花城-智慧社区
parent: 4e77f586 | 补丁 | 提交 | show whitespace
manailin
2022-06-28 83fb38187601e958c9e557436fb302336f023c1d 
Merge remote-tracking branch 'remotes/origin/master_bug'
1个文件已修改
2个文件已添加
126 ■■■■■ 已修改文件
springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/api/LoginApi.java 49 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史
springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/config/AuthConfig.java 25 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/config/MyAESUtil.java 52 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/api/LoginApi.java


@@ -1,14 +1,8 @@


package com.panzhihua.shop_backstage.api;




import javax.annotation.Resource;




import org.springframework.beans.BeanUtils;


import org.springframework.util.ObjectUtils;


import org.springframework.validation.annotation.Validated;


import org.springframework.web.bind.annotation.*;




import com.alibaba.fastjson.JSONObject;


import com.panzhihua.common.controller.BaseController;


import com.panzhihua.common.exceptions.ServiceException;


import com.panzhihua.common.interfaces.ShopOperLog;


import com.panzhihua.common.model.vos.LoginReturnVO;


import com.panzhihua.common.model.vos.LoginUserInfoVO;


@@ -19,23 +13,34 @@


import com.panzhihua.common.service.auth.TokenService;


import com.panzhihua.common.service.community.CommunityService;


import com.panzhihua.common.service.user.UserService;


import com.panzhihua.shop_backstage.config.MyAESUtil;


import com.panzhihua.shop_backstage.model.vos.LoginBody;




import io.swagger.annotations.Api;


import io.swagger.annotations.ApiOperation;


import lombok.extern.slf4j.Slf4j;


import org.springframework.beans.BeanUtils;


import org.springframework.data.redis.core.RedisTemplate;


import org.springframework.util.ObjectUtils;


import org.springframework.validation.annotation.Validated;


import org.springframework.web.bind.annotation.*;




import javax.annotation.Resource;


import java.time.Duration;




@Slf4j


@RestController


@RequestMapping("/")


@Api(tags = {"登录"})


public class LoginApi extends BaseController {


    private static String LOGIN_FAIL = "LOGIN_FAIL_";


    @Resource


    private TokenService tokenService;


    @Resource


    private UserService userService;


    @Resource


    private CommunityService communityService;


    @Resource


    private RedisTemplate redisTemplate;




    @ApiOperation(value = "商家后台登录", response = LoginReturnVO.class)


    @ShopOperLog(operType = 1)


@@ -49,7 +54,12 @@


            return R.fail("账户密码不能为空");


        }


        log.info("登录用户信息【{}】", loginBody);




        try {


            password = MyAESUtil.Decrypt(password, "Ryo7M3n8loC5Abcd");


        } catch (Exception e) {


            return R.fail("账号或密码错误!");


        }


        boolean flag = redisTemplate.hasKey(LOGIN_FAIL + account);


        try {


            R<ShopStoreVO> storeR = communityService.getUserStoreInfoByAccount(account);


            if (R.isOk(storeR)) {


@@ -57,6 +67,13 @@


                    JSONObject.parseObject(JSONObject.toJSONString(storeR.getData()), ShopStoreVO.class);


                Boolean accountValid = shopStoreVO.getStatus() == 1;


                if (accountValid) {


                    if (flag) {


                        Integer time = (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL + account);


                        if (time >= 5) {


                            redisTemplate.opsForValue().set(LOGIN_FAIL + account, 5, Duration.ofMinutes(5));


                            throw new ServiceException("登录错误超过限制,请五分钟后重试");


                        }


                    }


                    R r = tokenService.loginShopBackStage(account, password);


                    return r;


                } else {


@@ -65,10 +82,22 @@


            }


            return R.fail(storeR.getMsg());


        } catch (Exception e) {


            return R.fail("登陆失败了");


            lockLogin(flag, account);


            return R.fail("账号或密码错误!");


        }


    }






    private void lockLogin(Boolean flag, String userName) {


        if (flag) {


            Integer time = (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL + userName);


            redisTemplate.opsForValue().set(LOGIN_FAIL + userName, time + 1, Duration.ofMinutes(5));


        } else {


            redisTemplate.opsForValue().set(LOGIN_FAIL + userName, 1, Duration.ofMinutes(5));


        }


    }






    @ApiOperation(value = "修改密码")


    @PutMapping("changepassword")


    @ShopOperLog(operType = 2)




 springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/config/AuthConfig.java


New file


@@ -0,0 +1,25 @@


package com.panzhihua.shop_backstage.config;




import lombok.Data;


import org.springframework.boot.context.properties.ConfigurationProperties;


import org.springframework.stereotype.Component;




/**


 * 读取项目相关配置


 * 


 * @author huanghongfa


 */


@Data


@Component


@ConfigurationProperties(prefix = "auth")


public class AuthConfig {


    /** 上传路径 */


    public static String profile;


    /** 获取地址开关 */


    public static boolean addressEnabled;


    /** 项目名称 */


    public String name;


    /** 版本 */


    public String version;




}




 springcloud_k8s_panzhihuazhihuishequ/shop_backstage/src/main/java/com/panzhihua/shop_backstage/config/MyAESUtil.java


New file


@@ -0,0 +1,52 @@


package com.panzhihua.shop_backstage.config;




import sun.misc.BASE64Decoder;


import sun.misc.BASE64Encoder;




import javax.crypto.Cipher;


import javax.crypto.spec.SecretKeySpec;




public class MyAESUtil {




    // 加密


    public static String Encrypt(String sSrc, String sKey) throws Exception {


        if (sKey == null) {


            System.out.print("Key为空null");


            return null;


        }


        // 判断Key是否为16位


        if (sKey.length() != 16) {


            System.out.print("Key长度不是16位");


            return null;


        }


        byte[] raw = sKey.getBytes("utf-8");


        SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");


        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");//"算法/模式/补码方式"


        cipher.init(Cipher.ENCRYPT_MODE, skeySpec);


        byte[] encrypted = cipher.doFinal(sSrc.getBytes("utf-8"));


        return new BASE64Encoder().encode(encrypted);//此处使用BASE64做转码功能,同时能起到2次加密的作用。


    }




    // 解密


    public static String Decrypt(String sSrc, String sKey) throws Exception {


        try {




            byte[] raw = sKey.getBytes("utf-8");


            SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");


            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");


            cipher.init(Cipher.DECRYPT_MODE, skeySpec);


            byte[] encrypted1 = new BASE64Decoder().decodeBuffer(sSrc);//先用base64解密


            try {


                byte[] original = cipher.doFinal(encrypted1);


                String originalString = new String(original,"utf-8");


                return originalString;


            } catch (Exception e) {


                System.out.println(e.toString());


                return null;


            }


        } catch (Exception ex) {


            System.out.println(ex.toString());


            return null;


        }


    }


}