|
@@ -4,13 +4,15 @@ import com.jeesite.common.codec.DesUtils;
|
|
import com.jeesite.common.config.Global;
|
|
import com.jeesite.common.config.Global;
|
|
import com.jeesite.common.constant.Constants;
|
|
import com.jeesite.common.constant.Constants;
|
|
import com.jeesite.common.lang.StringUtils;
|
|
import com.jeesite.common.lang.StringUtils;
|
|
-import com.jeesite.common.service.ServiceException;
|
|
|
|
|
|
+import com.jeesite.modules.bjflapi.AbstractController;
|
|
import com.jeesite.modules.report.entity.WebsiteUser;
|
|
import com.jeesite.modules.report.entity.WebsiteUser;
|
|
import com.jeesite.modules.report.service.WebsiteUserService;
|
|
import com.jeesite.modules.report.service.WebsiteUserService;
|
|
import com.jeesite.modules.report.util.JwtUtil;
|
|
import com.jeesite.modules.report.util.JwtUtil;
|
|
import com.jeesite.modules.report.util.PasswordUtil;
|
|
import com.jeesite.modules.report.util.PasswordUtil;
|
|
-import com.jeesite.modules.report.util.RedisUtil;
|
|
|
|
|
|
+import com.jeesite.modules.sys.utils.RedisUtil;
|
|
import com.jeesite.modules.report.util.oConvertUtils;
|
|
import com.jeesite.modules.report.util.oConvertUtils;
|
|
|
|
+import com.jeesite.modules.sys.annotation.WebsiteAuth;
|
|
|
|
+import com.jeesite.modules.sys.utils.R;
|
|
import io.swagger.annotations.Api;
|
|
import io.swagger.annotations.Api;
|
|
import org.springframework.beans.BeanUtils;
|
|
import org.springframework.beans.BeanUtils;
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
|
import org.springframework.web.bind.annotation.PostMapping;
|
|
@@ -25,7 +27,7 @@ import java.util.Map;
|
|
@RestController
|
|
@RestController
|
|
@RequestMapping(value = "${adminPath}/api/report/websiteUser")
|
|
@RequestMapping(value = "${adminPath}/api/report/websiteUser")
|
|
@Api(value = "WebsiteUserControllerApi",tags = "网站用户接口")
|
|
@Api(value = "WebsiteUserControllerApi",tags = "网站用户接口")
|
|
-public class WebsiteUserControllerApi {
|
|
|
|
|
|
+public class WebsiteUserControllerApi extends AbstractController {
|
|
@Resource
|
|
@Resource
|
|
private RedisUtil redisUtil;
|
|
private RedisUtil redisUtil;
|
|
@Resource
|
|
@Resource
|
|
@@ -40,10 +42,10 @@ public class WebsiteUserControllerApi {
|
|
// 登录用户名解密(解决登录用户名明文传输安全问题)
|
|
// 登录用户名解密(解决登录用户名明文传输安全问题)
|
|
String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
|
|
String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
|
|
if (StringUtils.isEmpty(loginCode)) {
|
|
if (StringUtils.isEmpty(loginCode)) {
|
|
- throw new ServiceException("登录账号为空");
|
|
|
|
|
|
+ return R.error("登录账号为空");
|
|
}
|
|
}
|
|
if (StringUtils.isEmpty(password)) {
|
|
if (StringUtils.isEmpty(password)) {
|
|
- throw new ServiceException("登录密码为空");
|
|
|
|
|
|
+ return R.error("登录密码为空");
|
|
}
|
|
}
|
|
loginCode = DesUtils.decode(loginCode, secretKey);
|
|
loginCode = DesUtils.decode(loginCode, secretKey);
|
|
password = DesUtils.decode(password, secretKey);
|
|
password = DesUtils.decode(password, secretKey);
|
|
@@ -51,12 +53,12 @@ public class WebsiteUserControllerApi {
|
|
//查询用户
|
|
//查询用户
|
|
WebsiteUser oldUser = websiteUserService.findLoginCode(loginCode);
|
|
WebsiteUser oldUser = websiteUserService.findLoginCode(loginCode);
|
|
if (oldUser == null) {
|
|
if (oldUser == null) {
|
|
- throw new ServiceException("用户不存在,请先注册");
|
|
|
|
|
|
+ return R.error("用户不存在,请先注册");
|
|
}
|
|
}
|
|
//验证密码
|
|
//验证密码
|
|
String passwordEncode = PasswordUtil.encrypt(loginCode, password, oldUser.getSalt());
|
|
String passwordEncode = PasswordUtil.encrypt(loginCode, password, oldUser.getSalt());
|
|
if (!passwordEncode.equals(oldUser.getPassword())) {
|
|
if (!passwordEncode.equals(oldUser.getPassword())) {
|
|
- throw new ServiceException("登录密码不正确");
|
|
|
|
|
|
+ return R.error("登录密码不正确");
|
|
}
|
|
}
|
|
//TODO 单点登录,清理登录用户的登录token
|
|
//TODO 单点登录,清理登录用户的登录token
|
|
List<Object> tokenList = redisUtil.lGet(Constants.PREFIX_USER_TOKEN_LIST + loginCode, 0, -1);
|
|
List<Object> tokenList = redisUtil.lGet(Constants.PREFIX_USER_TOKEN_LIST + loginCode, 0, -1);
|
|
@@ -66,7 +68,7 @@ public class WebsiteUserControllerApi {
|
|
// 生成token
|
|
// 生成token
|
|
String token = JwtUtil.sign(loginCode, password);
|
|
String token = JwtUtil.sign(loginCode, password);
|
|
// 设置token缓存有效时间
|
|
// 设置token缓存有效时间
|
|
- redisUtil.set(Constants.PREFIX_USER_TOKEN + token, token);
|
|
|
|
|
|
+ redisUtil.set(Constants.PREFIX_USER_TOKEN + token, oldUser.getId());
|
|
redisUtil.expire(Constants.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
|
|
redisUtil.expire(Constants.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME * 2 / 1000);
|
|
//TODO 单点登录,缓存登录用户的Token
|
|
//TODO 单点登录,缓存登录用户的Token
|
|
redisUtil.lSet(Constants.PREFIX_USER_TOKEN_LIST + loginCode, token);
|
|
redisUtil.lSet(Constants.PREFIX_USER_TOKEN_LIST + loginCode, token);
|
|
@@ -83,16 +85,16 @@ public class WebsiteUserControllerApi {
|
|
// 登录用户名解密(解决登录用户名明文传输安全问题)
|
|
// 登录用户名解密(解决登录用户名明文传输安全问题)
|
|
String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
|
|
String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
|
|
if (StringUtils.isEmpty(loginCode)) {
|
|
if (StringUtils.isEmpty(loginCode)) {
|
|
- throw new ServiceException("登录账号为空");
|
|
|
|
|
|
+ return R.error("登录账号为空");
|
|
}
|
|
}
|
|
if (StringUtils.isEmpty(password)) {
|
|
if (StringUtils.isEmpty(password)) {
|
|
- throw new ServiceException("登录密码为空");
|
|
|
|
|
|
+ return R.error("登录密码为空");
|
|
}
|
|
}
|
|
loginCode = DesUtils.decode(loginCode, secretKey);
|
|
loginCode = DesUtils.decode(loginCode, secretKey);
|
|
password = DesUtils.decode(password, secretKey);
|
|
password = DesUtils.decode(password, secretKey);
|
|
WebsiteUser oldUser = websiteUserService.findLoginCode(loginCode);
|
|
WebsiteUser oldUser = websiteUserService.findLoginCode(loginCode);
|
|
if (oldUser != null) {
|
|
if (oldUser != null) {
|
|
- throw new ServiceException("用户已存在");
|
|
|
|
|
|
+ return R.error("用户已存在");
|
|
}
|
|
}
|
|
WebsiteUser newUser = new WebsiteUser();
|
|
WebsiteUser newUser = new WebsiteUser();
|
|
BeanUtils.copyProperties(websiteUser, newUser);
|
|
BeanUtils.copyProperties(websiteUser, newUser);
|
|
@@ -106,4 +108,38 @@ public class WebsiteUserControllerApi {
|
|
return login(websiteUser);
|
|
return login(websiteUser);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ /**
|
|
|
|
+ * 修改密码
|
|
|
|
+ */
|
|
|
|
+ @WebsiteAuth
|
|
|
|
+ @PostMapping(value = "updatePwd")
|
|
|
|
+ public String infoSavePwd(String newPassword,
|
|
|
|
+ String confirmNewPassword) {
|
|
|
|
+ String userId = getUserIdByRequest();
|
|
|
|
+ WebsiteUser websiteUser = websiteUserService.get(userId);
|
|
|
|
+ // 登录密码解密(解决密码明文传输安全问题)
|
|
|
|
+ String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
|
|
|
|
+// if (StringUtils.isNotBlank(secretKey)){
|
|
|
|
+// oldPassword = DesUtils.decode(oldPassword, secretKey);
|
|
|
|
+// newPassword = DesUtils.decode(newPassword, secretKey);
|
|
|
|
+// confirmNewPassword = DesUtils.decode(confirmNewPassword, secretKey);
|
|
|
|
+// }
|
|
|
|
+// // 验证旧密码
|
|
|
|
+// if(!PwdUtils.validatePassword(oldPassword, currentUser.getPassword())){
|
|
|
|
+// return renderResult(Global.FALSE, text("sys.user.oldPasswordError"));
|
|
|
|
+// }
|
|
|
|
+// // 验证新密码和确认密码
|
|
|
|
+// if(!StringUtils.equals(newPassword, confirmNewPassword)){
|
|
|
|
+// return renderResult(Global.FALSE, text("sys.user.confirmPasswrodError"));
|
|
|
|
+// }
|
|
|
|
+// // 更新密码
|
|
|
|
+// try{
|
|
|
|
+// userService.updatePassword(currentUser.getUserCode(), confirmNewPassword);
|
|
|
|
+// return renderResult(Global.TRUE, text("sys.user.passwordModifySuccess"));
|
|
|
|
+// }catch(ServiceException se){
|
|
|
|
+// return renderResult(Global.FALSE, se.getMessage());
|
|
|
|
+// }
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
}
|
|
}
|