From 77adf7b42c2c553700531f8f4e010ad4c2acbb45 Mon Sep 17 00:00:00 2001 From: xuyang <748613696@qq.com> Date: Tue, 27 Jun 2023 09:35:31 +0800 Subject: [PATCH] =?UTF-8?q?1.=E5=88=A0=E9=99=A4=E5=A4=9A=E4=BD=99=E6=96=87?= =?UTF-8?q?=E4=BB=B6=202.=E9=83=A8=E5=88=86=E4=BB=A3=E7=A0=81=E5=BE=AE?= =?UTF-8?q?=E8=B0=83?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../security/granter/SmsTokenGranter.java | 2 +- .../java/com/njcn/web/utils/app/AESUtil.java | 88 -------- .../com/njcn/web/utils/app/XssFilterUtil.java | 211 ------------------ pqs-gateway/src/main/resources/bootstrap.yml | 2 + .../main/java/com/njcn/user/pojo/po/User.java | 3 +- .../com/njcn/user/pojo/po/app/AppUser.java | 117 ---------- .../controller/app/AppUserController.java | 59 ++--- .../com/njcn/user/mapper/AppUserMapper.java | 4 +- .../njcn/user/service/IAppUserService.java | 9 - .../user/service/impl/AppUserServiceImpl.java | 191 ++++++++-------- 10 files changed, 115 insertions(+), 571 deletions(-) delete mode 100644 pqs-common/common-web/src/main/java/com/njcn/web/utils/app/AESUtil.java delete mode 100644 pqs-common/common-web/src/main/java/com/njcn/web/utils/app/XssFilterUtil.java delete mode 100644 pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/app/AppUser.java diff --git a/pqs-auth/src/main/java/com/njcn/auth/security/granter/SmsTokenGranter.java b/pqs-auth/src/main/java/com/njcn/auth/security/granter/SmsTokenGranter.java index 13bc1037f..65f096439 100644 --- a/pqs-auth/src/main/java/com/njcn/auth/security/granter/SmsTokenGranter.java +++ b/pqs-auth/src/main/java/com/njcn/auth/security/granter/SmsTokenGranter.java @@ -48,7 +48,7 @@ public class SmsTokenGranter extends AbstractTokenGranter { if (StrUtil.isBlank(phone)) { throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG); } - if (judgeSmsCode(phone, smsCode)) { + if (!judgeSmsCode(phone, smsCode)) { throw new BusinessException(UserResponseEnum.LOGIN_WRONG_CODE); } //2、组装用户手机号认证信息 diff --git a/pqs-common/common-web/src/main/java/com/njcn/web/utils/app/AESUtil.java b/pqs-common/common-web/src/main/java/com/njcn/web/utils/app/AESUtil.java deleted file mode 100644 index c47d6f687..000000000 --- a/pqs-common/common-web/src/main/java/com/njcn/web/utils/app/AESUtil.java +++ /dev/null @@ -1,88 +0,0 @@ -package com.njcn.web.utils.app; -import org.apache.commons.codec.binary.Base64; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import javax.crypto.Cipher; -import javax.crypto.spec.SecretKeySpec; -import java.security.Security; - -/** - * @author hongawen - * @date: 2019/10/28 14:37 - */ -public class AESUtil { - - private static final Logger logger = LoggerFactory.getLogger(AESUtil.class); - - private static final String key ="f81804778c89c779"; - - private static final String EncryptAlg ="AES"; - - private static final String Cipher_Mode="AES/ECB/PKCS5Padding"; - - private static final String Encode="UTF-8"; - - private static final int Secret_Key_Size=16; - - private static final String Key_Encode="UTF-8"; - - /** - * @param content 加密内容 - * @return aes加密后 转base64 - */ - public static String aesPKCS5PaddingEncrypt(String content) throws Exception { - try { - Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider()); - Cipher cipher = Cipher.getInstance(Cipher_Mode); - byte[] realKey=getSecretKey(key); - cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(realKey,EncryptAlg)); - byte[] data=cipher.doFinal(content.getBytes(Encode)); - String result=new Base64().encodeToString(data); - return result; - } catch (Exception e) { - throw new Exception("AES加密失败:content=" +content +" key="+key); - } - } - - /** - * AES/ECB/PKCS7Padding 解密 - * @param content 解密内容 - * @return 先转base64 再解密 - */ - public static String aesPKCS5PaddingDecrypt(String content) throws Exception { - try { - byte[] decodeBytes= Base64.decodeBase64(content); - Cipher cipher = Cipher.getInstance(Cipher_Mode); - byte[] realKey=getSecretKey(key); - cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(realKey,EncryptAlg)); - byte[] realBytes=cipher.doFinal(decodeBytes); - return new String(realBytes, Encode); - } catch (Exception e) { - throw new Exception("AES解密失败:Aescontent = " +e.fillInStackTrace(),e); - } - } - - /** - * 对密钥key进行处理:如密钥长度不够位数的则 以指定paddingChar 进行填充; - * 此处用空格字符填充,也可以 0 填充,具体可根据实际项目需求做变更 - * @param key - * @return - * @throws Exception - */ - public static byte[] getSecretKey(String key) throws Exception{ - final byte paddingChar=' '; - - byte[] realKey = new byte[Secret_Key_Size]; - byte[] byteKey = key.getBytes(Key_Encode); - for (int i =0;i parameters) { - if (CollectionUtils.isEmpty(parameters)) { - return null; - } - int count = parameters.size(); - String[] encodedValues = new String[count]; - for (int i = 0; i < count; i++) { - encodedValues[i] = dealString(parameters.get(i)); - } - return encodedValues; - } - - /** - * 滤除content中的危险 HTML 代码, 主要是脚本代码, 滚动字幕代码以及脚本事件处理代码 - * - * @param content - * 需要滤除的字符串 - * @return 过滤的结果 - */ - public static String replaceHtmlCode(String content) { - if (null == content) { - return null; - } - if (0 == content.length()) { - return ""; - } - // 需要滤除的脚本事件关键字 - String[] eventKeywords = { "onmouseover", "onmouseout", "onmousedown", - "onmouseup", "onmousemove", "onclick", "ondblclick", - "onkeypress", "onkeydown", "onkeyup", "ondragstart", - "onerrorupdate", "onhelp", "onreadystatechange", "onrowenter", - "onrowexit", "onselectstart", "onload", "onunload", - "onbeforeunload", "onblur", "onerror", "onfocus", "onresize", - "onscroll", "oncontextmenu", "alert" }; - content = replace(content, " -1) { - int b = 0; - String str1, str2, str3, str4, strA, strB; - str1 = source; - str2 = str1.toLowerCase(); - str3 = oldStr; - str4 = str3.toLowerCase(); - if (matchCase) { - strA = str1; - strB = str3; - } else { - strA = str2; - strB = str4; - } - a = strA.indexOf(strB, findStartPos); - if (a > -1) { - b = oldStr.length(); - findStartPos = a + b; - StringBuffer bbuf = new StringBuffer(source); - source = bbuf.replace(a, a + b, newStr) + ""; - // 新的查找开始点位于替换后的字符串的结尾 - findStartPos = findStartPos + newStr.length() - b; - } - } - return source; - } - - public static String xssEncode(String s) { - if (s == null || s.isEmpty()) { - return s; - } - StringBuilder sb = new StringBuilder(s.length() + 16); - for (int i = 0; i < s.length(); i++) { - char c = s.charAt(i); - switch (c) { - case '>': - sb.append('>');// 全角大于号 - break; - case '<': - sb.append('<');// 全角小于号 - break; -// case '\'': -// sb.append('‘');// 全角单引号 -// break; -// case '\"': -// sb.append('“');// 全角双引号 -// break; -// case '&': -// sb.append('&');// 全角 -// break; - case '\\': - sb.append('\');// 全角斜线 - break; - /*case '#': - sb.append('#');// 全角井号 - break;*/ -// case '(': -// sb.append('(');// -// break; -// case ')': -// sb.append(')');// -// break; - default: - sb.append(c); - break; - } - } - String resultStr = sb.toString(); -// resultStr=StringEscapeUtils.escapeSql(resultStr); -// resultStr=StringEscapeUtils.escapeHtml(resultStr); -// resultStr=StringEscapeUtils.escapeJavaScript(resultStr); - return resultStr; - } - - /** - * 字符串处理包括SQL的注入处理 - * @author hongawen - * @param value 字符串 - */ - public static String dealString(String value) { - if (!StringUtils.isBlank(value)) { - value = xssEncode(value); - value=replaceHtmlCode(value); - value= StringEscapeUtils.escapeSql(value); - return value; - }else{ - return ""; - } - } -} diff --git a/pqs-gateway/src/main/resources/bootstrap.yml b/pqs-gateway/src/main/resources/bootstrap.yml index 8ffa0f07d..1ecbdbd51 100644 --- a/pqs-gateway/src/main/resources/bootstrap.yml +++ b/pqs-gateway/src/main/resources/bootstrap.yml @@ -179,6 +179,8 @@ whitelist: - /user-boot/user/generateSm2Key - /user-boot/theme/getTheme - /user-boot/user/updateFirstPassword + - /user-boot/appUser/authCode + - /user-boot/appUser/register - /pqs-auth/oauth/logout - /pqs-auth/oauth/token - /pqs-auth/auth/getImgCode diff --git a/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/User.java b/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/User.java index e13aa19ae..95deb1352 100644 --- a/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/User.java +++ b/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/User.java @@ -9,6 +9,7 @@ import java.time.LocalDateTime; import lombok.Data; import lombok.EqualsAndHashCode; +import org.springframework.web.multipart.MultipartFile; /** * @author hongawen @@ -145,5 +146,5 @@ public class User extends BaseEntity { private String devCode; - private String headSculpture; + private MultipartFile headSculpture; } diff --git a/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/app/AppUser.java b/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/app/AppUser.java deleted file mode 100644 index feeccce22..000000000 --- a/pqs-user/user-api/src/main/java/com/njcn/user/pojo/po/app/AppUser.java +++ /dev/null @@ -1,117 +0,0 @@ -package com.njcn.user.pojo.po.app; - -import com.baomidou.mybatisplus.annotation.TableName; -import com.njcn.db.bo.BaseEntity; -import java.io.Serializable; -import java.time.LocalDateTime; - -import lombok.Data; -import lombok.Getter; -import lombok.Setter; - -/** - *

- * App用户表 - *

- * - * @author xuyang - * @since 2023-06-07 - */ -@Data -@TableName("app_user") -public class AppUser extends BaseEntity { - - private static final long serialVersionUID = 1L; - - /** - * 用户表Guid - */ - private String userIndex; - - /** - * 用户名(别名) - */ - private String name; - - /** - * 登录名 - */ - private String loginName; - - /** - * 密码 - */ - private String password; - - /** - * 电话号码 - */ - private String phone; - - /** - * 邮箱 - */ - private String email; - - /** - * 注册时间 - */ - private LocalDateTime registerTime; - - /** - * 密码有效期字段(初始化的时候跟注册时间一样) - */ - private LocalDateTime psdValidity; - - /** - * 最后一次登录时间 - */ - private LocalDateTime loginTime; - - /** - * 用户状态0:删除;1:正常;2:锁定; - */ - private Integer state; - - /** - * 密码错误次数 - */ - private Integer loginErrorTimes; - - /** - * 第一次登陆错误的时间 - */ - private LocalDateTime loginFirstErrorTime; - - /** - * 营销人员名称(只针对主用户) - */ - private String semName; - - /** - * 营销人员手机(只针对主用户) - */ - private String semPhone; - - /** - * 推荐码(新增主用户时候生成) - */ - private String referralCode; - - /** - * 设备码 - */ - private String devCode; - - /** - * 用户类型(0:主用户;1:子用户;2:运维;3:专职;4:工程;5:游客) - */ - private Integer userType; - - /** - * 用户等级 - */ - private String userLevel; - - -} diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java index 359a55eda..1b94afab6 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/controller/app/AppUserController.java @@ -1,30 +1,29 @@ package com.njcn.user.controller.app; import com.njcn.common.pojo.annotation.OperateInfo; -import com.njcn.common.pojo.constant.PatternRegex; +import com.njcn.common.pojo.constant.OperateType; +import com.njcn.common.pojo.enums.common.LogEnum; import com.njcn.common.pojo.enums.response.CommonResponseEnum; -import com.njcn.common.pojo.exception.BusinessException; import com.njcn.common.pojo.response.HttpResult; import com.njcn.common.utils.HttpResultUtil; -import com.njcn.common.utils.PubUtils; -import com.njcn.user.enums.UserResponseEnum; +import com.njcn.common.utils.LogUtil; +import com.njcn.user.pojo.param.UserParam; import com.njcn.user.pojo.vo.app.AppUserResultVO; import com.njcn.user.service.IAppUserService; import com.njcn.web.controller.BaseController; -import com.njcn.web.utils.app.AESUtil; -import com.njcn.web.utils.app.XssFilterUtil; +import com.njcn.web.utils.RequestUtil; import io.swagger.annotations.Api; import io.swagger.annotations.ApiImplicitParam; import io.swagger.annotations.ApiImplicitParams; import io.swagger.annotations.ApiOperation; import lombok.AllArgsConstructor; import lombok.extern.slf4j.Slf4j; -import org.apache.commons.lang3.StringUtils; -import org.bouncycastle.asn1.ocsp.ResponseData; +import org.apache.ibatis.annotations.Param; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -58,7 +57,7 @@ public class AppUserController extends BaseController { @ApiImplicitParams({ @ApiImplicitParam(name = "phone", value = "手机号", required = true, paramType = "query"), @ApiImplicitParam(name = "devCode", value = "设备码", required = true, paramType = "query"), - @ApiImplicitParam(name = "type", value = "验证码类型", required = true, paramType = "query"), + @ApiImplicitParam(name = "type", value = "验证码类型(0:登录 1:注册 2:重置密码 3:忘记密码 4:更换手机 5:确认旧手机验证码)", required = true, paramType = "query"), }) public HttpResult authCode(String phone, String devCode, String type) { String methodDescribe = getMethodDescribe("authCode"); @@ -69,20 +68,22 @@ public class AppUserController extends BaseController { /** * 手机app注册 */ + @OperateInfo(info = LogEnum.SYSTEM_COMMON, operateType = OperateType.ADD) @PostMapping("register") - @OperateInfo - @ApiOperation(value = "注册入口", notes = "用户注册") + @ApiOperation("App用户注册") @ApiImplicitParams({ @ApiImplicitParam(name = "phone", value = "手机号", required = true, paramType = "query"), @ApiImplicitParam(name = "code", value = "验证码", required = true, paramType = "query"), @ApiImplicitParam(name = "devCode", value = "设备码", required = true, paramType = "query"), }) - public HttpResult register(String phone, String code, String devCode) { + public HttpResult register(@Param("phone") String phone, @Param("code") String code, @Param("devCode") String devCode) { String methodDescribe = getMethodDescribe("register"); + LogUtil.njcnDebug(log, "{},手机号:{},验证码:{},设备码:{}", methodDescribe, phone,code,devCode); AppUserResultVO appUserResultVo = appUserService.register(phone,code,devCode); return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, appUserResultVo, methodDescribe); } + /** * 手机app密码设置 */ @@ -100,40 +101,6 @@ public class AppUserController extends BaseController { return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, "success", methodDescribe); } - /** - * 手机app登录入口 - */ - @PostMapping("login") - @OperateInfo - @ApiOperation(value = "登录入口", notes = "APP登录") - @ApiImplicitParams({ - @ApiImplicitParam(name = "phone", value = "手机号", required = true, paramType = "query"), - @ApiImplicitParam(name = "type", value = "登录类型", required = true, paramType = "query"), - @ApiImplicitParam(name = "key", value = "验证码/密码", required = true, paramType = "query"), - @ApiImplicitParam(name = "devCode", value = "设备码", required = true, paramType = "query"), - }) - public HttpResult login(String phone, String type, String key, String devCode, HttpServletRequest request) { - String methodDescribe = getMethodDescribe("login"); - AppUserResultVO appUserResultVo = appUserService.login(phone,type,key,devCode); - return HttpResultUtil.assembleCommonResponseResult(CommonResponseEnum.SUCCESS, appUserResultVo, methodDescribe); - } - - - - - - - - - - - - - - - - - diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/mapper/AppUserMapper.java b/pqs-user/user-boot/src/main/java/com/njcn/user/mapper/AppUserMapper.java index 0d541ed34..6ad595d60 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/mapper/AppUserMapper.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/mapper/AppUserMapper.java @@ -1,7 +1,7 @@ package com.njcn.user.mapper; import com.baomidou.mybatisplus.core.mapper.BaseMapper; -import com.njcn.user.pojo.po.app.AppUser; +import com.njcn.user.pojo.po.User; /** *

@@ -11,6 +11,6 @@ import com.njcn.user.pojo.po.app.AppUser; * @author xuyang * @since 2023-06-07 */ -public interface AppUserMapper extends BaseMapper { +public interface AppUserMapper extends BaseMapper { } diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java index 9acb93697..75a7b93a5 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/IAppUserService.java @@ -31,13 +31,4 @@ public interface IAppUserService { */ void setPsd(String userId, String devCode, String password); - /** - * 用户设置密码 - * @param phone 手机号 - * @param type 登陆类型 - * @param key 验证码/密码 - * @param devCode 设备码 - */ - AppUserResultVO login(String phone, String type, String key, String devCode); - } diff --git a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java index 1c14d900d..0966b28ee 100644 --- a/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java +++ b/pqs-user/user-boot/src/main/java/com/njcn/user/service/impl/AppUserServiceImpl.java @@ -9,24 +9,25 @@ import com.aliyuncs.profile.DefaultProfile; import com.aliyuncs.profile.IClientProfile; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.njcn.common.pojo.constant.PatternRegex; -import com.njcn.common.pojo.enums.response.CommonResponseEnum; import com.njcn.common.pojo.exception.BusinessException; -import com.njcn.common.utils.HttpResultUtil; import com.njcn.common.utils.PubUtils; +import com.njcn.common.utils.sm.Sm4Utils; +import com.njcn.redis.pojo.enums.RedisKeyEnum; import com.njcn.redis.utils.RedisUtil; +import com.njcn.user.enums.AppRoleEnum; import com.njcn.user.enums.MessageEnum; -import com.njcn.user.enums.UserLevelEnum; import com.njcn.user.enums.UserResponseEnum; import com.njcn.user.mapper.AppUserMapper; +import com.njcn.user.pojo.constant.UserState; +import com.njcn.user.pojo.constant.UserType; +import com.njcn.user.pojo.param.UserParam; +import com.njcn.user.pojo.po.Role; +import com.njcn.user.pojo.po.User; +import com.njcn.user.pojo.po.UserSet; import com.njcn.user.pojo.po.app.AppInfoSet; import com.njcn.user.pojo.po.app.AppSendMsg; -import com.njcn.user.pojo.po.app.AppUser; import com.njcn.user.pojo.vo.app.AppUserResultVO; -import com.njcn.user.service.IAppInfoSetService; -import com.njcn.user.service.IAppSendMsgService; -import com.njcn.user.service.IAppUserService; -import com.njcn.web.utils.app.AESUtil; -import com.njcn.web.utils.app.XssFilterUtil; +import com.njcn.user.service.*; import lombok.AllArgsConstructor; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; @@ -35,6 +36,7 @@ import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; import java.time.LocalDateTime; +import java.util.Collections; import java.util.Objects; import java.util.Random; @@ -47,7 +49,7 @@ import java.util.Random; */ @Service @AllArgsConstructor -public class AppUserServiceImpl extends ServiceImpl implements IAppUserService { +public class AppUserServiceImpl extends ServiceImpl implements IAppUserService { private static final Logger logger = LoggerFactory.getLogger(AppUserServiceImpl.class); @@ -57,14 +59,19 @@ public class AppUserServiceImpl extends ServiceImpl impl private final IAppInfoSetService appInfoSetService; + private final IUserSetService userSetService; + + private final IRoleService roleService; + + private final IUserRoleService userRoleService; + @Override @Transactional(rollbackFor = Exception.class) public void setMessage(String phone, String devCode, String type) { - if (!PubUtils.match(PatternRegex.PHONE_REGEX, XssFilterUtil.dealString(phone))){ + if (!PubUtils.match(PatternRegex.PHONE_REGEX, phone)){ throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG); } try { - devCode= AESUtil.aesPKCS5PaddingDecrypt(devCode); String msgTemplate; switch (type) { case "0": @@ -90,19 +97,19 @@ public class AppUserServiceImpl extends ServiceImpl impl } //type为4,账号替换为新手机号 if (!msgTemplate.equalsIgnoreCase(MessageEnum.REGISTER.getTemplateCode())) { - AppUser appUser = this.lambdaQuery().eq(AppUser::getPhone,phone).one(); + User user = this.lambdaQuery().eq(User::getPhone,phone).one(); if ("4".equalsIgnoreCase(type)) { //注册,无需判断手机号与设备的匹配 - if (appUser != null) { + if (user != null) { throw new BusinessException(UserResponseEnum.REGISTER_PHONE_FAIL); } } else { - if (null == appUser) { + if (null == user) { throw new BusinessException(UserResponseEnum.LOGIN_USERNAME_NOT_FOUND); } else { - appUser.setDevCode(devCode); + user.setDevCode(devCode); logger.info("更新手机id:" + devCode); - this.updateById(appUser); + this.updateById(user); } } } @@ -136,10 +143,10 @@ public class AppUserServiceImpl extends ServiceImpl impl request.setTemplateParam(code); //请求失败这里会抛ClientException异常 SendSmsResponse sendSmsResponse = acsClient.getAcsResponse(request); - String key = phone + devCode; + String key = RedisKeyEnum.SMS_LOGIN_KEY.getKey() + phone; if (sendSmsResponse.getCode() != null && "OK".equals(sendSmsResponse.getCode())) { //成功发送短信验证码后,保存进redis - redisUtil.saveByKeyWithExpire(key, vcode, 300L); + redisUtil.saveByKey(key, vcode); } else { throw new BusinessException(UserResponseEnum.SEND_CODE_FAIL); } @@ -160,61 +167,49 @@ public class AppUserServiceImpl extends ServiceImpl impl } @Override - @Transactional(rollbackFor = Exception.class) + @Transactional(rollbackFor = {Exception.class}) public AppUserResultVO register(String phone, String code, String devCode) { AppUserResultVO appUserResultVo = new AppUserResultVO(); - if (!PubUtils.match(PatternRegex.PHONE_REGEX, XssFilterUtil.dealString(phone))){ + if (!PubUtils.match(PatternRegex.PHONE_REGEX, phone)){ throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG); } if (StringUtils.isBlank(devCode)) { throw new BusinessException(UserResponseEnum.DEV_CODE_WRONG); } - try { - devCode= AESUtil.aesPKCS5PaddingDecrypt(devCode); - judgeCode(phone, code, devCode); - //先根据手机号查询是否已被注册 - AppUser appUser = this.lambdaQuery().eq(AppUser::getPhone,phone).one(); - if (!Objects.isNull(appUser)){ - throw new BusinessException(UserResponseEnum.REGISTER_PHONE_REPEAT); - } else { - appUser = new AppUser(); - appUser.setPhone(phone); - appUser.setLoginErrorTimes(0); - appUser.setLoginTime(LocalDateTime.now()); - appUser.setPsdValidity(appUser.getLoginTime()); - appUser.setRegisterTime(appUser.getLoginTime()); - appUser.setUserLevel("5"); - appUser.setDevCode(devCode); - logger.info("插入手机id:" + devCode); - appUser.setReferralCode("DUCxda"); - appUser.setState(1); - this.save(appUser); - //消息默认配置 - AppInfoSet appInfoSet = new AppInfoSet(); - appInfoSet.setUserIndex(appUser.getUserIndex()); - appInfoSet.setDeviceInfo(1); - appInfoSet.setEventInfo(1); - appInfoSet.setSystemInfo(1); - appInfoSet.setHarmonicInfo(1); - appInfoSetService.save(appInfoSet); - //配置返回数据 - appUserResultVo.setUserId(appUser.getUserIndex()); - appUserResultVo.setRoleName(UserLevelEnum.getMsgByCode(appUser.getUserLevel())); - appUserResultVo.setPhone(appUser.getPhone()); - appUserResultVo.setRoleCode(appUser.getUserLevel()); - appUserResultVo.setUserName(StringUtils.isEmpty(appUser.getName()) ? null : appUser.getName()); - } - } catch (Exception e) { - logger.error("app用户注册异常:" + e.toString()); - if (e.getMessage().length() < 10) { - throw new BusinessException(UserResponseEnum.getCodeByMsg(e.getMessage())); - } else { - throw new BusinessException(UserResponseEnum.REGISTER_FAIL); - } + judgeCode(phone, code, devCode); + //先根据手机号查询是否已被注册 + User user = this.lambdaQuery().eq(User::getPhone,phone).one(); + if (!Objects.isNull(user)){ + throw new BusinessException(UserResponseEnum.REGISTER_PHONE_REPEAT); + } else { + //新增用户配置表 + UserParam.UserAddParam addUserParam = new UserParam.UserAddParam(); + UserSet userSet = userSetService.addUserSet(addUserParam); + //新增用户表 + User newUser = cloneUserBoToUser(phone,devCode,userSet); + //新增用户角色关系表 + Role role = roleService.getRoleByCode(AppRoleEnum.TOURIST.getCode()); + userRoleService.addUserRole(newUser.getId(), Collections.singletonList(role.getId())); + //消息默认配置 + AppInfoSet appInfoSet = new AppInfoSet(); + appInfoSet.setUserIndex(newUser.getId()); + appInfoSet.setDeviceInfo(1); + appInfoSet.setEventInfo(1); + appInfoSet.setSystemInfo(1); + appInfoSet.setHarmonicInfo(1); + appInfoSetService.save(appInfoSet); + //配置返回数据 + appUserResultVo.setUserId(newUser.getId()); + appUserResultVo.setRoleName(AppRoleEnum.TOURIST.getMessage()); + appUserResultVo.setPhone(newUser.getPhone()); + appUserResultVo.setRoleCode(AppRoleEnum.TOURIST.getCode()); + appUserResultVo.setUserName(StringUtils.isEmpty(newUser.getName()) ? null : newUser.getName()); } return appUserResultVo; } + + @Override public void setPsd(String userId, String devCode, String password) { //参数校验 @@ -228,17 +223,15 @@ public class AppUserServiceImpl extends ServiceImpl impl throw new BusinessException(UserResponseEnum.DEV_CODE_WRONG); } try { - devCode= AESUtil.aesPKCS5PaddingDecrypt(devCode); //查看是否存在该用户 - AppUser appUser = this.lambdaQuery().eq(AppUser::getUserIndex,userId).one(); - if (Objects.isNull(appUser)){ + User user = this.lambdaQuery().eq(User::getId,userId).one(); + if (Objects.isNull(user)){ throw new BusinessException(UserResponseEnum.LOGIN_USERNAME_NOT_FOUND); } else { - String appPwd = AESUtil.aesPKCS5PaddingEncrypt(password); - appUser.setPassword(appPwd); - appUser.setDevCode(devCode); + user.setPassword(password); + user.setDevCode(devCode); logger.info("更新手机id:" + devCode); - this.updateById(appUser); + this.updateById(user); } } catch (Exception e) { logger.error("app用户设置密码异常:" + e.toString()); @@ -250,32 +243,6 @@ public class AppUserServiceImpl extends ServiceImpl impl } } - @Override - public AppUserResultVO login(String phone, String type, String key, String devCode) { - //参数校验 - if (!PubUtils.match(PatternRegex.PHONE_REGEX, XssFilterUtil.dealString(phone))){ - throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG); - } - if (StringUtils.isBlank(key)) { - throw new BusinessException(UserResponseEnum.KEY_WRONG); - } - if (StringUtils.isBlank(devCode)) { - throw new BusinessException(UserResponseEnum.DEV_CODE_WRONG); - } - AppUserResultVO vo = new AppUserResultVO(); - try { - devCode= AESUtil.aesPKCS5PaddingDecrypt(devCode); - - } catch (Exception e) { - logger.error("app用户设置密码异常:" + e.toString()); - if (e.getMessage().length() < 10) { - throw new BusinessException(UserResponseEnum.getCodeByMsg(e.getMessage())); - } else { - throw new BusinessException(UserResponseEnum.LOGIN_ERROR); - } - } - return vo; - } /** * 自定义获取验证码,固定为字母和数字的组合 @@ -302,4 +269,36 @@ public class AppUserServiceImpl extends ServiceImpl impl } } + private User cloneUserBoToUser(String phone, String devCode, UserSet userSet) { + User user = new User(); + //设置用户id + user.setId(userSet.getUserId()); + //对密码做处理 SM4加密(SM4_1密码+工作秘钥) + String secretKey = userSet.getSecretKey(); + Sm4Utils sm4 = new Sm4Utils(secretKey); + user.setPassword(sm4.encryptData_ECB(userSet.getStandBy() + secretKey)); + //填写一些默认值 + user.setPhone(phone); + user.setDevCode(devCode); + user.setName(phone); + user.setLoginName(phone); + user.setType(3); + user.setState(UserState.ENABLE); + user.setOrigin(UserState.NORMAL_ORIGIN); + user.setCasualUser(UserType.OFFICIAL); + user.setPwdState(UserState.NEED); + user.setRegisterTime(LocalDateTime.now()); + user.setLoginTime(LocalDateTime.now()); + user.setPwdValidity(LocalDateTime.now()); + user.setLoginErrorTimes(UserState.ERROR_PASSWORD_TIMES); + user.setReferralCode(PubUtils.randomCode(6)); + user.setSmsNotice(0); + user.setEmailNotice(0); + user.setLimitIpStart("0.0.0.0"); + user.setLimitIpStart("255.255.255.255"); + user.setLimitTime("0-24"); + this.save(user); + return user; + } + }