From 140a56d490d2f0f1b9829bd2c4186090deb52d3b Mon Sep 17 00:00:00 2001
From: mitao <2763622819@qq.com>
Date: 星期二, 21 一月 2025 16:57:02 +0800
Subject: [PATCH] 阿里云身份证二要素校验工具类
---
ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java | 3
ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/utils/AliyunCloudAuthUtil.java | 80 ++++++++++++++++++++++++++
ruoyi-modules/ruoyi-company/pom.xml | 7 +
ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java | 2
ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/service/impl/CompanyServiceImpl.java | 36 +++++++++--
pom.xml | 7 ++
6 files changed, 122 insertions(+), 13 deletions(-)
diff --git a/pom.xml b/pom.xml
index a3e5dbe..377e70a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -43,6 +43,7 @@
<spring-framework.version>5.3.39</spring-framework.version>
<fastexcel.version>1.0.0</fastexcel.version>
<aliyun-oss.version>3.17.4</aliyun-oss.version>
+ <aliyun-cloudauth.version>3.4.1</aliyun-cloudauth.version>
</properties>
<!-- 依赖声明 -->
@@ -325,7 +326,11 @@
<version>${aliyun-oss.version}</version>
</dependency>
-
+ <dependency>
+ <groupId>com.aliyun</groupId>
+ <artifactId>cloudauth20190307</artifactId>
+ <version>${aliyun-cloudauth.version}</version>
+ </dependency>
</dependencies>
</dependencyManagement>
diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
index 57bd2d7..77d4a9a 100644
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/controller/TokenController.java
@@ -26,7 +26,6 @@
import io.swagger.v3.oas.annotations.tags.Tag;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.DeleteMapping;
-import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@@ -69,7 +68,7 @@
}
@Operation(summary = "管理端-修改密码")
- @GetMapping("/modify-pwd")
+ @PostMapping("/modify-pwd")
public R<?> modifyPwd(@Valid @RequestBody MgtPasswordDTO dto) {
try {
sysLoginService.modifyPwd(dto);
diff --git a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
index 7e4c896..37d3960 100644
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
@@ -264,7 +264,7 @@
if (Objects.isNull(sysUser)){
throw new ServiceException("用户不存在");
}
- if (!SecurityUtils.matchesPassword(SecurityUtils.encryptPassword(dto.getOldPassword()), sysUser.getPassword())){
+ if (!SecurityUtils.matchesPassword(dto.getOldPassword(), sysUser.getPassword())){
throw new ServiceException("原密码错误");
}
sysUser.setPassword(SecurityUtils.encryptPassword(dto.getNewPassword()));
diff --git a/ruoyi-modules/ruoyi-company/pom.xml b/ruoyi-modules/ruoyi-company/pom.xml
index d72cc3b..9af0258 100644
--- a/ruoyi-modules/ruoyi-company/pom.xml
+++ b/ruoyi-modules/ruoyi-company/pom.xml
@@ -93,12 +93,15 @@
<artifactId>ocr_api20210707</artifactId>
</dependency>
-
-
<dependency>
<groupId>cn.idev.excel</groupId>
<artifactId>fastexcel</artifactId>
</dependency>
+
+ <dependency>
+ <groupId>com.aliyun</groupId>
+ <artifactId>cloudauth20190307</artifactId>
+ </dependency>
</dependencies>
<build>
diff --git a/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/service/impl/CompanyServiceImpl.java b/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/service/impl/CompanyServiceImpl.java
index 91ffd48..77a4a96 100644
--- a/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/service/impl/CompanyServiceImpl.java
+++ b/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/service/impl/CompanyServiceImpl.java
@@ -17,6 +17,7 @@
import com.ruoyi.company.mapper.CompanyMapper;
import com.ruoyi.company.service.CompanyService;
import com.ruoyi.company.service.UserService;
+import com.ruoyi.company.utils.AliyunCloudAuthUtil;
import lombok.RequiredArgsConstructor;
import org.springframework.context.annotation.Lazy;
import org.springframework.stereotype.Service;
@@ -33,6 +34,7 @@
public class CompanyServiceImpl extends ServiceImpl<CompanyMapper, Company> implements CompanyService {
private final UserService userService;
private final HttpServletResponse response;
+ private final AliyunCloudAuthUtil aliyunCloudAuthUtil;
/**
* 获取企业列表
* @param query
@@ -41,12 +43,22 @@
@Override
public PageDTO<MgtCompanyVO> queryPage(MgtCompanyQuery query) {
Page<Company> page = this.lambdaQuery()
- .like(StringUtils.isNotBlank(query.getCompanyInfo()), Company::getCompanyName, query.getCompanyInfo())
- .like(StringUtils.isNotBlank(query.getCompanyInfo()), Company::getSocialCode, query.getCompanyInfo())
- .like(StringUtils.isNotBlank(query.getLegalPersonInfo()), Company::getLegalPersonName, query.getLegalPersonInfo())
- .like(StringUtils.isNotBlank(query.getLegalPersonInfo()), Company::getIdCardNumber, query.getLegalPersonInfo())
- .like(StringUtils.isNotBlank(query.getContactInfo()), Company::getContactName, query.getContactInfo())
- .like(StringUtils.isNotBlank(query.getContactInfo()), Company::getContactPhone, query.getContactInfo())
+ .and(StringUtils.isNotBlank(query.getCompanyInfo()),
+ queryWrapper -> queryWrapper
+ .like(Company::getCompanyName, query.getCompanyInfo())
+ .or()
+ .like(Company::getSocialCode, query.getCompanyInfo()))
+ .and(StringUtils.isNotBlank(query.getLegalPersonInfo()),
+ queryWrapper -> queryWrapper
+ .like(Company::getLegalPersonName, query.getLegalPersonInfo())
+ .or()
+ .like(Company::getIdCardNumber, query.getLegalPersonInfo()))
+ .and(StringUtils.isNotBlank(query.getContactInfo()),
+ queryWrapper -> queryWrapper
+ .like(Company::getContactName, query.getContactInfo())
+ .or()
+ .like(Company::getContactPhone, query.getContactInfo()))
+ .orderByDesc(Company::getCreateTime)
.page(new Page<>(query.getPageCurr(), query.getPageSize()));
return PageDTO.of(page,MgtCompanyVO.class);
}
@@ -88,13 +100,18 @@
User user = BeanUtils.copyBean(dto, User.class);
user.setPassword(SecurityUtils.encryptPassword(dto.getPassword()));
userService.save(user);
- // TODO 校验身份证信息
+
Company company = BeanUtils.copyBean(dto, Company.class);
company.setUserId(user.getUserId());
//根据公司名称查询数据库
Long count = this.lambdaQuery().eq(Company::getCompanyName, company.getCompanyName()).count();
if (count > 0) {
throw new ServiceException("该公司账号已存在");
+ }
+ //身份证二要素校验
+ Boolean res = aliyunCloudAuthUtil.verifyIdCard(dto.getLegalPersonName(), dto.getIdCardNumber());
+ if (!res) {
+ throw new ServiceException("身份证信息不匹配");
}
this.save(company);
}
@@ -133,6 +150,11 @@
if (count > 0) {
throw new ServiceException("该公司账号已存在");
}
+ //身份证二要素校验
+ Boolean res = aliyunCloudAuthUtil.verifyIdCard(dto.getLegalPersonName(), dto.getIdCardNumber());
+ if (!res) {
+ throw new ServiceException("身份证信息不匹配");
+ }
Company companyUpd = BeanUtils.copyBean(dto, Company.class);
companyUpd.setId(company.getId());
this.updateById(companyUpd);
diff --git a/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/utils/AliyunCloudAuthUtil.java b/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/utils/AliyunCloudAuthUtil.java
new file mode 100644
index 0000000..22b7d3a
--- /dev/null
+++ b/ruoyi-modules/ruoyi-company/src/main/java/com/ruoyi/company/utils/AliyunCloudAuthUtil.java
@@ -0,0 +1,80 @@
+package com.ruoyi.company.utils;
+
+import cn.hutool.crypto.digest.DigestUtil;
+import com.alibaba.fastjson2.JSONObject;
+import com.aliyun.cloudauth20190307.Client;
+import com.aliyun.cloudauth20190307.models.Id2MetaVerifyResponse;
+import com.aliyun.tea.TeaException;
+import com.aliyun.teaopenapi.models.Config;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author mitao
+ * @date 2025/1/21
+ */
+@Slf4j
+@Component
+public class AliyunCloudAuthUtil {
+ @Value("aliyun.accessKeyId")
+ private String accessKeyId;
+ @Value("aliyun.accessKeySecret")
+ private String accessKeySecret;
+ private Client createClient() throws Exception {
+ // 工程代码泄露可能会导致 AccessKey 泄露,并威胁账号下所有资源的安全性。以下代码示例仅供参考。
+ // 建议使用更安全的 STS 方式,更多鉴权访问方式请参见:https://help.aliyun.com/document_detail/378657.html。
+ Config config = new com.aliyun.teaopenapi.models.Config()
+ // 必填,请确保代码运行环境设置了环境变量 ALIBABA_CLOUD_ACCESS_KEY_ID。
+ .setAccessKeyId(accessKeyId)
+ // 必填,请确保代码运行环境设置了环境变量 ALIBABA_CLOUD_ACCESS_KEY_SECRET。
+ .setAccessKeySecret(accessKeySecret);
+ // Endpoint 请参考 https://api.aliyun.com/product/Cloudauth
+ config.endpoint = "cloudauth.aliyuncs.com";
+ return new Client(config);
+ }
+ public Boolean verifyIdCard(String userName,String idCardNo) {
+ //姓名第一个字密文+ 姓名其他部分明文。
+ String firstCharacter = userName.substring(0, 1);
+ userName = DigestUtil.md5Hex(firstCharacter)+userName.substring(1);
+ log.info("姓名:"+userName);
+ //身份证号前6位(明文)+出生年月日(密文)+身份证号后4位(明文)。
+ idCardNo = idCardNo.substring(0,6)+ DigestUtil.md5Hex(idCardNo.substring(6, 14)) +idCardNo.substring(14);
+ log.info("身份证号:"+idCardNo);
+ Client client = null;
+ try {
+ client = createClient();
+ } catch (Exception e) {
+ throw new RuntimeException(e);
+ }
+ com.aliyun.cloudauth20190307.models.Id2MetaVerifyRequest id2MetaVerifyRequest = new com.aliyun.cloudauth20190307.models.Id2MetaVerifyRequest()
+ .setParamType("md5")
+ .setUserName(userName)
+ .setIdentifyNum(idCardNo);
+ com.aliyun.teautil.models.RuntimeOptions runtime = new com.aliyun.teautil.models.RuntimeOptions();
+ try {
+ // 复制代码运行请自行打印 API 的返回值
+ Id2MetaVerifyResponse id2MetaVerifyResponse = client.id2MetaVerifyWithOptions(id2MetaVerifyRequest, runtime);
+ log.info(JSONObject.toJSONString(id2MetaVerifyResponse));
+ if (id2MetaVerifyResponse.getStatusCode().equals(200) && ("1").equals(id2MetaVerifyResponse.getBody().getResultObject().getBizCode())) {
+ return true;
+ }
+ } catch (TeaException error) {
+ // 此处仅做打印展示,请谨慎对待异常处理,在工程项目中切勿直接忽略异常。
+ // 错误 message
+ System.out.println(error.getMessage());
+ // 诊断地址
+ System.out.println(error.getData().get("Recommend"));
+ com.aliyun.teautil.Common.assertAsString(error.message);
+ } catch (Exception _error) {
+ TeaException error = new TeaException(_error.getMessage(), _error);
+ // 此处仅做打印展示,请谨慎对待异常处理,在工程项目中切勿直接忽略异常。
+ // 错误 message
+ System.out.println(error.getMessage());
+ // 诊断地址
+ System.out.println(error.getData().get("Recommend"));
+ com.aliyun.teautil.Common.assertAsString(error.message);
+ }
+ return false;
+ }
+}
--
Gitblit v1.7.1