finished test login(password and sms)

70e1c5c5 · 王亮 · 960c7164 · 70e1c5c5 · 70e1c5c5 · 70e1c5c5
Commit 70e1c5c5 authored Jul 12, 2023 by 王亮
10 changed files
--- a/doc/sql/update-20230630.sql
+++ b/doc/sql/update-20230630.sql
@@ -12,7 +12,7 @@ CREATE TABLE `xyqb_user`.`user_info` (
  `gender` TINYINT(3) NULL COMMENT '性别',
  `email` VARCHAR(45) NULL COMMENT '邮箱',
  `qq` VARCHAR(20) NULL COMMENT '腾讯qq',
-  `nick_name` VARCHAR(45) NULL COMMENT '昵称',
+  `name` VARCHAR(45) NULL COMMENT '昵称',
  `photo` VARCHAR(255) NULL COMMENT '头像地址',
  `birthday` DATE NULL COMMENT '生日',
  `province_id` INT NULL COMMENT '地址省份id',

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
@@ -474,7 +474,7 @@ public class UserController implements IBaseController {
                return JsonResult.buildErrorStateResult("修改密码失败", null);
            }
        } else {
-            if (StringUtils.isNotBlank(user.getPassword()) && !PasswordUtil.validatePassword(password, user.getPassword())) {
+            if (StringUtils.isNotBlank(user.getPassword()) && !PasswordUtil.validatePassword(password, user.getPassword(),user.getPasswordType())) {
                return JsonResult.buildErrorStateResult("修改密码失败", null);
            }
        }
@@ -776,7 +776,7 @@ public class UserController implements IBaseController {
            }
        } else {
            //验证密码
-            if (!PasswordUtil.validatePassword(pass, user.getPassword())) {
+            if (!PasswordUtil.validatePassword(pass, user.getPassword(),user.getPasswordType())) {
                // 向该ipv4添加错误计数器
                lockIpv4Service.countErrorByIpv4(clientIp);
                // 向该phoneNo添加错误计数器

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
@@ -844,7 +844,7 @@ public class InnerController implements IBaseController {
            }
        } else {
            //验证密码
-            if (!PasswordUtil.validatePassword(bufPassword, user.getPassword())) {
+            if (!PasswordUtil.validatePassword(bufPassword, user.getPassword(),user.getPasswordType())) {
                return null;
            }
            // 老密码校验后更新新密码加密方式

--- a/src/main/java/cn/quantgroup/xyqb/entity/UserTag.java
+++ b/src/main/java/cn/quantgroup/xyqb/entity/UserTag.java
 package cn.quantgroup.xyqb.entity;
-import lombok.Builder;
+import lombok.*;
-import lombok.Data;
-import lombok.EqualsAndHashCode;
 import javax.persistence.Column;
 import javax.persistence.Entity;
@@ -14,6 +12,8 @@ import java.io.Serializable;
 @Entity
 @Table(name = "user_tag")
 @Builder
+@NoArgsConstructor
+@AllArgsConstructor
 public class UserTag extends BaseEntity implements Serializable {
    @Column(name = "user_id")
    private Long userId;

--- a/src/main/java/cn/quantgroup/xyqb/model/UserRegisterParam.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/UserRegisterParam.java
@@ -19,6 +19,7 @@ public class UserRegisterParam {
     * ======数据部分开始======
     */
    private Long registerFrom; // 注册渠道
+    private Integer tenantId;  //租户id
    private String phoneNo; // 手机号
    private String password; // 密码
    private String name; // 姓名

--- a/src/main/java/cn/quantgroup/xyqb/service/register/impl/UserRegisterServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/register/impl/UserRegisterServiceImpl.java
@@ -66,7 +66,8 @@ public class UserRegisterServiceImpl implements IUserRegisterService {
        deregisterCheck(phoneNo);
-        UserRegisterParam userRegisterParam = UserRegisterParam.builder().registerFrom(registerFrom).phoneNo(phoneNo).channelId(registerFrom).sendSuccessSms(true).sendAppSms(true).sendSuccessMq(true).build();
+        UserRegisterParam userRegisterParam = UserRegisterParam.builder().registerFrom(registerFrom).phoneNo(phoneNo).tenantId(tenantId)
+                .channelId(registerFrom).sendSuccessSms(true).sendAppSms(true).sendSuccessMq(true).build();
        User user = saveUser(userRegisterParam);
        if (tenantId == null || tenantId.equals(TenantUtil.TENANT_DEFAULT)) {
            applicationEventPublisher.publishEvent(new RegisterEvent(this, userRegisterParam));
@@ -92,6 +93,7 @@ public class UserRegisterServiceImpl implements IUserRegisterService {
        User user = new User();
        user.setUuid(uuid);
        user.setEnable(true);
+        user.setTenantId(userRegisterParam.getTenantId());
        user.setPhoneNo(userRegisterParam.getPhoneNo());
        user.setEncryptedPhoneNo(userRegisterParam.getPhoneNo());
        Long registerFrom = userRegisterParam.getRegisterFrom();

--- a/src/main/java/cn/quantgroup/xyqb/service/v2/PhonePasswordLoginStrategy.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/v2/PhonePasswordLoginStrategy.java
@@ -78,7 +78,7 @@ public class PhonePasswordLoginStrategy implements LoginStrategy {
            }
        } else {
            //验证密码
-            if (!PasswordUtil.validatePassword(phonePasswordLoginParam.getPassword(), user.getPassword())) {
+            if (!PasswordUtil.validatePassword(phonePasswordLoginParam.getPassword(), user.getPassword(),user.getPasswordType())) {
                // 向该ipv4添加错误计数器
                lockIpv4Service.countErrorByIpv4(sessionStruct.getIp());
                // 向该phoneNo添加错误计数器

--- a/src/main/java/cn/quantgroup/xyqb/service/v2/SMSLoginStrategy.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/v2/SMSLoginStrategy.java
@@ -11,7 +11,6 @@ import cn.quantgroup.xyqb.model.LoginBean;
 import cn.quantgroup.xyqb.model.LoginProperties;
 import cn.quantgroup.xyqb.model.session.SessionStruct;
 import cn.quantgroup.xyqb.model.v2.login.BaseLoginParam;
-import cn.quantgroup.xyqb.model.v2.login.PhonePasswordLoginParam;
 import cn.quantgroup.xyqb.model.v2.login.SMSLoginParam;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
@@ -73,9 +72,10 @@ public class SMSLoginStrategy implements LoginStrategy {
        User user = userService.findByPhoneWithCache(smsLoginParam.getPhone(), sessionStruct.getTenantId());
        //需要返回用户是否首次注册
        boolean register = user == null;
-        if (user != null && !user.getEnable()) {
+        if (user != null) {
-            log.info("用户不存在，或者已经注销，phoneNo:{}", smsLoginParam.getPhone());
+            if (!user.getEnable()) {
-            throw new BizException(BizExceptionEnum.ERROR_OR_ENABLE_ERROR);
+                throw new BizException(BizExceptionEnum.ERROR_OR_ENABLE_ERROR);
+            }
        } else {
            // Service层会负责发送注册消息到LoanVest
            user = userRegisterService.register(sessionStruct.getRegisteredFrom(), smsLoginParam.getPhone(), sessionStruct.getTenantId());

--- a/src/main/java/cn/quantgroup/xyqb/util/MD5Utils.java
+++ b/src/main/java/cn/quantgroup/xyqb/util/MD5Utils.java
+package cn.quantgroup.xyqb.util;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+public class MD5Utils {
+    private static final char[] DIGITS_LOWER = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd',
+            'e', 'f'};
+    private static final ThreadLocal<MessageDigest> MESSAGE_DIGEST_LOCAL = new ThreadLocal<MessageDigest>() {
+        @Override
+        protected MessageDigest initialValue() {
+            try {
+                return MessageDigest.getInstance("MD5");
+            } catch (NoSuchAlgorithmException e) {
+                return null;
+            }
+        }
+    };
+    /**
+     * Calculate MD5 hex string.
+     *
+     * @param bytes byte arrays
+     * @return MD5 hex string of input
+     * @throws NoSuchAlgorithmException if can't load md5 digest spi.
+     */
+    public static String md5Hex(byte[] bytes) throws NoSuchAlgorithmException {
+        try {
+            MessageDigest messageDigest = MESSAGE_DIGEST_LOCAL.get();
+            if (messageDigest != null) {
+                return encodeHexString(messageDigest.digest(bytes));
+            }
+            throw new NoSuchAlgorithmException("MessageDigest get MD5 instance error");
+        } finally {
+            MESSAGE_DIGEST_LOCAL.remove();
+        }
+    }
+    /**
+     * Calculate MD5 hex string with encode charset.
+     *
+     * @param value  value
+     * @param encode encode charset of input
+     * @return MD5 hex string of input
+     */
+    public static String md5Hex(String value, String encode) {
+        try {
+            return md5Hex(value.getBytes(encode));
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+    /**
+     * Convert a byte array into a visible string.
+     */
+    public static String encodeHexString(byte[] bytes) {
+        int l = bytes.length;
+        char[] out = new char[l << 1];
+        for (int i = 0, j = 0; i < l; i++) {
+            out[j++] = DIGITS_LOWER[(0xF0 & bytes[i]) >>> 4];
+            out[j++] = DIGITS_LOWER[0x0F & bytes[i]];
+        }
+        return new String(out);
+    }
+}
\ No newline at end of file
--- a/src/main/java/cn/quantgroup/xyqb/util/PasswordUtil.java
+++ b/src/main/java/cn/quantgroup/xyqb/util/PasswordUtil.java
@@ -6,6 +6,7 @@ import com.google.common.base.Preconditions;
 import org.apache.commons.lang.StringUtils;
 import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.util.Map;
 import java.util.Objects;
 import java.util.concurrent.ThreadLocalRandom;
@@ -30,15 +31,15 @@ public class PasswordUtil {
            '<', '=', '>', '?', '@', '[', '\\', ']', '^', '_', '`', '{', '|', '}', '~'
    };
-    public final static String MD5WithSalt(String s){
+    public final static String MD5WithSalt(String s) {
-        if(Objects.isNull(s)){
+        if (Objects.isNull(s)) {
            return null;
        }
        return MD5(s.toLowerCase() + PASSWORD_SALT);
    }
    public final static String MD5(String s) {
-        if(Objects.isNull(s)){
+        if (Objects.isNull(s)) {
            return null;
        }
        try {
@@ -80,23 +81,32 @@ public class PasswordUtil {
    /**
     * 校验密码是否合法 - 不允许空密码
     *
-     * @param password 请求密码
+     * @param password       请求密码
     * @param targetPassword 参照密码
     * @return
     */
-    public static boolean validatePassword(String password, String targetPassword) {
+    public static boolean validatePassword(String password, String targetPassword, Integer passwordType) {
-        if(StringUtils.isBlank(password)){
+        if (passwordType == null || passwordType == 0) {
-            return false;
+            if (StringUtils.isBlank(password)) {
+                return false;
+            }
+            String thePassword = MD5WithSalt(password);
+            return Objects.equals(thePassword, targetPassword);
+        } else {
+            try {
+                return MD5Utils.md5Hex(password.getBytes()).equals(targetPassword);
+            } catch (NoSuchAlgorithmException exception) {
+                return false;
+            }
        }
-        String thePassword = MD5WithSalt(password);
-        return Objects.equals(thePassword, targetPassword);
    }
    public static String filterPasswordToString(Map<String, String> info) {
        if (null == info) {
            return null;
        }
-        if(!info.containsKey(Constants.PASSWORD)){
+        if (!info.containsKey(Constants.PASSWORD)) {
            return JSON.toJSONString(info);
        }
        String password = info.get(Constants.PASSWORD);