From 359bb8f46b2c07f20326da1f6dcbddc6f5a3f0e9 Mon Sep 17 00:00:00 2001
From: yn147 <2270338776@qq.com>
Date: 星期四, 13 四月 2023 15:46:20 +0800
Subject: [PATCH] 盐值
---
src/main/java/com/qxueyou/scc/sys/action/LoginController.java | 82 ++++++++++++++++++++++++++++++++---------
1 files changed, 64 insertions(+), 18 deletions(-)
diff --git a/src/main/java/com/qxueyou/scc/sys/action/LoginController.java b/src/main/java/com/qxueyou/scc/sys/action/LoginController.java
index 506ddd9..859e5e5 100644
--- a/src/main/java/com/qxueyou/scc/sys/action/LoginController.java
+++ b/src/main/java/com/qxueyou/scc/sys/action/LoginController.java
@@ -13,6 +13,7 @@
import com.alibaba.fastjson.JSONObject;
import com.qxueyou.scc.base.util.*;
import com.qxueyou.scc.wx.service.IWechatService;
+import freemarker.template.utility.StringUtil;
import org.apache.commons.lang3.StringUtils;
import org.apache.kafka.common.network.LoginType;
import org.apache.tomcat.util.net.openssl.ciphers.Authentication;
@@ -23,6 +24,7 @@
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.stereotype.Controller;
+import org.springframework.util.DigestUtils;
import org.springframework.web.bind.annotation.*;
import com.qxueyou.scc.admin.teacher.service.ITeacherService;
@@ -126,14 +128,46 @@
* @param uid
* @throws IOException
*/
- @PostMapping("/auth/wechat/login")
+
+ @PostMapping("/wxlogin")
@ApiOperation("寰俊鐧诲綍")
- public Result wechatLogin(String code) {
+ @ResponseBody
+ public Result wechatLogin(String code,String number) {
JSONObject sessionKeyOrOpenId = wechatService.getSessionKeyOrOpenId(code);
- System.out.println(sessionKeyOrOpenId);
- return new Result(true,"cg",sessionKeyOrOpenId);
-// return new Result(true,"token",securityProperties.getTokenStartWith() + token,"user",user);
- }
+ JSONObject gettoken = wechatService.gettoken(appId, secret);
+ Result phone = wechatService.getNumber(gettoken.get("access_token").toString(), number);
+ if(phone.getSuccess()){
+ String hql = "from User where deleteFlag is false and mobilePhone = ? ";
+ System.out.println(phone.getData());
+ List<Object> params = CollectionUtils.newList(phone.getData());
+ User user = commonDAO.findUnique(hql,params, User.class);
+ if(user==null){
+ //鏂板鐢ㄦ埛
+ User user1=new User();
+ user1.setMobilePhone(phone.getData().toString());
+ user1.setOpenId(sessionKeyOrOpenId.get("openid").toString());
+ commonDAO.save(user1);
+ //鏂板鍏宠仈瀛﹀憳
+ String addUserSql = "from User where deleteFlag is false and mobilePhone = ? ";
+ List<Object> newParams = CollectionUtils.newList(phone.getData());
+ User newUser = commonDAO.findUnique(addUserSql,newParams, User.class);
+ StuStudent stuStudent=new StuStudent();
+ stuStudent.setStatus(StuStudent.STATUS_REGISTER);
+ stuStudent.setUserId(newUser.getUserId());
+ stuStudent.setMobilePhone(newUser.getMobilePhone());
+ commonDAO.save(stuStudent);
+ }
+ if(StringUtils.isEmpty(user.getOpenId())){
+ user.setOpenId(sessionKeyOrOpenId.get("openid").toString());
+ commonDAO.saveOrUpdate(user);
+ }
+ String studentSql = "from StuStudent where deleteFlag is false and userId = ? ";
+ List<Object> stuParams = CollectionUtils.newList(user.getUserId());
+ StuStudent stuStudent = commonDAO.findUnique(studentSql, stuParams, StuStudent.class);
+ return new Result(true,"鎺堟潈鎴愬姛",CollectionUtils.newObjectMap("user",user,"ClassId",stuStudent.getClassId()));
+ }
+ return phone;
+}
@ApiOperation(value = "鐧诲叆鎺ュ彛", notes = "")
@ApiImplicitParams({
@@ -150,8 +184,8 @@
// 鏌ヨ鐢ㄦ埛淇℃伅
String uuNumber=null;
String uuReNumber=null;
- String hql = "from User where deleteFlag is false and account = ? and password = ? ";
- List<Object> params = CollectionUtils.newList(account,password);
+ String hql = "from User where deleteFlag is false and account = ?";
+ List<Object> params = CollectionUtils.newList(account);
User user = commonDAO.findUnique(hql,params, User.class);
if (user == null ) {
return new Result(false, "鐢ㄦ埛璐︽埛銆佸瘑鐮侀敊璇�");
@@ -180,6 +214,12 @@
}
// 鎻掑叆鏃ュ織
insertLoginLog(request, user, account, "SYS-LOGIN");
+ String salt = user.getSalt();
+ String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes());
+ //姣旇緝鐢ㄦ埛杈撳叆鐨勫瘑鐮佸姞瀵嗗悗鐨勫瓧绗︿覆鏄惁璺熸敞鍐屾椂濉啓鐨勫姞瀵嗗瘑鐮佺浉鍚�
+ if (!newPassword.equals(user.getPassword())) {
+ return new Result(false, "鐢ㄦ埛璐︽埛銆佸瘑鐮侀敊璇垨缂哄皯鍑瘉");
+ }
// 杩斿洖
return new Result(true, "楠岃瘉鎴愬姛",CollectionUtils.newObjectMap("uuNumber",uuNumber,"uuReNumber",uuReNumber));
}
@@ -341,16 +381,16 @@
List<Object> params = null;
// boolean flag=true;
if ("study".equals(logType)) {
- hql = "from User where deleteFlag is false and account = ? and password = ? ";
- params = CollectionUtils.newList(account, password);
+ hql = "from User where deleteFlag is false and account = ?";
+ params = CollectionUtils.newList(account);
}else if("portal".equals(logType)){
- hql = "from User where deleteFlag is false and mobilePhone = ? and password = ? ";
- params = CollectionUtils.newList(account, password);
+ hql = "from User where deleteFlag is false and mobilePhone = ?";
+ params = CollectionUtils.newList(account);
}else{
if(StringUtils.isEmpty(password)) {
return new Result(false, "鐢ㄦ埛瀵嗙爜涓嶈兘涓虹┖");
}
- hql = "from User where deleteFlag is false and account = ? and password = ? ";
+ hql = "from User where deleteFlag is false and account = ? and password = ?";
params = CollectionUtils.newList(account,password);
}
@@ -373,13 +413,19 @@
// request.getSession().removeAttribute("uuReNumber");
// }
+ if (user == null) {
+ return new Result(false, "鐢ㄦ埛璐︽埛涓嶅瓨鍦�");
+ }
// 鎻掑叆鏃ュ織
insertLoginLog(request, user, account, "SYS-LOGIN");
-
- //鑰冭瘯鐧诲綍浼氭帶鍒秄lag鍙橀噺 鍏朵粬鐧诲綍涓嶄細 榛樿true
- if (user == null) {
- return new Result(false, "鐢ㄦ埛璐︽埛銆佸瘑鐮侀敊璇垨缂哄皯鍑瘉");
- }
+ String salt = user.getSalt();
+ String newPassword= DigestUtils.md5DigestAsHex((salt+password).getBytes());
+ //姣旇緝鐢ㄦ埛杈撳叆鐨勫瘑鐮佸姞瀵嗗悗鐨勫瓧绗︿覆鏄惁璺熸敞鍐屾椂濉啓鐨勫姞瀵嗗瘑鐮佺浉鍚�
+ if("study".equals(logType) || "portal".equals(logType)){
+ if (!newPassword.equals(user.getPassword())) {
+ return new Result(false, "鐢ㄦ埛璐︽埛銆佸瘑鐮侀敊璇垨缂哄皯鍑瘉");
+ }
+ }
// 杩斿洖鐢ㄦ埛鍩烘湰淇℃伅
return this.loginValidate(user, 1, request, response, logType, platForm, organizationId);
--
Gitblit v1.8.0