app，增加使用蚁群appToken登录接口

tz-module-system/tz-module-system-api/src/main/java/cn/start/tz/module/system/enums/logger/LoginLogTypeEnum.java

@@ -14,6 +14,7 @@ public enum LoginLogTypeEnum {
     LOGIN_SOCIAL(101), // 使用社交登录
     LOGIN_MOBILE(103), // 使用手机登陆
     LOGIN_SMS(104), // 使用短信登陆
+    LOGIN_YIQUNAPP(105), // 使用蚁群app的token登录
 
 
     LOGIN_THIRD_PARTY(120), // 第三方登录

tz-module-system/tz-module-system-biz/src/main/java/cn/start/tz/module/system/controller/appapi/auth/AuthAppApiController.java

@@ -11,6 +11,7 @@ import cn.start.tz.module.pressure.api.deptgroupteammember.dto.DeptGroupTeamMemb
 import cn.start.tz.module.system.controller.admin.auth.vo.*;
 import cn.start.tz.module.system.controller.admin.user.vo.user.UserRespVO;
 import cn.start.tz.module.system.controller.admin.userqualifications.vo.UserQualificationsSaveReqVO;
+import cn.start.tz.module.system.controller.appapi.auth.vo.AuthAppTokenLoginReqVO;
 import cn.start.tz.module.system.convert.auth.AuthConvert;
 import cn.start.tz.module.system.convert.user.UserConvert;
 import cn.start.tz.module.system.dal.dataobject.dept.DeptDO;
@@ -34,7 +35,6 @@ import jakarta.annotation.security.PermitAll;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.validation.Valid;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
@@ -85,6 +85,13 @@ public class AuthAppApiController {
         return success(authService.appLogin(reqVO));
     }
 
+    @PostMapping("/loginByAppToken")
+    @PermitAll
+    @Operation(summary = "使用appToken登录")
+    public CommonResult<AuthLoginRespVO> loginByAppToken(@RequestBody @Valid AuthAppTokenLoginReqVO reqVO) {
+        return success(authService.loginByAppToken(reqVO));
+    }
+
     @PostMapping("/logout")
     @PermitAll
     @Operation(summary = "登出系统")

tz-module-system/tz-module-system-biz/src/main/java/cn/start/tz/module/system/controller/appapi/auth/vo/AuthAppTokenLoginReqVO.java

@@ -0,0 +1,11 @@
+package cn.start.tz.module.system.controller.appapi.auth.vo;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class AuthAppTokenLoginReqVO {
+
+    private String appToken;
+}

tz-module-system/tz-module-system-biz/src/main/java/cn/start/tz/module/system/controller/appapi/auth/vo/AuthYiqunUserDTO.java

@@ -0,0 +1,50 @@
+package cn.start.tz.module.system.controller.appapi.auth.vo;
+
+import lombok.Getter;
+import lombok.Setter;
+
+@Getter
+@Setter
+public class AuthYiqunUserDTO {
+
+    /**
+     * 用户id
+     * */
+    private String id;
+
+    /**
+     * 用户账号
+     * */
+    private String username;
+
+    /**
+     * 用户工号
+     * */
+    private String employeeNo;
+
+    /**
+     * 用户昵称
+     * */
+    private String nickname;
+
+    /**
+     * 部门ID
+     * */
+    private String deptId;
+
+    /**
+     * 用户邮箱
+     * */
+    private String email;
+
+    /**
+     * 手机号码
+     * */
+    private String mobile;
+
+    /**
+     * 用户性别
+     * */
+    private Integer sex;
+
+}

tz-module-system/tz-module-system-biz/src/main/java/cn/start/tz/module/system/service/auth/AdminAuthService.java

@@ -2,6 +2,7 @@ package cn.start.tz.module.system.service.auth;
 
 import cn.start.tz.framework.common.enums.UserTypeEnum;
 import cn.start.tz.module.system.controller.admin.auth.vo.*;
+import cn.start.tz.module.system.controller.appapi.auth.vo.AuthAppTokenLoginReqVO;
 import cn.start.tz.module.system.dal.dataobject.user.AdminUserDO;
 import cn.start.tz.module.system.enums.logger.LoginLogTypeEnum;
 import jakarta.servlet.http.HttpServletRequest;
@@ -116,4 +117,6 @@ public interface AdminAuthService {
 
     AuthLoginRespVO accessToken(@Valid AccessTokenReqVO reqVO);
     AuthLoginRespVO createTokenAfterLoginSuccess(String userId, String username, LoginLogTypeEnum logType);
+
+    AuthLoginRespVO loginByAppToken(@Valid AuthAppTokenLoginReqVO reqVO);
 }

tz-module-system/tz-module-system-biz/src/main/java/cn/start/tz/module/system/service/auth/AdminAuthServiceImpl.java

@@ -16,6 +16,8 @@ import cn.start.tz.module.system.api.social.dto.SocialUserRespDTO;
 import cn.start.tz.module.system.controller.admin.auth.vo.*;
 import cn.start.tz.module.system.controller.admin.clientunit.vo.UnitContactRespVO;
 import cn.start.tz.module.system.controller.admin.supervisionunitaccount.vo.SupervisionUnitAccountRespVO;
+import cn.start.tz.module.system.controller.appapi.auth.vo.AuthAppTokenLoginReqVO;
+import cn.start.tz.module.system.controller.appapi.auth.vo.AuthYiqunUserDTO;
 import cn.start.tz.module.system.convert.auth.AuthConvert;
 import cn.start.tz.module.system.dal.dataobject.clientunit.ClientUnitDO;
 import cn.start.tz.module.system.dal.dataobject.oauth2.OAuth2AccessTokenDO;
@@ -38,6 +40,7 @@ import cn.start.tz.module.system.service.supervisionunitaccount.SupervisionUnitA
 import cn.start.tz.module.system.service.user.AdminUserService;
 import com.alibaba.cloud.commons.lang.StringUtils;
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.annotations.VisibleForTesting;
 import com.xingyuv.captcha.model.common.ResponseModel;
@@ -50,8 +53,13 @@ import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
 import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.http.HttpEntity;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.client.RestTemplate;
 
 import java.util.Objects;
 import java.util.concurrent.TimeUnit;
@@ -112,6 +120,9 @@ public class AdminAuthServiceImpl implements AdminAuthService {
 
     @Resource
     private StringRedisTemplate stringRedisTemplate;
+
+    @Resource
+    private RestTemplate restTemplate;
     /**
      * 验证码的开关，默认为 true
      */
@@ -340,6 +351,46 @@ public class AdminAuthServiceImpl implements AdminAuthService {
         return respVO;
     }
 
+    @Override
+    public AuthLoginRespVO loginByAppToken(AuthAppTokenLoginReqVO reqVO) {
+        HttpHeaders httpHeaders = new HttpHeaders();
+        httpHeaders.add("Authorization", "Bearer " + reqVO.getAppToken());
+        httpHeaders.add("Content-Type", "application/json");
+
+        HttpEntity<Object> req = new HttpEntity<>(null, httpHeaders);
+        String baseUrl = "https://cloud-admin-uat.gzsei.com";
+        // 使用 token 交换用户信息
+        ResponseEntity<String> yiqunResp = restTemplate.postForEntity(baseUrl + "/external-api/system/auth/app-auth", req, String.class);
+        AuthYiqunUserDTO user = null;
+        if (!yiqunResp.getStatusCode().equals(HttpStatus.OK)) {
+            log.warn("[authenticate] APPToken 无效");
+        } else {
+            String json = yiqunResp.getBody();
+            try {
+                JsonNode jsonNode = objectMapper.readTree(json);
+                user = objectMapper.convertValue(jsonNode.get("data"), AuthYiqunUserDTO.class);
+            } catch (JsonProcessingException e) {
+                throw new RuntimeException(e);
+            }
+        }
+
+        if (user == null) {
+            log.warn("[authenticate] APPToken 无效");
+            createLoginLog(user.getId(), user.getUsername(), LoginLogTypeEnum.LOGIN_YIQUNAPP, LoginResultEnum.BAD_CREDENTIALS);
+            throw exception(AUTH_LOGIN_BAD_CREDENTIALS);
+        }
+
+
+//        log.info("[authenticate] 用户认证开始, appToken={}", reqVO.getAppToken());
+//        AuthYiqunUserDTO user = new AuthYiqunUserDTO();
+//        user.setId("598e72abeed14ceeba13c4dfcd036326");
+//        user.setNickname("chenya1");
+
+        log.info("[authenticate] 用户认证通过, userId={}", user.getId());
+        // 创建 Token 令牌，记录登录日志
+        return createTokenAfterLoginSuccessApp(user.getId(), user.getUsername(), LoginLogTypeEnum.LOGIN_USERNAME);
+    }
+
     @Override
     public AuthLoginRespVO createTokenAfterLoginSuccessApp(String userId, String username, LoginLogTypeEnum logType) {
         // 插入登陆日志