LoginController.cs 41 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709
  1. using Azure.Cosmos;
  2. using DingTalk.Api;
  3. using DingTalk.Api.Request;
  4. using DingTalk.Api.Response;
  5. using Microsoft.AspNetCore.Http;
  6. using Microsoft.AspNetCore.Mvc;
  7. using Microsoft.Extensions.Configuration;
  8. using System;
  9. using System.Collections.Generic;
  10. using System.Linq;
  11. using System.Text.Json;
  12. using System.Threading.Tasks;
  13. using TEAMModelOS.SDK.DI;
  14. using TEAMModelOS.SDK.Models;
  15. using HTEXLib.COMM.Helpers;
  16. using TEAMModelOS.Models;
  17. using Microsoft.Extensions.Options;
  18. using TEAMModelOS.SDK.Extension;
  19. using TEAMModelOS.SDK.Models.Service;
  20. using Microsoft.AspNetCore.Authorization;
  21. using Azure.Storage.Blobs.Models;
  22. using System.IdentityModel.Tokens.Jwt;
  23. using System.Net.Http;
  24. using System.Text;
  25. using System.Net;
  26. using Newtonsoft.Json;
  27. using System.Collections;
  28. using Newtonsoft.Json.Linq;
  29. using TEAMModelOS.SDK.Models.Cosmos.BI;
  30. using Azure.Storage.Sas;
  31. using System.Net.Http.Json;
  32. using TEAMModelBI.Filter;
  33. using TEAMModelBI.Models.Extension;
  34. using TEAMModelOS.SDK;
  35. using Microsoft.AspNetCore.Hosting;
  36. using TEAMModelBI.Tool;
  37. using TEAMModelBI.DI.BIAzureStorage;
  38. using TEAMModelBI.Tool.Context;
  39. //using static DingTalk.Api.Response.OapiV2UserGetResponse;
  40. namespace TEAMModelBI.Controllers
  41. {
  42. [ProducesResponseType(StatusCodes.Status200OK)]
  43. [ProducesResponseType(StatusCodes.Status400BadRequest)]
  44. [Route("common/login")]
  45. [ApiController]
  46. public class LoginController : ControllerBase
  47. {
  48. private readonly IConfiguration _configuration;
  49. //数据容器
  50. private readonly AzureCosmosFactory _azureCosmos;
  51. //文件容器
  52. private readonly AzureStorageFactory _azureStorage;
  53. //钉钉提示信息
  54. private readonly DingDing _dingDing;
  55. private readonly Option _option;
  56. //隐式登录
  57. private readonly CoreAPIHttpService _coreAPIHttpService;
  58. private readonly IHttpClientFactory _http;
  59. private readonly IWebHostEnvironment _environment; //读取文件
  60. public LoginController(IConfiguration configuration, AzureCosmosFactory azureCosmos, AzureStorageFactory azureStorage, DingDing dingDing, IOptionsSnapshot<Option> option, CoreAPIHttpService coreAPIHttpService, IHttpClientFactory http, IWebHostEnvironment environment)
  61. {
  62. _configuration = configuration;
  63. _azureCosmos = azureCosmos;
  64. _azureStorage = azureStorage;
  65. _dingDing = dingDing;
  66. _option = option?.Value;
  67. _coreAPIHttpService = coreAPIHttpService;
  68. _http = http;
  69. _environment = environment;
  70. }
  71. /// <summary>
  72. /// 钉钉扫码登录获取扫码信息
  73. /// </summary>
  74. /// <param name="jsonElement"></param>
  75. /// <returns></returns>
  76. [ProducesDefaultResponseType]
  77. [HttpPost("get-ddscancode")]
  78. public async Task<IActionResult> GetDingDingScanCode(JsonElement jsonElement)
  79. {
  80. try
  81. {
  82. string appKey = _configuration["DingDingAuth:appKey"];
  83. string appSecret = _configuration["DingDingAuth:appSecret"];
  84. string proDeptId = _configuration["CustomParam:proDeptId"];
  85. //string divide = _configuration["CustomParam:SiteScope"];
  86. string divide = _option.Location;
  87. var cosmosClient = _azureCosmos.GetCosmosClient();
  88. string Website = "China";
  89. if (string.IsNullOrWhiteSpace(appKey) || string.IsNullOrWhiteSpace(appSecret))
  90. {
  91. return Ok(new { state = 0, msg = "请检查配置钉钉的信息" });
  92. }
  93. //自己传的code
  94. if (!jsonElement.TryGetProperty("code", out JsonElement LoginTempCode)) return BadRequest();
  95. jsonElement.TryGetProperty("site", out JsonElement site);
  96. var tableClient = _azureStorage.GetCloudTableClient();
  97. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  98. if ($"{site}".Equals(BIConst.GlobalSite))
  99. {
  100. tableClient = _azureStorage.GetCloudTableClient(BIConst.GlobalSite);
  101. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.GlobalSite);
  102. Website = BIConst.GlobalSite;
  103. }
  104. //获取access_token
  105. IDingTalkClient tokenClient = new DefaultDingTalkClient("https://oapi.dingtalk.com/gettoken");
  106. OapiGettokenRequest tokenRequest = new() { Appkey = appKey, Appsecret = appSecret };
  107. tokenRequest.SetHttpMethod("Get");
  108. OapiGettokenResponse tokenRespone = tokenClient.Execute(tokenRequest);
  109. if (tokenRespone.IsError) return BadRequest();
  110. string access_token = tokenRespone.AccessToken;
  111. //获取临时授权码 获取授权用户的个人信息
  112. DefaultDingTalkClient clientinfo = new("https://oapi.dingtalk.com/sns/getuserinfo_bycode");
  113. OapiSnsGetuserinfoBycodeRequest req = new() { TmpAuthCode = $"{LoginTempCode}" }; //通过扫描二维码,跳转到指定的Url后,向Url中追加Code临时授权码
  114. OapiSnsGetuserinfoBycodeResponse response = clientinfo.Execute(req, appKey, appSecret);
  115. if (response.Errcode.Equals(40078))
  116. {
  117. return Ok(new { state = 0, msg = $"state:{response.Errcode};Err{response.Errmsg}/临时授权码过期请重新扫码" });
  118. }
  119. string unionid = response.UserInfo.Unionid;
  120. IDingTalkClient client2 = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/user/getbyunionid"); //userid地址
  121. OapiUserGetbyunionidRequest byunionidRequest = new() { Unionid = unionid };
  122. OapiUserGetbyunionidResponse byunionidResponse = client2.Execute(byunionidRequest, access_token);
  123. if (byunionidResponse.IsError || byunionidResponse.Errcode == 60121)
  124. {
  125. return Ok(new { state = 0, msg = byunionidResponse.Errmsg });
  126. }
  127. // 根据userId获取用户信息
  128. string userid = byunionidResponse.Result.Userid;
  129. IDingTalkClient client3 = new DefaultDingTalkClient("https://oapi.dingtalk.com/topapi/v2/user/get");
  130. OapiV2UserGetRequest v2GetRequest = new()
  131. {
  132. Userid = userid,
  133. Language = "zh_CN"
  134. };
  135. v2GetRequest.SetHttpMethod("POST");
  136. OapiV2UserGetResponse v2GetResponse = client3.Execute(v2GetRequest, access_token);
  137. if (v2GetResponse.IsError)
  138. {
  139. return Ok(new { state = 0, msg = "扫码登录失败" });
  140. }
  141. var table = _azureStorage.GetCloudTableClient().GetTableReference("BIDDUserInfo");
  142. var id_token = "";
  143. string osblob_uri = null, osblob_sas = null;
  144. List<string> roles = new();//角色列表
  145. List<string> permissions = new();//权限列表
  146. bool isExploit = false;
  147. List<DingDingUserInfo> ddusers = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object>() { { "PartitionKey", $"{divide}"},{ "userId", $"{v2GetResponse.Result.Userid}" }, { "unionId", $"{v2GetResponse.Result.Unionid}" } });
  148. if (ddusers.Count > 0)
  149. {
  150. List<DingDingUserInfo> saveInfo = new();
  151. StringBuilder strMsg = new();
  152. foreach (var item in ddusers)
  153. {
  154. if (string.IsNullOrEmpty(item.tmdId))
  155. {
  156. List<string> mobiles = new() { $"{ item.mobile}" };
  157. var content = new StringContent(mobiles.ToJsonString(), Encoding.UTF8, "application/json");
  158. string json = await _coreAPIHttpService.GetUserInfos(content);
  159. if (!string.IsNullOrEmpty(json))
  160. {
  161. List<JsonElement> json_id = json.ToObject<List<JsonElement>>();
  162. foreach (var tmd in json_id)
  163. {
  164. item.tmdId = tmd.GetProperty("id").ToString();
  165. item.tmdName = tmd.GetProperty("name").ToString();
  166. item.tmdMobile = tmd.GetProperty("mobile").ToString();
  167. item.picture = tmd.GetProperty("picture").ToString();
  168. item.mail = tmd.GetProperty("mail").ToString();
  169. }
  170. }
  171. else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  172. //HttpClient httpClient = _http.CreateClient();
  173. //string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  174. //List<string> mobiles = new() { $"{ item.mobile}" };
  175. //HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, mobiles);
  176. //if (responseMessage.StatusCode == HttpStatusCode.OK)
  177. //{
  178. // string temp = responseMessage.Content.ReadAsStringAsync().Result;
  179. // List<JsonElement> json_id = temp.ToObject<List<JsonElement>>();
  180. // if (json_id.Count > 0)
  181. // {
  182. // foreach (var tmd in json_id)
  183. // {
  184. // item.tmdId = tmd.GetProperty("id").ToString();
  185. // item.tmdName = tmd.GetProperty("name").ToString();
  186. // item.tmdMobile = tmd.GetProperty("mobile").ToString();
  187. // item.picture = tmd.GetProperty("picture").ToString();
  188. // item.mail = tmd.GetProperty("mail").ToString();
  189. // }
  190. // }
  191. // else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  192. //}
  193. strMsg.Append($"{item.tmdName}【{item.tmdId}】醍摩豆账号和{item.name}【{item.userId}】钉钉账户绑定成功");
  194. //保存操作记录
  195. //await _azureStorage.SaveBILog("tabledd-update", strMsg?.ToString(), _dingDing, httpContext: HttpContext, twebsite: Website, tid: item.tmdId, tname: item.tmdName);
  196. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", strMsg?.ToString(), _dingDing, httpContext: HttpContext, twebsite: Website, tid: item.tmdId, tname: item.tmdName);
  197. saveInfo.Add(item);
  198. }
  199. List<string> schoolIds = await CommonFind.FindSchoolIds(cosmosClient, item.tmdId);
  200. if (schoolIds.Count > 0)
  201. {
  202. item.schoolIds = string.Join("|", schoolIds);
  203. await table.SaveOrUpdate<DingDingUserInfo>(item);
  204. }
  205. roles = !string.IsNullOrEmpty($"{item.roles}") ? new List<string>(item.roles.Split(",")) : new List<string>();
  206. permissions = !string.IsNullOrEmpty($"{item.permissions}") ? new List<string>(item.permissions.Split(",")) : new List<string>();
  207. if (item.depts.Contains($"{proDeptId}")) isExploit = true;
  208. if (item.deptId == long.Parse($"{proDeptId}")) isExploit = true;
  209. if (item.pid == long.Parse($"{proDeptId}")) isExploit = true;
  210. //自己写的
  211. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, item.tmdId?.ToString(), item.tmdName?.ToString(), item.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: isExploit, item.userId?.ToString(), item.name?.ToString(), item.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  212. }
  213. if (saveInfo.Count > 0)
  214. {
  215. ddusers = await table.UpdateAll<DingDingUserInfo>(saveInfo);
  216. }
  217. }
  218. else
  219. {
  220. DingDingUserInfo ddUserInfo = new()
  221. {
  222. PartitionKey = divide,
  223. RowKey = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds().ToString(),
  224. userId = v2GetResponse.Result.Userid,
  225. unionId = v2GetResponse.Result.Unionid,
  226. name = v2GetResponse.Result.Name,
  227. title = v2GetResponse.Result.Title,
  228. mobile = v2GetResponse.Result.Mobile,
  229. jobNumber = v2GetResponse.Result.JobNumber,
  230. pid = 0,
  231. deptId = 0,
  232. deptName = null,
  233. depts = string.Join(",", v2GetResponse.Result.DeptIdList.ToArray()),
  234. avatar = v2GetResponse.Result.Avatar,
  235. isAdmin = v2GetResponse.Result.Admin,
  236. roles = "assist",
  237. permissions = "abilitystandard-read,batcharea-read,batchschool-read,orgusers-read"
  238. };
  239. if (!string.IsNullOrEmpty($"{ddUserInfo.mobile}"))
  240. {
  241. HttpClient httpClient = _http.CreateClient();
  242. string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  243. List<string> mobiles = new() { $"{ ddUserInfo.mobile}" };
  244. HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, mobiles);
  245. if (responseMessage.StatusCode == HttpStatusCode.OK)
  246. {
  247. string temp = responseMessage.Content.ReadAsStringAsync().Result;
  248. List<JsonElement> json_id = temp.ToObject<List<JsonElement>>();
  249. if (json_id.Count > 0)
  250. {
  251. foreach (var tmd in json_id)
  252. {
  253. ddUserInfo.tmdId = tmd.GetProperty("id").ToString();
  254. ddUserInfo.tmdName = tmd.GetProperty("name").ToString();
  255. ddUserInfo.tmdMobile = tmd.GetProperty("mobile").ToString();
  256. ddUserInfo.picture = tmd.GetProperty("picture").ToString();
  257. ddUserInfo.mail = tmd.GetProperty("mail").ToString();
  258. }
  259. }
  260. else return Ok(new { state = 404, msg = "依据钉钉手机号未找到醍摩豆账号!" });
  261. }
  262. }
  263. else return Ok(new { state = 404, msg = "钉钉手机号为空" });
  264. List<string> schoolIds = await CommonFind.FindSchoolIds(cosmosClient, ddUserInfo.tmdId);
  265. if (schoolIds.Count > 0)
  266. {
  267. ddUserInfo.schoolIds = string.Join("|", schoolIds);
  268. }
  269. ddUserInfo = await table.Save<DingDingUserInfo>(ddUserInfo);
  270. //保存操作记录
  271. //await _azureStorage.SaveBILog("tabledd-update", $"{ddUserInfo.tmdName}【{ddUserInfo.tmdId}】醍摩豆账号和{ddUserInfo.name}【{ddUserInfo.RowKey}】钉钉账户绑定成功", _dingDing, httpContext: HttpContext, tid: ddUserInfo.tmdId, tname: ddUserInfo.tmdName, twebsite: Website);
  272. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{ddUserInfo.tmdName}【{ddUserInfo.tmdId}】醍摩豆账号和{ddUserInfo.name}【{ddUserInfo.RowKey}】钉钉账户绑定成功", _dingDing, httpContext: HttpContext, tid: ddUserInfo.tmdId, tname: ddUserInfo.tmdName, twebsite: Website);
  273. roles = !string.IsNullOrEmpty($"{ddUserInfo.roles}") ? new List<string>(ddUserInfo.roles.Split(",")) : new List<string>();
  274. permissions = !string.IsNullOrEmpty($"{ddUserInfo.permissions}") ? new List<string>(ddUserInfo.permissions.Split(",")) : new List<string>();
  275. if (ddUserInfo.depts.Contains($"{proDeptId}")) isExploit = true;
  276. if (ddUserInfo.deptId == long.Parse($"{proDeptId}")) isExploit = true;
  277. if (ddUserInfo.pid == long.Parse($"{proDeptId}")) isExploit = true;
  278. //自己写的
  279. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, ddUserInfo.tmdId?.ToString(), ddUserInfo.tmdName?.ToString(), ddUserInfo.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: isExploit, ddUserInfo.userId?.ToString(), ddUserInfo.name?.ToString(), ddUserInfo.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  280. }
  281. if (Website.Equals(BIConst.GlobalSite))
  282. {
  283. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.GlobalSite);
  284. }
  285. else
  286. {
  287. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  288. }
  289. //(osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List, BIConst.GlobalSite);
  290. return Ok(new { state = 200, ddUserInfos = ddusers, id_token, roles, permissions, osblob_uri, osblob_sas });
  291. }
  292. catch (Exception ex)
  293. {
  294. await _dingDing.SendBotMsg($"BI, {_option.Location} /common/login/get-ddscancode \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  295. return BadRequest();
  296. }
  297. }
  298. /// <summary>
  299. /// 钉钉绑定醍摩豆
  300. /// </summary>
  301. /// <returns></returns>
  302. [ProducesDefaultResponseType]
  303. [HttpPost("set-bind")]
  304. public async Task<IActionResult> BindUser(JsonElement jsonElement)
  305. {
  306. try
  307. {
  308. if (!jsonElement.TryGetProperty("partitionKey", out JsonElement partitionKey)) return BadRequest();
  309. if (!jsonElement.TryGetProperty("rowKey", out JsonElement userId)) return BadRequest();
  310. jsonElement.TryGetProperty("id_token", out JsonElement idtoken);
  311. jsonElement.TryGetProperty("mobile", out JsonElement mobile);
  312. jsonElement.TryGetProperty("site", out JsonElement site);
  313. string Website = "China";
  314. var tableClient = _azureStorage.GetCloudTableClient();
  315. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  316. if ($"{site}".Equals(BIConst.GlobalSite))
  317. {
  318. tableClient = _azureStorage.GetCloudTableClient(BIConst.GlobalSite);
  319. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.GlobalSite);
  320. Website = BIConst.GlobalSite;
  321. }
  322. HttpClient httpClient = _http.CreateClient();
  323. string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  324. var table = _azureStorage.GetCloudTableClient().GetTableReference("BIDDUserInfo");
  325. var tempUser = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object> { { "PartitionKey", $"{partitionKey}" }, { "userId", $"{userId}" } });
  326. var id_token = "";
  327. var auth_token = "";
  328. List<DingDingUserInfo> ddUserInfos = new();
  329. List<string> roles = new();//角色列表
  330. List<string> permissions = new();//权限列表
  331. foreach (var itemUser in tempUser)
  332. {
  333. if (!string.IsNullOrEmpty($"{idtoken}"))
  334. {
  335. JwtSecurityToken jwt = new JwtSecurityToken($"{idtoken}");
  336. var tmdId = jwt.Payload.Sub;
  337. jwt.Payload.TryGetValue("name", out object tmdName);
  338. jwt.Payload.TryGetValue("picture", out object picture);
  339. itemUser.tmdId = tmdId;
  340. itemUser.tmdName = $"{tmdName}";
  341. itemUser.tmdMobile = itemUser.mobile;
  342. itemUser.picture = $"{picture}";
  343. }
  344. if (!string.IsNullOrEmpty($"{mobile}"))
  345. {
  346. List<string> mobiles = new() { $"{mobile}" };
  347. HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, mobiles);
  348. if (responseMessage.StatusCode == HttpStatusCode.OK)
  349. {
  350. var temp = await responseMessage.Content.ReadAsStringAsync();
  351. if (temp.Length > 0)
  352. {
  353. List<JsonElement> itemjson = temp.ToObject<List<JsonElement>>();
  354. foreach (var item in itemjson)
  355. {
  356. itemUser.tmdId = item.GetProperty("id").ToString();
  357. itemUser.tmdName = item.GetProperty("name").ToString();
  358. itemUser.tmdMobile = item.GetProperty("mobile").ToString();
  359. itemUser.picture = item.GetProperty("picture").ToString();
  360. itemUser.mail = item.GetProperty("mail").ToString();
  361. }
  362. }
  363. }
  364. else return Ok(new { state = 404, msg = "手机号未找到醍摩豆账户" });
  365. }
  366. if (string.IsNullOrEmpty($"{mobile}") && string.IsNullOrEmpty($"{idtoken}"))
  367. return Ok(new { state = 400, msg = "mobile、idtoken参数错误" });
  368. else
  369. {
  370. ddUserInfos.Add(itemUser);
  371. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  372. //保存操作记录
  373. //await _azureStorage.SaveBILog("tabledd-update", $"{itemUser.tmdName}【{itemUser.tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  374. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{itemUser.tmdName}【{itemUser.tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  375. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, itemUser.tmdId?.ToString(), itemUser.tmdName?.ToString(), itemUser.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: false, itemUser.userId?.ToString(), itemUser.name?.ToString(), itemUser.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  376. }
  377. }
  378. ddUserInfos = await table.UpdateAll(ddUserInfos);
  379. string osblob_uri = null, osblob_sas = null;
  380. if (Website.Equals(BIConst.GlobalSite))
  381. {
  382. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.GlobalSite);
  383. }
  384. else
  385. {
  386. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  387. }
  388. //blob 访问权限
  389. //var (osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List);
  390. return Ok(new { state = 200, ddUserInfos, id_token, roles, osblob_uri, osblob_sas });
  391. }
  392. catch (Exception ex)
  393. {
  394. await _dingDing.SendBotMsg($"BI, {_option.Location} /common/login/set-bind \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  395. return BadRequest();
  396. }
  397. }
  398. /// <summary>
  399. /// 获取钉钉信息详情绑定醍摩豆和钉钉信息 二合一
  400. /// </summary>
  401. /// <param name="jsonElement"></param>
  402. /// <returns></returns>
  403. [ProducesDefaultResponseType]
  404. [HttpPost("get-ddinfo")]
  405. public async Task<IActionResult> GetDingDingInfo(JsonElement jsonElement)
  406. {
  407. try
  408. {
  409. if (!jsonElement.TryGetProperty("mobile", out JsonElement moile)) return BadRequest();
  410. if (!jsonElement.TryGetProperty("partitionKey", out JsonElement partitionKey)) return BadRequest();
  411. if (!jsonElement.TryGetProperty("rowKey", out JsonElement userId)) return BadRequest();
  412. jsonElement.TryGetProperty("site", out JsonElement site);
  413. string Website = "China";
  414. var tableClient = _azureStorage.GetCloudTableClient();
  415. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  416. if ($"{site}".Equals(BIConst.GlobalSite))
  417. {
  418. tableClient = _azureStorage.GetCloudTableClient(BIConst.GlobalSite);
  419. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.GlobalSite);
  420. Website = BIConst.GlobalSite;
  421. }
  422. var table = tableClient.GetTableReference("BIDDUserInfo");
  423. var tempUser = await table.FindListByDict<DingDingUserInfo>(new Dictionary<string, object> { { "PartitionKey", $"{partitionKey}" }, { "userId", $"{userId}" } });
  424. List<string> roles = new();//角色列表
  425. List<string> permissions = new();//权限列表
  426. List<DingDingUserInfo> ddUserInfos = new();
  427. var id_token = "";
  428. foreach (var itemUser in tempUser)
  429. {
  430. if (!string.IsNullOrEmpty($"{itemUser.tmdId}") && !string.IsNullOrEmpty($"{itemUser.tmdName}"))
  431. {
  432. //roles = new List<string>(itemUser.roles.Split(new string[] { "," }, StringSplitOptions.RemoveEmptyEntries));
  433. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  434. permissions = !string.IsNullOrEmpty($"{itemUser.permissions}") ? new List<string>(itemUser.permissions.Split(",")) : new List<string>();
  435. ddUserInfos.Add(itemUser);
  436. }
  437. else
  438. {
  439. HttpClient httpClient = _http.CreateClient();
  440. string url = _configuration.GetValue<string>("HaBookAuth:CoreId:userinfo");
  441. HttpResponseMessage responseMessage = await httpClient.PostAsJsonAsync(url, moile);
  442. if (responseMessage.StatusCode == HttpStatusCode.OK)
  443. {
  444. var temp = await responseMessage.Content.ReadAsStringAsync();
  445. if (temp.Length > 0)
  446. {
  447. List<JsonElement> itemjson = temp.ToObject<List<JsonElement>>();
  448. string tmdId = null;
  449. string tmdName = null;
  450. foreach (var item in itemjson)
  451. {
  452. tmdId = item.GetProperty("id").ToString();
  453. tmdName = item.GetProperty("name").ToString();
  454. itemUser.tmdId = tmdId?.ToString();
  455. itemUser.tmdName = tmdName?.ToString();
  456. itemUser.tmdMobile = item.GetProperty("mobile").ToString();
  457. itemUser.picture = item.GetProperty("picture").ToString();
  458. itemUser.mail = item.GetProperty("mail").ToString();
  459. roles = !string.IsNullOrEmpty($"{itemUser.roles}") ? new List<string>(itemUser.roles.Split(",")) : new List<string>();
  460. permissions = !string.IsNullOrEmpty($"{itemUser.permissions}") ? new List<string>(itemUser.permissions.Split(",")) : new List<string>();
  461. ddUserInfos.Add(itemUser);
  462. }
  463. ddUserInfos = await table.UpdateAll<DingDingUserInfo>(ddUserInfos);
  464. //保存操作记录
  465. //await _azureStorage.SaveBILog("tabledd-update", $"{tmdName}【{tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  466. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{tmdName}【{tmdId}】醍摩豆账号和{itemUser.name}【{itemUser.userId}】钉钉账户绑定成功", _dingDing, tid: itemUser.tmdId, tname: itemUser.name, twebsite: Website, httpContext: HttpContext);
  467. }
  468. else return Ok(new { state = 400, message = "该手机没有注册醍摩豆账号信息" });
  469. }
  470. else return Ok(new { state = responseMessage.StatusCode });
  471. }
  472. //自己写的
  473. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, itemUser.tmdId?.ToString(), itemUser.tmdName?.ToString(), itemUser.picture?.ToString(), _option.JwtSecretKey, scope: "assist", webSite: Website, isex: false, itemUser.userId?.ToString(), itemUser.name?.ToString(), itemUser.avatar?.ToString(), roles: roles?.ToArray(), permissions: permissions?.ToArray(), expire: 3);
  474. }
  475. string osblob_uri = null, osblob_sas = null;
  476. if (Website.Equals(BIConst.GlobalSite))
  477. {
  478. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete, BIConst.GlobalSite);
  479. }
  480. else
  481. {
  482. (osblob_uri, osblob_sas) = _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete);
  483. }
  484. //var (osblob_uri, osblob_sas) = roles.Contains("assist") ? _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Write | BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List | BlobContainerSasPermissions.Delete) : _azureStorage.GetBlobContainerSAS("teammodelos", BlobContainerSasPermissions.Read | BlobContainerSasPermissions.List);
  485. return Ok(new { state = 200, ddUserInfos, id_token, roles, permissions, osblob_uri, osblob_sas });
  486. }
  487. catch (Exception ex)
  488. {
  489. await _dingDing.SendBotMsg($"BI,{_option.Location} /common/login/get-ddinfo \n {ex.Message}\n{ex.StackTrace}", GroupNames.成都开发測試群組);
  490. return BadRequest();
  491. }
  492. }
  493. /// <summary>
  494. /// 企业登录
  495. /// </summary>
  496. /// <param name="jsonElement"></param>
  497. /// <returns></returns>
  498. [ProducesDefaultResponseType]
  499. [HttpPost("get-commpany")]
  500. public async Task<IActionResult> GetCommpanyLogin(JsonElement jsonElement)
  501. {
  502. if (!jsonElement.TryGetProperty("account", out JsonElement accout)) return BadRequest();
  503. if (!jsonElement.TryGetProperty("password", out JsonElement password)) return BadRequest();
  504. jsonElement.TryGetProperty("site", out JsonElement site);
  505. string Website = "China";
  506. var cosmosClient = _azureCosmos.GetCosmosClient();
  507. var tableClient = _azureStorage.GetCloudTableClient();
  508. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  509. if ($"{site}".Equals(BIConst.GlobalSite))
  510. {
  511. cosmosClient = _azureCosmos.GetCosmosClient(name: BIConst.GlobalSite);
  512. tableClient = _azureStorage.GetCloudTableClient(BIConst.GlobalSite);
  513. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.GlobalSite);
  514. Website = BIConst.GlobalSite;
  515. }
  516. StringBuilder sqlTxt = new($"select value(c) from c");
  517. var temps = $"{accout}".Contains($"@");
  518. if (temps)
  519. sqlTxt.Append($" where c.emall='{accout}'");
  520. else
  521. sqlTxt.Append($" where c.mobile='{accout}'");
  522. Company company = new();
  523. List<Company> companies = new();
  524. string id_token = "";
  525. await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryIterator<Company>(queryText: sqlTxt.ToString(), requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("Company") }))
  526. {
  527. companies.Add(item);
  528. }
  529. if (companies.Count > 0)
  530. {
  531. foreach (var item in companies)
  532. {
  533. var hashedPw = Utils.HashedPassword(password.ToString(), item.salt.ToString());
  534. if (hashedPw.Equals(item.password))
  535. {
  536. company = item;
  537. id_token = JwtAuth.CreateAuthTokenBI(_option.HostName, item.id?.ToString(), item.name?.ToString(), company.picture?.ToString(), _option.JwtSecretKey, scope: "company", webSite: Website, expire: 3);
  538. }
  539. }
  540. }
  541. else return Ok(new { state = 404 });
  542. //保存操作记录
  543. //await _azureStorage.SaveBILog("tabledd-update", $"{company.name}【{company.id}】登录商务智能开放平台", _dingDing, tid: company.id, tname: company.name, twebsite: "BI", httpContext: HttpContext);
  544. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{company.name}【{company.id}】登录商务智能开放平台", _dingDing, tid: company.id, tname: company.name, twebsite: Website?.ToString(), httpContext: HttpContext);
  545. return Ok(new { error = 200, id_token, company });
  546. }
  547. /// <summary>
  548. /// 企业注册信息
  549. /// </summary>
  550. /// <param name="jsonElement"></param>
  551. /// <returns></returns>
  552. [HttpPost("set-registered")]
  553. public async Task<IActionResult> SetRegistered(JsonElement jsonElement)
  554. {
  555. if (!jsonElement.TryGetProperty("name", out JsonElement name)) return BadRequest();
  556. if (!jsonElement.TryGetProperty("credit", out JsonElement credit)) return BadRequest();
  557. if (!jsonElement.TryGetProperty("mobile", out JsonElement mobile)) return BadRequest();
  558. if (!jsonElement.TryGetProperty("password", out JsonElement password)) return BadRequest();
  559. jsonElement.TryGetProperty("site", out JsonElement site);
  560. string Website = "China";
  561. var cosmosClient = _azureCosmos.GetCosmosClient();
  562. var tableClient = _azureStorage.GetCloudTableClient();
  563. var blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public");
  564. if ($"{site}".Equals(BIConst.GlobalSite))
  565. {
  566. cosmosClient = _azureCosmos.GetCosmosClient(name: BIConst.GlobalSite);
  567. tableClient = _azureStorage.GetCloudTableClient(BIConst.GlobalSite);
  568. blobClient = _azureStorage.GetBlobContainerClient(containerName: "0-public", BIConst.GlobalSite);
  569. Website = BIConst.GlobalSite;
  570. }
  571. string salt = Utils.CreatSaltString(8);
  572. string sqltxt = $"select value(c) from c where c.mobile='{mobile}'";
  573. await foreach (var item in cosmosClient.GetContainer("TEAMModelOS", "Normal").GetItemQueryStreamIterator(queryText: sqltxt, requestOptions: new QueryRequestOptions() { PartitionKey = new PartitionKey("Company") }))
  574. {
  575. using var json = await JsonDocument.ParseAsync(item.ContentStream);
  576. if (json.RootElement.TryGetProperty("_count", out JsonElement count) && count.GetUInt16() > 0)
  577. {
  578. return Ok(new { state = 201, msg = "手机号已存在," });
  579. }
  580. }
  581. CreateSchoolInfo createCompanyCode = new CreateSchoolInfo()
  582. {
  583. province = "",
  584. id = "",
  585. name = $"{name}",
  586. city = "",
  587. aname = "",
  588. createCount = 0,
  589. };
  590. //生成企业ID
  591. bool tempStaus = true;
  592. do
  593. {
  594. createCompanyCode = await SchoolCode.GenerateSchoolCode(createCompanyCode, _dingDing, _environment);
  595. var companyState = await cosmosClient.GetContainer("TEAMModelOS", "Normal").ReadItemStreamAsync($"{createCompanyCode.id}", new PartitionKey("Company"));
  596. if (companyState.Status != 200) tempStaus = false;
  597. else createCompanyCode.createCount = createCompanyCode.createCount >= 3 ? createCompanyCode.createCount = 3 : createCompanyCode.createCount += 1;
  598. } while (tempStaus);
  599. Company company = new() { name = $"{name}", credit = $"{credit}", mobile = $"{mobile}", salt = salt, password = Utils.HashedPassword($"{password}", salt), pk = "Company", code = "Company", createTime = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds() };
  600. company = await cosmosClient.GetContainer("TEAMModelOS", "Normal").CreateItemAsync<Company>(company, new PartitionKey("Company"));
  601. //保存操作记录
  602. //await _azureStorage.SaveBILog("tabledd-update", $"{company.name}【{company.id}】注册商务智能开放平台", _dingDing, tid: company.id, tname: company.name, twebsite: "BI", httpContext: HttpContext);
  603. await AzureStorageBlobExtensions.SaveBILog(blobClient, tableClient, "tabledd-update", $"{company.name}【{company.id}】注册商务智能开放平台", _dingDing, tid: company.id, tname: company.name, twebsite: Website?.ToString(), httpContext: HttpContext);
  604. return Ok(new { state = 200, company });
  605. }
  606. public record DingDingbinds
  607. {
  608. public string type { get; set; }
  609. /// <summary>
  610. /// 所属部门id列表
  611. /// </summary>
  612. public List<long> deptIdList { get; set; }
  613. /// <summary>
  614. /// 职位名称
  615. /// </summary>
  616. public string title { get; set; }
  617. /// <summary>
  618. /// 钉钉用户名
  619. /// </summary>
  620. public string name { get; set; }
  621. /// <summary>
  622. /// 钉钉unionid
  623. /// </summary>
  624. public string unionid { get; set; }
  625. /// <summary>
  626. /// 钉钉ID
  627. /// </summary>
  628. public string userid { get; set; }
  629. }
  630. }
  631. }