Skip to content

X
xyqb-user2
Commit 4fb46119 authored by 技术部-任文超's avatar 技术部-任文超
Browse files
Options

Merge branch 'master' into feature/20180108

parents 4ebe0b4b 73189d4d
Hide whitespace changes
Inline Side-by-side
Showing with 1299 additions and 196 deletions
pom.xml
View file @ 4fb46119
......@@ -338,6 +338,11 @@
<artifactId>sentry-spring</artifactId>
<version>1.6.3</version>
</dependency>
<dependency>
<groupId>com.vaadin.external.google</groupId>
<artifactId>android-json</artifactId>
<version>0.0.20131108.vaadin1</version>
</dependency>
</dependencies>
......
src/main/java/cn/quantgroup/xyqb/Constants.java
View file @ 4fb46119
......@@ -26,6 +26,8 @@ public interface Constants {
Long VERIFICATION_CODE_FINITE_COUNT = 3L;
String X_AUTH_TOKEN = "x-auth-token";
/** 登录账号/手机号参数名 */
String PHONE_NO = "phoneNo";
// -- Start -- IPV4安全策略常量组
/** 账密不匹配错误 - 按账号计数 */
......@@ -94,4 +96,20 @@ public interface Constants {
String AES_KEY = "ScnmRBhuQpo9kBdn";
// -- Start -- 验证码常量组
int GT_CAPTCHA_VALIDATE_SUCCESS =1;
String FN_GEETEST_CHALLENGE = "geetest_challenge";
String FN_GEETEST_VALIDATE = "geetest_validate";
String FN_GEETEST_SECCODE = "geetest_seccode";
String QG_CAPTCHA_ID = "captchaId";
String QG_CAPTCHA_VALUE = "captchaValue";
/** 客户端类型参数名 */
String CLIENT_TYPE = "clientType";
/** 验证类型请求参数名 */
String VERIFY_PARAM = "verifyType";
/** 验证类型 - 极验 */
String VERIFY_TYPE_GT = "gt";
/** 验证类型 - 量化派图形验证 */
String VERIFY_TYPE_QG = "qg";
// -- End -- 验证码常量组
}
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaFiniteValidateAdvisor.java
View file @ 4fb46119
......@@ -87,7 +87,7 @@ public class CaptchaFiniteValidateAdvisor {
return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
}
// 当前用户手机号
String phoneNo = phonePasswordMap.get("phoneNo");
String phoneNo = phonePasswordMap.get(Constants.PHONE_NO);
Long countErrorByPhone = getCount(phoneNo);
if(countErrorByPhone == null){
LOGGER.info("用户名或密码不正确, phoneNo={}, countErrorByPhone={}, clientIp={}", phoneNo, countErrorByPhone, IPUtil.getRemoteIP(request));
......@@ -95,8 +95,8 @@ public class CaptchaFiniteValidateAdvisor {
}
if (countErrorByPhone > Constants.Image_Need_Count) {
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
if (shouldSkipCaptchaValidate(registerFrom, captchaId, captchaValue)) {
LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
return pjp.proceed();
......@@ -114,7 +114,7 @@ public class CaptchaFiniteValidateAdvisor {
if (validCaptcha) {
return pjp.proceed();
}
return JsonResult.buildSuccessResult("图形验证码不正确", "", 2L);
return JsonResult.buildSuccessResult("验证码不正确", "", 2L);
}
return JsonResult.buildSuccessResult("请输入图形验证码", "", 2L);
}
......@@ -181,7 +181,7 @@ public class CaptchaFiniteValidateAdvisor {
}
LOGGER.info("账密登录, phoneNo:{}", phoneNo);
Map<String, String> phonePasswordMap = new HashMap<String, String>(2);
phonePasswordMap.put("phoneNo", phoneNo);
phonePasswordMap.put(Constants.PHONE_NO, phoneNo);
phonePasswordMap.put("password", password);
return phonePasswordMap;
}
......
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.aspect.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.ClientType;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.PasswordUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.aspectj.lang.ProceedingJoinPoint;
import org.aspectj.lang.annotation.Around;
import org.aspectj.lang.annotation.Aspect;
import org.aspectj.lang.annotation.Pointcut;
import org.springframework.stereotype.Component;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.Objects;
import java.util.Optional;
/**
* @author xufei on 2018/1/30.
*/
@Aspect
@Component
@Slf4j
public class CaptchaNewValidateAdvisor {
@Resource
private IGeetestCaptchaService geetestCaptchaService;
@Resource
private IQuantgroupCaptchaService quantgroupCaptchaService;
/**
* 图形验证码切面
*/
@Pointcut("@annotation(cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator)")
private void needCaptchaValidate(){}
/**
* 在受图形验证码保护的接口方法执行前, 执行图形验证码校验
*
* @param pjp pjp
* @return
* @throws Throwable
*/
@Around("needCaptchaValidate()")
private Object doCaptchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
// 验证码类别:gt - 极验,qg - 量化派图形验证
if (Objects.equals(Constants.VERIFY_TYPE_GT, request.getParameter(Constants.VERIFY_PARAM))) {
if(StringUtils.isBlank(request.getParameter(Constants.FN_GEETEST_CHALLENGE))){
return JsonResult.buildErrorStateResult("操作过快,请稍后重试", "");
}
if(gtValid(request)){
return pjp.proceed();
}else{
return JsonResult.buildErrorStateResult("验证码不正确", "");
}
} else {
if (qgValid(request)) {
return pjp.proceed();
} else {
return JsonResult.buildErrorStateResult("验证码不正确", "", 2L);
}
}
}
/**
* 极验校验
* @param request
* @return
* @throws Throwable
*/
private boolean gtValid(HttpServletRequest request) {
String phoneNo = request.getParameter(Constants.PHONE_NO);
String clientType = request.getParameter(Constants.CLIENT_TYPE);
String challenge = request.getParameter(Constants.FN_GEETEST_CHALLENGE);
String validate = request.getParameter(Constants.FN_GEETEST_VALIDATE);
String seccode = request.getParameter(Constants.FN_GEETEST_SECCODE);
log.info("Geetest - 极验二次校验, phoneNo:{}, clientType:{}, ip:{}, challenge:{}, validate:{}, seccode:{}", phoneNo, clientType, IPUtil.getRemoteIP(request), challenge, validate, seccode);
return geetestCaptchaService.validGeetestCaptcha(PasswordUtil.MD5(phoneNo), IPUtil.getRemoteIP(request), ClientType.valueByName(clientType), challenge, validate, seccode);
}
/**
* 量化派图形码校验
* @param request
* @return
* @throws Throwable
*/
private boolean qgValid(HttpServletRequest request) {
String phoneNo = request.getParameter(Constants.PHONE_NO);
String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
log.info("Quantgroup - 图形验证码校验, phoneNo:{}, ip:{}, captchaId:{}, captchaValue:{}", phoneNo, IPUtil.getRemoteIP(request), captchaId, captchaValue);
return quantgroupCaptchaService.validQuantgroupCaptcha(captchaId, captchaValue);
}
}
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidator.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.aspect.captcha;
import java.lang.annotation.*;
/**
* @author xufei on 2018/1/30.
*/
@Documented
@Target(ElementType.METHOD)
@Retention(RetentionPolicy.RUNTIME)
public @interface CaptchaNewValidator {
}
src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaValidateAdvisor.java
View file @ 4fb46119
......@@ -76,13 +76,13 @@ public class CaptchaValidateAdvisor {
private Object doCapchaValidate(ProceedingJoinPoint pjp) throws Throwable {
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
String registerFrom = Optional.ofNullable(request.getParameter("registerFrom")).orElse("");
String captchaId = Optional.ofNullable(request.getParameter("captchaId")).orElse("");
String captchaValue = request.getParameter("captchaValue");
String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
if (shouldSkipCaptchaValidate(registerFrom, captchaId, captchaValue)) {
LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
return pjp.proceed();
}
JsonResult result = JsonResult.buildSuccessResult("图形验证码不正确", "");
JsonResult result = JsonResult.buildSuccessResult("验证码不正确", "");
result.setBusinessCode("0002");
if (StringUtils.isNotBlank(captchaValue)) {
// 忽略用户输入的大小写
......
src/main/java/cn/quantgroup/xyqb/aspect/limit/PasswordFreeAccessValidateAdvisor.java
View file @ 4fb46119
......@@ -32,7 +32,6 @@ import java.util.*;
public class PasswordFreeAccessValidateAdvisor {
private static final Logger LOGGER = LoggerFactory.getLogger(PasswordFreeAccessValidateAdvisor.class);
private static final String PHONE_NO = "phoneNo";
private static final String USER_ID = "userId";
/**
......@@ -65,12 +64,12 @@ public class PasswordFreeAccessValidateAdvisor {
Objects.requireNonNull(request, "无效请求");
String clientIp = IPUtil.getRemoteIP(request);
Set<String> paramKeys = request.getParameterMap().keySet();
if(!paramKeys.contains(PHONE_NO) && !paramKeys.contains(USER_ID)){
if(!paramKeys.contains(Constants.PHONE_NO) && !paramKeys.contains(USER_ID)){
LOGGER.info("非法请求 - 缺少参数, paramKeys={}, clientIp={}", paramKeys, clientIp);
return false;
}
// 当前请求的phoneNo/userId
String phoneNo = request.getParameter(PHONE_NO);
String phoneNo = request.getParameter(Constants.PHONE_NO);
String userId = request.getParameter(USER_ID);
if(StringUtils.isBlank(phoneNo) && StringUtils.isBlank(userId)){
LOGGER.info("非法请求 - 缺少参数, phoneNo={}, userId={}, clientIp={}", phoneNo, userId, clientIp);
......
src/main/java/cn/quantgroup/xyqb/config/mq/RegisterMqConfig.java
View file @ 4fb46119
......@@ -24,6 +24,12 @@ public class RegisterMqConfig {
private String queueName;
@Value("${register.rabbitmq.exchange}")
private String registerMqExchange;
@Value("${register.rabbitmq.queue.qq_gdt}")
private String queueName4Gdt;
@Value("${register.rabbitmq.routing_key.qq_gdt}")
private String routingKey4Gdt;
@Value("${register.rabbitmq.exchange.qq_gdt}")
private String exchange4Gdt;
@Value("${register.rabbitmq.connection.host}")
private String host;
......@@ -75,11 +81,36 @@ public class RegisterMqConfig {
return binding;
}
@Bean(name = "registerRabbitTemplate")
public RabbitTemplate registerTemplate(@Qualifier("registerMqFactory") ConnectionFactory registerMqFactory) {
RabbitTemplate template = new RabbitTemplate(registerMqFactory);
template.setExchange(registerMqExchange);
return template;
}
@Bean(name = "registerMqExchange4Gdt")
public FanoutExchange registerMqExchange4Gdt() {
return new FanoutExchange(exchange4Gdt);
}
@Bean(name = "registerMqQueue4Gdt")
public Queue registerMqQueue4Gdt() {
return new Queue(queueName4Gdt);
}
@Bean(name = "registerMqBinding4Gdt")
public Binding registerMqBinding4Gdt(@Qualifier("registerMqAmqpAdmin")AmqpAdmin registerMqAmqpAdmin, @Qualifier("registerMqQueue4Gdt")Queue registerMqQueue4Gdt, @Qualifier("registerMqExchange4Gdt")FanoutExchange registerMqExchange4Gdt) {
Binding binding = BindingBuilder.bind(registerMqQueue4Gdt).to(registerMqExchange4Gdt);
registerMqAmqpAdmin.declareBinding(binding);
return binding;
}
@Bean(name = "registerRabbitTemplate4Gdt")
public RabbitTemplate registerTemplate4Gdt(@Qualifier("registerMqFactory") ConnectionFactory registerMqFactory) {
RabbitTemplate template = new RabbitTemplate(registerMqFactory);
template.setExchange(exchange4Gdt);
return template;
}
}
src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
View file @ 4fb46119
......@@ -2,24 +2,14 @@ package cn.quantgroup.xyqb.controller.external.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.aspect.captcha.CaptchaValidator;
import cn.quantgroup.xyqb.controller.IBaseController;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import com.octo.captcha.service.CaptchaServiceException;
import java.nio.charset.Charset;
import java.util.Optional;
import java.util.concurrent.TimeUnit;
import java.util.*;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.imageio.ImageIO;
......@@ -27,9 +17,6 @@ import javax.servlet.http.HttpServletRequest;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
/**
* 类名称:ImgCaptchaController
......@@ -40,41 +27,21 @@ import java.util.UUID;
*/
@RestController
@RequestMapping("/api")
public class ImageCaptchaController implements IBaseController {
private static final Logger LOGGER = LoggerFactory.getLogger(ImageCaptchaController.class);
private static final String SUPER_CAPTCHA_ID = UUID.nameUUIDFromBytes("__QG_APPCLIENT_AGENT__".getBytes(Charset.forName("UTF-8"))).toString();
private static final String SUPER_CAPTCHA = "__SUPERQG__";
public class ImageCaptchaController {
private static final String IMAGE_FORMAT_PNG = "png";
private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
private static final String IMAGE_IP_COUNT = "image:ip";
private static final String IMAGE_PHONE_COUNT = "image:phone";
private static final Long FIVE_MIN = 24 * 5L;
@Autowired
@Qualifier("customCaptchaService")
private AbstractManageableImageCaptchaService imageCaptchaService;
@Autowired
@Qualifier("stringRedisTemplate")
private RedisTemplate<String, String> redisTemplate;
@ModelAttribute("clientIp")
public String initClientIp() {
return getIp();
}
/**
* 自动化测试忽略验证码
*/
@Value("${xyqb.auth.captcha.autotest.enable:false}")
private boolean autoTestCaptchaEnabled;
/**
* 获取验证码
* 默认匹配 GET /captcha, 提供4位数字和字母混合图片验证码
*/
@RequestMapping(value = "/captcha")
public JsonResult fetchCaptcha(HttpServletRequest request, @ModelAttribute("clientIp") String clientIp) {
public JsonResult fetchCaptcha(HttpServletRequest request) {
String imageId = UUID.randomUUID().toString();
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, request.getLocale());
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
......@@ -94,6 +61,7 @@ public class ImageCaptchaController implements IBaseController {
}
/**
* 图片验证码验证
* 注意:本方法有中间层在用,用于QG图形验证码检验
*/
@CaptchaValidator
@RequestMapping("/verification_image_code")
......
src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.controller.external.captcha;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator;
import cn.quantgroup.xyqb.aspect.logcaller.LogHttpCaller;
import cn.quantgroup.xyqb.model.ClientType;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.PasswordUtil;
import cn.quantgroup.xyqb.util.ValidationUtil;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
/**
* @author xufei on 2018/1/30.
*/
@Slf4j
@RestController
@RequestMapping("/api")
public class NewCaptchaController {
@Resource
private IGeetestCaptchaService geetestCaptchaService;
@Resource
private IQuantgroupCaptchaService quantgroupCaptchaService;
@Value("${geetest.close:false}")
private String geetestClose;
@LogHttpCaller
@RequestMapping(value = "/captcha/new")
public JsonResult getCaptcha(String phoneNo, String clientType, HttpServletRequest request) {
String remoteIp = IPUtil.getRemoteIP(request);
log.info("获取验证码, phoneNo:{}, clientType:{}, ip:{}, verifyType-qg:{}", phoneNo, clientType, remoteIp, geetestClose);
if (!ValidationUtil.validatePhoneNo(phoneNo)) {
return JsonResult.buildErrorStateResult("手机号格式错误", null);
}
// 数据容器
Map<String, String> data = new HashMap<String, String>();
Map<String, String> imgMap = null;
// 优先获取极验
if(!Boolean.valueOf(geetestClose)){
imgMap = geetestCaptchaService.fetchGeetestCaptcha(PasswordUtil.MD5(phoneNo), remoteIp, ClientType.valueByName(clientType));
data.put(Constants.VERIFY_PARAM, Constants.VERIFY_TYPE_GT);
}
// 备选方案:量化派图形验证码
if(Objects.isNull(imgMap) || imgMap.isEmpty()){
imgMap = quantgroupCaptchaService.fetchQuantgroupCaptcha(request.getLocale());
data.put(Constants.VERIFY_PARAM, Constants.VERIFY_TYPE_QG);
}
// 返回结果
if(Objects.isNull(imgMap) || imgMap.isEmpty()){
return JsonResult.buildErrorStateResult("获取验证码失败", "");
}
// 填充数据并返回
data.putAll(imgMap);
return JsonResult.buildSuccessResult("", data);
}
}
src/main/java/cn/quantgroup/xyqb/controller/external/queryLog/UserQueryLogController.java
View file @ 4fb46119
......@@ -69,20 +69,18 @@ public class UserQueryLogController {
@Autowired
private IHttpService httpService;
private static final String publicKey="MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYiw1PKWnCbkKyzHK+blHpKTR/qtO3Oq7nvjSdcopCSmOJqji3B+qJMrf03242mYJIQeF3YSTQZTfri5EkNgoqn0Y/KYpLAKuq89jPdIkB3lvirvew9tpfbAT4B14WgoWdMH5ooqBt0ly3f+JjoBM5dKFTOrhckhFDoaB3UAaaiQIDAQAB";
private static final String PUBLIC_KEY = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYiw1PKWnCbkKyzHK+blHpKTR/qtO3Oq7nvjSdcopCSmOJqji3B+qJMrf03242mYJIQeF3YSTQZTfri5EkNgoqn0Y/KYpLAKuq89jPdIkB3lvirvew9tpfbAT4B14WgoWdMH5ooqBt0ly3f+JjoBM5dKFTOrhckhFDoaB3UAaaiQIDAQAB";
private static final String privateKey="MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJiLDU8pacJuQrLMcr5uUekpNH+q07c6rue+NJ1yikJKY4mqOLcH6okyt/TfbjaZgkhB4XdhJNBlN+uLkSQ2CiqfRj8piksAq6rz2M90iQHeW+Ku97D22l9sBPgHXhaChZ0wfmiioG3SXLd/4mOgEzl0oVM6uFySEUOhoHdQBpqJAgMBAAECgYA3DfCWwoaWEr9l0p4TFrPfZ+y3qwrQVZCsuRw6Ow2lUT3NgK8JeATw0WpNKZqYgBziQUzDjj8AK5fcHjobDJnsKGqC2VQ+j05hQZztoHTrYxOx6xrGxIzqmbt/dPsw779xXSRJu3DuUeCm6CrGZpVpPX/NtXBxIhXRY2KRNa1SZQJBAPMboc+M6/OeGPQqFvXg9jgEWcosBpy6HtukfjONQAVuM5e0pZa8SQCLhcoHgbbqcEhbDAJEqr9x9eZjjFPSt08CQQCgoe/hOVf0s5oo1IM1TVEUkGOIzVVlyTMwu0p4jwt3987D7BKZe7mCl41quWDwL4JIQ0GcivVMpJzYsDBZHRqnAkBMgCKAHHlXdSWnF+OXxg3U/NGAhDAke5EgTvgDouxFiTMlBwygjWlviXg1Zf1UoRtqOXRi9lbA3cyijirnacSTAkBmve0ug30MmOvbfcHGkANyQcBIOf2LMxu46bKCVgwh2bC4hACJhydqrgDX6GZmehy8l7gZpo+rTAa+WkMyXHk1AkEArt6ElkyNI7TDu0By59Zin05tuZJr6QoMXs9bVH+xP3OBG1KfPYTBc9yb5MOjXIxAjyGGeDpUfhuUDBe56GTOBA==";
private static final String PRIVATE_KEY = "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAJiLDU8pacJuQrLMcr5uUekpNH+q07c6rue+NJ1yikJKY4mqOLcH6okyt/TfbjaZgkhB4XdhJNBlN+uLkSQ2CiqfRj8piksAq6rz2M90iQHeW+Ku97D22l9sBPgHXhaChZ0wfmiioG3SXLd/4mOgEzl0oVM6uFySEUOhoHdQBpqJAgMBAAECgYA3DfCWwoaWEr9l0p4TFrPfZ+y3qwrQVZCsuRw6Ow2lUT3NgK8JeATw0WpNKZqYgBziQUzDjj8AK5fcHjobDJnsKGqC2VQ+j05hQZztoHTrYxOx6xrGxIzqmbt/dPsw779xXSRJu3DuUeCm6CrGZpVpPX/NtXBxIhXRY2KRNa1SZQJBAPMboc+M6/OeGPQqFvXg9jgEWcosBpy6HtukfjONQAVuM5e0pZa8SQCLhcoHgbbqcEhbDAJEqr9x9eZjjFPSt08CQQCgoe/hOVf0s5oo1IM1TVEUkGOIzVVlyTMwu0p4jwt3987D7BKZe7mCl41quWDwL4JIQ0GcivVMpJzYsDBZHRqnAkBMgCKAHHlXdSWnF+OXxg3U/NGAhDAke5EgTvgDouxFiTMlBwygjWlviXg1Zf1UoRtqOXRi9lbA3cyijirnacSTAkBmve0ug30MmOvbfcHGkANyQcBIOf2LMxu46bKCVgwh2bC4hACJhydqrgDX6GZmehy8l7gZpo+rTAa+WkMyXHk1AkEArt6ElkyNI7TDu0By59Zin05tuZJr6QoMXs9bVH+xP3OBG1KfPYTBc9yb5MOjXIxAjyGGeDpUfhuUDBe56GTOBA==";
@RequestMapping("/queryLog")
public JsonResult queryLog(HttpServletRequest request,@RequestParam(required=false) String beginDate,@RequestParam(required=false) String endDate, Integer pageId, Integer pageSize) {
LOGGER.info("查询日期:beginDate{},endDate{}",beginDate,endDate);
String token=request.getHeader(Constants.X_AUTH_TOKEN);
if(token==null||token.equals("")){
if(StringUtils.isEmpty(token)){
LOGGER.info("token为空,非法查询");
return JsonResult.buildErrorStateResult("缺少授权信息",null);
}
if(checkUserToken(token).equals("")){
if(StringUtils.isEmpty(checkUserToken(token))){
LOGGER.info("token授权异常");
return JsonResult.buildErrorStateResult("未授权查询",null);
}
......@@ -144,7 +142,7 @@ public class UserQueryLogController {
LOGGER.info("查询条件:key{},columns{}",key,columns);
String token=request.getHeader(Constants.X_AUTH_TOKEN);
if(token==null||token.equals("")){
if(StringUtils.isEmpty(token)){
LOGGER.info("token为空,非法查询");
return JsonResult.buildErrorStateResult("缺少授权信息",null);
}
......@@ -154,7 +152,7 @@ public class UserQueryLogController {
//后台参数校验
//校验用户权限
String userName=checkUserToken(token);
if(userName.equals("")){
if(StringUtils.isEmpty(userName)){
LOGGER.info("token授权异常");
return JsonResult.buildErrorStateResult("未授权查询",null);
}
......@@ -165,8 +163,8 @@ public class UserQueryLogController {
String[] values=keyValues.split("\\n");
List<String> queryV= Arrays.asList(values);
if(queryV!=null&&queryV.size()>1000){
return JsonResult.buildErrorStateResult("查询记录数是"+queryV.size()+",超过1000条限制",null);
if(queryV!=null&&queryV.size()>50000){
return JsonResult.buildErrorStateResult("查询记录数是"+queryV.size()+",超过50000条限制",null);
}
List<UserQueryInfo> userQueryInfos=new ArrayList<UserQueryInfo>();
......@@ -187,7 +185,7 @@ public class UserQueryLogController {
columns=columns+","+key;
}
if(key.equals("userId")){
if(Objects.equals(key, "userId")){
List<Long> userIds=new ArrayList<Long>();
try{
for(String s:queryV){
......@@ -204,7 +202,7 @@ public class UserQueryLogController {
}
userDetailPage=userDetailService.getUserDetailsPage(userIds,null,null,pageId,pageSize,"auto");
}else if(key.equals("phoneNo")){
}else if(Objects.equals(key, Constants.PHONE_NO)){
for(String pn:queryV){
if(!ValidationUtil.validatePhoneNo(pn)){
return JsonResult.buildErrorStateResult("查询的手机号码"+pn+"格式有误",null);
......@@ -212,7 +210,7 @@ public class UserQueryLogController {
}
userDetailPage=userDetailService.getUserDetailsPage(null,queryV,null,pageId,pageSize,"auto");
}else if(key.equals("idNo")){
}else if(Objects.equals(key, "idNo")){
IdcardValidator iv = new IdcardValidator();
for(String idno:queryV){
if(!iv.is18Idcard(idno)&&!iv.is15Idcard(idno)){
......@@ -229,9 +227,9 @@ public class UserQueryLogController {
if(columns.contains("bankCard")){
//需加银行卡信息
if(key.equals("phoneNo")){
if(Objects.equals(key, Constants.PHONE_NO)){
phonesCards=getBankCardsByPhoneNos(queryV);
if(phonesCards!=null&&phonesCards.get("errorMsg")!=null&&!phonesCards.get("errorMsg").equals("")){
if(phonesCards!=null&&phonesCards.get("errorMsg")!=null&&!StringUtils.isEmpty(phonesCards.get("errorMsg"))){
return JsonResult.buildErrorStateResult(phonesCards.get("errorMsg"),null);
}
}else{
......@@ -240,7 +238,7 @@ public class UserQueryLogController {
phones.add(uda.getPhoneNo());
}
phonesCards=getBankCardsByPhoneNos(phones);
if(phonesCards!=null&&phonesCards.get("errorMsg")!=null&&!phonesCards.get("errorMsg").equals("")){
if(phonesCards!=null&&phonesCards.get("errorMsg")!=null&&!StringUtils.isEmpty(phonesCards.get("errorMsg"))){
return JsonResult.buildErrorStateResult(phonesCards.get("errorMsg"),null);
}
}
......@@ -264,14 +262,17 @@ public class UserQueryLogController {
if(columns.contains("idNo")){
uqi.setIdNo(ud.getIdNo());
}
if(columns.contains("phoneNo")){
if(columns.contains(Constants.PHONE_NO)){
uqi.setPhoneNo(ud.getPhoneNo());
}
if(columns.contains("name")){
uqi.setName(ud.getName());
}
if(columns.contains("userId")){
uqi.setUserId(ud.getUserId());
}
if(columns.contains("address")){
Optional<Address> oad=addresslist.stream().filter(addr->addr.getUserId()==ud.getUserId()).findFirst();
Optional<Address> oad=addresslist.stream().filter(addr->Objects.equals(addr.getUserId(), ud.getUserId())).findFirst();
if(oad.isPresent()){
uqi.setAddress(oad.get().toString());
}
......@@ -286,10 +287,10 @@ public class UserQueryLogController {
//保存记录
UserQueryLog log=new UserQueryLog();
log.setQueryItems(columns.replace("userId","用户ID").replace("phoneNo","手机号").replace("idNo","身份证号").replace("bankCard","银行卡号").replace("address","地址"));
log.setQueryItems(columns.replace("userId","用户ID").replace(Constants.PHONE_NO,"手机号").replace("name","姓名").replace("idNo","身份证号").replace("bankCard","银行卡号").replace("address","地址"));
log.setResultAmount(Long.valueOf(userDetailPage.getTotalElements()));
//转换存储
log.setQueryCondition(key.replace("userId","用户ID").replace("phoneNo","手机号").replace("idNo","身份证号"));
log.setQueryCondition(key.replace("userId","用户ID").replace(Constants.PHONE_NO,"手机号").replace("name","姓名").replace("idNo","身份证号"));
log.setQueryDetail(keyValues.replace("\n",";"));
log.setLoginUserName(userName);
userQueryLogService.save(log);
......@@ -314,7 +315,7 @@ public class UserQueryLogController {
String sign="";
HashMap<String,String> phonesMap=new HashMap<String,String>();
try{
data=RSA.encrypt(phoneNoStr,publicKey);
data=RSA.encrypt(phoneNoStr,PUBLIC_KEY);
sign= MD5Util.build(data);
}catch(Exception e){
LOGGER.info("参数加密异常");
......@@ -336,7 +337,7 @@ public class UserQueryLogController {
String signStr=data1.get("sign").getAsString();
//校验签名
if(MD5Util.build(dataStr).equals(signStr)){
String jsonDataStr=RSA.decrypt(dataStr,privateKey);
String jsonDataStr=RSA.decrypt(dataStr,PRIVATE_KEY);
JsonArray listObj = new JsonParser().parse(jsonDataStr).getAsJsonArray();
for(JsonElement jsonElement : listObj) {
JsonObject jo = jsonElement.getAsJsonObject();
......@@ -374,13 +375,13 @@ public class UserQueryLogController {
String token=request.getHeader(Constants.X_AUTH_TOKEN);
if(token==null||token.equals("")){
if(StringUtils.isEmpty(token)){
LOGGER.info("token为空,非法查询");
return JsonResult.buildErrorStateResult("缺少授权信息",null);
}
String userName=checkUserToken(token);
if(userName.equals("")){
if(StringUtils.isEmpty(userName)){
return JsonResult.buildErrorStateResult("未授权查询",null);
}
//输入enter换行\n
......@@ -394,8 +395,8 @@ public class UserQueryLogController {
List<String> queryV= Arrays.asList(values);
if(queryV!=null&&queryV.size()>1000){
return JsonResult.buildErrorStateResult("查询记录数是"+queryV.size()+",超过1000条限制",null);
if(queryV!=null&&queryV.size()>50000){
return JsonResult.buildErrorStateResult("查询记录数是"+queryV.size()+",超过50000条限制",null);
}
......@@ -408,7 +409,7 @@ public class UserQueryLogController {
List<UserDetail> userDetails=new ArrayList<UserDetail>();
List<Address> addresslist=new ArrayList<Address>();
HashMap<String,String> phonesCards=new HashMap<String,String>();
if(key.equals("userId")){
if(Objects.equals(key, "userId")){
List<Long> userIds=new ArrayList<Long>();
try{
for(String s:queryV){
......@@ -424,7 +425,7 @@ public class UserQueryLogController {
}
userDetails=userDetailService.findByUserIdIn(userIds);
}else if(key.equals("phoneNo")){
}else if(Objects.equals(key,Constants.PHONE_NO)){
for(String pn:queryV){
if(!ValidationUtil.validatePhoneNo(pn)){
return JsonResult.buildErrorStateResult("查询的手机号码"+pn+"格式有误",pn);
......@@ -432,7 +433,7 @@ public class UserQueryLogController {
}
userDetails=userDetailService.findByPhoneNos(queryV);
}else if(key.equals("idNo")){
}else if(Objects.equals(key,"idNo")){
IdcardValidator iv = new IdcardValidator();
for(String idno:queryV){
if(!iv.is18Idcard(idno)&&!iv.is15Idcard(idno)){
......@@ -445,7 +446,7 @@ public class UserQueryLogController {
if(columns.contains("bankCard")){
//需加银行卡信息
if(key.equals("phoneNo")){
if(key.equals(Constants.PHONE_NO)){
phonesCards=getBankCardsByPhoneNos(queryV);
}else{
List<String> phones=new ArrayList<String>();
......@@ -473,14 +474,17 @@ public class UserQueryLogController {
if(columns.contains("idNo")){
uqi.setIdNo(ud.getIdNo());
}
if(columns.contains("phoneNo")){
if(columns.contains(Constants.PHONE_NO)){
uqi.setPhoneNo(ud.getPhoneNo());
}
if(columns.contains("name")){
uqi.setName(ud.getName());
}
if(columns.contains("userId")){
uqi.setUserId(ud.getUserId());
}
if(columns.contains("address")){
Optional<Address> oad=addresslist.stream().filter(addr->addr.getUserId()==ud.getUserId()).findFirst();
Optional<Address> oad=addresslist.stream().filter(addr->Objects.equals(addr.getUserId(), ud.getUserId())).findFirst();
if(oad.isPresent()){
uqi.setAddress(oad.get().toString());
}
......@@ -494,10 +498,10 @@ public class UserQueryLogController {
// //不保存记录
// UserQueryLog log=new UserQueryLog();
// log.setQueryItems(columns.replace("userId","用户ID").replace("phoneNo","手机号").replace("idNo","身份证号").replace("bankCard","银行卡号").replace("address","地址"));
// log.setQueryItems(columns.replace("userId","用户ID").replace(Constants.PHONE_NO,"手机号").replace("idNo","身份证号").replace("bankCard","银行卡号").replace("address","地址"));
// log.setResultAmount(Long.valueOf(userDetails.size()));
// //转换存储
// log.setQueryCondition(key.replace("userId","用户ID").replace("phoneNo","手机号").replace("idNo","身份证号"));
// log.setQueryCondition(key.replace("userId","用户ID").replace(Constants.PHONE_NO,"手机号").replace("idNo","身份证号"));
// log.setQueryDetail(keyValues.replace("\n",";"));
// log.setLoginUserName(userName);
// userQueryLogService.save(log);
......@@ -518,13 +522,15 @@ public class UserQueryLogController {
cell.setCellValue("手机号");
cell.setCellStyle(style);
cell = row.createCell( 2);
cell.setCellValue("身份证号");
cell.setCellValue("姓名");
cell.setCellStyle(style);
cell = row.createCell( 3);
cell.setCellValue("银行卡号");
cell.setCellValue("身份证号");
cell.setCellStyle(style);
cell = row.createCell( 4);
cell.setCellValue("银行卡号");
cell.setCellStyle(style);
cell = row.createCell( 5);
cell.setCellValue("地址");
cell.setCellStyle(style);
......@@ -549,17 +555,22 @@ public class UserQueryLogController {
HSSFCell cell2= row.createCell(2);
if(cell2!=null){
cell2.setCellValue(user.getIdNo()==null?" ":user.getIdNo());
cell2.setCellValue(user.getName()==null?" ":user.getName());
}
HSSFCell cell3= row.createCell(3);
if(cell3!=null){
cell3.setCellValue(user.getBankCards()==null?" ":user.getBankCards());
cell3.setCellValue(user.getIdNo()==null?" ":user.getIdNo());
}
HSSFCell cell4= row.createCell(4);
if(cell4!=null){
cell4.setCellValue(user.getAddress()==null?" ":user.getAddress());
cell4.setCellValue(user.getBankCards()==null?" ":user.getBankCards());
}
HSSFCell cell5= row.createCell(5);
if(cell5!=null){
cell5.setCellValue(user.getAddress()==null?" ":user.getAddress());
}
}
......@@ -584,14 +595,13 @@ public class UserQueryLogController {
}
private String checkUserToken(String token){
HashMap<String, String> parameters = new HashMap<>();
parameters.put("token", token);
//访问用户中心查询用户银行卡接口
String resultStr = httpService.post(yunyingUrl + "/user/info", parameters);
try{
JsonObject resultUser = new JsonParser().parse(resultStr).getAsJsonObject();
if(resultUser.get("code").getAsString().equals("0000")&&resultUser.get("data").getAsJsonObject()!=null){
if(Objects.equals("0000",resultUser.get("code").getAsString())&&resultUser.get("data").getAsJsonObject()!=null){
String userName=resultUser.get("data").getAsJsonObject().get("user").getAsString();
return userName;
}
......
src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java
View file @ 4fb46119
......@@ -22,9 +22,11 @@ import cn.quantgroup.xyqb.util.encrypt.MD5Util;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.alibaba.fastjson.TypeReference;
import com.fasterxml.jackson.annotation.JsonFormat;
import com.fasterxml.jackson.databind.DeserializationFeature;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.databind.util.JSONWrappedObject;
import com.google.common.base.MoreObjects;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Maps;
......@@ -237,8 +239,8 @@ public class InnerController implements IBaseController {
*/
@RequestMapping("/user_detail/save")
public JsonResult saveUserDetail(Long userId, String phoneNo, String name, String idNo,
String email, Long id) {
LOGGER.info("保存用户详细信息,phoneNo:{},userId;{},name:{},idNo:{},email;{}", phoneNo, userId, name, idNo, email);
String email, String qq, Long id) {
LOGGER.info("保存用户详细信息,phoneNo:{},userId;{},name:{},idNo:{},email;{},qq;{}", phoneNo, userId, name, idNo, email, qq);
//参数验证
if (userId == null || userId == 0L) {
return JsonResult.buildErrorStateResult("用户id为空.", null);
......@@ -282,6 +284,7 @@ public class InnerController implements IBaseController {
userDetail.setIdType(IdType.ID_CARD);
userDetail.setGender(info.getGender());
userDetail.setEmail(email);
userDetail.setQq(qq);
userDetail = userDetailService.saveUserDetail(userDetail);
if (userDetail != null) {
return JsonResult.buildSuccessResult(null, UserDetailRet.getUserDetail(userDetail));
......@@ -295,11 +298,15 @@ public class InnerController implements IBaseController {
@LogHttpCaller
@RequestMapping("/user_detail/search/userId")
public JsonResult findUserDetailByUserId(Long userId) {
UserDetail userDetail = userDetailService.findByUserId(userId);
if (userDetail != null) {
return JsonResult.buildSuccessResult(null, UserDetailRet.getUserDetail(userDetail));
UserDetail userDetail = null;
// 增加容错性,防备DB中存在的脏数据触发异常
if(userId != null && userId > 0){
userDetail = userDetailService.findByUserId(userId);
}
return JsonResult.buildErrorStateResult("", null);
if(Objects.isNull(userDetail)) {
return JsonResult.buildErrorStateResult("", null);
}
return JsonResult.buildSuccessResult(null, UserDetailRet.getUserDetail(userDetail));
}
@LogHttpCaller
......@@ -553,13 +560,18 @@ public class InnerController implements IBaseController {
builder.put("name", name);
}
if (StringUtils.isNotBlank(phoneNo)) {
builder.put("phoneNo", phoneNo);
builder.put(Constants.PHONE_NO, phoneNo);
}
if (StringUtils.isNotBlank(idNo)) {
builder.put("idNo", idNo);
}
Map<String, String> param = builder.build();
String s = httpService.get(queryUrl.concat("/innerapi/user_detail/search_list"), param);
boolean isJson = StringUtils.isNotBlank(s) && s.trim().startsWith("{") && s.trim().endsWith("}");
if(!isJson){
LOGGER.warn("用户详情信息查询结果不完整:{}", s);
JsonResult.buildErrorStateResult("数据不完整", s);
}
return JSON.parseObject(s, JsonResult.class);
}
......
src/main/java/cn/quantgroup/xyqb/controller/external/user/center/UserCenterController.java
View file @ 4fb46119
......@@ -63,7 +63,7 @@ public class UserCenterController {
if(userDetail != null) {
result.put("name", userDetail.getName());
result.put("sex", Optional.ofNullable(userDetail.getGender()).orElse(cn.quantgroup.xyqb.model.Gender.UNKNOWN).ordinal() + "");
result.put("phoneNo", userDetail.getPhoneNo().substring(0,3)+"****"+userDetail.getPhoneNo().substring(7,11));
result.put(Constants.PHONE_NO, userDetail.getPhoneNo().substring(0,3)+"****"+userDetail.getPhoneNo().substring(7,11));
}
return JsonResult.buildSuccessResult(null, result);
}
......
src/main/java/cn/quantgroup/xyqb/controller/internal/login/AuthInfoController.java
View file @ 4fb46119
......@@ -8,6 +8,8 @@ import cn.quantgroup.xyqb.model.session.SessionStruct;
import cn.quantgroup.xyqb.service.http.IHttpService;
import cn.quantgroup.xyqb.service.user.IUserBtRegisterService;
import cn.quantgroup.xyqb.service.user.IUserService;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.RequestMapping;
......@@ -46,6 +48,8 @@ public class AuthInfoController implements IBaseController {
context.setBtMerchantId(sessionStruct.getValues().getLoginProperties().getBtMerchantId());
//有ThreadLocal不释放的问题,不可再使用原来方式了
loginInfo.setLoginContext(context);
log.info("[/auth/info/login] SessionStruct数据:{}", JSONObject.toJSONString(sessionStruct));
log.info("[/auth/info/login] LoginInfo数据:{}", JSONObject.toJSONString(loginInfo));
return JsonResult.buildSuccessResult("", loginInfo);
}
return JsonResult.buildErrorStateResult("用户未登录",null);
......
src/main/java/cn/quantgroup/xyqb/controller/internal/sms/SmsController.java
View file @ 4fb46119
......@@ -2,7 +2,7 @@ package cn.quantgroup.xyqb.controller.internal.sms;
import cn.quantgroup.sms.MsgParams;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.aspect.captcha.CaptchaValidator;
import cn.quantgroup.xyqb.aspect.captcha.CaptchaNewValidator;
import cn.quantgroup.xyqb.controller.IBaseController;
import cn.quantgroup.xyqb.model.JsonResult;
import cn.quantgroup.xyqb.service.sms.ISmsService;
......@@ -52,14 +52,14 @@ public class SmsController implements IBaseController {
* 短信验证码: for H5
* 使用 @FPLock 注解并加入自定义限制参数, 做针对手机号的发送次数限制
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_sms_verification_code")
public JsonResult verifyPhoneNoH5(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("注册-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
return sendVerificationCode2(phoneNo,appName);
}
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_reset_code")
public JsonResult resetPasswordH5(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("重置密码-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
......@@ -70,7 +70,7 @@ public class SmsController implements IBaseController {
* 短信验证码: for H5
* 使用 @FPLock 注解并加入自定义限制参数, 做针对手机号的发送次数限制
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_sms_verification_code_voice")
public JsonResult verifyPhoneNoH5New(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,
String usage) {
......@@ -82,7 +82,7 @@ public class SmsController implements IBaseController {
return sendVerificationCode2Voice(phoneNo, usage);
}
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_reset_code_voice")
public JsonResult resetPasswordH5New(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,
String usage) {
......@@ -97,7 +97,7 @@ public class SmsController implements IBaseController {
/**
* 快速登陆发送验证码
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_login_code_voice")
public JsonResult sendLoginCodeNew(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,
String usage) {
......@@ -112,7 +112,7 @@ public class SmsController implements IBaseController {
/**
* 快速登陆发送验证码
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_login_code")
public JsonResult sendLoginCode(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
......@@ -122,7 +122,7 @@ public class SmsController implements IBaseController {
/**
* 快速注册发送验证码
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_regist_code")
public JsonResult sendRegistCode(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("快速注册-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
......@@ -200,7 +200,7 @@ public class SmsController implements IBaseController {
/**
* 快速登陆发送验证码新版
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_login_code_voice_new")
public JsonResult sendLoginCodeVoiceNew(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom,
String usage, @RequestParam(required = false) String deviceId) {
......@@ -216,7 +216,7 @@ public class SmsController implements IBaseController {
/**
* 快速登陆发送短信验证码
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_login_code_new")
public JsonResult sendLoginSmsCodeNew(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom, @RequestParam(required = false) String deviceId,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
......@@ -225,7 +225,7 @@ public class SmsController implements IBaseController {
/**
* 快速登陆发送短信验证码
*/
@CaptchaValidator
@CaptchaNewValidator
@RequestMapping("/send_login_code_new_forH5")
public JsonResult sendLoginSmsCodeNewForH5(@RequestParam String phoneNo, @RequestParam(required = false) String registerFrom, @RequestParam(required = false) String deviceId,@RequestParam(required = false,defaultValue = "")String appName) {
LOGGER.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
......
src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
View file @ 4fb46119
package cn.quantgroup.xyqb.controller.internal.user;
import cn.quantgroup.tech.util.TechEnvironment;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.aspect.captcha.CaptchaFiniteValidator;
import cn.quantgroup.xyqb.aspect.lock.PasswordErrorFiniteValidator;
......@@ -26,6 +27,8 @@ import cn.quantgroup.xyqb.util.IPUtil;
import cn.quantgroup.xyqb.util.MqUtils;
import cn.quantgroup.xyqb.util.PasswordUtil;
import cn.quantgroup.xyqb.util.ValidationUtil;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
......@@ -114,31 +117,6 @@ public class UserController implements IBaseController {
return login(channelId, appChannel, createdFrom, userId, key, request, openId, dimension);
}
/**
* 快速登录(手机号 + 短信验证码),H5专用入口
* 短信验证码错误达到限定次数时执行图形验证码校验
* 图形验证码累计错误达到限定次数时须重新获取
*
* @param channelId
* @param appChannel
* @param createdFrom
* @param key
* @param btRegisterChannelId
* @param dimension
* @param request
* @return
*/
@RequestMapping("/login/fastV1")
public JsonResult loginFastV1(
@RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
@RequestParam(required = false, defaultValue = "1") Long createdFrom,
@RequestParam(required = false,defaultValue = "xyqb") String key,
@RequestParam(required = false)Long btRegisterChannelId,
@RequestParam(required = false) String dimension ,HttpServletRequest request) {
LOGGER.info("login/fastV1 -> channelId:{},appChennel:{},createdFrom:{},key:{},btRegisterChannelId:{},dimension:{}",channelId, appChannel, createdFrom, key, btRegisterChannelId, dimension);
return loginFast(channelId, appChannel, createdFrom, key, btRegisterChannelId, dimension, request);
}
@LogHttpCaller
@PasswordErrorFiniteValidator
@RequestMapping("/login")
......@@ -162,15 +140,44 @@ public class UserController implements IBaseController {
}
}
/**
* 快速登录(手机号 + 短信验证码),H5专用入口
* 短信验证码错误达到限定次数时执行图形验证码校验
* 图形验证码累计错误达到限定次数时须重新获取
*
* @param channelId
* @param appChannel
* @param createdFrom
* @param key
* @param btRegisterChannelId
* @param dimension
* @param request
* @return
*/
@RequestMapping("/login/fastV1")
public JsonResult loginFastV1(
@RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
@RequestParam(required = false, defaultValue = "1") Long createdFrom,
@RequestParam(required = false,defaultValue = "xyqb") String key,
@RequestParam(required = false) Long btRegisterChannelId,
@RequestParam(required = false) String dimension,
@RequestParam(name = "click_id", required = false) String clickId,
HttpServletRequest request) {
LOGGER.info("login/fastV1 -> channelId:{},appChennel:{},createdFrom:{},key:{},btRegisterChannelId:{},dimension:{},clickId:{}",channelId, appChannel, createdFrom, key, btRegisterChannelId, dimension, clickId);
return loginFast(channelId, appChannel, createdFrom, key, btRegisterChannelId, dimension, clickId, request);
}
@RequestMapping("/login/fast")
public JsonResult loginFast(
@RequestParam(required = false, defaultValue = "1") Long channelId, String appChannel,
@RequestParam(required = false, defaultValue = "1") Long createdFrom,
@RequestParam(required = false,defaultValue = "xyqb") String key,
@RequestParam(required = false)Long btRegisterChannelId,
@RequestParam(required = false) String dimension ,HttpServletRequest request) {
@RequestParam(required = false) String dimension,
@RequestParam(name = "click_id", required = false) String clickId,
HttpServletRequest request) {
Map<String, JsonResult> validMap = getHeaderParam(request);
LOGGER.info("login/fast -> channelId:{},appChannel:{},createdFrom:{},btRegisterChannelId:{},key:{},dimension:{}",channelId,appChannel,createdFrom,btRegisterChannelId,key,dimension);
LOGGER.info("login/fast -> channelId:{},appChannel:{},createdFrom:{},btRegisterChannelId:{},key:{},dimension:{},clickId:{}",channelId,appChannel,createdFrom,btRegisterChannelId,key,dimension, clickId);
if (null != validMap.get("fail")) {
return validMap.get("fail");
}
......@@ -192,14 +199,20 @@ public class UserController implements IBaseController {
LOGGER.error("用户不存在,或者已经注销,phoneNo:{}",phoneNo);
return JsonResult.buildErrorStateResult("登录失败", null);
}
UserStatistics statistics = null;
JSONObject qqGdt = null;
if (user == null) {
user = userRegisterService.register(phoneNo, channelId, createdFrom, appChannel,btRegisterChannelId,dimension);
if (user == null) {
throw new UserNotExistException("用户未找到");
}
//广点通转化注册 - 发送消息 - 方法内过滤
MqUtils.sendRegisterMessageForGdt(phoneNo, clickId);
statistics = new UserStatistics(user,dimension,2,channelId);
}else{
statistics = new UserStatistics(user,dimension,3,channelId);
}
//增加登陆统计发送
UserStatistics statistics=new UserStatistics(user,dimension,3,channelId);
MqUtils.sendLoanVest(statistics);
return new JsonResult(sessionService.createSession(channelId, createdFrom, appChannel, user, merchant));
// return createSession(channelId, createdFrom, appChannel, user);
......@@ -448,7 +461,7 @@ public class UserController implements IBaseController {
//用户信息存在,更新session中的最后访问时间,重新写入缓存.
if (null != user || !user.getEnable()) {
//增加登陆统计发送
UserStatistics statistics=new UserStatistics(user,dimension,1,channelId);
UserStatistics statistics=new UserStatistics(user,dimension,4,channelId);
MqUtils.sendLoanVest(statistics);
return new JsonResult(sessionService.createSession(channelId, createdFrom, appChannel, user, merchant));
} else {
......@@ -491,6 +504,10 @@ public class UserController implements IBaseController {
* @param verificationCode
*/
private void verifyPhoneAndCode(String phoneNo, String verificationCode) {
// 非生产环境直接跳过验证码检验
if(!TechEnvironment.isPro()){
return;
}
if (!smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
// 是否需要重新发送短信验证码
if(smsService.needResendCode(phoneNo)){
......
src/main/java/cn/quantgroup/xyqb/entity/UserAuthorized.java
View file @ 4fb46119
......@@ -18,7 +18,7 @@ public class UserAuthorized {
@Id
@Column(name = "id")
@GeneratedValue(generator = "uuid")
@GenericGenerator(name ="uuid" , strategy = "uuid")
@GenericGenerator(name ="uuid" , strategy = "org.hibernate.id.UUIDGenerator")
private String id;
@Column(name = "user_uuid")
......
src/main/java/cn/quantgroup/xyqb/model/ClientType.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.model;
import java.util.Optional;
/**
* 验证码验证类型
* @author renwc
* @date 2018-02-02
*/
public enum ClientType {
APP("native"), H5("h5"), WEB("web");
ClientType(String alias){
this.alias = alias;
}
private String alias;
public String getAlias(){
return this.alias;
}
public final static ClientType valueByName(String name) {
name = Optional.ofNullable(name).orElse("").toLowerCase();
switch (name){
case "app":
case "native":
return APP;
case "h5":
return H5;
case "web":
return WEB;
default:
return APP;
}
}
}
src/main/java/cn/quantgroup/xyqb/model/UserQueryInfo.java
View file @ 4fb46119
......@@ -12,17 +12,29 @@ import java.io.Serializable;
@Data
public class UserQueryInfo implements Serializable {
private static final long serialVersionUID = -1L;
/**
* 用户主键
*/
private Long userId;
/**
* 登录手机号/账号
*/
private String phoneNo;
/**
* 姓名
*/
private String name;
/**
* 银行卡号
*/
private String bankCards;
//证件号
/**
* 证件号
*/
private String idNo;
//0 身份证 1 军官证 2 护照
/**
* 地址
*/
private String address;
......
src/main/java/cn/quantgroup/xyqb/model/UserStatistics.java
View file @ 4fb46119
......@@ -12,7 +12,13 @@ public class UserStatistics {
private String uuid;
private Long registerFrom;
private String dimension;
private int action;//登录0,注册1,快捷登录2,免密登录3
/**
* 1-登录
* 2-注册
* 3-快捷登录
* 4-免密登录
*/
private int action;
private Long channel;
public UserStatistics() {
......
src/main/java/cn/quantgroup/xyqb/service/captcha/GeetestLib.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.service.captcha;
import lombok.extern.slf4j.Slf4j;
import org.json.JSONException;
import org.json.JSONObject;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStreamWriter;
import java.net.HttpURLConnection;
import java.net.URL;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.HashMap;
import java.util.Map;
/**
* Java SDK
*
* @author geetet
*/
@Slf4j
public class GeetestLib {
protected final String verName = "4.0";
private String apiUrl;
protected final String registerUrl = "/register.php";
protected final String validateUrl = "/validate.php";
protected final String json_format = "1";
/**
* 公钥
*/
private String captchaId;
/**
* 私钥
*/
private String privateKey;
/**
* 是否开启新的failback
*/
private boolean newFailback = false;
/**
* 返回字符串
*/
private Map<String, String> responseStr;
/**
* 调试开关,是否输出调试日志
*/
public boolean debugCode = true;
/**
* 带参数构造函数
*
* @param captchaId
* @param privateKey
*/
public GeetestLib(String captchaId, String privateKey, boolean newFailback, String apiUrl) {
this.captchaId = captchaId;
this.privateKey = privateKey;
this.newFailback = newFailback;
this.apiUrl = apiUrl;
}
/**
* 获取本次验证初始化返回字符串
*
* @return 初始化结果
*/
public Map<String, String> getResponseStr(HashMap<String, String> param) {
preProcess(param);
return responseStr;
}
/**
* 预处理失败后的返回格式串
*
* @return
*/
private Map<String, String> getFailPreProcessRes() {
return null;
}
/**
* 预处理成功后的标准串
*/
private Map<String, String> getSuccessPreProcessRes(String challenge) {
gtlog("challenge:" + challenge);
Map<String, String> data = new HashMap<String, String>(3);
data.put("success", "1");
data.put("gt", this.captchaId);
data.put("challenge", challenge);
return data;
}
/**
* 验证初始化预处理
*
* @return 1表示初始化成功,0表示初始化失败
*/
public int preProcess(HashMap<String, String> data) {
if (registerChallenge(data) != 1) {
this.responseStr = this.getFailPreProcessRes();
return 0;
}
return 1;
}
/**
* 用captchaID进行注册,更新challenge
*
* @return 1表示注册成功,0表示注册失败
*/
private int registerChallenge(HashMap<String, String> data) {
try {
String userId = data.get("user_id");
String clientType = data.get("client_type");
String ipAddress = data.get("ip_address");
String getUrl = apiUrl + registerUrl + "?";
String param = "gt=" + this.captchaId + "&json_format=" + this.json_format;
if (userId != null) {
param = param + "&user_id=" + userId;
}
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
gtlog("GET_URL:" + getUrl + param);
String result_str = readContentFromGet(getUrl + param);
if (result_str == "fail") {
gtlog("gtServer register challenge failed");
return 0;
}
gtlog("result:" + result_str);
JSONObject jsonObject = new JSONObject(result_str);
String return_challenge = jsonObject.getString("challenge");
gtlog("return_challenge:" + return_challenge);
if (return_challenge.length() == 32) {
this.responseStr = this.getSuccessPreProcessRes(this.md5Encode(return_challenge + this.privateKey));
return 1;
} else {
gtlog("gtServer register challenge error");
return 0;
}
} catch (Exception e) {
gtlog(e.toString());
gtlog("exception:register api");
}
return 0;
}
/**
* 判断一个表单对象值是否为空
*
* @param gtObj
* @return
*/
protected boolean objIsEmpty(Object gtObj) {
if (gtObj == null) {
return true;
}
if (gtObj.toString().trim().length() == 0) {
return true;
}
return false;
}
/**
* 检查客户端的请求是否合法,三个只要有一个为空,则判断不合法
*
* @param challenge
* @param validate
* @param seccode
* @return
*/
private boolean resquestIsLegal(String challenge, String validate, String seccode) {
if (objIsEmpty(challenge)) {
return false;
}
if (objIsEmpty(validate)) {
return false;
}
if (objIsEmpty(seccode)) {
return false;
}
return true;
}
/**
* 服务正常的情况下使用的验证方式,向gt-server进行二次验证,获取验证结果
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果, 1表示验证成功0表示验证失败
*/
public int enhencedValidateRequest(String challenge, String validate, String seccode, HashMap<String, String> data) {
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
String userId = data.get("user_id");
String clientType = data.get("client_type");
String ipAddress = data.get("ip_address");
String postUrl = this.apiUrl + this.validateUrl;
String param = String.format("challenge=%s&validate=%s&seccode=%s&json_format=%s",
challenge, validate, seccode, this.json_format);
if (userId != null) {
param = param + "&user_id=" + userId;
}
if (clientType != null) {
param = param + "&client_type=" + clientType;
}
if (ipAddress != null) {
param = param + "&ip_address=" + ipAddress;
}
gtlog("param:" + param);
String response = "";
try {
if (validate.length() <= 0) {
return 0;
}
if (!checkResultByPrivate(challenge, validate)) {
return 0;
}
gtlog("checkResultByPrivate");
response = readContentFromPost(postUrl, param);
gtlog("response: " + response);
} catch (Exception e) {
e.printStackTrace();
}
String return_seccode = "";
try {
JSONObject return_map = new JSONObject(response);
return_seccode = return_map.getString("seccode");
gtlog("md5: " + md5Encode(return_seccode));
if (return_seccode.equals(md5Encode(seccode))) {
return 1;
} else {
return 0;
}
} catch (JSONException e) {
gtlog("json load error");
return 0;
}
}
/**
* failback使用的验证方式
*
* @param challenge
* @param validate
* @param seccode
* @return 验证结果, 1表示验证成功0表示验证失败
*/
public int failbackValidateRequest(String challenge, String validate, String seccode) {
gtlog("in failback validate");
if (!resquestIsLegal(challenge, validate, seccode)) {
return 0;
}
gtlog("request legitimate");
return 1;
}
/**
* 输出debug信息,需要开启debugCode
*
* @param message
*/
public void gtlog(String message) {
if (debugCode) {
log.info("gtlog: {}", message);
}
}
protected boolean checkResultByPrivate(String challenge, String validate) {
String encodeStr = md5Encode(privateKey + "geetest" + challenge);
return validate.equals(encodeStr);
}
/**
* 发送GET请求,获取服务器返回结果
*
* @param URL
* @return 服务器返回结果
* @throws IOException
*/
private String readContentFromGet(String URL) throws IOException {
URL getUrl = new URL(URL);
HttpURLConnection connection = (HttpURLConnection) getUrl
.openConnection();
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
// 建立与服务器的连接,并未发送数据
connection.connect();
if (connection.getResponseCode() == 200) {
// 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer();
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1; ) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
} else {
return "fail";
}
}
/**
* 发送POST请求,获取服务器返回结果
*
* @param URL
* @param data
* @return 服务器返回结果
* @throws IOException
*/
private String readContentFromPost(String URL, String data) throws IOException {
gtlog(data);
URL postUrl = new URL(URL);
HttpURLConnection connection = (HttpURLConnection) postUrl
.openConnection();
connection.setConnectTimeout(2000);// 设置连接主机超时(单位:毫秒)
connection.setReadTimeout(2000);// 设置从主机读取数据超时(单位:毫秒)
connection.setRequestMethod("POST");
connection.setDoInput(true);
connection.setDoOutput(true);
connection.setRequestProperty("Content-Type", "application/x-www-form-urlencoded");
// 建立与服务器的连接,并未发送数据
connection.connect();
OutputStreamWriter outputStreamWriter = new OutputStreamWriter(connection.getOutputStream(), "utf-8");
outputStreamWriter.write(data);
outputStreamWriter.flush();
outputStreamWriter.close();
if (connection.getResponseCode() == 200) {
// 发送数据到服务器并使用Reader读取返回的数据
StringBuffer sBuffer = new StringBuffer();
InputStream inStream = null;
byte[] buf = new byte[1024];
inStream = connection.getInputStream();
for (int n; (n = inStream.read(buf)) != -1; ) {
sBuffer.append(new String(buf, 0, n, "UTF-8"));
}
inStream.close();
connection.disconnect();// 断开连接
return sBuffer.toString();
} else {
return "fail";
}
}
/**
* md5 加密
*
* @param plainText
* @return
* @time 2014年7月10日 下午3:30:01
*/
private String md5Encode(String plainText) {
String re_md5 = new String();
try {
MessageDigest md = MessageDigest.getInstance("MD5");
md.update(plainText.getBytes());
byte b[] = md.digest();
int i;
StringBuffer buf = new StringBuffer("");
for (int offset = 0; offset < b.length; offset++) {
i = b[offset];
if (i < 0) {
i += 256;
}
if (i < 16) {
buf.append("0");
}
buf.append(Integer.toHexString(i));
}
re_md5 = buf.toString();
} catch (NoSuchAlgorithmException e) {
e.printStackTrace();
}
return re_md5;
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/IGeetestCaptchaService.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.service.captcha;
import cn.quantgroup.xyqb.model.ClientType;
import java.util.Map;
/**
* @author xufei on 2018/1/30.
*/
public interface IGeetestCaptchaService {
/**
* 获取极验验证码
*
* @param markId 用户标识
* @param remoteIp 请求终端真实IP
* @param clientType 请求终端类型
* @return 获取失败返回null
*/
Map<String, String> fetchGeetestCaptcha(String markId, String remoteIp, ClientType clientType);
/**
* 二次验证
*
* @param markId 用户标识
* @param remoteIp 请求终端真实IP
* @param clientType 请求终端类型
* @param challenge
* @param validate
* @param seccode
* @return
*/
boolean validGeetestCaptcha(String markId, String remoteIp, ClientType clientType, String challenge, String validate, String seccode);
}
src/main/java/cn/quantgroup/xyqb/service/captcha/IQuantgroupCaptchaService.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.service.captcha;
import java.util.Locale;
import java.util.Map;
/**
* @author xufei on 2018/1/30.
*/
public interface IQuantgroupCaptchaService {
/**
* 获取QG验证码
* @param locale
* @return
* @throws Exception EX
*/
Map<String, String> fetchQuantgroupCaptcha(Locale locale);
/**
* 校验QG验证码
* @param captchaId
* @param captchaValue
* @return
*/
boolean validQuantgroupCaptcha(String captchaId, String captchaValue);
}
src/main/java/cn/quantgroup/xyqb/service/captcha/impl/GeetestCaptchaServiceImpl.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.service.captcha.impl;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.ClientType;
import cn.quantgroup.xyqb.service.captcha.GeetestLib;
import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.HashMap;
import java.util.Map;
import java.util.Objects;
/**
* @author xufei on 2018/1/30.
*/
@Service
@Slf4j
public class GeetestCaptchaServiceImpl implements IGeetestCaptchaService {
@Resource
@Qualifier("stringRedisTemplate")
private RedisTemplate<String, String> stringRedisTemplate;
@Value("${geetest.captcha.id}")
private String captchaId;
@Value("${geetest.private.key}")
private String privateKey;
@Value("${geetest.new.fail.back}")
private boolean newFailback;
@Value("${geetest.api.url}")
private String apiUrl;
@Override
public Map<String, String> fetchGeetestCaptcha(String markId, String remoteIp, ClientType clientType) {
HashMap<String, String> param = getParam(markId, remoteIp, clientType);
return getGeetestSdk().getResponseStr(param);
}
@Override
public boolean validGeetestCaptcha(String markId, String remoteIp, ClientType clientType, String challenge, String validate, String seccode) {
HashMap<String, String> param = getParam(markId, remoteIp, clientType);
int gtResult = getGeetestSdk().enhencedValidateRequest(challenge, validate, seccode, param);
return Constants.GT_CAPTCHA_VALIDATE_SUCCESS == gtResult;
}
private GeetestLib getGeetestSdk() {
return new GeetestLib(captchaId, privateKey, newFailback, apiUrl);
}
private HashMap<String, String> getParam(String markId, String remoteIp, ClientType clientType) {
HashMap<String, String> param = new HashMap<>();
param.put("user_id", markId);
if (Objects.isNull(clientType)) {
param.put("client_type", ClientType.APP.getAlias());
}else{
param.put("client_type", clientType.getAlias());
}
param.put("ip_address", remoteIp);
return param;
}
}
src/main/java/cn/quantgroup/xyqb/service/captcha/impl/QuantgroupCaptchaServiceImpl.java 0 → 100644
View file @ 4fb46119
package cn.quantgroup.xyqb.service.captcha.impl;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
import com.octo.captcha.service.CaptchaServiceException;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.codec.binary.Base64;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.stereotype.Service;
import javax.imageio.ImageIO;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.UUID;
/**
* @author xufei on 2018/1/30.
*/
@Slf4j
@Service
public class QuantgroupCaptchaServiceImpl implements IQuantgroupCaptchaService {
private static final String IMAGE_FORMAT_PNG = "png";
private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
@Autowired
@Qualifier("customCaptchaService")
private AbstractManageableImageCaptchaService imageCaptchaService;
@Override
public Map<String, String> fetchQuantgroupCaptcha(Locale locale) {
String imageId = UUID.randomUUID().toString();
BufferedImage challenge = imageCaptchaService.getImageChallengeForID(Constants.IMAGE_CAPTCHA_KEY + imageId, locale);
ByteArrayOutputStream jpegOutputStream = new ByteArrayOutputStream();
try {
ImageIO.write(challenge, IMAGE_FORMAT_PNG, jpegOutputStream);
} catch (IOException e) {
log.error("生成QG图形验证码", e);
return null;
}
String imageBase64 = Base64.encodeBase64String(jpegOutputStream.toByteArray());
Map<String, String> data = new HashMap<String, String>(2);
data.put("imageId", imageId);
data.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));
return data;
}
@Override
public boolean validQuantgroupCaptcha(String captchaId, String captchaValue) {
boolean validCaptcha = false;
if (StringUtils.isNotBlank(captchaId) && StringUtils.isNotBlank(captchaValue)) {
// 验证码校验(忽略用户输入的大小写)
try {
validCaptcha = imageCaptchaService.validateResponseForID(Constants.IMAGE_CAPTCHA_KEY + captchaId, captchaValue.toLowerCase());
} catch (CaptchaServiceException e) {
log.error("校验QG图形验证码:key:{}, code:{}", captchaId, captchaValue, e);
}
}
return validCaptcha;
}
}
src/main/java/cn/quantgroup/xyqb/service/mq/IRegisterMqService.java
View file @ 4fb46119
package cn.quantgroup.xyqb.service.mq;
import cn.quantgroup.xyqb.model.UserRegisterMqMessage;
import cn.quantgroup.xyqb.model.UserStatistics;
import java.io.Serializable;
/**
* Created by xuran on 2017/9/7.
* 用户注册信息广播
*/
public interface IRegisterMqService {
void send(UserRegisterMqMessage message);
void send(Serializable message);
void send4Gdt(Serializable message);
}
src/main/java/cn/quantgroup/xyqb/service/mq/Impl/IRegisterMqServiceImpl.java
View file @ 4fb46119
package cn.quantgroup.xyqb.service.mq.Impl;
import cn.quantgroup.xyqb.model.UserRegisterMqMessage;
import cn.quantgroup.xyqb.service.mq.IRegisterMqService;
import com.alibaba.fastjson.JSONObject;
import org.slf4j.Logger;
......@@ -12,6 +11,8 @@ import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service;
import java.io.Serializable;
/**
* Created by xuran on 2017/9/7.
*/
......@@ -22,34 +23,44 @@ public class IRegisterMqServiceImpl implements IRegisterMqService {
@Autowired
@Qualifier("registerRabbitTemplate")
RabbitTemplate registerRabTemplate;
@Autowired
@Qualifier("registerRabbitTemplate4Gdt")
RabbitTemplate registerRabbitTemplate4Gdt;
@Autowired
@Qualifier(value = "registerMqQueue")
Queue registerMqQueue;
/**
* 发送用登陆统计信息
* @param message 订单信息
*/
@Override
@Async
public void send(UserRegisterMqMessage message){
public void send(Serializable message){
if(null==message){
LOGGER.error("广播用户注册消息不能为空");
}
LOGGER.info("广播用户注册消息,message={}",message);
String msg = JSONObject.toJSONString(message);
registerRabTemplate.convertAndSend(msg);
LOGGER.info("广播用户注册消息,message={}",msg);
}
/**
* 发送用登陆统计信息
* @param message 订单信息
*/
@Override
@Async
public void send4Gdt(Serializable message){
if(null==message){
LOGGER.error("广点通用户注册消息不能为空");
}
LOGGER.info("广点通用户注册消息,message={}",message);
String msg = JSONObject.toJSONString(message);
registerRabbitTemplate4Gdt.convertAndSend(msg);
LOGGER.info("广点通用户注册消息,message={}",msg);
}
}
src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
View file @ 4fb46119
......@@ -62,6 +62,7 @@ public class SessionServiceImpl implements ISessionService {
sessionStruct.setAttribute("channelId", String.valueOf(channelId));
sessionStruct.setAttribute("createdFrom", String.valueOf(createdFrom));
sessionStruct.setAttribute("appChannel", String.valueOf(appChannel));
sessionStruct.getValues().setLoginProperties(properties);
authBean.setPhoneNo(user.getPhoneNo());
authBean.setToken(sessionStruct.getSid());
persistSession(sessionStruct.getSid(), sessionStruct.getValues());
......
src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java
View file @ 4fb46119
......@@ -48,12 +48,16 @@ public class SmsServiceImpl implements ISmsService {
}
/**
* 24-“【信用钱包】么么哒,等您好久了~感谢您注册信用钱包,我们来给您送钱啦,点击提交借款申请,万元现金立即到手 s.xyqb.com/a”
* 1005-“【信用钱包】等您好久了~感谢您的注册,尊享息费5折优惠。登录 s.xyqb.com/a 享更多优惠(合理消费,理性借贷)”
* @param phoneNo
*/
@Override
public void sendAfterRegister(String phoneNo) {
try {
MsgParams msgParams =
new MsgParams(Collections.singletonList(2), phoneNo, "1", "24", Collections.emptyList());
new MsgParams(Collections.singletonList(2), phoneNo, "1", "1005", Collections.emptyList());
getSmsSender().sendMsg(msgParams);
//smsSender.sendAndForget(new SendAndForgetMsg(Collections.emptyList(), "24", "1", phoneNo));
log.info("注册完成,发送短信, phoneNo:{}", phoneNo);
......
src/main/java/cn/quantgroup/xyqb/service/user/impl/UserDetailServiceImpl.java
View file @ 4fb46119
package cn.quantgroup.xyqb.service.user.impl;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.entity.User;
import cn.quantgroup.xyqb.entity.UserDetail;
import cn.quantgroup.xyqb.model.Gender;
......@@ -97,7 +98,7 @@ public class UserDetailServiceImpl implements IUserDetailService {
@Override
public List<UserDetail> findByPhoneNos(List<String> phoneNos) {
return userDetailRepository.findAll((root, query, cb) -> {
query.where(root.get("phoneNo").in(phoneNos));
query.where(root.get(Constants.PHONE_NO).in(phoneNos));
return query.getRestriction();
});
}
......@@ -119,7 +120,7 @@ public class UserDetailServiceImpl implements IUserDetailService {
list.add(criteriaBuilder.equal(root.get("name").as(String.class), name));
}
if (!StringUtils.isEmpty(phoneNo)) {
list.add(criteriaBuilder.equal(root.get("phoneNo").as(String.class), phoneNo));
list.add(criteriaBuilder.equal(root.get(Constants.PHONE_NO).as(String.class), phoneNo));
}
if (!StringUtils.isEmpty(idNo)) {
list.add(criteriaBuilder.equal(root.get("idNo").as(String.class), idNo));
......@@ -150,7 +151,7 @@ public class UserDetailServiceImpl implements IUserDetailService {
list.add(criteriaQuery.getRestriction());
}
if (phoneNo!=null&&phoneNo.size()>0) {
criteriaQuery.where(root.get("phoneNo").in(phoneNo));
criteriaQuery.where(root.get(Constants.PHONE_NO).in(phoneNo));
list.add(criteriaQuery.getRestriction());
}
if (idNo!=null&&idNo.size()>0) {
......
src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java
View file @ 4fb46119
......@@ -120,7 +120,7 @@ public class UserServiceImpl implements IUserService {
@Override
public List<User> findByPhones(List<String> phones) {
return userRepository.findAll((root, query, cb) -> {
query.where(root.get("phoneNo").as(String.class).in(phones));
query.where(root.get(Constants.PHONE_NO).as(String.class).in(phones));
return query.getRestriction();
});
}
......
src/main/java/cn/quantgroup/xyqb/util/MqUtils.java
View file @ 4fb46119
......@@ -6,7 +6,9 @@ import cn.quantgroup.xyqb.model.UserRet;
import cn.quantgroup.xyqb.model.UserStatistics;
import cn.quantgroup.xyqb.service.mq.IRegisterMqService;
import cn.quantgroup.xyqb.service.mq.IVestService;
import com.alibaba.fastjson.JSONObject;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
/**
* Created by xuran on 2017/6/23.
......@@ -26,6 +28,7 @@ public class MqUtils {
vest, e);
}
}
/**
* 用户注册消息进行广播
* @param message
......@@ -50,4 +53,25 @@ public class MqUtils {
MqUtils.sendRegisterMessage(registerMqMessage);
return userRet;
}
/**
* 腾讯广点通转化的用户注册消息推送
* @param phoneNo - 转化成功的用户手机号
* @param clickId - 转化成功的点击动作唯一标识
*/
public static void sendRegisterMessageForGdt(String phoneNo, String clickId){
if(ValidationUtil.validatePhoneNo(phoneNo) && StringUtils.isNotBlank(clickId)){
//填充广点通消息
JSONObject message = new JSONObject();
message.put("phoneNo", phoneNo);
message.put("clickId", clickId);
try {
IRegisterMqService rService = ApplicationContextHolder.getBean("registerMqService");
rService.send4Gdt(message);
} catch (Exception e) {
log.error("[MQUtils][MQUtils_exception]发送广点通用户注册信息,message={},error={}",
message, e);
}
}
}
}
src/test/java/CaptchaVerifyTests.java 0 → 100644
View file @ 4fb46119
import service.GeetestCaptchaServiceTest;
import service.QuantgroupCaptchaServiceTest;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
@RunWith(Suite.class)
@Suite.SuiteClasses({GeetestCaptchaServiceTest.class, QuantgroupCaptchaServiceTest.class})
public class CaptchaVerifyTests {}
\ No newline at end of file
src/test/java/CommonTests.java deleted 100644 → 0
View file @ 4ebe0b4b
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
public class CommonTests {
@Test
public void compileBooleanAndNull() {
Assert.assertFalse(null instanceof Boolean);
Assert.assertNotEquals(null, Boolean.TRUE);
Assert.assertNotEquals(null, Boolean.FALSE);
}
@Test
public void print() {
System.out.println(null instanceof Boolean);
System.out.println(Boolean.TRUE.equals(null));
System.out.println(Boolean.FALSE.equals(null));
}
}
src/test/java/DemoTests.java 0 → 100644
View file @ 4fb46119
import demo.*;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
@RunWith(Suite.class)
@Suite.SuiteClasses({DynamicTests.class, MockMvcTests.class, MvcTests.class,
ParametersJunit4Tests.class, ParametersJunit5Tests.class,
RepsitoryJpaTests.class, RepsitoryTests.class, ServiceTests.class, WebTests.class})
public class DemoTests {}
\ No newline at end of file
src/test/java/UserAuthorizedTests.java 0 → 100644
View file @ 4fb46119
import repsitory.UserAuthorizedRepsitoryTests;
import service.UserAuthorizedServiceTests;
import web.UserAuthorizedControllerTests;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
@RunWith(Suite.class)
@Suite.SuiteClasses({UserAuthorizedRepsitoryTests.class, UserAuthorizedServiceTests.class, UserAuthorizedControllerTests.class})
public class UserAuthorizedTests {}
\ No newline at end of file
src/test/java/login/TestStringCode.java
View file @ 4fb46119
......@@ -6,23 +6,39 @@ import java.util.Base64;
public class TestStringCode {
public static void main(String[] args) {
System.out.println(base64("13511112222", "000000"));
System.out.println(base64("18022223333", "000000"));
System.out.println(ap_base64("13511112222", "000000"));
System.out.println(pc_base64("15566660006", "0000"));
}
final static String AUTHORIZATION = "authorization";
final static String PREFIX = "Basic ";
final static String PREFIX_AP = "Basic ";
final static String PREFIX_PC = "Verification ";
/*
* 4.153
* 13576450525 123456 318e235d3e52648b236faa3f748000d5
* 13724823305 123456 318e235d3e52648b236faa3f748000d5
* Basic MTM1MTExMTIyMjI6MDAwMDAw
* Basic MTgwMjIyMjMzMzM6MDAwMDAw
*
* 4.155
* 13511112222 000000 c8937b92506c0e2918de053dea69edd3
* 18022223333 000000 c8937b92506c0e2918de053dea69edd3
*/
final static String base64(String account, String password) {
String authorization = PREFIX + new String(Base64.getEncoder().encodeToString((account+":"+password).getBytes(Charset.forName("UTF-8"))));
final static String ap_base64(String account, String password) {
String authorization = PREFIX_AP + new String(Base64.getEncoder().encodeToString((account+":"+password).getBytes(Charset.forName("UTF-8"))));
return authorization;
}
/*
* 4.153
* 13576450525 123456 318e235d3e52648b236faa3f748000d5
* 13724823305 123456 318e235d3e52648b236faa3f748000d5
*
* 4.155
* 13511112222 000000 c8937b92506c0e2918de053dea69edd3
* 18022223333 000000 c8937b92506c0e2918de053dea69edd3
*/
final static String pc_base64(String phone, String code) {
String authorization = PREFIX_PC + new String(Base64.getEncoder().encodeToString((phone+":"+code).getBytes(Charset.forName("UTF-8"))));
return authorization;
}
......
src/test/java/service/GeetestCaptchaServiceTest.java 0 → 100644
View file @ 4fb46119
package service;
import cn.quantgroup.xyqb.Bootstrap;
import cn.quantgroup.xyqb.Constants;
import cn.quantgroup.xyqb.model.ClientType;
import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
import cn.quantgroup.xyqb.util.PasswordUtil;
import com.ctrip.framework.apollo.spring.config.ApolloPropertySourceInitializer;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringRunner;
import javax.annotation.Resource;
import java.util.Map;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = Bootstrap.class)
@ContextConfiguration(initializers = ApolloPropertySourceInitializer.class)
public class GeetestCaptchaServiceTest {
@Resource
private IGeetestCaptchaService geetestCaptchaService;
private String phoneNo = "18953309449";
private String remoteIp = "192.168.12.24";
private ClientType clientType = ClientType.H5;
private Map<String, String> data = null;
@Test
public void testFetchGeetestCaptcha(){
data = geetestCaptchaService.fetchGeetestCaptcha(PasswordUtil.MD5(phoneNo), remoteIp, clientType);
Assert.assertNotNull(data);
Assert.assertTrue(data.containsKey("gt"));
Assert.assertTrue(data.containsKey("challenge"));
}
@Test
public void testValidGeetestCaptcha(){
String challenge = "86664ca9f3feba52c1d070343a9d10c6";
String validate = "9b80dd76a43e2608e54da9b865733b8c";
String seccode = "9b80dd76a43e2608e54da9b865733b8c|jordan";
Assert.assertTrue(geetestCaptchaService.validGeetestCaptcha(PasswordUtil.MD5(phoneNo), remoteIp, clientType, challenge, validate, seccode));
}
}
src/test/java/service/QuantgroupCaptchaServiceTest.java 0 → 100644
View file @ 4fb46119
package service;
import cn.quantgroup.xyqb.Bootstrap;
import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
import com.ctrip.framework.apollo.spring.config.ApolloPropertySourceInitializer;
import org.junit.Assert;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.test.context.ContextConfiguration;
import org.springframework.test.context.junit4.SpringRunner;
import javax.annotation.Resource;
import java.util.Locale;
@RunWith(SpringRunner.class)
@SpringBootTest(classes = Bootstrap.class)
@ContextConfiguration(initializers = ApolloPropertySourceInitializer.class)
public class QuantgroupCaptchaServiceTest {
@Resource
private IQuantgroupCaptchaService quantgroupCaptchaService;
@Test
public void testFetchQuantgroupCaptcha(){
Locale locale = Locale.US;
Assert.assertNotNull(quantgroupCaptchaService.fetchQuantgroupCaptcha(locale));
}
@Test
public void testValidQuantgroupCaptcha(){
String captchaId="b233ed97-02b7-4b85-9c1b-bfc2729682a4";
String captchaValue="0000";
Assert.assertFalse(quantgroupCaptchaService.validQuantgroupCaptcha(captchaId,captchaValue));
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment