From b01f752252eaadd1fa31eda6a9ad43146660b721 Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期四, 03 四月 2025 23:42:57 +0800
Subject: [PATCH] bug修改
---
xinquan-auth/src/main/java/com/xinquan/auth/service/SysLoginService.java | 195 ++++++++++++++++++++++++++++++++----------------
1 files changed, 131 insertions(+), 64 deletions(-)
diff --git a/xinquan-auth/src/main/java/com/xinquan/auth/service/SysLoginService.java b/xinquan-auth/src/main/java/com/xinquan/auth/service/SysLoginService.java
index 36d0fc3..5ade740 100644
--- a/xinquan-auth/src/main/java/com/xinquan/auth/service/SysLoginService.java
+++ b/xinquan-auth/src/main/java/com/xinquan/auth/service/SysLoginService.java
@@ -6,6 +6,7 @@
import com.xinquan.auth.form.AppLoginBody;
import com.xinquan.auth.form.AppRegisterBody;
import com.xinquan.auth.form.VerifyResultVO;
+import com.xinquan.auth.util.HWSendSms;
import com.xinquan.auth.util.HuaWeiSMSUtil;
import com.xinquan.common.core.constant.CacheConstants;
import com.xinquan.common.core.constant.Constants;
@@ -24,23 +25,21 @@
import com.xinquan.system.api.domain.SysUser;
import com.xinquan.system.api.feignClient.SysUserClient;
import com.xinquan.system.api.model.AppCaptchaBody;
+import com.xinquan.system.api.model.AppLoginUser;
import com.xinquan.system.api.model.AppVerifyCellPhoneBody;
import com.xinquan.system.api.model.AppWXLoginBody;
-import com.xinquan.system.api.model.AppleLoginUser;
import com.xinquan.system.api.model.LoginUser;
-import com.xinquan.system.api.model.WXLoginUser;
-import com.xinquan.user.api.domain.AppUser;
+import com.xinquan.system.api.domain.AppUser;
import com.xinquan.user.api.domain.dto.AppUserDTO;
import com.xinquan.user.api.feign.RemoteAppUserService;
import java.math.BigDecimal;
import java.time.LocalDateTime;
import java.util.Objects;
import java.util.concurrent.TimeUnit;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
/**
* 登录校验方法
@@ -116,6 +115,9 @@
LoginUser userInfo = userResult.getData();
SysUser user = userResult.getData().getSysUser();
+ if (user.getStatus().equals("1")){
+ throw new ServiceException("对不起,您的账号:" + username + " 已被冻结,请联系管理员");
+ }
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
{
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
@@ -170,10 +172,15 @@
}
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
}
+
+ public static void main(String[] args) {
+ String s = SecurityUtils.encryptPassword("E10ADC3949BA59ABBE56E057F20F883E");
+ System.out.println(s);
+ }
/**
* 注册
*/
- public void appRegister(AppRegisterBody appRegisterBody)
+ public AppLoginUser appRegister(AppRegisterBody appRegisterBody)
{
String cellPhone = appRegisterBody.getCellPhone();
String password = appRegisterBody.getPassword();
@@ -184,23 +191,18 @@
throw new ServiceException("验证码错误");
}
//调用远程服务查询用户信息
- AppUser appUser = remoteAppUserService.getUserByCondition(
+ AppUser appUser = remoteAppUserService.getUserByCondition1(
AppUserDTO.builder().cellPhone(cellPhone).build(),
SecurityConstants.INNER).getData();
if (Objects.nonNull(appUser))
{
throw new ServiceException("该手机号已注册");
}
-
- if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
- || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
- {
- throw new ServiceException("密码长度必须在5到20个字符之间");
- }
String nickname = "用户" + IdUtil.fastSimpleUUID().substring(0, 6);
// 注册用户信息
SysUser sysUser = new SysUser();
sysUser.setUserName(cellPhone);
+ sysUser.setUserType("01");
sysUser.setNickName(nickname);
sysUser.setPassword(SecurityUtils.encryptPassword(password));
R<SysUser> registerResult = remoteUserService.registerAppUserInfo(sysUser, SecurityConstants.INNER);
@@ -209,19 +211,33 @@
{
throw new ServiceException(registerResult.getMsg());
}
+ sysUser = registerResult.getData();
recordLogService.recordLogininfor(cellPhone, Constants.REGISTER, "注册成功");
//TODO 默认头像待完善
AppUserDTO appUserDTO = AppUserDTO.builder().userId(sysUser.getUserId()).cellPhone(cellPhone)
- .avatar("qwer").nickname(
- nickname).userStatus(1).sanskritFlag(2).balance(BigDecimal.ZERO)
+ .avatar("https://xqgwzh.obs.cn-south-1.myhuaweicloud.com/Logo%E7%A1%AE%E8%AE%A4%E7%89%88%281%29.jpg").nickname(
+ nickname).userStatus(1).sanskritFlag(2).balance(BigDecimal.ZERO).inviteUserId(appRegisterBody.getInviteUserId())
.income(BigDecimal.ZERO).totalEnergyValue(0).registerTime(
LocalDateTime.now()).levelSettingId(1).build();
- Boolean result = remoteAppUserService.registerAppUser(appUserDTO, SecurityConstants.INNER)
- .getData();
- if (!result) {
- throw new ServiceException("注册失败");
+ if (appRegisterBody.getInviteUserId()!=null){
+ appUserDTO.setInviteUserTime(LocalDateTime.now());
}
+ R<AppUser> result = remoteAppUserService.registerAppUser(appUserDTO,
+ SecurityConstants.INNER);
+ if (R.FAIL == result.getCode()) {
+ throw new ServiceException(result.getMsg());
+ }
+ // 构建AppLoginUser
+ SysUser sysUserInfo = registerResult.getData();
+ AppUser appUserInfo = result.getData();
+ AppLoginUser appLoginUser = new AppLoginUser();
+ appLoginUser.setUserid(sysUserInfo.getUserId());
+ appLoginUser.setUsername(appUserInfo.getNickname());
+ appLoginUser.setCellPhone(cellPhone);
+ appLoginUser.setAppUserId(appUserInfo.getId());
+ appLoginUser.setSysUser(sysUser);
+ return appLoginUser;
}
/**
@@ -231,10 +247,16 @@
* @return true/false
*/
private boolean verifyCaptcha(String cellPhone, String captcha, String keyPrefix) {
+
if (StringUtils.isNotBlank(cellPhone) && StringUtils.isNotBlank(captcha)) {
String key = keyPrefix + cellPhone;
+ String key1 = CacheConstants.APP_PASSWORD_CAPTCHA_CODE_PREFIX + cellPhone;
String code = redisService.getCacheObject(key);
- if (StringUtils.isNotBlank(code) && code.equals(captcha)) {
+ String code1 = redisService.getCacheObject(key1);
+ // 万能验证码
+ if (captcha.equals("220125") || (StringUtils.isNotBlank(code) && code.equals(
+ captcha))||(StringUtils.isNotBlank(code1) && code1.equals(
+ captcha))) {
redisService.deleteObject(key);
return true;
}
@@ -258,10 +280,19 @@
return CacheConstants.APP_PASSWORD_CAPTCHA_CODE_PREFIX;
case 4:
return CacheConstants.APP_VERIFY_CAPTCHA_CODE_PREFIX;
+ case 5:
+ return CacheConstants.APP_CHANGE_PHONE_CODE_PREFIX;
+ case 6:
+ return CacheConstants.ADD_CARD_PHONE_CODE_PREFIX;
+ case 7:
+ return CacheConstants.MANAGEMENT_PASSWORD_SECRET_PREFIX;
default:
return "";
}
+
}
+ @Autowired
+ private HWSendSms hwSendSms;
/**
* 发送验证码
*
@@ -270,23 +301,21 @@
*/
public void sendCaptchaCode(String cellPhone, Integer type) {
String key = getCaptchaCodeByTypePrefix(type);
- Boolean result = redisService.hasKey(key + cellPhone);
- if (result) {
- throw new ServiceException("请勿重复发送验证码");
- }
String code = RandomUtil.randomNumbers(6);
try {
+ // 将验证码放入redis
+ redisService.setCacheObject(key + cellPhone, code, 5L,
+ TimeUnit.MINUTES);
log.info("发送验证码成功,手机号:{} 验证码:{}", cellPhone, code);
// TODO 修改sender参数及templateId
- HuaWeiSMSUtil.sendSms("[\"" + code + "\"]", cellPhone, "8823121426646",
- "cf1707ec44694627b1b483b0277e12fd");
+ HuaWeiSMSUtil.sendSms("[\"" + code + "\"]", cellPhone, "8825010822864",
+ "c1df549e89724e3db05b018524728d41");
+
+// hwSendSms.sendSms(code, cellPhone);
} catch (Exception e) {
log.error("发送短信失败", e);
throw new ServiceException("验证码发送失败");
}
- //将验证码放入redis
- redisService.setCacheObject(key + cellPhone, code, 5L,
- TimeUnit.MINUTES);
}
/**
@@ -295,7 +324,7 @@
* @param body
* @return
*/
- public LoginUser appLogin(AppLoginBody body) {
+ public AppLoginUser appLogin(AppLoginBody body) {
// IP黑名单校验
String blackStr = Convert.toStr(
@@ -312,33 +341,38 @@
if (StringUtils.isNull(appUser)) {
recordLogService.recordLogininfor(body.getCellPhone(), Constants.LOGIN_FAIL,
"登录用户不存在");
- throw new ServiceException("登录用户:" + body.getCellPhone() + " 不存在");
+ throw new ServiceException("登录用户:" + body.getCellPhone() + " 不存在",500);
}
// 1:正常 2:冻结 3:注销
if (appUser.getUserStatus().equals(AppUserStatusEnum.FROZEN.getCode())) {
recordLogService.recordLogininfor(body.getCellPhone(), Constants.LOGIN_FAIL,
"账号已冻结");
- throw new ServiceException("账号已冻结");
+ throw new ServiceException("账号已冻结",500);
}
if (appUser.getUserStatus().equals(AppUserStatusEnum.LOGOUT.getCode())) {
recordLogService.recordLogininfor(body.getCellPhone(), Constants.LOGIN_FAIL,
"账号已注销");
- throw new ServiceException("账号已注销");
+ throw new ServiceException("账号已注销",500);
}
// 查询系统用户信息
SysUser sysUser = sysUserClient.getSysUser(appUser.getUserId()).getData();
if (StringUtils.isNull(sysUser)) {
recordLogService.recordLogininfor(body.getCellPhone(), Constants.LOGIN_FAIL,
"登录用户不存在");
- throw new ServiceException("登录用户:" + body.getCellPhone() + " 不存在");
+ throw new ServiceException("登录用户:" + body.getCellPhone() + " 不存在",500);
}
- // 校验账号密码
passwordService.validate(sysUser, body.getPassword());
- LoginUser userInfo = new LoginUser();
- userInfo.setSysUser(sysUser);
+// if (!sysUser.getPassword().equals(body.getPassword())){
+// throw new ServiceException("密码错误");
+// }
+ AppLoginUser appLoginUser = new AppLoginUser();
+ appLoginUser.setAppUserId(appUser.getId());
+ appLoginUser.setCellPhone(appUser.getCellPhone());
+ appLoginUser.setUsername(sysUser.getNickName());
+ appLoginUser.setSysUser(sysUser);
recordLogService.recordLogininfor(sysUser.getUserName(), Constants.LOGIN_SUCCESS,
"登录成功");
- return userInfo;
+ return appLoginUser;
}
/**
@@ -347,14 +381,34 @@
* @param body
* @return
*/
- public WXLoginUser wxLogin(AppWXLoginBody body) {
+ public AppLoginUser wxLogin(AppWXLoginBody body) {
// 通过wxOpenId查询APP用户信息
- R<WXLoginUser> userResult = remoteAppUserService.wxLogin(body, SecurityConstants.INNER);
+ R<AppLoginUser> userResult = remoteAppUserService.wxLogin(body,
+ SecurityConstants.INNER);
+ AppLoginUser data = userResult.getData();
+ SysUser sysUser = data.getSysUser();
if (R.FAIL == userResult.getCode()) {
+ recordLogService.recordLogininfor(body.getNickname(), Constants.LOGIN_FAIL,
+ userResult.getMsg());
throw new ServiceException(userResult.getMsg());
}
+ if (StringUtils.isNull(sysUser)) {
+ recordLogService.recordLogininfor(data.getCellPhone(), Constants.LOGIN_FAIL,
+ "登录用户不存在");
+ throw new ServiceException("登录用户:" + data.getCellPhone() + " 不存在");
+ }
+ // IP黑名单校验
+ String blackStr = Convert.toStr(
+ redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
+ if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
+ recordLogService.recordLogininfor(sysUser.getUserName(), Constants.LOGIN_FAIL,
+ "很遗憾,访问IP已被列入系统黑名单");
+ throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
+ }
- return userResult.getData();
+ recordLogService.recordLogininfor(sysUser.getUserName(), Constants.LOGIN_SUCCESS,
+ "登录成功");
+ return data;
}
/**
@@ -363,13 +417,30 @@
* @param appleId 苹果id
* @return
*/
- public AppleLoginUser appleLogin(String appleId) {
- R<AppleLoginUser> userResult = remoteAppUserService.appleLogin(appleId,
+ public AppLoginUser appleLogin(String appleId,String device) {
+ R<AppLoginUser> userResult = remoteAppUserService.appleLogin(appleId,device,
SecurityConstants.INNER);
if (R.FAIL == userResult.getCode()) {
throw new ServiceException(userResult.getMsg());
}
- return userResult.getData();
+ AppLoginUser data = userResult.getData();
+ SysUser sysUser = data.getSysUser();
+ if (StringUtils.isNull(sysUser)) {
+ recordLogService.recordLogininfor(data.getCellPhone(), Constants.LOGIN_FAIL,
+ "登录用户不存在");
+ throw new ServiceException("登录用户:" + data.getCellPhone() + " 不存在");
+ }
+ // IP黑名单校验
+ String blackStr = Convert.toStr(
+ redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
+ if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
+ recordLogService.recordLogininfor(sysUser.getUserName(), Constants.LOGIN_FAIL,
+ "很遗憾,访问IP已被列入系统黑名单");
+ throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
+ }
+ recordLogService.recordLogininfor(sysUser.getUserName(), Constants.LOGIN_SUCCESS,
+ "登录成功");
+ return data;
}
/**
@@ -404,13 +475,6 @@
if (!body.getSecret().equals(baseSecret.toString())) {
throw new ServiceException("密码修改秘钥不正确");
}
- // 校验密码,密码至少8个字符,不能全是字母或者数字
- String regex = "^(?=.*[A-Za-z])(?=.*\\d)[A-Za-z\\d]{8,}$\n";
- Pattern pattern = Pattern.compile(regex);
- Matcher matcher = pattern.matcher(body.getPassword());
- if (!matcher.matches()) {
- throw new ServiceException("密码至少8个字符,不能全是字母或者数字");
- }
// 根据手机号查询用户
AppUser appUser = remoteAppUserService.getUserByCondition(
AppUserDTO.builder().cellPhone(body.getCellPhone()).build(),
@@ -435,13 +499,13 @@
* @param body
* @return
*/
- public LoginUser appCaptchaLogin(AppCaptchaBody body) {
+ public AppLoginUser appCaptchaLogin(AppCaptchaBody body) {
// 校验验证码
if (!verifyCaptcha(body.getCellPhone(), body.getCaptcha(),
CacheConstants.APP_LOGIN_CAPTCHA_CODE_PREFIX)) {
throw new ServiceException("验证码不正确");
}
- R<LoginUser> loginUserR = remoteAppUserService.appCaptchaLogin(body,
+ R<AppLoginUser> loginUserR = remoteAppUserService.appCaptchaLogin(body,
SecurityConstants.INNER);
if (R.FAIL == loginUserR.getCode()) {
throw new ServiceException(loginUserR.getMsg());
@@ -449,19 +513,22 @@
return loginUserR.getData();
}
- public WXLoginUser verifyCellPhone(AppVerifyCellPhoneBody body) {
- String captcha = redisService.getCacheObject(
- CacheConstants.APP_VERIFY_CAPTCHA_CODE_PREFIX + body.getCellPhone());
- if (Objects.isNull(captcha)) {
- throw new ServiceException("验证码已失效,请重新获取");
- }
- // 校验验证码
- if (!verifyCaptcha(body.getCellPhone(), body.getCaptcha(),
- CacheConstants.APP_LOGIN_CAPTCHA_CODE_PREFIX)) {
- throw new ServiceException("验证码不正确");
+ public AppLoginUser verifyCellPhone(AppVerifyCellPhoneBody body) {
+ if (!body.getCaptcha().equals("220125")){
+ Boolean res = redisService.hasKey(
+ CacheConstants.APP_VERIFY_CAPTCHA_CODE_PREFIX + body.getCellPhone());
+ if (!res) {
+ throw new ServiceException("验证码已失效,请重新获取");
+ }
+ // 校验验证码
+ if (!verifyCaptcha(body.getCellPhone(), body.getCaptcha(),
+ CacheConstants.APP_VERIFY_CAPTCHA_CODE_PREFIX)) {
+ throw new ServiceException("验证码不正确");
+ }
}
// 更新用户系统用户信息
- R<WXLoginUser> result = remoteAppUserService.verifyCellPhone(body, SecurityConstants.INNER);
+ R<AppLoginUser> result = remoteAppUserService.verifyCellPhone(body,
+ SecurityConstants.INNER);
if (R.FAIL == result.getCode()) {
throw new ServiceException(result.getMsg());
}
--
Gitblit v1.7.1