登录改造

openhis-server/core-common/src/main/java/com/core/common/core/domain/entity/SysUser.java

@@ -7,6 +7,7 @@ import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.Size;
 
+import lombok.Data;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
 
@@ -22,6 +23,7 @@ import com.core.common.xss.Xss;
  * 
  * @author system
  */
+@Data
 public class SysUser extends BaseEntity {
     private static final long serialVersionUID = 1L;
 
@@ -91,6 +93,12 @@ public class SysUser extends BaseEntity {
     /** 角色ID */
     private Long roleId;
 
+    /** 租户ID */
+    private Integer tenantId;
+
+    /** 删除标识 */
+    private String deleteFlag;
+
     public SysUser() {
 
     }

openhis-server/core-framework/src/main/java/com/core/framework/config/MybatisPlusConfig.java

@@ -1,5 +1,17 @@
 package com.core.framework.config;
 
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.transaction.annotation.EnableTransactionManagement;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
 import com.baomidou.mybatisplus.annotation.DbType;
 import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
 import com.baomidou.mybatisplus.extension.plugins.handler.TenantLineHandler;
@@ -8,15 +20,9 @@ import com.baomidou.mybatisplus.extension.plugins.inner.OptimisticLockerInnerInt
 import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
 import com.baomidou.mybatisplus.extension.plugins.inner.TenantLineInnerInterceptor;
 import com.core.common.utils.SecurityUtils;
+
 import net.sf.jsqlparser.expression.Expression;
 import net.sf.jsqlparser.expression.LongValue;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.transaction.annotation.EnableTransactionManagement;
-
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
 
 @EnableTransactionManagement(proxyTargetClass = true)
 @Configuration
@@ -41,7 +47,7 @@ public class MybatisPlusConfig {
     public PaginationInnerInterceptor paginationInnerInterceptor() {
         PaginationInnerInterceptor paginationInnerInterceptor = new PaginationInnerInterceptor();
         // 设置数据库类型为mysql
-        //paginationInnerInterceptor.setDbType(DbType.MYSQL);
+        // paginationInnerInterceptor.setDbType(DbType.MYSQL);
         paginationInnerInterceptor.setDbType(DbType.POSTGRE_SQL);
         // 设置最大单页限制数量，默认 500 条，-1 不受限制
         paginationInnerInterceptor.setMaxLimit(-1L);
@@ -81,56 +87,19 @@ public class MybatisPlusConfig {
             }
 
             // 配置需要租户隔离的表名集合
-            private static final Set<String> TENANT_TABLES = new HashSet<>(Arrays.asList(
+            private static final Set<String> TENANT_TABLES = new HashSet<>(Arrays.asList("adm_account",
-                    "adm_account",
+                "adm_charge_item", "adm_charge_item_def_detail", "adm_charge_item_definition", "adm_device",
-                    "adm_charge_item",
+                "adm_device_definition", "adm_encounter", "adm_encounter_diagnosis", "adm_encounter_location",
-                    "adm_charge_item_def_detail",
+                "adm_encounter_participant", "adm_encounter_reason", "adm_healthcare_service", "adm_invoice",
-                    "adm_charge_item_definition",
+                "adm_location", "adm_organization", "adm_organization_location", "adm_patient",
-                    "adm_device",
+                "adm_patient_identifier", "sys_user", "adm_practitioner", "adm_practitioner_role", "adm_supplier",
-                    "adm_device_definition",
+                "cli_condition", "cli_condition_definition", "cli_diagnosis_belong_binding", "cli_procedure",
-                    "adm_encounter",
+                "cli_procedure_performer", "doc_emr", "doc_emr_template", "doc_emr_detail", "doc_emr_dict", "fin_claim",
-                    "adm_encounter_diagnosis",
+                "fin_claim_response", "fin_contract", "fin_payment_notice", "fin_payment_rec_detail",
-                    "adm_encounter_location",
+                "fin_payment_reconciliation", "med_medication", "med_medication_definition", "med_medication_dispense",
-                    "adm_encounter_participant",
+                "med_medication_request", "wor_activity_definition", "wor_device_dispense", "wor_device_request",
-                    "adm_encounter_reason",
+                "wor_inventory_item", "wor_service_request", "wor_service_request_detail", "wor_supply_delivery",
-                    "adm_healthcare_service",
+                "wor_supply_request"));
-                    "adm_invoice",
-                    "adm_location",
-                    "adm_organization",
-                    "adm_organization_location",
-                    "adm_patient",
-                    "adm_patient_identifier",
-                    "adm_practitioner",
-                    "adm_practitioner_role",
-                    "adm_supplier",
-                    "cli_condition",
-                    "cli_condition_definition",
-                    "cli_diagnosis_belong_binding",
-                    "cli_procedure",
-                    "cli_procedure_performer",
-                    "doc_emr",
-                    "doc_emr_template",
-                    "doc_emr_detail",
-                    "doc_emr_dict",
-                    "fin_claim",
-                    "fin_claim_response",
-                    "fin_contract",
-                    "fin_payment_notice",
-                    "fin_payment_rec_detail",
-                    "fin_payment_reconciliation",
-                    "med_medication",
-                    "med_medication_definition",
-                    "med_medication_dispense",
-                    "med_medication_request",
-                    "wor_activity_definition",
-                    "wor_device_dispense",
-                    "wor_device_request",
-                    "wor_inventory_item",
-                    "wor_service_request",
-                    "wor_service_request_detail",
-                    "wor_supply_delivery",
-                    "wor_supply_request"
-            ));
 
             @Override
             public boolean ignoreTable(String tableName) {
@@ -147,10 +116,24 @@ public class MybatisPlusConfig {
      * 获取当前租户 ID
      */
     private Integer getCurrentTenantId() {
+        // // 尝试从请求头中获取租户ID
+        ServletRequestAttributes attributes = (ServletRequestAttributes)RequestContextHolder.getRequestAttributes();
+        if (attributes != null) {
+            HttpServletRequest request = attributes.getRequest();
+            // 从请求头获取租户ID，假设header名称为"X-Tenant-ID" ; 登录接口前端把租户id放到请求头里
+            String tenantIdHeader = request.getHeader("X-Tenant-ID");
+            String requestMethodName = request.getHeader("Request-Method-Name");
+            // 登录
+            if ("login".equals(requestMethodName)) {
+                if (tenantIdHeader != null && !tenantIdHeader.isEmpty()) {
+                    return Integer.parseInt(tenantIdHeader);
+                }
+            }
+        }
         // 获取当前登录用户的租户 ID
         if (SecurityUtils.getAuthentication() != null) {
             return SecurityUtils.getLoginUser().getTenantId();
         }
-        return 0;
+        return 0; // 默认租户ID
     }
 }

openhis-server/core-framework/src/main/java/com/core/framework/web/service/SysLoginService.java

@@ -1,6 +1,7 @@
 package com.core.framework.web.service;
 
 import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -8,6 +9,8 @@ import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
 
 import com.core.common.constant.CacheConstants;
 import com.core.common.constant.Constants;
@@ -60,7 +63,7 @@ public class SysLoginService {
      */
     public String login(String username, String password, String code, String uuid) {
         // 验证码校验
-         validateCaptcha(username, code, uuid);
+        // validateCaptcha(username, code, uuid);
         // 登录前置校验
         loginPreCheck(username, password);
         // 用户验证
@@ -89,9 +92,18 @@ public class SysLoginService {
         LoginUser loginUser = (LoginUser)authentication.getPrincipal();
 
         // -----start-----登录时set租户id,正常应该从请求头获取,这行代码只是测试使用
-        loginUser.setTenantId(1);
+        Integer tenantId = 0;
+        ServletRequestAttributes attributes = (ServletRequestAttributes)RequestContextHolder.getRequestAttributes();
+        if (attributes != null) {
+            HttpServletRequest request = attributes.getRequest();
+            // 从请求头获取租户ID，假设header名称为"X-Tenant-ID" ; 登录接口前端把租户id放到请求头里
+            String tenantIdHeader = request.getHeader("X-Tenant-ID");
+            if (tenantIdHeader != null && !tenantIdHeader.isEmpty()) {
+                tenantId = Integer.parseInt(tenantIdHeader);
+            }
+        }
+        loginUser.setTenantId(tenantId);
         // -----end-----登录时set租户id,正常应该从请求头获取,这行代码只是测试使用
-
         recordLoginInfo(loginUser.getUserId());
         // 生成token
         return tokenService.createToken(loginUser);