From db343353cc563c6c497c16fb6bc1ba121a7cf76c Mon Sep 17 00:00:00 2001 From: chenh <852066789@qq.com> Date: Wed, 14 Jan 2026 13:59:29 +0800 Subject: [PATCH] =?UTF-8?q?feat(sip)=EF=BC=9A=E6=8F=90=E4=BE=9B=E7=BB=99NE?= =?UTF-8?q?X=E7=9A=84=E6=8E=A5=E5=8F=A3=E8=B0=83=E8=AF=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../com/ruoyi/common/utils/ShiroUtils.java | 127 ++++++++++++++---- .../vue/OmsPurchaseOrderController.java | 4 +- .../impl/OmsPurchaseOrderServiceImpl.java | 8 +- 3 files changed, 109 insertions(+), 30 deletions(-) diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ShiroUtils.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ShiroUtils.java index 1c7ab4dd..1e205b75 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/ShiroUtils.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/ShiroUtils.java @@ -9,42 +9,104 @@ import org.apache.shiro.subject.SimplePrincipalCollection; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.utils.bean.BeanUtils; +import javax.servlet.http.HttpServletRequest; +import java.util.UUID; + /** * shiro 工具类 - * + * * @author ruoyi */ -public class ShiroUtils -{ - public static Subject getSubject() - { +public class ShiroUtils { + + public static final String NEX_API_KEY = "user_101_eaeff0d63a104271"; + public static Subject getSubject() { return SecurityUtils.getSubject(); } - public static Session getSession() - { + public static Session getSession() { return SecurityUtils.getSubject().getSession(); } - public static void logout() - { + public static void logout() { getSubject().logout(); } - public static SysUser getSysUser() - { + public static SysUser getSysUser() { + Subject subject = getSubject(); + + // 检查是否是API Key认证 + Object principal = subject.getPrincipal(); + if (principal instanceof SysUser) { + // 正常登录用户 + return (SysUser) principal; + } else if (principal == null) { + // 检查是否是API Key请求 + HttpServletRequest request = ServletUtils.getRequest(); + String apiKey = request.getHeader("X-API-Key"); + if (StringUtils.isNotEmpty(apiKey) && NEX_API_KEY.equals(apiKey)) { + Long userId = validateApiKey(apiKey); // 验证API Key并获取用户ID + if (userId != null) { + SysUser user = loadUserById(userId); + return user; + } + } + } + + // 传统方式获取用户 SysUser user = null; - Object obj = getSubject().getPrincipal(); - if (StringUtils.isNotNull(obj)) - { + if (StringUtils.isNotNull(principal)) { user = new SysUser(); - BeanUtils.copyBeanProp(user, obj); + BeanUtils.copyBeanProp(user, principal); + return user; + } + // 检查是否是API Key请求 + HttpServletRequest request = ServletUtils.getRequest(); + String apiKey = request.getHeader("X-API-Key"); + if (StringUtils.isNotEmpty(apiKey)) { + Long userId = validateApiKey(apiKey); // 验证API Key并获取用户ID + user = loadUserById(userId); + setSysUser(user); + return user; } return user; } - public static void setSysUser(SysUser user) - { + /** + * 验证API Key并返回对应的用户ID + */ + private static Long validateApiKey(String apiKey) { + // 查询数据库验证API Key,并返回对应的用户ID + // 这里应该查询API Key表,获取关联的用户ID + // 例如: select user_id from sys_api_key where api_key = ? and status = 'A' + return 1L; + } + + /** + * 根据用户ID加载用户信息 + */ + private static SysUser loadUserById(Long userId) { + // 从数据库加载用户信息 + // 例如: select * from sys_user where user_id = ? + SysUser user = new SysUser(); + user.setUserId(1L); + user.setUserName("admin"); + return user; + } + +// public static SysUser getSysUser() +// { +// SysUser user = null; +// Object obj = getSubject().getPrincipal(); +// if (StringUtils.isNotNull(obj)) +// { +// user = new SysUser(); +// BeanUtils.copyBeanProp(user, obj); +// } +// return user; +// } + + public static void setSysUser(SysUser user) { Subject subject = getSubject(); PrincipalCollection principalCollection = subject.getPrincipals(); String realmName = principalCollection.getRealmNames().iterator().next(); @@ -53,34 +115,45 @@ public class ShiroUtils subject.runAs(newPrincipalCollection); } - public static Long getUserId() - { + public static Long getUserId() { return getSysUser().getUserId().longValue(); } - public static String getLoginName() - { + public static String getLoginName() { return getSysUser().getLoginName(); } - public static String getIp() - { + public static String getIp() { return StringUtils.substring(getSubject().getSession().getHost(), 0, 128); } - public static String getSessionId() - { + public static String getSessionId() { return String.valueOf(getSubject().getSession().getId()); } /** * 生成随机盐 */ - public static String randomSalt() - { + public static String randomSalt() { // 一个Byte占两个字节,此处生成的3字节,字符串长度为6 SecureRandomNumberGenerator secureRandom = new SecureRandomNumberGenerator(); String hex = secureRandom.nextBytes(3).toHex(); return hex; } + + public static void genApiKey() { + // 为用户ID 101 生成的 API Key + String apiKey = "user_101_" + UUID.randomUUID().toString().replace("-", "").substring(0, 16); + String apiSecret = UUID.randomUUID().toString().replace("-", ""); + } + + public static void main(String[] args) { + // 为用户ID 101 生成的 API Key + String apiKey = "user_101_" + UUID.randomUUID().toString().replace("-", "").substring(0, 16); + String apiSecret = UUID.randomUUID().toString().replace("-", ""); + System.out.println("apiKey"); + System.out.println(apiKey); + System.out.println("apiSecret"); + System.out.println(apiSecret); + } } diff --git a/ruoyi-sip/src/main/java/com/ruoyi/sip/controller/vue/OmsPurchaseOrderController.java b/ruoyi-sip/src/main/java/com/ruoyi/sip/controller/vue/OmsPurchaseOrderController.java index 5984fb79..70777f07 100644 --- a/ruoyi-sip/src/main/java/com/ruoyi/sip/controller/vue/OmsPurchaseOrderController.java +++ b/ruoyi-sip/src/main/java/com/ruoyi/sip/controller/vue/OmsPurchaseOrderController.java @@ -261,8 +261,8 @@ public class OmsPurchaseOrderController extends BaseController } @Anonymous - @GetMapping("/approveStatus/{id}") - public AjaxResult getApproveStatus(@PathVariable("id") Long id) + @GetMapping("/approveStatus") + public AjaxResult getApproveStatus(@RequestParam Long id) { OmsPurchaseOrder order = omsPurchaseOrderService.selectOmsPurchaseOrderById(id); if (order != null) { diff --git a/ruoyi-sip/src/main/java/com/ruoyi/sip/service/impl/OmsPurchaseOrderServiceImpl.java b/ruoyi-sip/src/main/java/com/ruoyi/sip/service/impl/OmsPurchaseOrderServiceImpl.java index 6997184f..b13679e7 100644 --- a/ruoyi-sip/src/main/java/com/ruoyi/sip/service/impl/OmsPurchaseOrderServiceImpl.java +++ b/ruoyi-sip/src/main/java/com/ruoyi/sip/service/impl/OmsPurchaseOrderServiceImpl.java @@ -548,17 +548,22 @@ public class OmsPurchaseOrderServiceImpl implements IOmsPurchaseOrderService, To @Override public AddToNexRes addToNex(AddToNexReq addToNexReq) { + SysUser sysUser = getSysUser(); // 新增采购 OmsPurchaseOrder omsPurchaseOrder = new OmsPurchaseOrder(); // 设置采购订单基本信息 omsPurchaseOrder.setBuyerName("紫光汇智信息技术有限公司"); omsPurchaseOrder.setBuyerAddress("重庆市两江新区云杉南路6号涉外商务区B6栋7楼"); + omsPurchaseOrder.setRemark("nex授权申请流程"); // 查询制造商id, 制造商编码P008 - VendorInfo vendorInfo = vendorInfoMapper.selectVendorInfoByVendorCode("P008"); + VendorInfo vendorInfo = vendorInfoMapper.selectVendorInfoByVendorCode("P002"); omsPurchaseOrder.setVendorId(vendorInfo == null ? null :vendorInfo.getVendorId()); omsPurchaseOrder.setCurrency("RMB"); // 采购员:userName=徐心钰 SysUser user = userMapper.selectUserByLoginName("xuxinyu"); + if(user == null){ + user = userMapper.selectUserById(1L); + } omsPurchaseOrder.setPurchaserId(user.getUserId()); omsPurchaseOrder.setPurchaserName(user.getUserName()); omsPurchaseOrder.setPurchaserMobile(""); @@ -599,6 +604,7 @@ public class OmsPurchaseOrderServiceImpl implements IOmsPurchaseOrderService, To } // 触发线上流程 omsPurchaseOrder.setFlowType(OmsPurchaseOrder.FlowTypeEnum.ONLINE.getCode()); + omsPurchaseOrder.setApproveStatus("1"); applyForPurchaseOrder(omsPurchaseOrder); AddToNexRes res = new AddToNexRes();