轻学堂免密授权

涂亚平
Commit a2d7d188 authored Apr 02, 2022 by 涂亚平
Showing with 109 additions and 60 deletions
src/main/java/com/subsidy/common/configure/QuartzConfig.java
src/main/java/com/subsidy/controller/MemberController.java
src/main/java/com/subsidy/dto/member/QingxuetangLoginDTO.java
src/main/java/com/subsidy/service/MemberService.java
src/main/java/com/subsidy/service/impl/MemberServiceImpl.java
src/main/java/com/subsidy/util/QuartzUtil.java
src/main/java/com/subsidy/util/SecretUtils.java
src/main/java/com/subsidy/vo/member/QXTSign.java
src/main/resources/application.properties
src/main/resources/code.properties
--- a/src/main/java/com/subsidy/common/configure/QuartzConfig.java
+++ b/src/main/java/com/subsidy/common/configure/QuartzConfig.java
@@ -6,6 +6,7 @@ import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.scheduling.quartz.SchedulerFactoryBean;
 import javax.sql.DataSource;
 /**

--- a/src/main/java/com/subsidy/controller/MemberController.java
+++ b/src/main/java/com/subsidy/controller/MemberController.java
@@ -78,7 +78,6 @@ public class MemberController {
        return ResponseData.generateCreatedResponse(0,memberService.qingxuetangLogin(qingxuetangLoginDTO));
    }
    @PostMapping("updatePassword")
    @ApiOperation("修改密码  {id  password}")
    @LoginRequired

--- a/src/main/java/com/subsidy/dto/member/QingxuetangLoginDTO.java
+++ b/src/main/java/com/subsidy/dto/member/QingxuetangLoginDTO.java
@@ -5,6 +5,23 @@ import lombok.Data;
 @Data
 public class QingxuetangLoginDTO {
-    private String telephone;
+//    private String telephone;
+    private String appId;
+    private String authCorpId;
+    private String authCorpName;
+    private String openId;
+    private String mobile;
+    private String nickname;
+    private Long timestamp;
+    private String sign;
 }
--- a/src/main/java/com/subsidy/service/MemberService.java
+++ b/src/main/java/com/subsidy/service/MemberService.java
@@ -8,13 +8,7 @@ import com.subsidy.model.ExerciseDoneResultDO;
 import com.subsidy.model.FileDictDO;
 import com.subsidy.model.MemberDO;
 import com.subsidy.vo.administer.UserRoleVO;
-import com.subsidy.vo.member.ContentFilesVO;
+import com.subsidy.vo.member.*;
-import com.subsidy.vo.member.ContentVodNewVO;
-import com.subsidy.vo.member.GetAllVO;
-import com.subsidy.vo.member.GetStudyInfoVO;
-import com.subsidy.vo.member.MemberStudyPageVO;
-import com.subsidy.vo.member.MemberVO;
-import com.subsidy.vo.member.MyCoursesVO;
 import com.subsidy.vo.paper.QueryPapersVO;
 import java.util.List;

--- a/src/main/java/com/subsidy/service/impl/MemberServiceImpl.java
+++ b/src/main/java/com/subsidy/service/impl/MemberServiceImpl.java
@@ -4,7 +4,6 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
-import com.subsidy.common.RedisPrefixConstant;
 import com.subsidy.common.exception.HttpException;
 import com.subsidy.dto.administer.VerifyCodeDTO;
 import com.subsidy.dto.member.*;
@@ -49,18 +48,11 @@ import com.subsidy.util.ConstantUtils;
 //import com.subsidy.util.RedisUtil;
 import com.subsidy.util.JwtUtil;
 import com.subsidy.util.RedisUtil;
+import com.subsidy.util.SecretUtils;
 import com.subsidy.vo.administer.UserRoleVO;
-import com.subsidy.vo.member.ContentFilesVO;
+import com.subsidy.vo.member.*;
-import com.subsidy.vo.member.ContentVodNewVO;
-import com.subsidy.vo.member.ContentVodVO;
-import com.subsidy.vo.member.GetAllVO;
-import com.subsidy.vo.member.GetStudyInfoVO;
-import com.subsidy.vo.member.MemberStudyPageVO;
-import com.subsidy.vo.member.MemberVO;
-import com.subsidy.vo.member.MemberVodVO;
-import com.subsidy.vo.member.MyCoursesVO;
-import com.subsidy.vo.member.StudyPageVO;
 import com.subsidy.vo.paper.QueryPapersVO;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.scheduling.annotation.AsyncResult;
@@ -481,16 +473,61 @@ public class MemberServiceImpl extends ServiceImpl<MemberMapper, MemberDO> imple
        UserRoleVO userRoleVO = new UserRoleVO();
-        //鉴权逻辑
+        /**
+         * 轻学堂秘钥
-        //先从redis里拿   还得从数据库先查公司。。还是直接查人快
+         * appId:b8fc3013c8ce409c90
+         * appSecret:90876d91b3b7426c9184437a09358787
+         */
        MemberDO memberDO = this.baseMapper.selectOne(new QueryWrapper<MemberDO>()
                .lambda()
-                .eq(MemberDO::getTelephone, qingxuetangLoginDTO.getTelephone()));
+                .eq(MemberDO::getTelephone, qingxuetangLoginDTO.getMobile()));
        if (memberDO == null) {
            throw new HttpException(10010);
        }
+        /**
+         * 时间戳有没有过期
+         */
+        if (qingxuetangLoginDTO.getTimestamp()-System.currentTimeMillis()>=5*60*1000 || System.currentTimeMillis()-qingxuetangLoginDTO.getTimestamp()>=5*60*1000){
+            OprMemDictDO oprMemDictDO = new OprMemDictDO();
+            oprMemDictDO.setUserId(memberDO.getId());
+            oprMemDictDO.setOprType("登录");
+            oprMemDictDO.setResult(0);
+            oprMemDictMapper.insert(oprMemDictDO);
+            throw new HttpException(14002);
+        }
+        //鉴权逻辑 对不对
+        String preAuthen = "";
+        if (!StringUtils.isEmpty(qingxuetangLoginDTO.getNickname())){
+            preAuthen = "appId=b8fc3013c8ce409c90&authCorpId="+qingxuetangLoginDTO.getAuthCorpId()
+                    +"&authCorpName="+ qingxuetangLoginDTO.getAuthCorpName()
+                    +"&mobile="+qingxuetangLoginDTO.getMobile()
+                    +"&nickname="+qingxuetangLoginDTO.getNickname()
+                    +"&openId="+qingxuetangLoginDTO.getOpenId()
+                    +"&timestamp="+qingxuetangLoginDTO.getTimestamp()
+                    +"&appSecret=90876d91b3b7426c9184437a09358787" ;
+        }else {
+            preAuthen = "appId=b8fc3013c8ce409c90&authCorpId="+qingxuetangLoginDTO.getAuthCorpId()
+                    +"&authCorpName="+ qingxuetangLoginDTO.getAuthCorpName()
+                    +"&mobile="+qingxuetangLoginDTO.getMobile()
+                    +"&openId="+qingxuetangLoginDTO.getOpenId()
+                    +"&timestamp="+qingxuetangLoginDTO.getTimestamp()
+                    +"&appSecret=90876d91b3b7426c9184437a09358787" ;
+        }
+        String result = SecretUtils.getMD5String(preAuthen);
+        if (!qingxuetangLoginDTO.getSign().equals(result)){
+            OprMemDictDO oprMemDictDO = new OprMemDictDO();
+            oprMemDictDO.setUserId(memberDO.getId());
+            oprMemDictDO.setOprType("登录");
+            oprMemDictDO.setResult(0);
+            oprMemDictMapper.insert(oprMemDictDO);
+            throw new HttpException(14001);
+        }
        CompanyDictDO companyDictDO = companyDictMapper.selectById(memberDO.getCompanyId());
        if ("冻结".equals(memberDO.getStatus())) {
@@ -498,22 +535,18 @@ public class MemberServiceImpl extends ServiceImpl<MemberMapper, MemberDO> imple
            oprMemDictDO.setUserId(memberDO.getId());
            oprMemDictDO.setOprType("登录");
            oprMemDictDO.setResult(0);
-            //oprMemDictDO.setUserName(memberDO.getUserName());
-            //oprMemDictDO.setCreateDate(System.currentTimeMillis() + "");
-            //oprMemDictDO.setLoginDateFormat(DateFormatUtil.format(new Date(), "yyyyMMdd"));
-            //oprMemDictDO.setCompanyId(companyDictDO.getId());
-            //oprMemDictDO.setCompanyName(companyDictDO.getCompanyName());
-            //mongoTemplate.insert(oprMemDictDO);
            oprMemDictMapper.insert(oprMemDictDO);
-            //redisUtil.set(RedisPrefixConstant.SUBSIDY_MEMBER_LOGIN_PREFIX + memberDO.getId() + ":" + memberDO.getUserName() + ":" + companyDictDO.getCompanyName() + ":" + LocalDateTime.now(), oprMemDictDO);
            throw new HttpException(10013);
        }
        //是否登陆过   1：是 0：否
        if (0 == memberDO.getFirstLogin()) {
-            memberDO.setFirstLogin(1);
+            OprMemDictDO oprMemDictDO = new OprMemDictDO();
-            this.baseMapper.updateById(memberDO);
+            oprMemDictDO.setUserId(memberDO.getId());
-            //redisUtil.set(RedisPrefixConstant.SUBSIDY_COMPANY_MEMBER_PREFIX + memberDO.getCompanyId() + ":" + memberDO.getAccountName(), memberDO);
+            oprMemDictDO.setOprType("登录");
+            oprMemDictDO.setResult(0);
+            oprMemDictMapper.insert(oprMemDictDO);
+            throw new HttpException(10015);
        }
        BeanUtils.copyProperties(memberDO, userRoleVO);
@@ -521,14 +554,8 @@ public class MemberServiceImpl extends ServiceImpl<MemberMapper, MemberDO> imple
        OprMemDictDO oprMemDictDO = new OprMemDictDO();
        oprMemDictDO.setUserId(memberDO.getId());
        oprMemDictDO.setOprType("登录");
-        //oprMemDictDO.setUserName(memberDO.getUserName());
        oprMemDictDO.setResult(1);
-        //oprMemDictDO.setCreateDate(System.currentTimeMillis() + "");
-        //oprMemDictDO.setLoginDateFormat(DateFormatUtil.format(new Date(), "yyyyMMdd"));
-        //oprMemDictDO.setCompanyId(companyDictDO.getId());
-        //oprMemDictDO.setCompanyName(companyDictDO.getCompanyName());
        oprMemDictMapper.insert(oprMemDictDO);
-        //mongoTemplate.insert(oprMemDictDO);
        userRoleVO.setCompanyId(companyDictDO.getId());
        userRoleVO.setCompanyName(companyDictDO.getCompanyName());
        userRoleVO.setLogo(companyDictDO.getLogo());
@@ -536,7 +563,6 @@ public class MemberServiceImpl extends ServiceImpl<MemberMapper, MemberDO> imple
                .lambda()
                .eq(RotationImgDictDO::getCompanyId, companyDictDO.getId()));
        userRoleVO.setRotationImgDictDOS(rotationImgDictDOS);
        String token = JwtUtil.generateToken(memberDO.getId(), ConstantUtils.MOBILE_TERMINATE);
        redisUtil.set(ConstantUtils.MOBILE_TERMINATE + "_" + memberDO.getId(), token);
        userRoleVO.setToken(token);

--- a/src/main/java/com/subsidy/util/QuartzUtil.java
+++ b/src/main/java/com/subsidy/util/QuartzUtil.java
 package com.subsidy.util;
 import com.subsidy.common.exception.HttpException;
-import org.quartz.CronScheduleBuilder;
+import org.quartz.*;
-import org.quartz.CronTrigger;
-import org.quartz.DateBuilder;
-import org.quartz.JobBuilder;
-import org.quartz.JobDataMap;
-import org.quartz.JobDetail;
-import org.quartz.JobKey;
-import org.quartz.Scheduler;
-import org.quartz.SimpleTrigger;
-import org.quartz.Trigger;
-import org.quartz.TriggerBuilder;
-import org.quartz.TriggerKey;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import java.util.Date;
 import java.util.List;
 import java.util.Map;

--- a/src/main/java/com/subsidy/util/SecretUtils.java
+++ b/src/main/java/com/subsidy/util/SecretUtils.java
 package com.subsidy.util;
+import org.apache.commons.codec.digest.DigestUtils;
 import java.math.BigInteger;
 import java.nio.charset.StandardCharsets;
 import java.security.MessageDigest;
@@ -17,13 +19,15 @@ public class SecretUtils {
    public static String getMD5String(String str) {
        try {
            // 生成一个MD5加密计算摘要
-            MessageDigest md = MessageDigest.getInstance("MD5");
+            return DigestUtils.md5Hex(str.toString()).toUpperCase();
+            //            MessageDigest md = MessageDigest.getInstance("MD5");
            // 计算md5函数
-            md.update(str.getBytes());
+//            md.update(str.getBytes("utf-8"));
            // digest()最后确定返回md5 hash值，返回值为8位字符串。因为md5 hash值是16位的hex值，实际上就是8位的字符
            // BigInteger函数则将8位的字符串转换成16位hex值，用字符串来表示；得到字符串形式的hash值
            //一个byte是八位二进制，也就是2位十六进制字符（2的8次方等于16的2次方）
-            return new BigInteger(1, md.digest()).toString(16);
+//            byte[] digest = md.digest(str.getBytes("utf-8"));
+//            return new BigInteger(1, digest).toString(16);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
@@ -108,9 +112,13 @@ public class SecretUtils {
        }
    }
    public static void main(String[] args) {
        String uuid = UUID.randomUUID().toString();
-        System.out.println(uuid);
+        System.out.println(uuid.replace("-",""));
-        System.out.println(hash(uuid+"ixihs"));
+//        System.out.println(hash(uuid+"ixihs"));
+        System.out.println(System.currentTimeMillis());
    }
 }
\ No newline at end of file
--- a/src/main/java/com/subsidy/vo/member/QXTSign.java
+++ b/src/main/java/com/subsidy/vo/member/QXTSign.java
+package com.subsidy.vo.member;
+import lombok.Data;
+@Data
+public class QXTSign {
+    private String sign;
+}
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
 # 环境配置
-spring.profiles.active=dev
+spring.profiles.active=prod
 # 端口号
-spring.server.port=23457
+spring.server.port=23459
 #嵌入tomcat配置
 #和CPU数
 spring.server.acceptorThreadCount=600

--- a/src/main/resources/code.properties
+++ b/src/main/resources/code.properties
@@ -54,5 +54,8 @@ meishu.code-message[12001]=该职级已存在
 meishu.code-message[13001]=已达到当日最大时长
+meishu.code-message[14001]=认证失败，签名不通过
+meishu.code-message[14002]=认证失败，签名已过期