Merge branch 'master' into log_without_phone

Conflicts:
	src/main/java/cn/quantgroup/xyqb/controller/external/user/WeChatController.java
	src/test/java/user/TestUserLogin.java

pom.xml

 <?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+<project xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://maven.apache.org/POM/4.0.0"
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
@@ -40,6 +40,12 @@
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-jdbc</artifactId>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>log4j-over-slf4j</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -207,6 +213,78 @@
             <artifactId>quantgroup-config-sdk</artifactId>
             <version>1.0.3-SNAPSHOT</version>
         </dependency>
+
+        <!-- motan -->
+        <dependency>
+            <groupId>com.weibo</groupId>
+            <artifactId>motan-core</artifactId>
+            <version>0.2.2</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>com.caucho</groupId>
+                    <artifactId>hessian</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>cn.quantgroup</groupId>
+            <artifactId>hession-bugfix</artifactId>
+            <version>4.0.38</version>
+        </dependency>
+        <dependency>
+            <groupId>com.weibo</groupId>
+            <artifactId>motan-transport-netty</artifactId>
+            <version>0.2.2</version>
+        </dependency>
+
+        <!-- only needed for spring-based features -->
+        <dependency>
+            <groupId>com.weibo</groupId>
+            <artifactId>motan-springsupport</artifactId>
+            <version>0.2.2</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <dependency>
+            <groupId>cn.quantgroup</groupId>
+            <artifactId>xyqb-user-rpc-commons</artifactId>
+            <version>1.0-SNAPSHOT</version>
+        </dependency>
+
+        <dependency>
+            <groupId>com.weibo</groupId>
+            <artifactId>motan-registry-zookeeper</artifactId>
+            <version>0.2.1</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.slf4j</groupId>
+                    <artifactId>slf4j-log4j12</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
+        <!-- spring security -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-core</artifactId>
+            <version>3.2.7.RELEASE</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-web</artifactId>
+            <version>3.2.7.RELEASE</version>
+        </dependency>
+
+
     </dependencies>
 
     <build>

src/main/java/cn/quantgroup/xyqb/Bootstrap.java

 package cn.quantgroup.xyqb;
 
+import com.weibo.api.motan.common.MotanConstants;
+import com.weibo.api.motan.util.MotanSwitcherUtil;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 import org.springframework.cache.annotation.EnableCaching;
+import org.springframework.context.ApplicationListener;
 import org.springframework.context.annotation.ComponentScan;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.EnableAspectJAutoProxy;
 import org.springframework.context.annotation.PropertySource;
+import org.springframework.context.event.ContextRefreshedEvent;
 import org.springframework.scheduling.annotation.EnableAsync;
 
 @ComponentScan(basePackages = {"cn.quantgroup.xyqb", "cn.quantgroup.cloudconfig"})
@@ -18,9 +23,20 @@ import org.springframework.scheduling.annotation.EnableAsync;
 @Configuration
 @EnableAspectJAutoProxy
 @EnableAsync
+@Slf4j
 public class Bootstrap {
 
   public static void main(String[] args) {
-        SpringApplication.run(Bootstrap.class, args);
+    SpringApplication springApplication = new SpringApplication(Bootstrap.class);
+    springApplication.addListeners(new ApplicationListener<ContextRefreshedEvent>() {
+      @Override
+      public void onApplicationEvent(ContextRefreshedEvent event) {
+        MotanSwitcherUtil.setSwitcherValue(MotanConstants.REGISTRY_HEARTBEAT_SWITCHER, true);
+        log.info("注册zookeeper成功");
+      }
+    });
+    springApplication.setRegisterShutdownHook(true);
+    springApplication.run(args);
+    log.info("server start...");
   }
 }

src/main/java/cn/quantgroup/xyqb/Constants.java

 package cn.quantgroup.xyqb;
 
 
-
 /**
  * Created by Miraculous on 15/7/5.
  */
@@ -47,7 +46,7 @@ public interface Constants {
     long WECHAT = 198L;
   }
 
-    interface Session{
+  interface Session {
     String USER_SESSION_CACHE = "user:session:";
     String USER_SESSION_ID_CACHE = "userid-sessionvalue:cache:";
     Long ONE_DAY = 24 * 60 * 60L;

src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaValidator.java

 package cn.quantgroup.xyqb.aspect.captcha;
 
-import java.lang.annotation.Documented;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+import java.lang.annotation.*;
 
 /**
  * 类名称：CaptchaValidate

src/main/java/cn/quantgroup/xyqb/aspect/fplock/FPLock.java

 package cn.quantgroup.xyqb.aspect.fplock;
 
-import java.lang.annotation.Documented;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+import java.lang.annotation.*;
 
 /**
  * Created by Miraculous on 15/11/10.
@@ -15,5 +11,6 @@ import java.lang.annotation.Target;
 public @interface FPLock {
 
   String uniqueName();
+
   FPRestriction[] restrictions() default {};
 }

src/main/java/cn/quantgroup/xyqb/aspect/fplock/FPRestriction.java

 package cn.quantgroup.xyqb.aspect.fplock;
 
-import java.lang.annotation.Documented;
-import java.lang.annotation.ElementType;
-import java.lang.annotation.Retention;
-import java.lang.annotation.RetentionPolicy;
-import java.lang.annotation.Target;
+import java.lang.annotation.*;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -16,10 +12,13 @@ import java.util.concurrent.TimeUnit;
 public @interface FPRestriction {
   // 持续时间
   int duration() default 1;
+
   // 持续时间单位
   TimeUnit type() default TimeUnit.MINUTES;
+
   // 限制值, -1表示不限制
   int limit() default -1;
+
   // 使用可覆盖
   boolean override() default true;
 }

src/main/java/cn/quantgroup/xyqb/aspect/fplock/FirstParamLockAspect.java

@@ -35,11 +35,6 @@ import java.util.stream.Stream;
 public class FirstParamLockAspect {
 
   private static final Logger LOGGER = LoggerFactory.getLogger(FirstParamLockAspect.class);
-
-    @Autowired
-    @Qualifier("stringRedisTemplate")
-    private RedisTemplate<String, String> stringRedisTemplate;
-
   private static final HashMap<String, FPRestrictionWraper> LOCK_PARAM;
   private static final Long MAX_COUNTER = 1L;
   private static final Long MAX_TO_LIVE = 10L;
@@ -50,6 +45,9 @@ public class FirstParamLockAspect {
     LOCK_PARAM = fastHashMap;
   }
 
+  @Autowired
+  @Qualifier("stringRedisTemplate")
+  private RedisTemplate<String, String> stringRedisTemplate;
   /* 自定义限制策略 (FPRestriction) 的情况下, 可配置的限制数值 */
   @Value("${xyqb.fplock.limit.byhour:3}")
   private Integer limitByHour;                // 每小时限制值
@@ -129,8 +127,8 @@ public class FirstParamLockAspect {
   public void setLimitation(String key, Integer duration, Integer limit) {
     FPRestrictionWraper restriction = LOCK_PARAM.get(key);
     if (restriction != null) {
-            if(duration != null) restriction.duration(duration);
-            if(limit != null) restriction.limit(limit);
+      if (duration != null) restriction.duration(duration);
+      if (limit != null) restriction.limit(limit);
     }
 
   }
@@ -213,6 +211,28 @@ public class FirstParamLockAspect {
     return true;
   }
 
+  /**
+   * 根据时间单位获取Redis锁名
+   *
+   * @return
+   */
+  private String getLockKeyByTimeUnit(TimeUnit timeUnit) {
+    Calendar calendar = Calendar.getInstance();
+    String unit = timeUnit.toString();
+    switch (timeUnit) {
+      case DAYS:
+        return unit + DateFormatUtils.format(calendar, "yyyyMMdd");
+      case HOURS:
+        return unit + DateFormatUtils.format(calendar, "yyyyMMddHH");
+      case MINUTES:
+        return unit + DateFormatUtils.format(calendar, "yyyyMMddHHmm");
+      case SECONDS:
+        return unit + DateFormatUtils.format(calendar, "yyyyMMddHHmmss");
+      default:
+        return unit;
+    }
+  }
+
   /**
    * 注解包装类
    */
@@ -284,26 +304,4 @@ public class FirstParamLockAspect {
       return "timeUnit:" + timeUnit + ", duration:" + this.duration + ", limit:" + limit;
     }
   }
-
-    /**
-     * 根据时间单位获取Redis锁名
-     *
-     * @return
-     */
-    private String getLockKeyByTimeUnit(TimeUnit timeUnit) {
-        Calendar calendar = Calendar.getInstance();
-        String unit = timeUnit.toString();
-        switch (timeUnit) {
-            case DAYS:
-                return unit + DateFormatUtils.format(calendar, "yyyyMMdd");
-            case HOURS:
-                return unit + DateFormatUtils.format(calendar, "yyyyMMddHH");
-            case MINUTES:
-                return unit + DateFormatUtils.format(calendar, "yyyyMMddHHmm");
-            case SECONDS:
-                return unit + DateFormatUtils.format(calendar, "yyyyMMddHHmmss");
-            default:
-                return unit;
-        }
-    }
 }

src/main/java/cn/quantgroup/xyqb/config/captcha/CustomJCaptchaEngine.java

@@ -49,7 +49,7 @@ public class CustomJCaptchaEngine extends ListImageCaptchaEngine {
     SingleColorGenerator colorGenerator = new SingleColorGenerator(Color.WHITE);
 
     //文字干扰器--- 可以创建多个
-        BaffleTextDecorator baffleTextDecorator = new BaffleTextDecorator(1,colorGenerator, 1);//气泡干扰
+    BaffleTextDecorator baffleTextDecorator = new BaffleTextDecorator(1, colorGenerator, 1);//气泡干扰
 //        LineTextDecorator lineTextDecorator = new LineTextDecorator(1,colorGenerator, 1);//曲线干扰
 //        TextDecorator[] textDecorators = new TextDecorator[]{baffleTextDecorator, lineTextDecorator};
     TextDecorator[] textDecorators = new TextDecorator[]{baffleTextDecorator};

src/main/java/cn/quantgroup/xyqb/config/captcha/CustomJCaptchaService.java

@@ -75,7 +75,7 @@ public class CustomJCaptchaService extends AbstractManageableImageCaptchaService
     }
 
     this.getTimes().remove(id);
-        if(valid) {
+    if (valid) {
       addNumberOfCorrectResponse(1);
     } else {
       addNumberOfUncorrectResponse(1);

src/main/java/cn/quantgroup/xyqb/config/data/JpaConfig.java

@@ -87,7 +87,6 @@ public class JpaConfig {
   }
 
 
-
   @Bean
   public PlatformTransactionManager transactionManager(EntityManagerFactory entityManagerFactory) {
     JpaTransactionManager transactionManager = new JpaTransactionManager();

src/main/java/cn/quantgroup/xyqb/config/data/RedisConfig.java

@@ -6,8 +6,6 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.cache.CacheManager;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.context.annotation.DependsOn;
-import org.springframework.context.annotation.Lazy;
 import org.springframework.data.redis.cache.RedisCacheManager;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.connection.RedisNode;

src/main/java/cn/quantgroup/xyqb/config/http/HttpConfig.java

 package cn.quantgroup.xyqb.config.http;
 
-import java.security.KeyManagementException;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.text.SimpleDateFormat;
-
-import javax.net.ssl.SSLContext;
-
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.SerializationFeature;
 import org.apache.http.client.HttpRequestRetryHandler;
 import org.apache.http.client.config.CookieSpecs;
 import org.apache.http.config.Registry;
@@ -37,9 +33,11 @@ import org.springframework.core.convert.converter.ConverterRegistry;
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
 import org.springframework.web.filter.CharacterEncodingFilter;
 
-import com.fasterxml.jackson.annotation.JsonInclude;
-import com.fasterxml.jackson.databind.DeserializationFeature;
-import com.fasterxml.jackson.databind.SerializationFeature;
+import javax.net.ssl.SSLContext;
+import java.security.KeyManagementException;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.text.SimpleDateFormat;
 
 /**
  * Created by Miraculous on 15/7/12.

src/main/java/cn/quantgroup/xyqb/config/http/Timestamp2LongConverter.java

@@ -12,9 +12,10 @@ import java.sql.Timestamp;
  */
 public class Timestamp2LongConverter implements ObjectSerializer {
   ;
+
   @Override
   public void write(JSONSerializer serializer, Object object, Object fieldName, Type fieldType, int features) throws IOException {
-        Timestamp time = (Timestamp)object;
+    Timestamp time = (Timestamp) object;
     if (time == null) {
       serializer.write(String.valueOf(0L));
     } else {

src/main/java/cn/quantgroup/xyqb/config/motan/MotanConfig.java

+package cn.quantgroup.xyqb.config.motan;
+
+import com.weibo.api.motan.config.springsupport.AnnotationBean;
+import com.weibo.api.motan.config.springsupport.BasicServiceConfigBean;
+import com.weibo.api.motan.config.springsupport.ProtocolConfigBean;
+import com.weibo.api.motan.config.springsupport.RegistryConfigBean;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * Created by 11 on 2017/2/27.
+ */
+@Configuration
+public class MotanConfig {
+
+  @Bean
+  public AnnotationBean motanAnnotationBean() {
+    AnnotationBean motanAnnotationBean = new AnnotationBean();
+    motanAnnotationBean.setPackage("cn.quantgroup.xyqb.controller.external.motan");
+    return motanAnnotationBean;
+  }
+
+  @Bean(name = "userMotan")
+  public ProtocolConfigBean protocolConfig1(
+      @Value("${protocol.isDefault}") Boolean isDefault, @Value("${protocol.name}") String name,
+      @Value("${protocol.contentLength}") int contentLength) {
+    ProtocolConfigBean config = new ProtocolConfigBean();
+    config.setDefault(isDefault);
+    config.setName(name);
+    config.setMaxContentLength(contentLength);
+    config.setMaxServerConnection(1000);
+    return config;
+  }
+
+
+  @Bean(name = "registryConfig")
+  public RegistryConfigBean registryConfig(@Value("${registry.protocol}") String registryProtocol,
+                                           @Value("${registry.address}") String registryAddress
+  ) {
+    RegistryConfigBean config = new RegistryConfigBean();
+    config.setRegProtocol(registryProtocol);
+    config.setAddress(registryAddress);
+    return config;
+  }
+
+  @Bean
+  public BasicServiceConfigBean baseServiceConfig(@Value("${motan.port}") int motanPort,
+                                                  @Value("${motan.user.group}") String userGroup,
+                                                  @Value("${motan.user.module}") String userModule,
+                                                  @Value("${motan.application:xyqbUserMotan}") String applicationName) {
+    BasicServiceConfigBean config = new BasicServiceConfigBean();
+    config.setExport("userMotan:" + motanPort);
+    config.setGroup(userGroup);
+    config.setVersion("1.0");
+    config.setAccessLog(true);
+    config.setShareChannel(true);
+    config.setModule(userModule);
+    config.setApplication(applicationName);
+    config.setRegistry("registryConfig");
+    return config;
+  }
+}

src/main/java/cn/quantgroup/xyqb/config/web/InterceptorConfig.java

 package cn.quantgroup.xyqb.config.web;
 
 import cn.quantgroup.xyqb.interceptors.ChannelIdInterceptor;
+import cn.quantgroup.xyqb.interceptors.IPWhiteListInterceptor;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
@@ -11,7 +13,11 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
 @Configuration
 public class InterceptorConfig extends WebMvcConfigurerAdapter {
 
+  @Value("${configserver.disable}")
+  private Integer isDebug;
+
   public void addInterceptors(InterceptorRegistry registry) {
+    registry.addInterceptor(new IPWhiteListInterceptor(isDebug)).addPathPatterns("/innerapi/**");
     registry.addInterceptor(new ChannelIdInterceptor()).addPathPatterns("/**");
   }
 

src/main/java/cn/quantgroup/xyqb/controller/ExceptionHandlingController.java

@@ -51,7 +51,6 @@ public class ExceptionHandlingController implements IBaseController {
   }
 
 
-
   @ExceptionHandler(Exception.class)
   public JsonResult exceptionOccurs(Exception e) {
     HttpServletRequest request = getRequest();

src/main/java/cn/quantgroup/xyqb/controller/IBaseController.java

@@ -7,8 +7,9 @@ import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
 import javax.servlet.http.HttpServletRequest;
-import static cn.quantgroup.xyqb.session.XyqbSessionContextHolder.*;
 
+import static cn.quantgroup.xyqb.session.XyqbSessionContextHolder.getXSession;
+import static cn.quantgroup.xyqb.session.XyqbSessionContextHolder.getXSessionFromRedis;
 /**
  * Created by Miraculous on 15/7/5.
  */
@@ -26,6 +27,10 @@ public interface IBaseController {
     return getXSession();
   }
 
+  default SessionStruct getCurrentSessionFromRedis(){
+    return   getXSessionFromRedis();
+  }
+
 
   default HttpServletRequest getRequest() {
     ServletRequestAttributes attrs = (ServletRequestAttributes) RequestContextHolder

src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java

@@ -79,7 +79,9 @@ public class ImageCaptchaController implements IBaseController {
 
   }
 
-    /** 图片验证码验证*/
+  /**
+   * 图片验证码验证
+   */
   @CaptchaValidator
   @RequestMapping("/verification_image_code")
   public JsonResult verificationImageCode() {

src/main/java/cn/quantgroup/xyqb/controller/external/motan/MotanController.java

+package cn.quantgroup.xyqb.controller.external.motan;
+
+
+import cn.quantgroup.xyqb.model.JsonResult;
+import com.weibo.api.motan.common.MotanConstants;
+import com.weibo.api.motan.util.MotanSwitcherUtil;
+import org.apache.commons.lang.StringUtils;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping("/motan")
+public class MotanController {
+  @RequestMapping("/enable/{key}")
+  public JsonResult reload(@PathVariable String key) {
+    if (StringUtils.equals(key, "b5140fb2-2c85-4b5a-abcf-3e97528014db")) {
+      MotanSwitcherUtil.setSwitcherValue(MotanConstants.REGISTRY_HEARTBEAT_SWITCHER, true);
+      return JsonResult.buildSuccessResult("加载成功", null);
+    }
+    return JsonResult.buildErrorStateResult("无效", null);
+  }
+
+  @RequestMapping("/disable/{key}")
+  public JsonResult disable(@PathVariable String key) {
+    if (StringUtils.equals(key, "b5140fb2-2c85-4b5a-abcf-3e97528014db")) {
+      MotanSwitcherUtil.setSwitcherValue(MotanConstants.REGISTRY_HEARTBEAT_SWITCHER, false);
+      return JsonResult.buildSuccessResult("加载成功", null);
+    }
+    return JsonResult.buildErrorStateResult("无效", null);
+  }
+}

src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java

@@ -42,7 +42,7 @@ import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_PASSWORD_ER
 public class AppController implements IBaseController {
 
   private static final Logger LOGGER = LoggerFactory.getLogger(AppController.class);
-
+  private final static Random random = new Random();
   @Autowired
   private ISessionService sessionService;
   @Autowired
@@ -53,7 +53,6 @@ public class AppController implements IBaseController {
   private IUserRepository userRepository;
   @Autowired
   private ISmsService smsService;
-
   @Autowired
   private IUserDetailService userDetailService;
   @Autowired
@@ -61,8 +60,6 @@ public class AppController implements IBaseController {
   @Autowired
   private IMerchantService merchantService;
 
-  private final static Random random = new Random();
-
   /**
    * 第三方用户登录
    */
@@ -186,14 +183,16 @@ public class AppController implements IBaseController {
     user.setCreatedAt(currentTime);
     userRepository.saveAndFlush(user);
 
-    if (registerFrom != 645L) {
+    if (registerFrom != 645L && registerFrom != 900L) {
       smsService.sendAfterRegister(phoneNo);
       LOGGER.info("第三方登录用户注册成功, registerFrom:{}, phoneNo:{}, 并且已发送短信通知", registerFrom, phoneNo);
+    }else if(registerFrom == 900L){
+      smsService.sendAfterRegister(phoneNo,"123");
+      LOGGER.info("第三方(聚美)登录用户注册成功, registerFrom:{}, phoneNo:{},idNo:{},name:{} 并且已发送短信通知", registerFrom, phoneNo, idNo, name);
     }
 
     if (StringUtils.isNotEmpty(idNo) && StringUtils.isNotEmpty(name)) {
       LOGGER.info("第三方登录用户，保存 UserDetail");
-
       IdCardInfo cardInfo;
       try {
         cardInfo = idCardService.getIdCardInfoWithExceptions(idNo);

src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java

 package cn.quantgroup.xyqb.controller.external.user;
 
+import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.*;
 import cn.quantgroup.xyqb.entity.enumerate.*;
 import cn.quantgroup.xyqb.model.*;
@@ -15,6 +16,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.util.CollectionUtils;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
@@ -23,13 +25,14 @@ import java.sql.Timestamp;
 import java.text.ParseException;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 
 /**
  * Created by Miraculous on 2016/12/19.
  */
 @RestController
 @RequestMapping("/innerapi")
-public class InnerController {
+public class InnerController implements IBaseController {
 
   private static final org.slf4j.Logger LOGGER = LoggerFactory.getLogger(InnerController.class);
 
@@ -72,6 +75,22 @@ public class InnerController {
     return JsonResult.buildSuccessResult("", userRet);
   }
 
+  @RequestMapping("/user/getPhoneByUserIds")
+  public JsonResult findByIds(@RequestParam(value = "userIds") String userIdsString) {
+    LOGGER.info("批量查询用户的手机号列表, userIdsString:" + userIdsString);
+    if (StringUtils.isEmpty(userIdsString)) {
+      return JsonResult.buildErrorStateResult(null, null);
+    }
+    List<Long> userIds = JSONObject.parseObject(userIdsString, new TypeReference<List<Long>>() {
+    });
+    if(!CollectionUtils.isEmpty(userIds) && userIds.size()<=500) {
+      Map<Long, String> userIdAndPhoneMap = userService.findPhoneByIdsInDb(userIds);
+      return JsonResult.buildSuccessResult("", userIdAndPhoneMap);
+    }else {
+      return JsonResult.buildErrorStateResult("批量查询每次最多进行500条用户信息的查询",null);
+    }
+  }
+
   @RequestMapping("/user/save")
   public JsonResult saveUser(
       String phoneNo, Long registeredFrom, Long createdAt, Long updatedAt,
@@ -240,6 +259,12 @@ public class InnerController {
       return JsonResult.buildErrorStateResult(null, null);
     }
     Timestamp now = new Timestamp(System.currentTimeMillis());
+    convertContactList(userId, contacts, now);
+    List<Contact> result = contactService.save(contacts);
+    return JsonResult.buildSuccessResult(null, ContactRet.contacts2ContactRets(result));
+  }
+
+  private void convertContactList(Long userId, List<Contact> contacts, Timestamp now) {
     for (Contact c : contacts) {
       c.setId(null);
       c.setUserId(userId);
@@ -247,8 +272,6 @@ public class InnerController {
       c.setCreatedAt(now);
       c.setUpdateAt(now);
     }
-    List<Contact> result = contactService.save(contacts);
-    return JsonResult.buildSuccessResult(null, ContactRet.contacts2ContactRets(result));
   }
 
   @RequestMapping("/address/search/user_id")
@@ -300,13 +323,13 @@ public class InnerController {
       return JsonResult.buildErrorStateResult("用户ID不能为空", null);
     }
     UserExtInfo info = userExtInfoService.findByUserId(userId);
-    if (info == null) {
     Timestamp now = new Timestamp(System.currentTimeMillis());
+    if (info == null) {
       info = new UserExtInfo();
       info.setUserId(userId);
       info.setCreatedAt(now);
-      info.setUpdateAt(now);
     }
+    info.setUpdateAt(now);
     if (incomeEnum != null) {
       info.setIncomeEnum(incomeEnum);
     }
@@ -337,6 +360,8 @@ public class InnerController {
 
   @RequestMapping("/user_detail/search_list")
   public JsonResult searchUserDetailList(String name, String phoneNo, String idNo) {
+
+    LOGGER.info("searchUserDetailList ,param.name:{},phone:{},idNo:{},ip:{}",name,phoneNo,idNo,getIp());
     if (StringUtils.isBlank(name) && StringUtils.isBlank(phoneNo) && StringUtils.isBlank(idNo)) {
       return JsonResult.buildErrorStateResult("至少必须满足一个条件不为空", null);
     }
@@ -353,7 +378,7 @@ public class InnerController {
     if (userExtInfo == null) {
       return JsonResult.buildErrorStateResult(null, null);
     }
-    return JsonResult.buildSuccessResult("success", UserExtInfoRet.getUserExtInfoRet(userExtInfo));
+    return JsonResult.buildSuccessResult(null, UserExtInfoRet.getUserExtInfoRet(userExtInfo));
   }
 
   @RequestMapping("/user/query/openId")
@@ -439,4 +464,29 @@ public class InnerController {
     return JsonResult.buildSuccessResult(null, UserSpouseRet.getUserSpouseRet(userSpouse));
   }
 
+  /**
+   * 重置密码接口，供内部人员使用（例如绝影）
+   * @param key
+   * @param phone
+   * @return
+   */
+  @RequestMapping("/user/password/reset/{key}/{phone}")
+  public JsonResult resetPassword(@PathVariable("key")String key,@PathVariable("phone")String phone) {
+    LOGGER.info("密码重置请求,phone:[{}]",phone);
+    if(StringUtils.isBlank(key)){
+      return JsonResult.buildErrorStateResult("用户密码重置失败.", null);
+    }
+    if(!"ecf75c1f-2ccb-4661-8e4b-2874c0f45a2b".equalsIgnoreCase(key)){
+      LOGGER.error("密码重置失败,key错误!@!,phone:[{}]", phone);
+      return JsonResult.buildErrorStateResult("用户密码重置失败.", null);
+    }
+    try {
+      userService.resetPassword(phone, "123456"); //默认重置的密码是123456
+      return JsonResult.buildSuccessResult("用户密码已重置.", "null");
+    }catch (Exception e){
+      LOGGER.error("密码重置失败,phone[{}],err:[{}]",phone, e);
+    }
+    return JsonResult.buildErrorStateResult("用户密码重置失败.", null);
+
+  }
 }
\ No newline at end of file

src/main/java/cn/quantgroup/xyqb/controller/external/user/SyncUserController.java

@@ -4,7 +4,6 @@ import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.entity.UserDetail;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.UserModel;
-import cn.quantgroup.xyqb.repository.IUserDetailRepository;
 import cn.quantgroup.xyqb.service.user.IUserDetailService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import org.apache.commons.lang.StringUtils;

src/main/java/cn/quantgroup/xyqb/controller/external/user/WeChatController.java

@@ -5,19 +5,15 @@ import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.Merchant;
 import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.entity.WechatUserInfo;
-import cn.quantgroup.xyqb.event.UserinfoChangedEvent;
 import cn.quantgroup.xyqb.model.AuthBean;
-import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.webchat.AccessTokenResponse;
 import cn.quantgroup.xyqb.service.merchant.IMerchantService;
-import cn.quantgroup.xyqb.service.page.IPageService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
 import cn.quantgroup.xyqb.util.EmojiUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.TypeReference;
-import java.util.HashMap;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
@@ -34,6 +30,7 @@ import javax.servlet.http.HttpServletResponse;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
 import java.util.Arrays;
+import java.util.HashMap;
 
 /**
  * Created by 11 on 2017/1/17.
@@ -64,6 +61,8 @@ public class WeChatController implements IBaseController {
   @Value("${xyqb-user.ui}")
   private String userUIAddr;
 
+  @Value("${xyqb.user.domain}")
+  private String userDomainStr;
 
   /**
    * 开发者资质认证,有必要吗?
@@ -315,6 +314,7 @@ public class WeChatController implements IBaseController {
         // 已经关联了用户
         // create session, 登进去，该怎么玩怎么玩。
         String redirectUrl = createUserSession(user, merchant, redirect, schema, registerFrom);
+        LOGGER.info("Location:[{}]",redirectUrl);
         response.setHeader("Location", redirectUrl);
         response.setStatus(301);
       }
@@ -322,12 +322,8 @@ public class WeChatController implements IBaseController {
       LOGGER.error("发生异常", ex);
       throw ex;
     }
-
-
-
   }
 
-
   /**
    * 通过redirect_url获取code
    *
@@ -357,7 +353,7 @@ public class WeChatController implements IBaseController {
     // welcome 首次登录
     if (userInfoInDb == null) {
       // 微信用户首次登录界面, 首先保存userInfo, 跳入到微信注册登录界面
-            if(StringUtils.isNotBlank(userInfo.getNickName())) {
+      if (StringUtils.isNotBlank(userInfo.getNickName())) {
         String nickName = EmojiUtil.filter(userInfo.getNickName());
         userInfo.setNickName(nickName);
       }
@@ -378,52 +374,55 @@ public class WeChatController implements IBaseController {
     // 已经关联了用户
     // create session, 登进去，该怎么玩怎么玩。
     String redirectUrl = createUserSession(user, merchant, "", schema, Constants.Channel.WECHAT);
-        LOGGER.info("Location={}", redirectUrl);
+    LOGGER.info("Location=[{}]", redirectUrl);
     response.setHeader("Location", redirectUrl);
     response.setStatus(301);
   }
 
   private String createUserSession(User user, Merchant merchant, String redirect, String schema, Long registerFrom) {
-        //TODO 临时紧急上线修改的.下次上线的时候修复一下,不能这样写.
-        String url = "http://passport.xyqb.com";
-        if("https:".equals(schema)) {
-            url = "https://passport.xyqb.com";
+    //String url = "http://passport.xyqb.com";
+    String url = "http://"+userDomainStr;
+    if ("https:".equals(schema)) {
+      url = "https://"+userDomainStr;
     }
-        if(StringUtils.isEmpty(redirect) || "redirect".equals(redirect)) {
+    if (StringUtils.isEmpty(redirect) || "redirect".equals(redirect)) {
       LOGGER.info("微信登录:redirect为null,走正常流程.");
       if ("baitiao".equals(merchant.getName())) {
         return loginInWechatWithSessionCreated(user, merchant, "cashTarget5", Constants.Channel.BAITIAO, url, Constants.Channel.WECHAT);
-            } else if("wechat-pay".equals(merchant.getName())){
+      } else if ("wechat-pay".equals(merchant.getName())) {
         AuthBean authBean = sessionService.createSession(Constants.Channel.WECHAT, registerFrom, "", user, merchant);
-                return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom+ "&channelId=" +  Constants.Channel.WECHAT +"&key=" + merchant.getName() +"&target=cashTarget5" ;
-            }else {
+        return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom + "&channelId=" + Constants.Channel.WECHAT + "&key=" + merchant.getName() + "&target=cashTarget5";
+      } else {
         return loginInWechatWithSessionCreated(user, merchant, "cashTarget4", 1L, url, registerFrom);
       }
-        } else if("local".equals(redirect)){
+    } else if ("local".equals(redirect)) {
       LOGGER.info("微信登录:redirect不为null,创建session跳到指定前端页面.");
       AuthBean authBean = sessionService.createSession(Constants.Channel.WECHAT, Constants.Channel.WECHAT, "", user, merchant);
       LOGGER.info("微信登录:跳转地址{}", url + "/weixin/callback?phoneNo=" + user.getPhoneNo() + "&token=" + authBean.getToken());
       Long channelId = "baitiao".equals(merchant.getName()) ? 222L : 1L;
       String target = "baitiao".equals(merchant.getName()) ? "cashTarget5" : "cashTarget4";
-            return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom+
-              "&channelId=" + channelId +"&key=" + merchant.getName() +"&target=" + target + "&isWechat=true";
+      return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom +
+          "&channelId=" + channelId + "&key=" + merchant.getName() + "&target=" + target + "&isWechat=true";
     }
     return null;
   }
 
+
   private String loginInWechatWithSessionCreated(User user, Merchant merchant, String target, Long channelId, String url, Long registerFrom) {
     AuthBean authBean = sessionService.createSession(channelId, registerFrom, "", user, merchant);
-        return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom+ "&channelId=" + channelId +"&key=" + merchant.getName() +"&target=" + target;
+    return url + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom + "&channelId=" + channelId + "&key=" + merchant.getName() + "&target=" + target;
   }
 
   private void redirectWechatLoginUrlWithoutLogin(HttpServletResponse response, Merchant merchant, WechatUserInfo userInfo, Long registerFrom) {
     String redirectUrl = assembleWechatRedirectUrl(merchant, userInfo, registerFrom);
+    LOGGER.info("redirectWechatLoginUrlWithoutLogin redirectUrl:[{}]",redirectUrl);
     response.setHeader("Location", redirectUrl);
     response.setStatus(301);
   }
 
   private void redirectNormalUrl(HttpServletResponse response, Merchant merchant, Long registerFrom) {
     String redirectUrl = assembleNormalRedirectUrl(merchant, registerFrom);
+    LOGGER.info("redirectNormalUrl redirectUrl:[{}]",redirectUrl);
     response.setHeader("Location", redirectUrl);
     response.setStatus(301);
   }

src/main/java/cn/quantgroup/xyqb/controller/internal/login/AuthInfoController.java

 package cn.quantgroup.xyqb.controller.internal.login;
 
 import cn.quantgroup.xyqb.controller.IBaseController;
+import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.UserRet;
 import cn.quantgroup.xyqb.model.session.LoginInfo;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
+import cn.quantgroup.xyqb.service.http.IHttpService;
+import cn.quantgroup.xyqb.service.user.IUserService;
+import com.alibaba.fastjson.JSONObject;
+import com.google.common.collect.ImmutableMap;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import javax.servlet.http.HttpServletRequest;
+import java.util.Map;
 
 /**
  * Created by Miraculous on 2016/12/30.
  */
 @RestController
 @RequestMapping("/auth")
+@Slf4j
 public class AuthInfoController implements IBaseController {
 
+
+  @Value("${xyqb.auth.url}")
+  private String xyqbAuthUrl;
+
+  @Autowired
+  private IHttpService httpService;
+
+  @Autowired
+  private IUserService userService;
+
+
   @RequestMapping("/info/login")
   public JsonResult loginInfo() {
-        SessionStruct sessionStruct = getSessionStruct();
+    SessionStruct sessionStruct = getCurrentSessionFromRedis();
+    if(null != sessionStruct) {
+      log.info("从用户中心获取到了用户登录信息:phone:[{}]",sessionStruct.getValues().getUser().getPhoneNo());
       LoginInfo loginInfo = new LoginInfo();
       loginInfo.setUser(UserRet.getUserRet(sessionStruct.getValues().getUser()));
       loginInfo.setToken(sessionStruct.getSid());
@@ -26,7 +56,35 @@ public class AuthInfoController implements IBaseController {
       context.setCreatedFrom(sessionStruct.getValues().getLoginProperties().getCreatedFrom());
       context.setAppChannel(sessionStruct.getValues().getLoginProperties().getAppChannel());
       loginInfo.setLoginContext(context);
+      return JsonResult.buildSuccessResult("", loginInfo);  //有ThreadLocal不释放的问题，不可再使用原来方式了
+    }else {
+      // 函谷关去查token 返回值高仿
+      log.info("去向函谷关查询用户信息");
+      HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
+      String token = request.getHeader("x-auth-token");
+      if(StringUtils.isBlank(token) ||token.length() != 36){
+        return JsonResult.buildErrorStateResult("用户未登录",null);
+      }
+      String checkUrl = xyqbAuthUrl+"/innerapi/is_login";
+      ImmutableMap<String, String> headMap = ImmutableMap.of("x-auth-token", token);
+      String response = httpService.get(checkUrl, headMap, null);
+      log.info("去向函谷关查询用户信息,response:[{}]",response);
+      JsonResult result = JSONObject.parseObject(response, JsonResult.class);
+      if (result == null || !"0000".equals(result.getCode()) || !"0000".equals(result.getBusinessCode())) {
+        return JsonResult.buildErrorStateResult("用户未登录",null);
+      }
+      String phoneNo = ((Map<String, String>) result.getData()).get("phoneNo");
+      User user = userService.findByPhoneWithCache(phoneNo);
+      LoginInfo loginInfo = new LoginInfo();
+      loginInfo.setUser(UserRet.getUserRet(user));
+      loginInfo.setToken(token);
+      LoginInfo.LoginContext context = new LoginInfo.LoginContext();
+      context.setChannelId(null);
+      context.setCreatedFrom(user.getRegisteredFrom());
+      context.setAppChannel("");
+      loginInfo.setLoginContext(context);
       return JsonResult.buildSuccessResult("", loginInfo);
     }
+  }
 
 }

src/main/java/cn/quantgroup/xyqb/controller/internal/platform/PlatformAPIController.java

@@ -38,7 +38,7 @@ public class PlatformAPIController implements IBaseController {
     if (null == merchant) {
       return JsonResult.buildErrorStateResult("", null);
     }
-        MerchantConfig config= merchantService.findConfigByMerchantIdAndConfigName(merchant.getId(), "returnUrl");
+    MerchantConfig config = merchantService.findConfigByMerchantIdAndConfigName(merchant.getId(), "returnUrl");
     if (null == config) {
       return JsonResult.buildSuccessResult("", null);
     }
@@ -72,5 +72,4 @@ public class PlatformAPIController implements IBaseController {
   }
 
 
-
 }

src/main/java/cn/quantgroup/xyqb/controller/internal/sms/SmsController.java

@@ -27,20 +27,16 @@ import java.util.concurrent.TimeUnit;
 public class SmsController {
 
   private static final Logger LOGGER = LoggerFactory.getLogger(SmsController.class);
+  private static final Random random = new Random();
+  private static final long EXPIRE_MINUTES = 10;
   @Autowired
   private ISmsService smsService;
-
   @Autowired
   @Qualifier("stringRedisTemplate")
   private RedisTemplate<String, String> redisTemplate;
-
   @Value("${sms.is.debug}")
   private boolean smsIsDebug;
 
-    private static final Random random = new Random();
-
-    private static final long EXPIRE_MINUTES = 10;
-
   /**
    * 短信验证码: for H5
    * 使用 @FPLock 注解并加入自定义限制参数, 做针对手机号的发送次数限制

src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserDetailController.java

@@ -26,11 +26,11 @@ import java.text.ParseException;
 @RequestMapping("/user_detail")
 public class UserDetailController implements IBaseController {
 
+  private static final Logger LOGGER = LoggerFactory.getLogger(UserDetailController.class);
   @Autowired
   private IUserDetailService userDetailService;
   @Autowired
   private IIdCardService idCardService;
-    private static final Logger LOGGER = LoggerFactory.getLogger(UserDetailController.class);
 
   @RequestMapping("/save")
   public JsonResult saveUserdetail(String idNo, String name) {

src/main/java/cn/quantgroup/xyqb/entity/Address.java

@@ -13,7 +13,7 @@ import java.sql.Timestamp;
 @Data
 @Entity
 @Table(name = "address", uniqueConstraints = @UniqueConstraint(columnNames = "user_id"))
-public class Address implements Serializable{
+public class Address implements Serializable {
 
   private static final long serialVersionUID = -1L;
 

src/main/java/cn/quantgroup/xyqb/entity/Merchant.java

@@ -15,7 +15,7 @@ import java.sql.Timestamp;
 @Data
 @Entity
 @Table(name = "merchant")
-public class Merchant implements Serializable{
+public class Merchant implements Serializable {
 
   private static final long serialVersionUID = -1L;
   @Id

src/main/java/cn/quantgroup/xyqb/entity/User.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.motan.retbean.XUser;
 import cn.quantgroup.xyqb.config.http.Timestamp2LongConverter;
 import com.alibaba.fastjson.annotation.JSONField;
-import com.fasterxml.jackson.databind.annotation.JsonSerialize;
-import lombok.*;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
 
-import javax.jws.soap.SOAPBinding;
 import javax.persistence.*;
 import java.io.Serializable;
 import java.sql.Timestamp;
@@ -57,4 +58,18 @@ public class User implements Serializable {
   private Timestamp updatedAt;
 
 
+  public XUser toXUser() {
+    XUser xUser = new XUser();
+    xUser.setId(this.getId());
+    xUser.setPassword(this.getPassword());
+    xUser.setRegisteredFrom(this.getRegisteredFrom());
+    xUser.setUuid(this.getUuid());
+    xUser.setEnable(this.getEnable());
+    xUser.setPhoneNo(this.getPhoneNo());
+    xUser.setUpdatedAt(this.getUpdatedAt());
+    xUser.setCreatedAt(this.getCreatedAt());
+    return xUser;
+  }
+
+
 }

src/main/java/cn/quantgroup/xyqb/entity/UserDetail.java

 package cn.quantgroup.xyqb.entity;
 
+import cn.quantgroup.motan.retbean.XUserDetail;
 import cn.quantgroup.xyqb.model.Gender;
 import cn.quantgroup.xyqb.model.IdType;
-import lombok.*;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.ToString;
 
 import javax.persistence.*;
 import java.io.Serializable;
@@ -64,5 +67,27 @@ public class UserDetail implements Serializable {
   @Column(name = "updated_at")
   private Timestamp updatedAt;
 
+  public XUserDetail toXUserDetail() {
+    XUserDetail xUserDetail = new XUserDetail();
+    xUserDetail.setId(this.getId());
+    xUserDetail.setUserId(this.getUserId());
+    xUserDetail.setPhoneNo(this.getPhoneNo());
+    xUserDetail.setName(this.getName());
+    xUserDetail.setIdNo(this.getIdNo());
+    if (this.getIdType() != null) {
+      xUserDetail.setIdType(cn.quantgroup.motan.enums.IdType.valueOf(this.getIdType().name()));
+    }
+    if (this.getGender() != null) {
+      xUserDetail.setGender(cn.quantgroup.motan.enums.Gender.valueOf(this.getGender().name()));
+    }
+    xUserDetail.setEmail(this.getEmail());
+    xUserDetail.setQq(this.getQq());
+    xUserDetail.setId(this.getId());
+    xUserDetail.setCreatedAt(this.getCreatedAt());
+    xUserDetail.setUpdatedAt(this.getUpdatedAt());
+    xUserDetail.setIsAuthenticated(this.getIsAuthenticated());
+    return xUserDetail;
+  }
+
 
 }

src/main/java/cn/quantgroup/xyqb/entity/UserExtInfo.java

 package cn.quantgroup.xyqb.entity;
 
 import cn.quantgroup.xyqb.entity.enumerate.*;
-import com.sun.org.apache.xpath.internal.operations.Bool;
 import lombok.Data;
 
 import javax.persistence.*;

src/main/java/cn/quantgroup/xyqb/entity/UuidPhoneMapping.java

@@ -24,10 +24,10 @@ public class UuidPhoneMapping implements Serializable {
   @GeneratedValue(strategy = GenerationType.IDENTITY)
   private Long id;
 
-    @Column (name = "uuid")
+  @Column(name = "uuid")
   private String uuid;
 
-    @Column (name = "phone_no")
+  @Column(name = "phone_no")
   private String phoneNo;
 
 

src/main/java/cn/quantgroup/xyqb/entity/WechatUserInfo.java

@@ -13,7 +13,7 @@ import java.sql.Timestamp;
 @Entity
 @Table(name = "wechat_userinfo")
 @Data
-public class WechatUserInfo implements Serializable{
+public class WechatUserInfo implements Serializable {
   private static final long serialVersionUID = -1L;
 
   @Id

src/main/java/cn/quantgroup/xyqb/entity/enumerate/EducationEnum.java

@@ -21,14 +21,14 @@ public enum EducationEnum {
     this.name = name;
   }
 
-    public void setName(String name) {
-        this.name = name;
-    }
-
   public String getName() {
     return name;
   }
 
+  public void setName(String name) {
+    this.name = name;
+  }
+
   @Override
   public String toString() {
     return name;

src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeEnum.java

@@ -10,7 +10,7 @@ public enum IncomeEnum {
   CASH_AND_PAY_CARD("混合");
   private String desc;
 
-    private IncomeEnum(String desc){
+  private IncomeEnum(String desc) {
     this.desc = desc;
   }
 }
\ No newline at end of file

src/main/java/cn/quantgroup/xyqb/entity/enumerate/IncomeRangeEnum.java

@@ -16,7 +16,7 @@ public enum IncomeRangeEnum {
 
   private String desc;
 
-    private IncomeRangeEnum(String desc){
+  private IncomeRangeEnum(String desc) {
     this.desc = desc;
   }
 

src/main/java/cn/quantgroup/xyqb/entity/enumerate/OccupationEnum.java

@@ -23,14 +23,14 @@ public enum OccupationEnum {
     this.name = name;
   }
 
-    public void setName(String name) {
-        this.name = name;
-    }
-
   public String getName() {
     return name;
   }
 
+  public void setName(String name) {
+    this.name = name;
+  }
+
   @Override
   public String toString() {
     return name;

src/main/java/cn/quantgroup/xyqb/exception/UserNotExistException.java

 package cn.quantgroup.xyqb.exception;
 
 
-
 /**
  * @author mengfan.feng
  * @time 2015-09-08 17:43
  */
-public class UserNotExistException extends RuntimeException{
+public class UserNotExistException extends RuntimeException {
 
   private static final long serialVersionUID = -1L;
 

src/main/java/cn/quantgroup/xyqb/filter/CrosFilter.java

@@ -22,12 +22,6 @@ import java.util.Set;
 @Configuration
 public class CrosFilter implements Filter {
 
-    @Value("${xyqb.filter.allowedOrigin}")
-    private String allowedOrigin;
-
-    @Value("${xyqb.filter.allowedHeaders}")
-    private String allowedHeaders;
-
   private static final Set<String> DISALLOWED_METHOD = new HashSet<>();
 
   static {
@@ -36,6 +30,10 @@ public class CrosFilter implements Filter {
     DISALLOWED_METHOD.add("DELETE");
   }
 
+  @Value("${xyqb.filter.allowedOrigin}")
+  private String allowedOrigin;
+  @Value("${xyqb.filter.allowedHeaders}")
+  private String allowedHeaders;
 
   @Override
   public void init(FilterConfig filterConfig) throws ServletException {

src/main/java/cn/quantgroup/xyqb/filter/RequestFilter.java

@@ -25,17 +25,24 @@ import java.io.PrintWriter;
 @Order(Ordered.HIGHEST_PRECEDENCE + 100)
 public class RequestFilter implements Filter {
 
+  //private static final String[] ALLOWED_PATTERNS = {
+  //    "/innerapi/**", "/user/exist", "/motan/**", "/user/register", "/user/login", "/user/register/fast","/auth/info/login",
+  //    "/user/login/fast", "/user/reset_password", "/user/exist_check",
+  //    "/jr58/**", "/app/login", "/app/login_super", "/wechat/**", "/config/**", "/api/**", "/user/exists_token",
+  //    "/platform/api/page/return_url", "/MP_" +
+  //    "verify_AWiagUn4kZiwmTt0.txt"
+  //};
+  private static final String[] ALLOWED_PATTERNS = {
+      "/innerapi/**", "/user/exist", "/motan/**", "/user/register", "/user/login", "/user/register/fast","/auth/info/login",
+      "/user/login/fast", "/user/reset_password", "/user/exist_check",
+      "/jr58/**", "/app/login", "/app/login_super", "/wechat/**", "/config/**", "/api/**", "/user/exists_token",
+      "/platform/api/page/return_url", "/MP_" +
+      "verify_AWiagUn4kZiwmTt0.txt"
+  };
+  private static final String UNAUTH_RESULT = JSONObject.toJSONString(JsonResult.buildErrorStateResult("登录失败", null));
   @Autowired
   private ISessionService sessionService;
-
   private AntPathMatcher matcher = new AntPathMatcher();
-    private static final String [] ALLOWED_PATTERNS = {
-        "/innerapi/**", "/user/exist","/user/register","/user/login","/user/register/fast",
-            "/user/login/fast", "/user/reset_password","/user/exist_check",
-            "/jr58/**","/app/login","/app/login_super", "/wechat/**", "/config/**","/api/**","/user/exists_token",
-            "/platform/api/page/return_url", "/MP_verify_AWiagUn4kZiwmTt0.txt"
-    };
-    private static final String UNAUTH_RESULT = JSONObject.toJSONString(JsonResult.buildErrorStateResult("登录失败", null));
 
   @Override
   public void init(FilterConfig filterConfig) throws ServletException {
@@ -47,10 +54,10 @@ public class RequestFilter implements Filter {
     HttpServletResponse response = (HttpServletResponse) servletResponse;
     String requestPath = getRequestPath(request);
     SessionStruct sessionStruct;
-        if(!isMatch(requestPath)){
+    if (!isMatch(requestPath)) {
       //获取session信息,如果没有获取到session信息则返回错误信息
       sessionStruct = XyqbSessionContextHolder.getXSession();
-            if(sessionStruct == null) {
+      if (sessionStruct == null) {
         response.setStatus(401);
         response.setHeader("Content-Type", "application/json;charset=utf-8");
         PrintWriter writer = response.getWriter();
@@ -70,7 +77,7 @@ public class RequestFilter implements Filter {
           }
         }
       }
-        }else {
+    } else {
       filterChain.doFilter(request, response);
     }
 

src/main/java/cn/quantgroup/xyqb/interceptors/IPWhiteListInterceptor.java

+package cn.quantgroup.xyqb.interceptors;
+
+import cn.quantgroup.xyqb.util.IPUtil;
+import com.google.common.collect.Sets;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.web.servlet.HandlerInterceptor;
+import org.springframework.web.servlet.ModelAndView;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.regex.Pattern;
+
+/**
+ * Created by Administrator on 2017/5/9.
+ */
+public class IPWhiteListInterceptor implements HandlerInterceptor {
+
+    private Integer isDebug;
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(IPWhiteListInterceptor.class);
+
+    private static final String patternStr = "172.*";
+    private static final String [] allowIPs = {"139.198.7.123"};
+    private static Set<String> allowIPSet = Sets.newHashSet(allowIPs);
+    private static final Pattern pattern = Pattern.compile(patternStr);
+
+    public IPWhiteListInterceptor(Integer isDebug) {
+        this.isDebug = isDebug;
+    }
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if(isDebug !=0) return true;
+        String remoteIP = IPUtil.getRemoteIP(request);
+        if(StringUtils.isNoneBlank(remoteIP)){
+            remoteIP = remoteIP.trim();
+            boolean isMatch = pattern.matcher(remoteIP).matches();
+            isMatch = Boolean.logicalOr(isMatch,allowIPSet.contains(remoteIP));
+            if(!isMatch){
+                LOGGER.info("非法IP尝试访问,ip:[{}]",remoteIP);
+            }
+            return isMatch;
+        }
+        LOGGER.info("未能获取remoteIP");
+        return false;
+    }
+
+    @Override
+    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
+
+    }
+
+    @Override
+    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+
+    }
+}

src/main/java/cn/quantgroup/xyqb/model/AppUserParam.java

 package cn.quantgroup.xyqb.model;
 
-import lombok.AllArgsConstructor;
-import lombok.Builder;
-import lombok.Getter;
-import lombok.NoArgsConstructor;
-import lombok.Setter;
-import lombok.ToString;
+import lombok.*;
 
 import java.io.Serializable;
 

src/main/java/cn/quantgroup/xyqb/model/AuthBean.java

@@ -10,7 +10,7 @@ public class AuthBean {
   private String token;
   private String phoneNo;
 
-    public AuthBean (String token, Principal user) {
+  public AuthBean(String token, Principal user) {
     this.token = token;
     this.phoneNo = user.getName();
   }

src/main/java/cn/quantgroup/xyqb/model/ContactRet.java

@@ -26,7 +26,7 @@ public class ContactRet implements Serializable {
   private Long updateAt;
 
 
-    public static ContactRet contact2ContactRet (Contact c) {
+  public static ContactRet contact2ContactRet(Contact c) {
     if (c == null) {
       return null;
     }

src/main/java/cn/quantgroup/xyqb/model/Gender.java

@@ -14,14 +14,14 @@ public enum Gender {
     this.name = name;
   }
 
-    public void setName(String name) {
-        this.name = name;
-    }
-
   public String getName() {
     return name;
   }
 
+  public void setName(String name) {
+    this.name = name;
+  }
+
   @Override
   public String toString() {
     return name;

src/main/java/cn/quantgroup/xyqb/model/IdType.java

@@ -22,14 +22,14 @@ public enum IdType {
     this.name = name;
   }
 
-    public void setName(String name) {
-        this.name = name;
-    }
-
   public String getName() {
     return name;
   }
 
+  public void setName(String name) {
+    this.name = name;
+  }
+
   @Override
   public String toString() {
     return name;

src/main/java/cn/quantgroup/xyqb/model/JsonResult.java

@@ -48,6 +48,10 @@ public class JsonResult implements Serializable {
     this.businessCode = String.format(Constants.ZERO_FILL_TEMPLATE, businessCode);
   }
 
+  public JsonResult(Object data) {
+    this.data = data;
+  }
+
   /**
    * 构造成功的JsonResult
    *
@@ -82,10 +86,6 @@ public class JsonResult implements Serializable {
     return new JsonResult(msg, ERROR_STATE_CODE, data, busniessId);
   }
 
-    public JsonResult(Object data) {
-        this.data = data;
-    }
-
   public String getMsg() {
     return msg;
   }

src/main/java/cn/quantgroup/xyqb/model/Tuple.java

@@ -21,14 +21,14 @@ public final class Tuple<Key, Value> {
     return key;
   }
 
-    public Value getValue() {
-        return value;
-    }
-
   public void setKey(Key key) {
     this.key = key;
   }
 
+  public Value getValue() {
+    return value;
+  }
+
   public void setValue(Value value) {
     this.value = value;
   }

src/main/java/cn/quantgroup/xyqb/model/UserDetailRet.java

@@ -4,14 +4,13 @@ import cn.quantgroup.xyqb.entity.UserDetail;
 import lombok.Data;
 import org.apache.commons.lang.StringUtils;
 
-
 import java.io.Serializable;
 
 /**
  * Created by 11 on 2016/12/20.
  */
 @Data
-public class UserDetailRet implements Serializable{
+public class UserDetailRet implements Serializable {
   private static final long serialVersionUID = -1L;
 
   private Long id;
@@ -46,10 +45,11 @@ public class UserDetailRet implements Serializable{
 
   /**
    * 转换时间从timestamp到long
+   *
    * @param userDetail
    * @return return self
    */
-    public static UserDetailRet getUserDetail(UserDetail userDetail){
+  public static UserDetailRet getUserDetail(UserDetail userDetail) {
     long createTimeStamp = userDetail.getCreatedAt().getTime();
     long updateTimeStamp = userDetail.getUpdatedAt().getTime();
     UserDetailRet userDetailRet = new UserDetailRet();

src/main/java/cn/quantgroup/xyqb/model/UserExtInfoRet.java

@@ -4,8 +4,6 @@ import cn.quantgroup.xyqb.entity.UserExtInfo;
 import cn.quantgroup.xyqb.entity.enumerate.*;
 import lombok.Data;
 
-import java.sql.Timestamp;
-
 /**
  * Created by Miraculous on 2017/2/13.
  */

src/main/java/cn/quantgroup/xyqb/model/UserRet.java

@@ -10,7 +10,7 @@ import java.io.Serializable;
  * Created by 11 on 2016/12/20.
  */
 @Data
-public class UserRet implements Serializable{
+public class UserRet implements Serializable {
   private static final long serialVersionUID = -1L;
 
   private Long id;
@@ -35,7 +35,7 @@ public class UserRet implements Serializable{
   //上一次修改时间
   private Long updatedAt;
 
-    public static UserRet getUserRet(User user){
+  public static UserRet getUserRet(User user) {
     Long createTimeStamp = user.getCreatedAt().getTime();
     Long updateTimeStamp = user.getUpdatedAt().getTime();
     UserRet userRet = new UserRet();

src/main/java/cn/quantgroup/xyqb/model/jr58/Jr58Authorization.java

@@ -18,7 +18,7 @@ public class Jr58Authorization {
 
   @Getter
   @Setter
-    public static class OperatorData{
+  public static class OperatorData {
     private OriginalData originalData;
     private ReportData reportData;
 
@@ -33,7 +33,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class PhoneData{
+      public static class PhoneData {
         private Long id;
         private String phoneNum;
         private String serialNo;
@@ -47,7 +47,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class PhoneBillDataList{
+      public static class PhoneBillDataList {
         private String localPhone;
         private String totalCost;
         private String planCost;
@@ -58,7 +58,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class PhoneCallLogList{
+      public static class PhoneCallLogList {
         private String localPhone;
         private String callPhone;
         private String callId;
@@ -73,7 +73,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class PhoneSmsLogList{
+      public static class PhoneSmsLogList {
         private String localPhone;
         private String otherPhone;
         private String sendId;
@@ -86,13 +86,9 @@ public class Jr58Authorization {
     }
 
 
-
-
-
-
     @Getter
     @Setter
-        public static class ReportData{
+    public static class ReportData {
       private String localPhone;
       private Behavior behavior;
       private Check check;
@@ -105,7 +101,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class Behavior{
+      public static class Behavior {
         private String localPhone;
         private String friendCircle;
         private String localLivingYear;
@@ -130,7 +126,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class Check{
+      public static class Check {
         private String localPhone;
         private String idCardValidate;
         private String operatorBinding;
@@ -147,7 +143,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class CallList{
+      public static class CallList {
         private String localPhone;
         private String phoneNum;
         private String attribution;
@@ -180,14 +176,14 @@ public class Jr58Authorization {
 
       @Setter
       @Getter
-            public static class ContactList{
+      public static class ContactList {
 
       }
 
 
       @Getter
       @Setter
-            public static class OperatorList{
+      public static class OperatorList {
         private String localPhone;
         private String operatorName;
         private String operatorZh;
@@ -209,7 +205,7 @@ public class Jr58Authorization {
 
       @Getter
       @Setter
-            public static class RegionList{
+      public static class RegionList {
         private String localphone;
         private String regionName;
         private String numCount;
@@ -230,7 +226,7 @@ public class Jr58Authorization {
 
       @Setter
       @Getter
-            public static class ServiceList{
+      public static class ServiceList {
         private String localPhone;
         private String companyName;
         private String companyType;
@@ -243,7 +239,7 @@ public class Jr58Authorization {
 
       @Setter
       @Getter
-            public static class TripConsumeList{
+      public static class TripConsumeList {
 
       }
 
@@ -251,5 +247,4 @@ public class Jr58Authorization {
   }
 
 
-
 }

src/main/java/cn/quantgroup/xyqb/model/session/LoginInfo.java

 package cn.quantgroup.xyqb.model.session;
 
+import cn.quantgroup.motan.retbean.XLoginInfo;
 import cn.quantgroup.xyqb.model.UserRet;
+import com.alibaba.fastjson.JSON;
 import lombok.Data;
 
 /**
@@ -13,6 +15,14 @@ public class LoginInfo {
   private UserRet user;
   private LoginContext loginContext;
 
+  public static XLoginInfo getXLoginInfo(LoginInfo loginInfo) {
+    if (null == loginInfo) {
+      return null;
+    }
+    String userJson = JSON.toJSONString(loginInfo);
+    return JSON.parseObject(userJson, XLoginInfo.class);
+  }
+
   @Data
   public static class LoginContext {
 

src/main/java/cn/quantgroup/xyqb/model/session/SessionStruct.java

@@ -2,7 +2,6 @@ package cn.quantgroup.xyqb.model.session;
 
 import lombok.Data;
 import lombok.NoArgsConstructor;
-import org.apache.commons.collections.map.HashedMap;
 
 import java.io.Serializable;
 import java.util.HashMap;

src/main/java/cn/quantgroup/xyqb/model/session/SessionValue.java

@@ -15,7 +15,7 @@ import java.util.Map;
  */
 @Data
 @NoArgsConstructor
-public class SessionValue{
+public class SessionValue {
   private User user;
   private Map<String, String> values;
 

src/main/java/cn/quantgroup/xyqb/model/webchat/AccessTokenResponse.java

@@ -9,7 +9,7 @@ import java.io.Serializable;
  * 微信获取access_token接口的返回值
  */
 @Data
-public class AccessTokenResponse implements Serializable{
+public class AccessTokenResponse implements Serializable {
   private static final long serialVersionUID = -1L;
   private String accessToken;
   private Long expiresIn;

src/main/java/cn/quantgroup/xyqb/repository/IMerchantConfigRepository.java

@@ -6,5 +6,5 @@ import org.springframework.data.jpa.repository.JpaRepository;
 /**
  * Created by 11 on 2016/12/30.
  */
-public interface IMerchantConfigRepository extends JpaRepository<MerchantConfig, Long>{
+public interface IMerchantConfigRepository extends JpaRepository<MerchantConfig, Long> {
 }

src/main/java/cn/quantgroup/xyqb/repository/IUserRepository.java

@@ -4,14 +4,18 @@ import cn.quantgroup.xyqb.entity.User;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
 
+import java.util.List;
+
 /**
  * Created by Miraculous on 15/7/4.
  */
-public interface IUserRepository extends JpaRepository<User, Long> ,JpaSpecificationExecutor<User>{
+public interface IUserRepository extends JpaRepository<User, Long>, JpaSpecificationExecutor<User> {
 
   User findByPhoneNo(String phoneNo);
 
   User findByUuid(String uuid);
 
+  List<User> findByIdIn(List<Long> ids);
+
   User findById(Long id);
 }

src/main/java/cn/quantgroup/xyqb/repository/IUuidPhoneMappingRepository.java

@@ -6,7 +6,7 @@ import org.springframework.data.jpa.repository.JpaRepository;
 /**
  * Created by Miraculous on 15/10/29.
  */
-public interface IUuidPhoneMappingRepository extends JpaRepository<UuidPhoneMapping, Long>{
+public interface IUuidPhoneMappingRepository extends JpaRepository<UuidPhoneMapping, Long> {
 
   UuidPhoneMapping findByUuid(String uuid);
 

src/main/java/cn/quantgroup/xyqb/repository/IWeChatUserRepository.java

@@ -9,6 +9,8 @@ import org.springframework.data.jpa.repository.JpaRepository;
  */
 public interface IWeChatUserRepository extends JpaRepository<WechatUserInfo, Long> {
   WechatUserInfo findByOpenId(String openId);
+
   WechatUserInfo findByPhoneNo(String phoneNo);
+
   WechatUserInfo findByUserId(Long userId);
 }