From 4ec767ab9540981afea05e9c1ed3f887435f479c Mon Sep 17 00:00:00 2001
From: fit2cloud-chenyw <yawen.chen@fit2cloud.com>
Date: Mon, 26 Sep 2022 17:38:01 +0800
Subject: [PATCH] =?UTF-8?q?perf(=E4=B8=AA=E4=BA=BA=E4=BF=A1=E6=81=AF):=20?=
 =?UTF-8?q?=E6=89=AB=E7=A0=81=E7=BB=91=E5=AE=9A=E7=AC=AC=E4=B8=89=E6=96=B9?=
 =?UTF-8?q?=E5=B9=B3=E5=8F=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../auth/service/AuthUserService.java         |  4 ++
 .../service/impl/AuthUserServiceImpl.java     | 15 ++++
 .../controller/sys/SysUserController.java     | 47 +++++++++++++
 .../controller/sys/response/AuthBindDTO.java  | 15 ++++
 .../main/java/io/dataease/ext/AuthMapper.java |  4 ++
 .../main/java/io/dataease/ext/AuthMapper.xml  | 29 ++++++++
 .../strategy/impl/EmailTaskHandler.java       | 10 +--
 .../plugins/server/XDingtalkServer.java       | 69 ++++++++++++++++++-
 .../dataease/plugins/server/XLarkServer.java  | 68 +++++++++++++++++-
 .../dataease/plugins/server/XWecomServer.java | 67 +++++++++++++++++-
 frontend/src/lang/en.js                       |  4 +-
 frontend/src/lang/tw.js                       |  4 +-
 frontend/src/lang/zh.js                       |  4 +-
 .../src/views/system/user/privateForm.vue     | 16 ++++-
 14 files changed, 340 insertions(+), 16 deletions(-)
 create mode 100644 backend/src/main/java/io/dataease/controller/sys/response/AuthBindDTO.java

diff --git a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
index 01eb0d0f72..a9df96a6e8 100644
--- a/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
+++ b/backend/src/main/java/io/dataease/auth/service/AuthUserService.java
@@ -19,6 +19,10 @@ public interface AuthUserService {
 
     SysUserEntity getUserBySub(String sub, Integer from);
 
+    SysUserEntity getUserByWecomId(String weComId);
+    SysUserEntity getUserByDingtalkId(String dingtalkId);
+    SysUserEntity getUserByLarkId(String larkId);
+
     List<String> roles(Long userId);
 
     List<String> permissions(Long userId);
diff --git a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
index 949a2465ca..564d7cc2fd 100644
--- a/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/AuthUserServiceImpl.java
@@ -93,6 +93,21 @@ public class AuthUserServiceImpl implements AuthUserService {
         return authMapper.findUserBySub(sub, from);
     }
 
+    @Override
+    public SysUserEntity getUserByWecomId(String weComId) {
+        return authMapper.findWecomUser(weComId);
+    }
+
+    @Override
+    public SysUserEntity getUserByDingtalkId(String dingtalkId) {
+        return authMapper.findDingtalkUser(dingtalkId);
+    }
+
+    @Override
+    public SysUserEntity getUserByLarkId(String larkId) {
+        return authMapper.findLarkUser(larkId);
+    }
+
     @Override
     public List<String> roles(Long userId) {
         return authMapper.roleCodes(userId);
diff --git a/backend/src/main/java/io/dataease/controller/sys/SysUserController.java b/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
index e95563f748..a3074b4366 100644
--- a/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
+++ b/backend/src/main/java/io/dataease/controller/sys/SysUserController.java
@@ -8,8 +8,10 @@ import io.dataease.auth.api.dto.CurrentUserDto;
 import io.dataease.auth.entity.AccountLockStatus;
 import io.dataease.auth.service.AuthUserService;
 import io.dataease.commons.constants.SysLogConstants;
+import io.dataease.commons.exception.DEException;
 import io.dataease.commons.utils.BeanUtils;
 import io.dataease.controller.sys.request.KeyGridRequest;
+import io.dataease.controller.sys.response.AuthBindDTO;
 import io.dataease.exception.DataEaseException;
 import io.dataease.i18n.Translator;
 import io.dataease.plugins.common.base.domain.SysRole;
@@ -32,6 +34,7 @@ import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
 
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.apache.shiro.authz.annotation.RequiresRoles;
@@ -49,6 +52,10 @@ import java.util.stream.Collectors;
 @RequestMapping("/api/user")
 public class SysUserController {
 
+    private static final String WECOM = "wecom";
+    private static final String DINGTALK = "dingtalk";
+    private static final String LARK = "lark";
+
     @Resource
     private SysUserService sysUserService;
 
@@ -232,4 +239,44 @@ public class SysUserController {
         return sysUserService.assistInfo(userId);
     }
 
+    @PostMapping("/bindStatus")
+    public AuthBindDTO bindStatus() {
+        Long userId = AuthUtils.getUser().getUserId();
+        SysUserAssist sysUserAssist = sysUserService.assistInfo(userId);
+        AuthBindDTO dto = new AuthBindDTO();
+        if (ObjectUtils.isEmpty(sysUserAssist)) return dto;
+        if (authUserService.supportWecom() && StringUtils.isNotBlank(sysUserAssist.getWecomId())) {
+            dto.setWecomBinded(true);
+        }
+        if (authUserService.supportDingtalk() && StringUtils.isNotBlank(sysUserAssist.getDingtalkId())) {
+            dto.setDingtalkBinded(true);
+        }
+        if (authUserService.supportLark() && StringUtils.isNotBlank(sysUserAssist.getLarkId())) {
+            dto.setLarkBinded(true);
+        }
+        return dto;
+    }
+
+    @PostMapping("/unbindAssist/{type}")
+    public void unbindAssist(String type) {
+
+        Boolean valid = StringUtils.equals(WECOM, type) || StringUtils.equals(DINGTALK, type) || StringUtils.equals(LARK, type);
+        if (!valid) {
+            DEException.throwException("only [wecom, dingtalk, lark] is valid");
+        }
+        Long userId = AuthUtils.getUser().getUserId();
+        SysUserAssist sysUserAssist = sysUserService.assistInfo(userId);
+        if (StringUtils.equals(WECOM, type)) {
+            sysUserAssist.setWecomId(null);
+        }
+        if (StringUtils.equals(DINGTALK, type)) {
+            sysUserAssist.setDingtalkId(null);
+        }
+        if (StringUtils.equals(LARK, type)) {
+            sysUserAssist.setLarkId(null);
+        }
+        sysUserService.saveAssist(userId, sysUserAssist.getWecomId(), sysUserAssist.getDingtalkId(), sysUserAssist.getLarkId());
+
+    }
+
 }
diff --git a/backend/src/main/java/io/dataease/controller/sys/response/AuthBindDTO.java b/backend/src/main/java/io/dataease/controller/sys/response/AuthBindDTO.java
new file mode 100644
index 0000000000..0394961fe3
--- /dev/null
+++ b/backend/src/main/java/io/dataease/controller/sys/response/AuthBindDTO.java
@@ -0,0 +1,15 @@
+package io.dataease.controller.sys.response;
+
+import lombok.Data;
+
+import java.io.Serializable;
+
+@Data
+public class AuthBindDTO implements Serializable {
+
+    private Boolean wecomBinded = false;
+
+    private Boolean dingtalkBinded = false;
+
+    private Boolean larkBinded = false;
+}
diff --git a/backend/src/main/java/io/dataease/ext/AuthMapper.java b/backend/src/main/java/io/dataease/ext/AuthMapper.java
index 32dfeb0c96..763d41f414 100644
--- a/backend/src/main/java/io/dataease/ext/AuthMapper.java
+++ b/backend/src/main/java/io/dataease/ext/AuthMapper.java
@@ -34,4 +34,8 @@ public interface AuthMapper {
 
     List<CurrentRoleDto> roles(@Param("userId") Long userId);
 
+    SysUserEntity findWecomUser(@Param("wecomId") String wecomId);
+    SysUserEntity findDingtalkUser(@Param("dingtalkId") String dingtalkId);
+    SysUserEntity findLarkUser(@Param("larkId") String larkId);
+
 }
diff --git a/backend/src/main/java/io/dataease/ext/AuthMapper.xml b/backend/src/main/java/io/dataease/ext/AuthMapper.xml
index c36c0a7e4c..2d897cfd1a 100644
--- a/backend/src/main/java/io/dataease/ext/AuthMapper.xml
+++ b/backend/src/main/java/io/dataease/ext/AuthMapper.xml
@@ -107,5 +107,34 @@
 			plugin_sys_menu
     </select>
 
+    <select id="findWecomUser" resultMap="baseMap">
+        select
+            user_id, username,nick_name, dept_id, password, enabled,email, phone, language ,is_admin, `from`
+        from
+            sys_user_assist a
+        left join
+            sys_user u on u.user_id = a.user_id
+        where a.wecom_id = #{wecomId}
+    </select>
+
+    <select id="findDingtalkUser" resultMap="baseMap">
+        select
+            user_id, username,nick_name, dept_id, password, enabled,email, phone, language ,is_admin, `from`
+        from
+            sys_user_assist a
+            left join
+            sys_user u on u.user_id = a.user_id
+        where a.dingtalk_id = #{dingtalkId}
+    </select>
+
+    <select id="findLarkUser" resultMap="baseMap">
+        select
+            user_id, username,nick_name, dept_id, password, enabled,email, phone, language ,is_admin, `from`
+        from
+            sys_user_assist a
+            left join
+            sys_user u on u.user_id = a.user_id
+        where a.lark_id = #{larkId}
+    </select>
 
 </mapper>
diff --git a/backend/src/main/java/io/dataease/job/sechedule/strategy/impl/EmailTaskHandler.java b/backend/src/main/java/io/dataease/job/sechedule/strategy/impl/EmailTaskHandler.java
index ce61fc0395..0b7560cff0 100644
--- a/backend/src/main/java/io/dataease/job/sechedule/strategy/impl/EmailTaskHandler.java
+++ b/backend/src/main/java/io/dataease/job/sechedule/strategy/impl/EmailTaskHandler.java
@@ -227,11 +227,11 @@ public class EmailTaskHandler extends TaskHandler implements Job {
                             List<String> wecomUsers = new ArrayList<>();
                             for (int j = 0; j < reciLists.size(); j++) {
                                 String reci = reciLists.get(j);
-                                SysUserEntity userBySub = userService.getUserBySub(reci, 4);
+                                SysUserEntity userBySub = userService.getUserByName(reci);
                                 if (ObjectUtils.isEmpty(userBySub)) continue;
                                 Long userId = userBySub.getUserId();
                                 SysUserAssist sysUserAssist = sysUserService.assistInfo(userId);
-                                if (ObjectUtils.isEmpty(sysUserAssist) || StringUtils.isBlank(sysUserAssist.getLarkId()))
+                                if (ObjectUtils.isEmpty(sysUserAssist) || StringUtils.isBlank(sysUserAssist.getWecomId()))
                                     continue;
                                 wecomUsers.add(sysUserAssist.getLarkId());
                             }
@@ -251,11 +251,11 @@ public class EmailTaskHandler extends TaskHandler implements Job {
                             List<String> dingTalkUsers = new ArrayList<>();
                             for (int j = 0; j < reciLists.size(); j++) {
                                 String reci = reciLists.get(j);
-                                SysUserEntity userBySub = userService.getUserBySub(reci, 5);
+                                SysUserEntity userBySub = userService.getUserByName(reci);
                                 if (ObjectUtils.isEmpty(userBySub)) continue;
                                 Long userId = userBySub.getUserId();
                                 SysUserAssist sysUserAssist = sysUserService.assistInfo(userId);
-                                if (ObjectUtils.isEmpty(sysUserAssist) || StringUtils.isBlank(sysUserAssist.getLarkId()))
+                                if (ObjectUtils.isEmpty(sysUserAssist) || StringUtils.isBlank(sysUserAssist.getDingtalkId()))
                                     continue;
                                 dingTalkUsers.add(sysUserAssist.getLarkId());
                             }
@@ -275,7 +275,7 @@ public class EmailTaskHandler extends TaskHandler implements Job {
                             List<String> larkUsers = new ArrayList<>();
                             for (int j = 0; j < reciLists.size(); j++) {
                                 String reci = reciLists.get(j);
-                                SysUserEntity userBySub = userService.getUserBySub(reci, 6);
+                                SysUserEntity userBySub = userService.getUserByName(reci);
                                 if (ObjectUtils.isEmpty(userBySub)) continue;
                                 Long userId = userBySub.getUserId();
                                 SysUserAssist sysUserAssist = sysUserService.assistInfo(userId);
diff --git a/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java b/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java
index fa187f5ed2..b222deb611 100644
--- a/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java
+++ b/backend/src/main/java/io/dataease/plugins/server/XDingtalkServer.java
@@ -9,6 +9,7 @@ import io.dataease.commons.exception.DEException;
 import io.dataease.commons.utils.DeLogUtils;
 import io.dataease.commons.utils.LogUtil;
 import io.dataease.commons.utils.ServletUtils;
+import io.dataease.plugins.common.base.domain.SysUserAssist;
 import io.dataease.plugins.config.SpringContextUtil;
 import io.dataease.plugins.xpack.dingtalk.dto.response.DingQrResult;
 import io.dataease.plugins.xpack.dingtalk.dto.response.DingUserEntity;
@@ -17,6 +18,7 @@ import io.dataease.plugins.xpack.dingtalk.service.DingtalkXpackService;
 import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
 
 import io.dataease.service.sys.SysUserService;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.stereotype.Controller;
@@ -27,6 +29,7 @@ import springfox.documentation.annotations.ApiIgnore;
 import javax.annotation.Resource;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.util.List;
@@ -93,12 +96,12 @@ public class XDingtalkServer {
             DingUserEntity dingUserEntity = dingtalkXpackService.userInfo(code);
             String username = dingUserEntity.getUserid();
             String unionid = dingUserEntity.getUnionid();
-            SysUserEntity sysUserEntity = authUserService.getUserBySub(unionid, 5);
+            SysUserEntity sysUserEntity = authUserService.getUserByDingtalkId(unionid);
             if (null == sysUserEntity) {
                 String email = StringUtils.isNotBlank(dingUserEntity.getOrg_email()) ? dingUserEntity.getOrg_email() : StringUtils.isNotBlank(dingUserEntity.getEmail()) ? dingUserEntity.getEmail() : (username + "@dingtalk.work");
                 sysUserService.validateExistUser(username, dingUserEntity.getName(), email);
                 sysUserService.saveDingtalkCUser(dingUserEntity, email);
-                sysUserEntity = authUserService.getUserBySub(unionid, 5);
+                sysUserEntity = authUserService.getUserByDingtalkId(unionid);
             }
             TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
             String realPwd = sysUserEntity.getPassword();
@@ -130,4 +133,66 @@ public class XDingtalkServer {
         }
         return modelAndView;
     }
+
+    private void bindError(HttpServletResponse response, String url, String errorMsg) {
+        Cookie cookie_error = new Cookie("DingtalkError", errorMsg);
+        cookie_error.setPath("/");
+        response.addCookie(cookie_error);
+        try {
+            response.sendRedirect(url);
+        } catch (IOException e) {
+            LogUtil.error(e.getMessage(), e);
+            DEException.throwException(e);
+        }
+    }
+
+    @GetMapping("/bind")
+    public void bind(@RequestParam("code") String code, @RequestParam("state") String state) {
+
+        HttpServletResponse response = ServletUtils.response();
+        String url = "/#person-info/index/";
+
+
+        DingtalkXpackService dingtalkXpackService = null;
+        try {
+
+            SysUserEntity userEntity = authUserService.getUserById(Long.parseLong(state));
+            if (ObjectUtils.isEmpty(userEntity)) {
+                bindError(response, url, "绑定用户不存在");
+            }
+            SysUserAssist sysUserAssist = sysUserService.assistInfo(Long.parseLong(state));
+            if (ObjectUtils.isNotEmpty(sysUserAssist) && StringUtils.isNotBlank(sysUserAssist.getWecomId())) {
+                bindError(response, url, "目标用户已绑定其他钉钉账号");
+            }
+            Boolean isOpen = authUserService.supportDingtalk();
+            if (!isOpen) {
+                DEException.throwException("未开启钉钉");
+            }
+            dingtalkXpackService = SpringContextUtil.getBean(DingtalkXpackService.class);
+            DingUserEntity dingUserEntity = dingtalkXpackService.userInfo(code);
+
+            String userId = dingUserEntity.getUserid();
+
+
+            SysUserEntity sysUserEntity = authUserService.getUserByDingtalkId(userId);
+            if (null != sysUserEntity) {
+                bindError(response, url, "当前钉钉账号已绑定其他DE用户");
+            }
+
+            response.sendRedirect(url);
+        } catch (Exception e) {
+
+            String msg = e.getMessage();
+            if (null != e.getCause()) {
+                msg = e.getCause().getMessage();
+            }
+            try {
+                msg = URLEncoder.encode(msg, "UTF-8");
+                LogUtil.error(e);
+                bindError(response, url, msg);
+            } catch (UnsupportedEncodingException e1) {
+                e.printStackTrace();
+            }
+        }
+    }
 }
diff --git a/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java b/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java
index 5021f746c4..89d203ef05 100644
--- a/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java
+++ b/backend/src/main/java/io/dataease/plugins/server/XLarkServer.java
@@ -9,6 +9,7 @@ import io.dataease.commons.exception.DEException;
 import io.dataease.commons.utils.DeLogUtils;
 import io.dataease.commons.utils.LogUtil;
 import io.dataease.commons.utils.ServletUtils;
+import io.dataease.plugins.common.base.domain.SysUserAssist;
 import io.dataease.plugins.config.SpringContextUtil;
 
 import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
@@ -17,6 +18,7 @@ import io.dataease.plugins.xpack.lark.dto.entity.LarkUserInfo;
 import io.dataease.plugins.xpack.lark.dto.response.LarkInfo;
 import io.dataease.plugins.xpack.lark.service.LarkXpackService;
 import io.dataease.service.sys.SysUserService;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.stereotype.Controller;
@@ -27,6 +29,7 @@ import springfox.documentation.annotations.ApiIgnore;
 import javax.annotation.Resource;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.util.List;
@@ -94,12 +97,12 @@ public class XLarkServer {
             LarkUserInfo larkUserInfo = larkXpackService.userInfo(code, state);
             String username = larkUserInfo.getUser_id();
             String sub = larkUserInfo.getSub();
-            SysUserEntity sysUserEntity = authUserService.getUserBySub(sub, 6);
+            SysUserEntity sysUserEntity = authUserService.getUserByLarkId(sub);
             if (null == sysUserEntity) {
                 String email = StringUtils.isNotBlank(larkUserInfo.getEmail()) ? larkUserInfo.getEmail() : (username + "@lark.work");
                 sysUserService.validateExistUser(username, larkUserInfo.getName(), email);
                 sysUserService.saveLarkCUser(larkUserInfo, email);
-                sysUserEntity = authUserService.getUserBySub(sub, 6);
+                sysUserEntity = authUserService.getUserByLarkId(sub);
             }
             TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
             String realPwd = sysUserEntity.getPassword();
@@ -131,4 +134,65 @@ public class XLarkServer {
         }
         return modelAndView;
     }
+
+    private void bindError(HttpServletResponse response, String url, String errorMsg) {
+        Cookie cookie_error = new Cookie("LarkError", errorMsg);
+        cookie_error.setPath("/");
+        response.addCookie(cookie_error);
+        try {
+            response.sendRedirect(url);
+        } catch (IOException e) {
+            LogUtil.error(e.getMessage(), e);
+            DEException.throwException(e);
+        }
+    }
+
+    @GetMapping("/bind")
+    public void bind(@RequestParam("code") String code, @RequestParam("state") String state) {
+
+        HttpServletResponse response = ServletUtils.response();
+        String url = "/#person-info/index/";
+
+        LarkXpackService larkXpackService = null;
+        try {
+            SysUserEntity userEntity = authUserService.getUserById(Long.parseLong(state));
+            if (ObjectUtils.isEmpty(userEntity)) {
+                bindError(response, url, "绑定用户不存在");
+            }
+            SysUserAssist sysUserAssist = sysUserService.assistInfo(Long.parseLong(state));
+            if (ObjectUtils.isNotEmpty(sysUserAssist) && StringUtils.isNotBlank(sysUserAssist.getWecomId())) {
+                bindError(response, url, "目标用户已绑定其他飞书账号");
+            }
+
+            Boolean isOpen = authUserService.supportLark();
+            if (!isOpen) {
+                DEException.throwException("未开启飞书");
+            }
+            larkXpackService = SpringContextUtil.getBean(LarkXpackService.class);
+            LarkUserInfo larkUserInfo = larkXpackService.userInfo(code, state);
+            String userId = larkUserInfo.getUser_id();
+
+
+            SysUserEntity sysUserEntity = authUserService.getUserByLarkId(userId);
+            if (null != sysUserEntity) {
+                bindError(response, url, "当前飞书账号已绑定其他DE用户");
+            }
+
+
+            response.sendRedirect(url);
+        } catch (Exception e) {
+
+            String msg = e.getMessage();
+            if (null != e.getCause()) {
+                msg = e.getCause().getMessage();
+            }
+            try {
+                msg = URLEncoder.encode(msg, "UTF-8");
+                LogUtil.error(e);
+                bindError(response, url, msg);
+            } catch (UnsupportedEncodingException e1) {
+                e.printStackTrace();
+            }
+        }
+    }
 }
diff --git a/backend/src/main/java/io/dataease/plugins/server/XWecomServer.java b/backend/src/main/java/io/dataease/plugins/server/XWecomServer.java
index 98e6ad8ce2..5ed48b1e86 100644
--- a/backend/src/main/java/io/dataease/plugins/server/XWecomServer.java
+++ b/backend/src/main/java/io/dataease/plugins/server/XWecomServer.java
@@ -10,6 +10,7 @@ import io.dataease.commons.exception.DEException;
 import io.dataease.commons.utils.DeLogUtils;
 import io.dataease.commons.utils.LogUtil;
 import io.dataease.commons.utils.ServletUtils;
+import io.dataease.plugins.common.base.domain.SysUserAssist;
 import io.dataease.plugins.config.SpringContextUtil;
 import io.dataease.plugins.xpack.display.dto.response.SysSettingDto;
 
@@ -19,6 +20,7 @@ import io.dataease.plugins.xpack.wecom.dto.response.WecomInfo;
 import io.dataease.plugins.xpack.wecom.service.WecomXpackService;
 import io.dataease.service.sys.SysUserService;
 import org.apache.commons.lang3.ObjectUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authz.annotation.RequiresPermissions;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
@@ -28,6 +30,7 @@ import springfox.documentation.annotations.ApiIgnore;
 import javax.annotation.Resource;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
 import java.util.List;
@@ -96,13 +99,13 @@ public class XWecomServer {
             String userId = authResult.getUserId();
             Map<String, Object> userMap = wecomXpackService.userInfo(userId);
 
-            SysUserEntity sysUserEntity = authUserService.getUserBySub(userId, 4);
+            SysUserEntity sysUserEntity = authUserService.getUserByWecomId(userId);
             if (null == sysUserEntity) {
                 Object emailObj = ObjectUtils.isEmpty(userMap.get("biz_mail")) ? userMap.get("email") : userMap.get("biz_mail");
                 String email = ObjectUtils.isEmpty(emailObj) ? (userId + "@wecom.work") : emailObj.toString();
                 sysUserService.validateExistUser(userId, userMap.get("name").toString(), email);
                 sysUserService.saveWecomCUser(userMap, userId, email);
-                sysUserEntity = authUserService.getUserBySub(userId, 4);
+                sysUserEntity = authUserService.getUserByWecomId(userId);
             }
             TokenInfo tokenInfo = TokenInfo.builder().userId(sysUserEntity.getUserId()).username(sysUserEntity.getUsername()).build();
             String realPwd = sysUserEntity.getPassword();
@@ -137,4 +140,64 @@ public class XWecomServer {
         }
         return modelAndView;
     }
+
+    private void bindError(HttpServletResponse response, String url, String errorMsg) {
+        Cookie cookie_error = new Cookie("WecomError", errorMsg);
+        cookie_error.setPath("/");
+        response.addCookie(cookie_error);
+        try {
+            response.sendRedirect(url);
+        } catch (IOException e) {
+            LogUtil.error(e.getMessage(), e);
+            DEException.throwException(e);
+        }
+    }
+
+
+    @GetMapping("/bind")
+    public void bind(@RequestParam("code") String code, @RequestParam("state") String state) {
+        String url = "/#person-info/index/";
+        HttpServletResponse response = ServletUtils.response();
+
+        WecomXpackService wecomXpackService = null;
+        try {
+
+            SysUserEntity userEntity = authUserService.getUserById(Long.parseLong(state));
+            if (ObjectUtils.isEmpty(userEntity)) {
+                bindError(response, url, "绑定用户不存在");
+            }
+            SysUserAssist sysUserAssist = sysUserService.assistInfo(Long.parseLong(state));
+            if (ObjectUtils.isNotEmpty(sysUserAssist) && StringUtils.isNotBlank(sysUserAssist.getWecomId())) {
+                bindError(response, url, "目标用户已绑定其他企业微信账号");
+            }
+
+            Boolean supportWecom = authUserService.supportWecom();
+            if (!supportWecom) {
+                DEException.throwException("未开启企业微信");
+            }
+            wecomXpackService = SpringContextUtil.getBean(WecomXpackService.class);
+            WecomAuthResult authResult = wecomXpackService.auth(code);
+            String userId = authResult.getUserId();
+
+
+            SysUserEntity sysUserEntity = authUserService.getUserByWecomId(userId);
+            if (null != sysUserEntity) {
+                bindError(response, url, "当前企业微信账号已绑定其他DE用户");
+            }
+            response.sendRedirect(url);
+        } catch (Exception e) {
+
+            String msg = e.getMessage();
+            if (null != e.getCause()) {
+                msg = e.getCause().getMessage();
+            }
+            try {
+                msg = URLEncoder.encode(msg, "UTF-8");
+                LogUtil.error(e);
+                bindError(response, url, msg);
+            } catch (UnsupportedEncodingException e1) {
+                e.printStackTrace();
+            }
+        }
+    }
 }
diff --git a/frontend/src/lang/en.js b/frontend/src/lang/en.js
index 80961fc28f..9322fbb333 100644
--- a/frontend/src/lang/en.js
+++ b/frontend/src/lang/en.js
@@ -131,7 +131,9 @@ export default {
     default_login: 'Normal'
   },
   commons: {
-
+    operate_cancelled: 'Operation cancelled',
+    bind: 'Bind',
+    unbind: 'Unbind',
     unlock: 'Unlock',
     unlock_success: 'Unlock success',
 
diff --git a/frontend/src/lang/tw.js b/frontend/src/lang/tw.js
index 9eaefd1367..9f5dd7d030 100644
--- a/frontend/src/lang/tw.js
+++ b/frontend/src/lang/tw.js
@@ -131,7 +131,9 @@ export default {
     default_login: '普通登錄'
   },
   commons: {
-
+    operate_cancelled: '已取消操作',
+    bind: '綁定',
+    unbind: '解綁',
     unlock: '解鎖',
     unlock_success: '解鎖成功',
 
diff --git a/frontend/src/lang/zh.js b/frontend/src/lang/zh.js
index 0cf66591bf..1ed7d4c3e4 100644
--- a/frontend/src/lang/zh.js
+++ b/frontend/src/lang/zh.js
@@ -131,7 +131,9 @@ export default {
     default_login: '普通登录'
   },
   commons: {
-
+    operate_cancelled: '已取消操作',
+    bind: '绑定',
+    unbind: '解绑',
     unlock: '解锁',
     unlock_success: '解锁成功',
     uninstall: '卸载',
diff --git a/frontend/src/views/system/user/privateForm.vue b/frontend/src/views/system/user/privateForm.vue
index 6c6f732b4e..06a3a8479b 100644
--- a/frontend/src/views/system/user/privateForm.vue
+++ b/frontend/src/views/system/user/privateForm.vue
@@ -56,6 +56,9 @@
               />
             </el-select>
           </el-form-item>
+
+          <plugin-com v-if="isPluginLoaded" ref="AuthenticationBind" :form-type="formType" component-name="AuthenticationBind" />
+
           <!--提供修改个人电话，邮箱和昵称的功能-->
           <el-form-item v-if="formType!=='modify'">
             <el-button @click="formType = 'modify'">修改个人信息</el-button>
@@ -86,9 +89,11 @@ import { LOAD_CHILDREN_OPTIONS, LOAD_ROOT_OPTIONS } from '@riophae/vue-treeselec
 import { getDeptTree, treeByDeptId } from '@/api/system/dept'
 import { allRoles } from '@/api/system/user'
 import { updatePerson, personInfo } from '@/api/system/user'
+import { pluginLoaded } from '@/api/user'
+import PluginCom from '@/views/system/plugin/PluginCom'
 export default {
 
-  components: { LayoutContent, Treeselect },
+  components: { LayoutContent, Treeselect, PluginCom },
   data() {
     return {
       form: {
@@ -158,7 +163,8 @@ export default {
       roles: [],
       roleDatas: [],
       userRoles: [],
-      formType: 'add'
+      formType: 'add',
+      isPluginLoaded: false
     }
   },
   mounted() {
@@ -171,6 +177,12 @@ export default {
     this.queryPerson()
     this.initRoles()
   },
+  beforeCreate() {
+    pluginLoaded().then(res => {
+      this.isPluginLoaded = res.success && res.data
+    }).catch(() => {
+    })
+  },
   methods: {
 
     queryPerson() {