@Transactional(rollbackFor = Exception.class)

src/main/java/cn/quantgroup/xyqb/Constants.java

@@ -26,6 +26,9 @@ public interface Constants {
 
     String X_AUTH_TOKEN = "x-auth-token";
     int TOKEN_LENGTH = 36;
+    int THOUSAND_SECOND = 1000;
+    int MILLIS_PER_SECOND = 1000;
+    int MILLIS_OF_TEN_SECOND = 10000;
     /** 垃圾，前辈竟然用这个办法来识别UUID */
     int UUID_MIN_LENGTH = 10;
     String CHECK_FAIL = "fail";
@@ -42,6 +45,7 @@ public interface Constants {
      * 微信标识参数名
      */
     String WECHAT_OPEN_ID = "wechat_open_id";
+    String PASSWORD = "password";
 
     // -- Start -- IPV4安全策略常量组
     /**

src/main/java/cn/quantgroup/xyqb/aspect/accessable/IpValidateAdvisor.java

 package cn.quantgroup.xyqb.aspect.accessable;
 
 import cn.quantgroup.xyqb.model.JsonResult;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
 import org.aspectj.lang.annotation.Aspect;
@@ -35,12 +35,12 @@ public class IpValidateAdvisor {
     private Object doWhiteIpMatch(ProceedingJoinPoint pjp) throws Throwable {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
         // 客户端IP
-        String clientIp = IPUtil.getRemoteIP(request);
+        String clientIp = IpUtil.getRemoteIP(request);
         // 白名单
-        if (IPUtil.whiteOf(clientIp)) {
+        if (IpUtil.whiteOf(clientIp)) {
             return pjp.proceed();
         }
-        IPUtil.logIp(LOGGER, request);
+        IpUtil.logIp(LOGGER, request);
         LOGGER.error("Lock_ipv4: don't match white ip access:{}", clientIp);
         return JsonResult.buildErrorStateResult("非法访问", null);
     }

src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaFiniteValidateAdvisor.java

@@ -4,7 +4,7 @@ package cn.quantgroup.xyqb.aspect.captcha;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import com.octo.captcha.service.CaptchaServiceException;
 import org.apache.commons.codec.binary.Base64;
@@ -84,7 +84,7 @@ public class CaptchaFiniteValidateAdvisor {
         String phoneNo = phonePasswordMap.get(Constants.PHONE_NO);
         Long countErrorByPhone = getCount(phoneNo);
         if (countErrorByPhone == null) {
-            LOGGER.info("用户名或密码不正确, phoneNo={}, countErrorByPhone={}, clientIp={}", phoneNo, countErrorByPhone, IPUtil.getRemoteIP(request));
+            LOGGER.info("用户名或密码不正确, phoneNo={}, countErrorByPhone={}, clientIp={}", phoneNo, countErrorByPhone, IpUtil.getRemoteIP(request));
             return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
         }
         if (countErrorByPhone > Constants.Image_Need_Count) {
@@ -92,7 +92,7 @@ public class CaptchaFiniteValidateAdvisor {
             String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
             String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
             if (shouldSkipCaptchaValidate(registerFrom, captchaId, captchaValue)) {
-                LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
+                LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IpUtil.getRemoteIP(request));
                 return pjp.proceed();
             }
             if (StringUtils.isNotBlank(captchaValue)) {

src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaNewValidateAdvisor.java

@@ -5,7 +5,7 @@ import cn.quantgroup.xyqb.model.ClientType;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
 import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
@@ -84,8 +84,8 @@ public class CaptchaNewValidateAdvisor {
         String challenge = request.getParameter(Constants.FN_GEETEST_CHALLENGE);
         String validate = request.getParameter(Constants.FN_GEETEST_VALIDATE);
         String seccode = request.getParameter(Constants.FN_GEETEST_SECCODE);
-        log.info("Geetest - 极验二次校验, phoneNo:{}, uniqueKey:{}, clientType:{}, ip:{}, challenge:{}, validate:{}, seccode:{}", phoneNo, uniqueKey, clientType, IPUtil.getRemoteIP(request), challenge, validate, seccode);
-        return geetestCaptchaService.validGeetestCaptcha(uniqueKey, IPUtil.getRemoteIP(request), ClientType.valueByName(clientType), challenge, validate, seccode);
+        log.info("Geetest - 极验二次校验, phoneNo:{}, uniqueKey:{}, clientType:{}, ip:{}, challenge:{}, validate:{}, seccode:{}", phoneNo, uniqueKey, clientType, IpUtil.getRemoteIP(request), challenge, validate, seccode);
+        return geetestCaptchaService.validGeetestCaptcha(uniqueKey, IpUtil.getRemoteIP(request), ClientType.valueByName(clientType), challenge, validate, seccode);
     }
 
     /**
@@ -99,7 +99,7 @@ public class CaptchaNewValidateAdvisor {
         String phoneNo = request.getParameter(Constants.PHONE_NO);
         String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
         String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
-        log.info("Quantgroup - 图形验证码校验, phoneNo:{}, ip:{}, captchaId:{}, captchaValue:{}", phoneNo, IPUtil.getRemoteIP(request), captchaId, captchaValue);
+        log.info("Quantgroup - 图形验证码校验, phoneNo:{}, ip:{}, captchaId:{}, captchaValue:{}", phoneNo, IpUtil.getRemoteIP(request), captchaId, captchaValue);
         return quantgroupCaptchaService.validQuantgroupCaptcha(captchaId, captchaValue);
     }
 

src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaValidateAdvisor.java

@@ -3,7 +3,7 @@ package cn.quantgroup.xyqb.aspect.captcha;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.thirdparty.jcaptcha.AbstractManageableImageCaptchaService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import com.octo.captcha.service.CaptchaServiceException;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
@@ -79,7 +79,7 @@ public class CaptchaValidateAdvisor {
         String captchaId = Optional.ofNullable(request.getParameter(Constants.QG_CAPTCHA_ID)).orElse("");
         String captchaValue = request.getParameter(Constants.QG_CAPTCHA_VALUE);
         if (shouldSkipCaptchaValidate(registerFrom, captchaId, captchaValue)) {
-            LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IPUtil.getRemoteIP(request));
+            LOGGER.info("使用超级图形验证码校验, registerFrom={}, clientIp={}", registerFrom, IpUtil.getRemoteIP(request));
             return pjp.proceed();
         }
         JsonResult result = JsonResult.buildSuccessResult("验证码不正确", "");

src/main/java/cn/quantgroup/xyqb/aspect/limit/PasswordFreeAccessValidateAdvisor.java

@@ -5,7 +5,7 @@ import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
 import cn.quantgroup.xyqb.session.XyqbSessionContextHolder;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -65,7 +65,7 @@ public class PasswordFreeAccessValidateAdvisor {
      */
     private boolean tokenValid(HttpServletRequest request) {
         Objects.requireNonNull(request, "无效请求");
-        String clientIp = IPUtil.getRemoteIP(request);
+        String clientIp = IpUtil.getRemoteIP(request);
         Set<String> paramKeys = request.getParameterMap().keySet();
         if (!paramKeys.contains(Constants.PHONE_NO) && !paramKeys.contains(USER_ID)) {
             LOGGER.info("非法请求 - 缺少参数, paramKeys={}, clientIp={}", paramKeys, clientIp);

src/main/java/cn/quantgroup/xyqb/aspect/lock/PasswordErrorFiniteValidateAdvisor.java

@@ -3,7 +3,7 @@ package cn.quantgroup.xyqb.aspect.lock;
 
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.model.JsonResult;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -56,9 +56,9 @@ public class PasswordErrorFiniteValidateAdvisor {
     private Object doFiniteValidate(ProceedingJoinPoint pjp) throws Throwable {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
         // 客户端IP
-        String clientIp = IPUtil.getRemoteIP(request);
+        String clientIp = IpUtil.getRemoteIP(request);
         // 白名单
-        if (IPUtil.whiteOf(clientIp)) {
+        if (IpUtil.whiteOf(clientIp)) {
             return pjp.proceed();
         }
         // 补充白名单
@@ -66,19 +66,19 @@ public class PasswordErrorFiniteValidateAdvisor {
             return pjp.proceed();
         }
         // 入口服务器IP
-        if (StringUtils.startsWith(clientIp, IPUtil.IO_IP)) {
+        if (StringUtils.startsWith(clientIp, IpUtil.IO_IP)) {
             return pjp.proceed();
         }
         // 黑名单
         if (redisTemplate.opsForSet().isMember(Constants.IPV4_LOCK_BLACK, clientIp)) {
-            IPUtil.logIp(LOGGER, request);
+            IpUtil.logIp(LOGGER, request);
             LOGGER.info("Lock_ipv4: black ip access:{}", clientIp);
             return JsonResult.buildErrorStateResult("登录失败", null);
         }
         String lockIpv4Key = getLockIpv4Key(clientIp);
         String lock = redisTemplate.opsForValue().get(lockIpv4Key);
         if (Objects.equals(Boolean.TRUE.toString(), lock)) {
-            IPUtil.logIp(LOGGER, request);
+            IpUtil.logIp(LOGGER, request);
             LOGGER.info("Lock_ipv4: locked ip access:{}", clientIp);
             return JsonResult.buildErrorStateResult("登录失败", null);
         }

src/main/java/cn/quantgroup/xyqb/aspect/logcaller/LogCallHttpAspect.java

 package cn.quantgroup.xyqb.aspect.logcaller;
 
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import com.google.common.base.Stopwatch;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.annotation.Around;
@@ -38,7 +38,7 @@ public class LogCallHttpAspect {
         Stopwatch stopwatch = Stopwatch.createStarted();
         ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
         HttpServletRequest request = attrs.getRequest();
-        String remoteIP = IPUtil.getRemoteIP(request);
+        String remoteIP = IpUtil.getRemoteIP(request);
         Object[] args = pjp.getArgs();
         boolean hasException = false;
         Object result;

src/main/java/cn/quantgroup/xyqb/controller/ExceptionHandlingController.java

@@ -5,7 +5,7 @@ import cn.quantgroup.xyqb.exception.UserNotExistException;
 import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
 import cn.quantgroup.xyqb.exception.WechatRelateUserException;
 import cn.quantgroup.xyqb.model.JsonResult;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.http.HttpStatus;
@@ -40,7 +40,7 @@ public class ExceptionHandlingController implements IBaseController {
      */
     @ExceptionHandler(PasswordErrorLimitException.class)
     public JsonResult passwordErrorLimitException(PasswordErrorLimitException vce) {
-        LOGGER.info("throw PasswordErrorLimitException,msg={},businessCode={}, clientIp={}", vce.getMessage(), 2L, IPUtil.getRemoteIP(getRequest()));
+        LOGGER.info("throw PasswordErrorLimitException,msg={},businessCode={}, clientIp={}", vce.getMessage(), 2L, IpUtil.getRemoteIP(getRequest()));
         return JsonResult.buildErrorStateResult(vce.getMessage(), null, 2L);
     }
 
@@ -52,7 +52,7 @@ public class ExceptionHandlingController implements IBaseController {
      */
     @ExceptionHandler(VerificationCodeErrorException.class)
     public JsonResult verificationCodeErrorException(VerificationCodeErrorException vce) {
-        LOGGER.info("throw VerificationCodeErrorException,msg={},businessCode={}, clientIp={}", vce.getMessage(), 1L, IPUtil.getRemoteIP(getRequest()));
+        LOGGER.info("throw VerificationCodeErrorException,msg={},businessCode={}, clientIp={}", vce.getMessage(), 1L, IpUtil.getRemoteIP(getRequest()));
         return JsonResult.buildErrorStateResult(vce.getMessage(), null, 1L);
     }
 

src/main/java/cn/quantgroup/xyqb/controller/IBaseController.java

@@ -2,7 +2,7 @@ package cn.quantgroup.xyqb.controller;
 
 import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
@@ -56,7 +56,7 @@ public interface IBaseController {
 
     default String getIp() {
         HttpServletRequest request = getRequest();
-        return IPUtil.getRemoteIP(request);
+        return IpUtil.getRemoteIP(request);
     }
 
     default String getProtocol() {

src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java

@@ -24,7 +24,7 @@ import cn.quantgroup.xyqb.service.user.IUserDetailService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.service.user.UserCenterService;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.MqUtils;
 import cn.quantgroup.xyqb.util.PasswordUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
@@ -528,7 +528,7 @@ public class UserController implements IBaseController {
      */
     private boolean wechatRelateUserIfNecessary(User user, HttpServletRequest request) {
         Objects.requireNonNull(request, "无效请求");
-        String clientIp = IPUtil.getRemoteIP(request);
+        String clientIp = IpUtil.getRemoteIP(request);
         Set<String> paramKeys = request.getParameterMap().keySet();
         boolean ready = paramKeys.contains(Constants.WECHAT_OPEN_ID);
         if (!ready) {

src/main/java/cn/quantgroup/xyqb/controller/external/captcha/NewCaptchaController.java

@@ -5,7 +5,7 @@ import cn.quantgroup.xyqb.model.ClientType;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.service.captcha.IGeetestCaptchaService;
 import cn.quantgroup.xyqb.service.captcha.IQuantgroupCaptchaService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.PasswordUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import io.swagger.annotations.ApiOperation;
@@ -41,7 +41,7 @@ public class NewCaptchaController {
     @RequestMapping(value = "/captcha/new")
     @ApiOperation(value = "获取新图形验证码", notes = "获取新图形验证码", httpMethod = "POST")
     public JsonResult getCaptcha(String phoneNo, String clientType, HttpServletRequest request) {
-        String remoteIp = IPUtil.getRemoteIP(request);
+        String remoteIp = IpUtil.getRemoteIP(request);
         log.info("获取验证码, phoneNo:{}, clientType:{}, ip:{}, verifyType-qg:{}", phoneNo, clientType, remoteIp, geetestClose);
         if (StringUtils.isNotBlank(phoneNo) && !ValidationUtil.validatePhoneNo(phoneNo)) {
             return JsonResult.buildErrorStateResult("手机号格式错误", null);

src/main/java/cn/quantgroup/xyqb/controller/external/sms/SmsController.java

@@ -9,7 +9,7 @@ import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.sms.SmsMerchant;
 import cn.quantgroup.xyqb.service.sms.ISmsService;
 import cn.quantgroup.xyqb.util.DateUtils;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
@@ -384,7 +384,7 @@ public class SmsController implements IBaseController {
             return JsonResult.buildErrorStateResult("您设备已经达到获取今天验证码上限", null);
         }
         // IP上限检查
-        if (!IPUtil.whiteOf(clientIp) && getIPVerificationCount > IP_MAX_PER_DAY) {
+        if (!IpUtil.whiteOf(clientIp) && getIPVerificationCount > IP_MAX_PER_DAY) {
             LOGGER.info("您当前ip已经达到获取今天短信验证码上限:ip:{},count:{}", clientIp, getIPVerificationCount);
             return JsonResult.buildErrorStateResult("您当前ip已经达到获取今天短信验证码上限", null);
         }
@@ -465,7 +465,7 @@ public class SmsController implements IBaseController {
             return JsonResult.buildErrorStateResult("您设备已经达到获取今天语音验证码上限", null);
         }
         // IP上限检查
-        if (!IPUtil.whiteOf(clientIp) && getIPVerificationCount > IP_MAX_PER_DAY) {
+        if (!IpUtil.whiteOf(clientIp) && getIPVerificationCount > IP_MAX_PER_DAY) {
             LOGGER.info("您当前ip已经达到获取今天短信验证码上限:ip:{},count:{}", clientIp, getIPVerificationCount);
             return JsonResult.buildErrorStateResult("您当前ip已经达到获取今天语音验证码上限", null);
         }

src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java

@@ -13,7 +13,7 @@ import cn.quantgroup.xyqb.service.merchant.IMerchantService;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.user.IUserService;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import io.swagger.annotations.ApiOperation;
 import org.slf4j.Logger;
@@ -77,7 +77,7 @@ public class AppController implements IBaseController {
         if (!ValidationUtil.validatePhoneNo(phoneNo)) {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
         }
-        LOGGER.info("第三方用户登录 [AppController] login --> loginFrom:{},channelId：{},btRegisterChannelId:{} requestIp:{},idNo:{},name:{}", registerFrom, channelId, btRegisterChannelId, IPUtil.getRemoteIP(request), idNo, name);
+        LOGGER.info("第三方用户登录 [AppController] login --> loginFrom:{},channelId：{},btRegisterChannelId:{} requestIp:{},idNo:{},name:{}", registerFrom, channelId, btRegisterChannelId, IpUtil.getRemoteIP(request), idNo, name);
         User user = userService.findByPhoneInDb(phoneNo);
         if (user == null) {
             user = userRegisterService.register(registerFrom, phoneNo, idNo, name, channelId, btRegisterChannelId);
@@ -128,7 +128,7 @@ public class AppController implements IBaseController {
         if (!ValidationUtil.validatePhoneNo(phoneNo)) {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
         }
-        LOGGER.info("第三方用户登录 [AppController] loginSuper --> loginFrom:{},phoneNo:{},appChannel:{},channelId：{},btRegisterChannelId:{} requestIp:{},idNo:{},name:{}", registerFrom, phoneNo, appChannel, channelId, btRegisterChannelId, IPUtil.getRemoteIP(request), idNo, name);
+        LOGGER.info("第三方用户登录 [AppController] loginSuper --> loginFrom:{},phoneNo:{},appChannel:{},channelId：{},btRegisterChannelId:{} requestIp:{},idNo:{},name:{}", registerFrom, phoneNo, appChannel, channelId, btRegisterChannelId, IpUtil.getRemoteIP(request), idNo, name);
         User user = userService.findByPhoneInDb(phoneNo);
         if (user == null) {
             try {
@@ -187,7 +187,7 @@ public class AppController implements IBaseController {
         if (!ValidationUtil.validatePhoneNo(phoneNo)) {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
         }
-        LOGGER.info("第三方用户登录 [AppController] login2 --> loginFrom:{},channelId:{}, requestIp:{}", registerFrom, channelId, IPUtil.getRemoteIP(request));
+        LOGGER.info("第三方用户登录 [AppController] login2 --> loginFrom:{},channelId:{}, requestIp:{}", registerFrom, channelId, IpUtil.getRemoteIP(request));
         User user = userService.findByPhoneInDb(phoneNo);
         if (user == null) {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);

src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java

@@ -411,7 +411,7 @@ public class InnerController implements IBaseController {
             return JsonResult.buildErrorStateResult("userId为空", null);
         }
         if (StringUtils.isNotBlank(qq)) {
-            userDetailService.updateUserQQ(userId, qq);
+            userDetailService.updateUserQq(userId, qq);
         }
         if (StringUtils.isNotBlank(email)) {
             userDetailService.updateUserEmail(userId, email);
@@ -425,7 +425,7 @@ public class InnerController implements IBaseController {
         if (StringUtils.isEmpty(qq) || userId == null || userId == 0L) {
             return JsonResult.buildErrorStateResult("参数校验失败,qq或用户id为空", null);
         }
-        userDetailService.updateUserQQ(userId, qq);
+        userDetailService.updateUserQq(userId, qq);
         return JsonResult.buildSuccessResult(null, null);
     }
 
@@ -495,7 +495,7 @@ public class InnerController implements IBaseController {
             return JsonResult.buildErrorStateResult("修改联系人不存在", null);
         }
         contact = contactService.saveContact(name, phoneNo, relation, contact);
-        log.info("修改后联系人信息:{},修改原因：{},操作ip:{}", contact, reason, IPUtil.getRemoteIP(request));
+        log.info("修改后联系人信息:{},修改原因：{},操作ip:{}", contact, reason, IpUtil.getRemoteIP(request));
 
         return JsonResult.buildSuccessResult("修改联系人成功", contact);
     }

src/main/java/cn/quantgroup/xyqb/repository/IUserDetailRepository.java

@@ -20,17 +20,17 @@ public interface IUserDetailRepository extends JpaRepository<UserDetail, Long>,
 
     UserDetail findByPhoneNo(String phone);
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update user_detail set qq = ?1 where user_id = ?2", nativeQuery = true)
-    void updateUserQQ(String qq, Long userId);
+    void updateUserQq(String qq, Long userId);
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update user_detail set email = ?1 where user_id = ?2", nativeQuery = true)
     void updateUserEmail(String email, Long userId);
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update user_detail set gender = ?1 where user_id = ?2", nativeQuery = true)
     void updateGender(int gender, Long userId);
@@ -42,11 +42,10 @@ public interface IUserDetailRepository extends JpaRepository<UserDetail, Long>,
      *
      * @return
      */
-    @Modifying
     @Query(value = "select * from user_detail where gender!=1 and gender!=2 and id_no is not null", nativeQuery = true)
     List<UserDetail> selectUserDetailsBy();
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update user_detail set name=?1,id_no=?2,gender=?3 where phone_no=?4", nativeQuery = true)
     int updateNameAndIdNoByPhoneNo(String name, String idNo, int gender, String phoneNo);

src/main/java/cn/quantgroup/xyqb/repository/IUserQueryLogRepository.java

@@ -14,7 +14,7 @@ import java.util.List;
  */
 public interface IUserQueryLogRepository extends JpaRepository<UserQueryLog, Long> {
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(nativeQuery = true, value = "select * from user_query_log ul where created_At between ?1 and ?2  limit ?3 ,?4 ")
     List<UserQueryLog> findQueryLogCreatedAt(Date beginDate, Date endDate, Integer pageId, Integer pageSize);

src/main/java/cn/quantgroup/xyqb/repository/IUserRepository.java

@@ -42,7 +42,7 @@ public interface IUserRepository extends JpaRepository<User, Long>, JpaSpecifica
     @Query(value = "select * from user where created_at>=?1 and created_at<?2 ", nativeQuery = true)
     List<User> findRegisterUserByTime(String beginTime, String endTime);
 
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update user set enable=?1 where phone_no=?2", nativeQuery = true)
     int forbiddenUser(Boolean enable, String phoneNo);

src/main/java/cn/quantgroup/xyqb/repository/IWeChatUserRepository.java

@@ -28,7 +28,7 @@ public interface IWeChatUserRepository extends JpaRepository<WechatUserInfo, Lon
      * @param userId
      * @return
      */
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update wechat_userinfo set user_id=null,phone_no='*' where user_id=?1", nativeQuery = true)
     int dissociateByUserId(Long userId);
@@ -41,7 +41,7 @@ public interface IWeChatUserRepository extends JpaRepository<WechatUserInfo, Lon
      * @param openId  - 微信标识
      * @return 记录更新行数
      */
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @Modifying
     @Query(value = "update wechat_userinfo set user_id=?1,phone_no=?2 where open_id=?3 and user_id is null", nativeQuery = true)
     int relateUser(Long userId, String phoneNo, String openId);

src/main/java/cn/quantgroup/xyqb/service/http/impl/HttpServiceImpl.java

@@ -2,7 +2,7 @@ package cn.quantgroup.xyqb.service.http.impl;
 
 import cn.quantgroup.tech.brave.service.ITechHttpClient;
 import cn.quantgroup.xyqb.service.http.IHttpService;
-import cn.quantgroup.xyqb.util.Utils;
+import cn.quantgroup.xyqb.util.PasswordUtil;
 import com.google.common.collect.Maps;
 import org.apache.commons.codec.Charsets;
 import org.apache.commons.collections.MapUtils;
@@ -108,7 +108,7 @@ public class HttpServiceImpl implements IHttpService {
         }
 
         String method = requestBuilder.getMethod();
-        LOGGER.info("{}, uri:{}, headers:{}, parameters:{}", method, uri, headers, StringUtils.substring(Utils.safeMap2Str(parameters), 0, 200));
+        LOGGER.info("{}, uri:{}, headers:{}, parameters:{}", method, uri, headers, StringUtils.substring(PasswordUtil.filterPasswordToString(parameters), 0, 200));
         HttpEntity httpEntity = null;
         CloseableHttpResponse httpResponse = null;
         try {
@@ -133,7 +133,7 @@ public class HttpServiceImpl implements IHttpService {
 
             return response;
         } catch (Exception e) {
-            LOGGER.info("{}, uri:{}, headers:{}, parameters:{}", method, uri, headers, StringUtils.substring(Utils.safeMap2Str(parameters), 0, 200), e);
+            LOGGER.info("{}, uri:{}, headers:{}, parameters:{}", method, uri, headers, StringUtils.substring(PasswordUtil.filterPasswordToString(parameters), 0, 200), e);
             return null;
         } finally {
             EntityUtils.consumeQuietly(httpEntity);

src/main/java/cn/quantgroup/xyqb/service/user/IUserDetailService.java

@@ -17,7 +17,7 @@ public interface IUserDetailService {
 
     UserDetail findByPhoneNo(String phoneNo);
 
-    void updateUserQQ(Long userId, String qq);
+    void updateUserQq(Long userId, String qq);
 
     void updateUserEmail(Long userId, String email);
 

src/main/java/cn/quantgroup/xyqb/service/user/impl/LockIpv4ServiceImpl.java

@@ -5,7 +5,7 @@ import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.exception.PasswordErrorLimitException;
 import cn.quantgroup.xyqb.service.user.ILockIpv4Service;
 import cn.quantgroup.xyqb.util.DateUtils;
-import cn.quantgroup.xyqb.util.IPUtil;
+import cn.quantgroup.xyqb.util.IpUtil;
 import cn.quantgroup.xyqb.util.ValidationUtil;
 import org.apache.commons.lang.StringUtils;
 import org.slf4j.Logger;
@@ -57,7 +57,7 @@ public class LockIpv4ServiceImpl implements ILockIpv4Service {
      */
     @Override
     public void countErrorByIpv4(String ipv4) {
-        if (ValidationUtil.validateIpv4(ipv4) && !IPUtil.whiteOf(ipv4)) {
+        if (ValidationUtil.validateIpv4(ipv4) && !IpUtil.whiteOf(ipv4)) {
             String ipv4Key = getErrorIpKey(ipv4);
             if (!stringRedisTemplate.hasKey(ipv4Key)) {
                 // 计数周期1分钟
@@ -98,7 +98,7 @@ public class LockIpv4ServiceImpl implements ILockIpv4Service {
      */
     @Override
     public void countSuccessByIpv4(String ipv4) {
-        if (ValidationUtil.validateIpv4(ipv4) && !IPUtil.whiteOf(ipv4)) {
+        if (ValidationUtil.validateIpv4(ipv4) && !IpUtil.whiteOf(ipv4)) {
             String ipv4Key = getSuccessIpKey(ipv4);
             if (!stringRedisTemplate.hasKey(ipv4Key)) {
                 // 计数周期1分钟

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserDetailServiceImpl.java

@@ -68,8 +68,8 @@ public class UserDetailServiceImpl implements IUserDetailService {
     }
 
     @Override
-    public void updateUserQQ(Long userId, String qq) {
-        userDetailRepository.updateUserQQ(qq, userId);
+    public void updateUserQq(Long userId, String qq) {
+        userDetailRepository.updateUserQq(qq, userId);
     }
 
     @Override

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserExtInfoServiceImpl.java

@@ -25,7 +25,7 @@ public class UserExtInfoServiceImpl implements IUserExtInfoService {
     }
 
     @Override
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     @CacheEvict(value = "userextinfocache", key = "'extinfo' + #info.userId", cacheManager = "cacheManager")
     public UserExtInfo save(UserExtInfo info) {
         return userExtInfoRepository.save(info);

src/main/java/cn/quantgroup/xyqb/service/wechat/impl/WechatServiceImpl.java

 package cn.quantgroup.xyqb.service.wechat.impl;
 
+import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.entity.WechatUserInfo;
 import cn.quantgroup.xyqb.exception.WechatRelateUserException;
 import cn.quantgroup.xyqb.model.webchat.AccessTokenResponse;
@@ -32,7 +33,6 @@ import java.util.concurrent.TimeUnit;
 @Service
 public class WechatServiceImpl implements IWechatService {
     private static final String WECHAT_TOKEN_KEY_PREFIX = "wechat:token:";
-    private static final String WECHAT_USERINFO_KEY_PREFIX = "wechat:userinfo:";
     @Value("${wechat.appid}")
     private String appId;
     @Value("${wechat.secret}")
@@ -42,8 +42,6 @@ public class WechatServiceImpl implements IWechatService {
     @Resource
     private IHttpService httpService;
     @Resource
-    private ISessionService sessionService;
-    @Resource
     private IWeChatUserRepository weChatUserRepository;
     @Autowired
     @Qualifier("stringRedisTemplate")
@@ -75,8 +73,8 @@ public class WechatServiceImpl implements IWechatService {
                 if (accessTokenResponse == null) {
                     return null;
                 }
-                accessTokenResponse.setInitialTime(System.currentTimeMillis() - 10000);
-                redisTemplate.opsForValue().set(key, JSONObject.toJSONString(accessTokenResponse), accessTokenResponse.getExpiresIn() + 1000, TimeUnit.SECONDS);
+                accessTokenResponse.setInitialTime(System.currentTimeMillis() - Constants.MILLIS_OF_TEN_SECOND);
+                redisTemplate.opsForValue().set(key, JSONObject.toJSONString(accessTokenResponse), accessTokenResponse.getExpiresIn() + Constants.THOUSAND_SECOND, TimeUnit.SECONDS);
                 return accessTokenResponse;
             } catch (Exception ex) {
                 return null;
@@ -85,15 +83,15 @@ public class WechatServiceImpl implements IWechatService {
             try {
                 AccessTokenResponse response = JSONObject.parseObject(resultStr, AccessTokenResponse.class);
                 // 刷新
-                if (response.getInitialTime() + response.getExpiresIn() * 1000 > System.currentTimeMillis()) {
+                if (response.getInitialTime() + response.getExpiresIn() * Constants.MILLIS_PER_SECOND > System.currentTimeMillis()) {
                     String refreshTokenStr = refreshToken(response.getRefreshToken());
                     response = JSONObject.parseObject(refreshTokenStr, AccessTokenResponse.class);
                     if (response == null) {
                         return null;
                     }
-                    response.setInitialTime(System.currentTimeMillis() - 10000);
+                    response.setInitialTime(System.currentTimeMillis() - Constants.MILLIS_OF_TEN_SECOND);
                 }
-                redisTemplate.opsForValue().set(key, JSONObject.toJSONString(response), response.getExpiresIn() + 1000, TimeUnit.SECONDS);
+                redisTemplate.opsForValue().set(key, JSONObject.toJSONString(response), response.getExpiresIn() + Constants.THOUSAND_SECOND, TimeUnit.SECONDS);
                 return response;
             } catch (Exception ex) {
                 return null;
@@ -118,7 +116,7 @@ public class WechatServiceImpl implements IWechatService {
     }
 
     @Override
-    @Transactional
+    @Transactional(rollbackFor = Exception.class)
     public WechatUserInfo saveWechatUserInfo(WechatUserInfo userInfo) {
         if (Objects.isNull(userInfo) || Objects.isNull(userInfo.getOpenId())) {
             return null;

src/main/java/cn/quantgroup/xyqb/util/IPUtil.java → src/main/java/cn/quantgroup/xyqb/util/IpUtil.java

@@ -16,7 +16,7 @@ import java.util.Set;
  * @author renwc
  * @date 2017-12-01
  */
-public class IPUtil {
+public class IpUtil {
     /**
      * IP白名单
      * <p>
@@ -98,13 +98,14 @@ public class IPUtil {
         }
         //过滤反向代理的ip
         String[] stemps = ip.split(",");
-        if (stemps != null && stemps.length >= 1) {
+        if (stemps != null && stemps.length > 0) {
             //得到第一个IP，即客户端真实IP
             ip = stemps[0];
         }
         ip = ip.trim();
-        if (ip.length() > 23) {
-            ip = ip.substring(0, 23);
+        int twentyThree = 23;
+        if (ip.length() > twentyThree) {
+            ip = ip.substring(0, twentyThree);
         }
         return ip;
     }

src/main/java/cn/quantgroup/xyqb/util/PasswordUtil.java

 package cn.quantgroup.xyqb.util;
 
+import cn.quantgroup.xyqb.Constants;
+import com.alibaba.fastjson.JSON;
 import com.google.common.base.Preconditions;
 import org.apache.commons.lang.StringUtils;
 
 import java.security.MessageDigest;
+import java.util.Map;
 import java.util.Objects;
 import java.util.concurrent.ThreadLocalRandom;
 
@@ -89,4 +92,20 @@ public class PasswordUtil {
         return Objects.equals(thePassword, targetPassword);
     }
 
+    public static String filterPasswordToString(Map<String, String> info) {
+        if (null == info) {
+            return null;
+        }
+        if(!info.containsKey(Constants.PASSWORD)){
+            return JSON.toJSONString(info);
+        }
+        String password = info.get(Constants.PASSWORD);
+        // 先删掉
+        info.remove(Constants.PASSWORD);
+        String infoString = JSON.toJSONString(info);
+        // 再回填
+        info.put(Constants.PASSWORD, password);
+        return infoString;
+    }
+
 }

src/main/java/cn/quantgroup/xyqb/util/Utils.java

-package cn.quantgroup.xyqb.util;
-
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-/**
- * @author mengfan.feng
- */
-public class Utils {
-
-    private static Pattern pattern = Pattern.compile("(?<!\\d)(?:(?:1[34578]\\d{9})|(?:861[34578]\\d{9}))(?!\\d)");
-
-    public static String safeMap2Str(Map<String, String> info) {
-        if (null == info) {
-            return null;
-        }
-        StringBuilder builder = new StringBuilder();
-        builder.append("{");
-        info.forEach((key, value) -> {
-            if ("password".equals(key)) {
-                return;
-            }
-            builder.append(key);
-            builder.append("=");
-            builder.append(value);
-            builder.append(",");
-        });
-        builder.append("}");
-        return builder.toString();
-    }
-
-    public static String coverPhone(String str) {
-        if (str.length() <= 0) {
-            return "";
-        }
-        if (str.length() > 1024)  //长度超过1024的字符串不走正则匹配过滤手机号
-        {
-            return "";
-        }
-        Matcher matcher = pattern.matcher(str);
-        Map<String, String> replaceMap = new HashMap<>();
-        while (matcher.find()) {
-            String group = matcher.group();
-            String replace = group.substring(0, 3).concat("****").concat(group.substring(7)).concat(" [".concat(PasswordUtil.MD5(group)).concat("]"));
-            replaceMap.put(group, replace);
-        }
-        Set<Map.Entry<String, String>> entries = replaceMap.entrySet();
-        for (Map.Entry<String, String> entry : entries) {
-            str = str.replaceAll(entry.getKey(), entry.getValue());
-        }
-        return str;
-    }
-}