添加注册、快速登录、重置密码时对手机验证码的计数器处理（5次后销毁验证码，用户需重新获取）

1f7db0de · 技术部-任文超 · cf15dc6b · 1f7db0de · 1f7db0de
Commit 1f7db0de authored Oct 30, 2017 by 技术部-任文超
Showing with 60 additions and 26 deletions

CaptchaNewValidateAdvisor.java ...tgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java +2 -0

UserController.java ...ntgroup/xyqb/controller/internal/user/UserController.java +58 -26

No files found.
--- a/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
+++ b/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java
@@ -72,6 +72,8 @@ public class CaptchaNewValidateAdvisor {

    /**
     * 在受图形验证码保护的接口方法执行前, 执行图形验证码校验
+     * captchaId 图形验证码key
+     * captchaValue 图形验证码value
     *
     * @throws Throwable
     */

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
 package cn.quantgroup.xyqb.controller.internal.user;

 import cn.quantgroup.xyqb.Constants;
+import cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator;
 import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.Merchant;
@@ -8,6 +9,7 @@ import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.entity.UserDetail;
 import cn.quantgroup.xyqb.entity.WechatUserInfo;
 import cn.quantgroup.xyqb.exception.UserNotExistException;
+import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.UserModel;
 import cn.quantgroup.xyqb.model.UserRegisterMqMessage;
@@ -78,7 +80,10 @@ public class UserController implements IBaseController {
  public JsonResult login(
      @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
      @RequestParam(required = false, defaultValue = "1") Long createdFrom,
-      @RequestParam(required = false, defaultValue = "") String userId,  @RequestParam(required = false,defaultValue = "xyqb") String key, HttpServletRequest request, String openId,@RequestParam(required = false) String dimension) {
+      @RequestParam(required = false, defaultValue = "") String userId,
+      @RequestParam(required = false,defaultValue = "xyqb") String key,
+      HttpServletRequest request, String openId,
+      @RequestParam(required = false) String dimension) {

    Merchant merchant = merchantService.findMerchantByName(key);
    if (merchant == null) {
@@ -114,7 +119,10 @@ public class UserController implements IBaseController {
  @RequestMapping("/login/fast")
  public JsonResult loginFast(
      @RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
-      @RequestParam(required = false, defaultValue = "1") Long createdFrom, @RequestParam(required = false,defaultValue = "xyqb") String key,@RequestParam(required = false)Long btRegisterChannelId,@RequestParam(required = false) String dimension ,HttpServletRequest request) {
+      @RequestParam(required = false, defaultValue = "1") Long createdFrom,
+      @RequestParam(required = false,defaultValue = "xyqb") String key,
+      @RequestParam(required = false)Long btRegisterChannelId,
+      @RequestParam(required = false) String dimension ,HttpServletRequest request) {
        Map<String, JsonResult> validMap = getHeaderParam(request);
    if (null != validMap.get("fail")) {
      return validMap.get("fail");
@@ -125,12 +133,23 @@ public class UserController implements IBaseController {
    }
    JsonResult successResult = validMap.get("success");
    String phoneNo = successResult.getData().toString();
+    String verificationCode =  successResult.getMsg();
+    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
+      LOGGER.info("用户快速注册失败，短信验证码错误, registerFrom:{}, phoneNo:{}, verificationCode:{}", btRegisterChannelId, phoneNo, verificationCode);
+      if(needRetSendCode(phoneNo)){
+        String hkey = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+        stringRedisTemplate.delete(hkey);
+        return JsonResult.buildErrorStateResult("错误次数过多，请重新获取短信验证码", null);
+      }
+      return JsonResult.buildErrorStateResult("短信验证码错误", null);
+    }
+
    User user = userService.findByPhoneWithCache(phoneNo);
    if (user != null && !user.getEnable()) {
      return JsonResult.buildErrorStateResult("登录失败", null);
    }
    if (user == null) {
-      user = registerFastWhenLogin(phoneNo, channelId, createdFrom, appChannel,btRegisterChannelId,dimension);
+      user = registerFastWhenLogin(phoneNo, verificationCode, channelId, createdFrom, appChannel,btRegisterChannelId,dimension);
      if (user == null) {
        throw new UserNotExistException("用户未找到");
      }
@@ -142,9 +161,9 @@ public class UserController implements IBaseController {
    // return createSession(channelId, createdFrom, appChannel, user);
  }

-  private User registerFastWhenLogin(String phoneNo, Long channelId, Long registerFrom, String appChannel, Long btRegisterChannelId,String dimension) {
+  private User registerFastWhenLogin(String phoneNo, String verificationCode, Long channelId, Long registerFrom, String appChannel, Long btRegisterChannelId,String dimension) {
    String password = genRandomPwd();
-    LOGGER.info("用户快速注册, phoneNo:{}, verificationCode:{}, channelId:{}, registerFrom:{},appChannel:{},btRegisterChannelId", phoneNo, channelId, registerFrom, appChannel,btRegisterChannelId);
+    LOGGER.info("用户快速注册, phoneNo:{}, verificationCode:{}, channelId:{}, registerFrom:{},appChannel:{},btRegisterChannelId", phoneNo, verificationCode, channelId, registerFrom, appChannel,btRegisterChannelId);
    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
      LOGGER.info("用户快速注册失败，手机号错误, registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
      throw new UserNotExistException("手机号错误");
@@ -155,6 +174,14 @@ public class UserController implements IBaseController {
    if (channelId == 222L) {
      registerFrom=222L;
    }
+    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
+      if(needRetSendCode(phoneNo)){
+        String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+        stringRedisTemplate.delete(key);
+        throw new VerificationCodeErrorException("错误次数过多，请重新获取短信验证码");
+      }
+      throw new VerificationCodeErrorException("短信验证码错误");
+    }
    User user=userService.registerAndReturn(phoneNo, password, registerFrom,btRegisterChannelId);
    LOGGER.info("用户快速注册成功, registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
    UserStatistics statistics=new UserStatistics(user,dimension,2,channelId);
@@ -203,7 +230,7 @@ public class UserController implements IBaseController {
      LOGGER.info("用户快速登录，验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
      result.put("fail", JsonResult.buildErrorStateResult("验证码不正确", null));
    }
-    result.put("success", JsonResult.buildSuccessResult("", phoneNo));
+    result.put("success", JsonResult.buildSuccessResult(verificationCode, phoneNo));
    return result;
  }

@@ -242,6 +269,11 @@ public class UserController implements IBaseController {
    }
    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
      LOGGER.info("用户快速注册失败，短信验证码错误, registerFrom:{}, phoneNo:{}, verificationCode:{}", registerFrom, phoneNo, verificationCode);
+      if(needRetSendCode(phoneNo)){
+        String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+        stringRedisTemplate.delete(key);
+        return JsonResult.buildErrorStateResult("错误次数过多，请重新获取短信验证码", null);
+      }
      return JsonResult.buildErrorStateResult("短信验证码错误", null);
    }
    if (!userService.register(phoneNo, password, registerFrom, getIp(), channelId,btRegisterChannelId,dimension)) {
@@ -290,7 +322,12 @@ public class UserController implements IBaseController {
      return JsonResult.buildErrorStateResult("该手机号已经被注册", null);
    }
    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
-      LOGGER.info("用户注册失败，短信验证码错误, registerFrom:{}, phoneNo:{}, verificationCode:{}", registerFrom, phoneNo, verificationCode);
+      LOGGER.info("用户快速注册失败，短信验证码错误, registerFrom:{}, phoneNo:{}, verificationCode:{}", registerFrom, phoneNo, verificationCode);
+      if(needRetSendCode(phoneNo)){
+        String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+        stringRedisTemplate.delete(key);
+        return JsonResult.buildErrorStateResult("错误次数过多，请重新获取短信验证码", null);
+      }
      return JsonResult.buildErrorStateResult("短信验证码错误", null);
    }
    if (!userService.register(phoneNo, password, registerFrom, getIp(), channelId,btRegisterChannelId,dimension)) {
@@ -306,13 +343,13 @@ public class UserController implements IBaseController {
  /**
   * 检查用户是否存在
   *
-   * @param phoneNo
+   * @param phoneNo 手机号
   * @return
+   *
   */
-  @RequestMapping("/exist")
+  @RequestMapping(value = {"/exist", "/exist_check"})
  public JsonResult exist(@RequestParam String phoneNo) {
    LOGGER.info("检查用户是否存在, phoneNo:{}", phoneNo);
-
    if (userService.exist(phoneNo)) {
      LOGGER.info("该手机号已经注册, phoneNo:{}", phoneNo);
      return JsonResult.buildErrorStateResult("该手机号已经注册", null);
@@ -320,19 +357,6 @@ public class UserController implements IBaseController {
    return JsonResult.buildSuccessResult(null, null);
  }

-
-  /**
-   * 检查用户是否存在
-   *
-   * @param phoneNo
-   * @return
-   */
-  @RequestMapping("/exist_check")
-  public JsonResult existForResetPwd(@RequestParam String phoneNo) {
-    LOGGER.info("检查用户是否存在, phoneNo:{}", phoneNo);
-    return JsonResult.buildSuccessResult(null, userService.exist(phoneNo));
-  }
-
  /**
   * 重置密码
   *
@@ -341,6 +365,7 @@ public class UserController implements IBaseController {
   * @param verificationCode
   * @return
   */
+  @CaptchaNewValidator
  @RequestMapping("/reset_password")
  public JsonResult resetPassword(@RequestParam String phoneNo,
                                  @RequestParam String password,
@@ -429,9 +454,9 @@ public class UserController implements IBaseController {
    return JsonResult.buildSuccessResult("token校验成功", userModel);
  }

-  private User registerFastWhenLogin(String phoneNo, Long channelId, Long registerFrom, String appChannel) {
+  private User registerFastWhenLogin(String phoneNo, String verificationCode, Long channelId, Long registerFrom, String appChannel) {
    String password = genRandomPwd();
-    LOGGER.info("用户快速注册, phoneNo:{}, verificationCode:{}, channelId:{}, registerFrom:{},appChannel:{}", phoneNo, channelId, registerFrom, appChannel);
+    LOGGER.info("用户快速注册, phoneNo:{}, verificationCode:{}, channelId:{}, registerFrom:{},appChannel:{}", phoneNo, verificationCode, channelId, registerFrom, appChannel);
    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
      LOGGER.info("用户快速注册失败，手机号错误, registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
      throw new UserNotExistException("手机号错误");
@@ -440,7 +465,14 @@ public class UserController implements IBaseController {
      registerFrom = 1L;
    }
    LOGGER.info("用户快速注册成功, registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
-
+    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
+      if(needRetSendCode(phoneNo)){
+        String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+        stringRedisTemplate.delete(key);
+        throw new VerificationCodeErrorException("错误次数过多，请重新获取短信验证码");
+      }
+      throw new VerificationCodeErrorException("短信验证码错误");
+    }
    return userService.registerAndReturn(phoneNo, password, registerFrom);

  }