package com.javaweb.platform.controller; import java.io.IOException; import java.util.Date; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.shiro.crypto.hash.Md5Hash; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.multipart.MultipartFile; import com.javaweb.cms.domain.Pv; import com.javaweb.cms.service.PVQueueService; import com.javaweb.common.annotation.UserAuth; import com.javaweb.common.config.Global; import com.javaweb.common.config.ServerConfig; import com.javaweb.common.constant.RSAKey; import com.javaweb.common.core.controller.BaseController; import com.javaweb.common.core.domain.AjaxResult; import com.javaweb.common.utils.IdGenerate; import com.javaweb.common.utils.IpUtils; import com.javaweb.common.utils.StringUtils; import com.javaweb.common.utils.file.FileUploadUtils; import com.javaweb.framework.util.ShiroUtils; import com.javaweb.platform.constant.FrontUserStatus; import com.javaweb.platform.domain.FrontUser; import com.javaweb.platform.domain.UserLoginCount; import com.javaweb.platform.domain.UserMsg; import com.javaweb.platform.domain.FrontUserCaptcode; import com.javaweb.platform.mapper.FrontUserMapper; import com.javaweb.platform.mapper.UserLoginCountMapper; import com.javaweb.platform.mapper.UserMsgMapper; import com.javaweb.platform.mapper.ValidcodeMapper; import com.javaweb.platform.utils.CaptCodeUtils; import com.javaweb.platform.utils.UserAuthCacheUtils; import com.javaweb.platform.utils.ValidcodeUtils; import cn.hutool.crypto.asymmetric.KeyType; import cn.hutool.crypto.asymmetric.RSA; @Controller @RequestMapping("/webgis") public class FrontUserAuthController extends BaseController{ private static final String status_common = "1";//正常状态 private static final String status_apply = "2";//审核中 @Autowired private ServerConfig serverConfig; @Autowired private FrontUserMapper frontUserMapper; @Autowired private ValidcodeMapper validcodeMapper; @Autowired private ValidcodeUtils validcodeUtils; @Autowired private UserLoginCountMapper userLoginCountMapper; @Autowired private UserMsgMapper userMsgMapper; /** * 生成验证码 * @param request * @return */ @PostMapping("/user/captcode") @ResponseBody public AjaxResult captcode(HttpServletRequest request) { String code = CaptCodeUtils.verifyCode(); return AjaxResult.success(code); } /** * 注册 * @param points * @return */ @PostMapping("/user/regist") @ResponseBody public AjaxResult regist(@RequestBody FrontUserCaptcode frontUser,HttpServletRequest request) { RSA rsa = new RSA(RSAKey.privatekey, null); String username = new String(rsa.decryptStr(frontUser.getUserName(), KeyType.PrivateKey)); String password = new String(rsa.decryptStr(frontUser.getPassword(), KeyType.PrivateKey)); frontUser.setUserName(username); frontUser.setPassword(password); if(frontUserMapper.checkLoginNameUnique(frontUser)>0){ return AjaxResult.error("用户名已经存在!"); } if(frontUserMapper.checkEmailUnique(frontUser)>0){ return AjaxResult.error("邮箱已经存在!"); } if(frontUserMapper.checkPhoneUnique(frontUser)>0){ return AjaxResult.error("注册电话已经存在!"); } if(frontUser.getUserType().equals("2")){ if(frontUserMapper.checkBusinessNoUnique(frontUser)>0){ return AjaxResult.error("注册公司营业执照已经存在!"); } } String captcode = frontUser.getCaptcode(); boolean captok = CaptCodeUtils.isExistCode(captcode); if(!captok) { return AjaxResult.error("验证码不正确或过期"); } else { CaptCodeUtils.remove(captcode); } if(frontUser.getUserType().equals("1")){ frontUser.setStatus(status_common); //正常状态 }else{ frontUser.setStatus(status_apply); //公司申请 审核中 } frontUser.setCreateTime(new Date()); frontUser.setLoginIp(IpUtils.getIpAddr(request)); frontUser.setSalt(ShiroUtils.randomSalt()); frontUser.setPassword(encryptPassword(frontUser.getUserName(), frontUser.getPassword(), frontUser.getSalt())); frontUserMapper.insertFrontUser(frontUser); if(frontUser.getUserType().equals("1")){ return AjaxResult.success("个人账号注册成功"); }else{ return AjaxResult.success("企业账号提交成功,信息审核中"); } } /** * 加密 * @param username * @param password * @param salt * @return */ public String encryptPassword(String username, String password, String salt) { return new Md5Hash(username + password + salt).toHex().toString(); } /** * * @param user * @param newPassword * @return */ public boolean matches(FrontUser user, String newPassword) { return user.getPassword().equals(encryptPassword(user.getUserName(), newPassword, user.getSalt())); } /** * 查找用户 * @param user * @return * @throws IOException */ @UserAuth("frontUser") @PostMapping("/user/userInfo") @ResponseBody public FrontUser userInfo(String user,HttpServletRequest request,HttpServletResponse response) throws IOException { String token = request.getParameter("token"); if(token==null || !UserAuthCacheUtils.userCaches.containsKey(token)){ return null; } FrontUser f = (FrontUser) UserAuthCacheUtils.getCahce(token); if(!f.getUserName().equals(user)){ return null; } FrontUser frontUser =new FrontUser(); frontUser.setUserName(user); frontUser = frontUserMapper.selectFrontUserByLoginName(frontUser); frontUser.setPassword(null); frontUser.setSalt(null); return frontUser; } /** * 登录 * @param frontUser * @return */ @PostMapping("/user/login") @ResponseBody public AjaxResult login(@RequestBody FrontUser frontUser) { RSA rsa = new RSA(RSAKey.privatekey, null); String username = new String(rsa.decryptStr(frontUser.getUserName(), KeyType.PrivateKey)); String password = new String(rsa.decryptStr(frontUser.getPassword(), KeyType.PrivateKey)); frontUser.setUserName(username); frontUser.setPassword(password); String newPassword= frontUser.getPassword(); frontUser=frontUserMapper.selectByUserName(frontUser); if(frontUser==null){ return AjaxResult.error("用户不存在"); } //验证登录次数 UserLoginCount userLoginCount = new UserLoginCount(); userLoginCount.setType("1"); userLoginCount.setUserName(frontUser.getUserName()); userLoginCount.setLoginTime(new Date()); List list = userLoginCountMapper.selectUserLoginCountList(userLoginCount); if(list.size() > 0) { UserLoginCount r = list.get(0); if(r.getCount() >= 5) { return AjaxResult.error("今日错误次数已经达到5次"); } } int errcount = 0; if(frontUser!=null && matches(frontUser,newPassword)){ frontUser.setPassword(null); frontUser.setSalt(null); String uuid =IdGenerate.uuid(); frontUser.setAccessToken(uuid); UserAuthCacheUtils.setCahce(uuid, frontUser,frontUser.getId().toString());//设置缓存列表 frontUser.setId(null); UserMsg userMsg =new UserMsg(frontUser.getUserName(),"0"); List msgList=userMsgMapper.selectUserMsgList(userMsg); if(msgList!=null && msgList.size()>0){ userMsg = new UserMsg(frontUser.getUserName(),"1"); userMsgMapper.updateUserMsgStatus(userMsg); frontUser.setNotify("1");//通知 } return AjaxResult.success("登录成功",frontUser); }else{ //记录登录次数信息 if(list.size() > 0) { UserLoginCount r = list.get(0); r.setCount(r.getCount()+1); errcount = r.getCount(); userLoginCountMapper.updateUserLoginCount(r); } else { userLoginCount.setCount(1); userLoginCount.setId(IdGenerate.nextId()); userLoginCount.setLoginTime(new Date()); userLoginCount.setType("1"); userLoginCountMapper.insertUserLoginCount(userLoginCount); errcount = 1; } return AjaxResult.error("密码验证失败 ,已经输错"+errcount+"次,每天最多输错5次"); } } /** * 获取短信验证码 * @param frontUser * @return */ @PostMapping("/user/resetpassword/captcode") @ResponseBody public AjaxResult captcode(@RequestBody FrontUser frontUser) { boolean paramok = true; if(frontUser.getPhone().length() > 20) { return AjaxResult.error("请检查手机号码"); } FrontUser fuser = frontUserMapper.selectByUserName(frontUser); if(fuser == null) { paramok = false; return AjaxResult.error("登录名、注册电话、注册邮箱验证失败"); } //进行错误次数验证 UserLoginCount userLoginCount = new UserLoginCount(); userLoginCount.setType("2"); userLoginCount.setUserName(frontUser.getUserName()); userLoginCount.setLoginTime(new Date()); List list = userLoginCountMapper.selectUserLoginCountList(userLoginCount); if(list.size() > 0) { UserLoginCount r = list.get(0); if(r.getCount() >= 5) { return AjaxResult.error("今日错误次数已经达到5次"); } } if(!fuser.getEmail().equals(frontUser.getEmail())){ paramok = false; } if(!fuser.getPhone().equals(frontUser.getPhone())){ paramok = false; } if(!paramok) { int errcount = 0; //添加一条错误记录 if(list.size() > 0) { UserLoginCount r = list.get(0); r.setCount(r.getCount()+1); errcount = r.getCount(); userLoginCountMapper.updateUserLoginCount(r); } else { userLoginCount.setCount(1); userLoginCount.setId(IdGenerate.nextId()); userLoginCount.setLoginTime(new Date()); userLoginCount.setType("2"); userLoginCountMapper.insertUserLoginCount(userLoginCount); errcount = 1; } return AjaxResult.error("输入信息有误,已经输错"+errcount+"次,每天最多输错5次"); } int retnum = 0; try { retnum = validcodeUtils.sendMesgToPhone("2", fuser.getPhone()); } catch (Exception e) { // TODO Auto-generated catch block e.printStackTrace(); } if(retnum == 0) { return AjaxResult.error("操作过于频繁!"); } else { return AjaxResult.success("发送成功,验证码五分钟内有效"); } } @PostMapping("/user/resetPassword") @ResponseBody public AjaxResult resetpassword(@RequestBody FrontUserCaptcode suser) { //解密 RSA rsa = new RSA(RSAKey.privatekey, null); String username = new String(rsa.decryptStr(suser.getUserName(), KeyType.PrivateKey)); String password = new String(rsa.decryptStr(suser.getPassword(), KeyType.PrivateKey)); suser.setUserName(username); suser.setPassword(password); FrontUser fuser = frontUserMapper.selectByUserName(suser); if(fuser == null) { return AjaxResult.error("没有此用户名"); } if(!fuser.getEmail().equals(suser.getEmail())){ return AjaxResult.error("用户名和邮箱不匹配"); } if(!fuser.getPhone().equals(suser.getPhone())){ return AjaxResult.error("用户名和手机号码不匹配"); } //验证码是否有效 boolean valid = validcodeUtils.validCode(suser.getCaptcode(), suser.getPhone(), "2"); if(valid) { //修改用户密码 fuser.setPassword(encryptPassword(fuser.getUserName(), suser.getPassword(), fuser.getSalt())); frontUserMapper.updateFrontUser(fuser); return AjaxResult.success("密码修改成功"); } else { return AjaxResult.error("验证码不正确或已经失效"); } } @PostMapping("/common/upload") @ResponseBody public AjaxResult uploadFile(MultipartFile file) throws Exception { try { // 上传文件路径 String filePath = Global.getUploadPath(); // 上传并返回新文件名称 String fileName = FileUploadUtils.upload(filePath, file); String url = serverConfig.getUrl() + fileName; AjaxResult ajax = AjaxResult.success(); ajax.put("fileName", fileName); ajax.put("url", url); return ajax; } catch (Exception e) { return AjaxResult.error(e.getMessage()); } } @UserAuth("frontUser") @PostMapping("/user/reAuthentication") @ResponseBody public AjaxResult reAuthentication(@RequestBody FrontUser frontUser,HttpServletRequest request) throws Exception { String token =request.getParameter("token"); if(token==null || !UserAuthCacheUtils.userCaches.containsKey(token)){ return AjaxResult.error("登录验证失效"); } FrontUser user =new FrontUser(); user.setId(frontUser.getId()); String license=frontUser.getApplyLicense(); if(StringUtils.isEmpty(license)){ return AjaxResult.error("上传材料失败"); } user.setApplyLicense(license); user.setStatus(FrontUserStatus.REAPPLY.getCode());//二次申请 frontUserMapper.updateFrontUser(user); return AjaxResult.success("重新上传成功"); } @Autowired PVQueueService pvQueueService; @PostMapping("/page/view") @ResponseBody public AjaxResult pv(Pv pv, HttpServletRequest request) { pvQueueService.pushPvQueue(request, pv); return success(); } }