派生自 projectDept/qhighschool
src/main/java/com/qxueyou/scc/sys/action/LoginController.java
@@ -13,6 +13,7 @@ import com.alibaba.fastjson.JSONObject; import com.qxueyou.scc.base.util.*; import com.qxueyou.scc.wx.service.IWechatService; import freemarker.template.utility.StringUtil; import org.apache.commons.lang3.StringUtils; import org.apache.kafka.common.network.LoginType; import org.apache.tomcat.util.net.openssl.ciphers.Authentication; @@ -23,6 +24,7 @@ import org.springframework.data.redis.core.RedisTemplate; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Controller; import org.springframework.util.DigestUtils; import org.springframework.web.bind.annotation.*; import com.qxueyou.scc.admin.teacher.service.ITeacherService; @@ -114,6 +116,18 @@ @Value("${wx.secret}") private String secret; /** * 公众号appID */ @Value("${wx.app.appId}") private String wxappId; /** * 公众号secret */ @Value("${wx.app.secret}") private String wxsecret; public static String UUNUMBER="QXYUUNUMBER"; @@ -126,22 +140,67 @@ * @param uid * @throws IOException */ @PostMapping("/auth/wechat/login") @ApiOperation("微信登录") @PostMapping("/wxAccountsLogin") @ApiOperation("微信公众号登录") @ResponseBody public Result wxAccountsLogin(String code) { JSONObject gettoken = wechatService.gettoken(wxappId, wxsecret); JSONObject OpenId = wechatService.getSessionKeyOrOpenId(code); JSONObject user = wechatService.getUser(gettoken.get("access_token").toString(), OpenId.get("openid").toString()); return new Result(true,"成功",user); } @PostMapping("/wxlogin") @ApiOperation("微信小程序登录") @ResponseBody public Result wechatLogin(String code,String number) { JSONObject sessionKeyOrOpenId = wechatService.getSessionKeyOrOpenId(code); String phone = wechatService.getNumber(number); String hql = "from User where deleteFlag is false and mobilePhone = ? "; List<Object> params = CollectionUtils.newList(phone); User user = commonDAO.findUnique(hql,params, User.class); if(user==null){ User user1=new User(); user1.setMobilePhone(phone); commonDAO.save(user1); JSONObject gettoken = wechatService.gettoken(appId, secret); Result phone = wechatService.getNumber(gettoken.get("access_token").toString(), number); if(phone.getSuccess()){ String hql = "from User where deleteFlag is false and mobilePhone = ? "; System.out.println(phone.getData()); List<Object> params = CollectionUtils.newList(phone.getData()); User user = commonDAO.findUnique(hql,params, User.class); if(user==null){ //新增用户 User user1=new User(); user1.setMobilePhone(phone.getData().toString()); user1.setOpenId(sessionKeyOrOpenId.get("openid").toString()); commonDAO.save(user1); //新增关联学员 String addUserSql = "from User where deleteFlag is false and mobilePhone = ? "; List<Object> newParams = CollectionUtils.newList(phone.getData()); User newUser = commonDAO.findUnique(addUserSql,newParams, User.class); StuStudent stuStudent=new StuStudent(); stuStudent.setStatus(StuStudent.STATUS_REGISTER); stuStudent.setUserId(newUser.getUserId()); stuStudent.setMobilePhone(newUser.getMobilePhone()); commonDAO.save(stuStudent); } if(StringUtils.isEmpty(user.getOpenId())){ user.setOpenId(sessionKeyOrOpenId.get("openid").toString()); commonDAO.saveOrUpdate(user); } String studentSql = "from StuStudent where deleteFlag is false and userId = ? "; List<Object> stuParams = CollectionUtils.newList(user.getUserId()); StuStudent stuStudent = commonDAO.findUnique(studentSql, stuParams, StuStudent.class); CacheParamters param = new CacheParamters(); param.setUserId(user.getUserId()); param.setCustomRoleValue(user.getEmail()); param.setCustomOrgId(user.getImei()); param.setCacheIpFlag(true); // 缓存到请求线程 UserInfoWrapper wrapper = cacheUserInfo(param, null); // 存到redis redisTemplate.opsForValue().set(UserInfoWrapper.SESSION_USER_INFO_KEY, wrapper); return new Result(true,"授权成功",CollectionUtils.newObjectMap("user",user,"ClassId",stuStudent.getClassId())); } return new Result(true,"cg",user); // return new Result(true,"token",securityProperties.getTokenStartWith() + token,"user",user); return phone; } @ApiOperation(value = "登入接口", notes = "") @ApiImplicitParams({ @@ -158,8 +217,8 @@ // 查询用户信息 String uuNumber=null; String uuReNumber=null; String hql = "from User where deleteFlag is false and account = ? and password = ? "; List<Object> params = CollectionUtils.newList(account,password); String hql = "from User where deleteFlag is false and account = ?"; List<Object> params = CollectionUtils.newList(account); User user = commonDAO.findUnique(hql,params, User.class); if (user == null ) { return new Result(false, "用户账户、密码错误"); @@ -188,6 +247,12 @@ } // 插入日志 insertLoginLog(request, user, account, "SYS-LOGIN"); String salt = user.getSalt(); String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes()); //比较用户输入的密码加密后的字符串是否跟注册时填写的加密密码相同 if (!newPassword.equals(user.getPassword())) { return new Result(false, "用户账户、密码错误或缺少凭证"); } // 返回 return new Result(true, "验证成功",CollectionUtils.newObjectMap("uuNumber",uuNumber,"uuReNumber",uuReNumber)); } @@ -349,17 +414,17 @@ List<Object> params = null; // boolean flag=true; if ("study".equals(logType)) { hql = "from User where deleteFlag is false and account = ? and password = ? "; params = CollectionUtils.newList(account, password); hql = "from User where deleteFlag is false and account = ?"; params = CollectionUtils.newList(account); }else if("portal".equals(logType)){ hql = "from User where deleteFlag is false and mobilePhone = ? and password = ? "; params = CollectionUtils.newList(account, password); hql = "from User where deleteFlag is false and mobilePhone = ?"; params = CollectionUtils.newList(account); }else{ if(StringUtils.isEmpty(password)) { return new Result(false, "用户密码不能为空"); } hql = "from User where deleteFlag is false and account = ? and password = ? "; params = CollectionUtils.newList(account,password); hql = "from User where deleteFlag is false and account = ?"; params = CollectionUtils.newList(account); } if(StringUtils.isNotEmpty(organizationId)){ @@ -381,13 +446,19 @@ // request.getSession().removeAttribute("uuReNumber"); // } if (user == null) { return new Result(false, "用户账户不存在"); } // 插入日志 insertLoginLog(request, user, account, "SYS-LOGIN"); //考试登录会控制flag变量 其他登录不会 默认true if (user == null) { return new Result(false, "用户账户、密码错误或缺少凭证"); } String salt = user.getSalt(); String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes()); //比较用户输入的密码加密后的字符串是否跟注册时填写的加密密码相同 if("study".equals(logType) || "portal".equals(logType) || "adminis".equals(logType)){ if (!newPassword.equals(user.getPassword())) { return new Result(false, "用户账户、密码错误或缺少凭证"); } } // 返回用户基本信息 return this.loginValidate(user, 1, request, response, logType, platForm, organizationId); @@ -577,7 +648,7 @@ @ApiOperation(value = "修改密码", notes = "") @ApiImplicitParams({ @ApiImplicitParam(name = "usedPass", value = "老密码", required = false, paramType="query", dataType = "String"), @ApiImplicitParam(name = "pass", value = "新密码", required = false, paramType="query", dataType = "String"), @ApiImplicitParam(name = "pass", value = "新密码", required = false, paramType=" query", dataType = "String"), }) @RequestMapping(value = "updatePassword", method = RequestMethod.POST) @ResponseBody
