
+        loginOperations.set(token, principal, 12, TimeUnit.HOURS);
     }
 
     @Override

src/main/java/cn/quantgroup/cashloanflowboss/api/user/service/UserServiceImpl.java

@@ -159,7 +159,11 @@ public class UserServiceImpl implements UserService {
      */
     @Override
     public User updateUser(User user) {
-        return this.userRepository.save(user);
+        if (user.getId() > 0) {
+            return this.userRepository.save(user);
+        } else {
+            return null;
+        }
     }
 
     /**