技术网关对接用户中心：二: 手机号+验证码登录，二: 手机号+验证码登录

src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java

@@ -7,12 +7,14 @@ import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.*;
 import cn.quantgroup.xyqb.entity.enumerate.*;
 import cn.quantgroup.xyqb.exception.UserNotExistException;
+import cn.quantgroup.xyqb.exception.VerificationCodeErrorException;
 import cn.quantgroup.xyqb.model.*;
 import cn.quantgroup.xyqb.service.api.IUserApiService;
 import cn.quantgroup.xyqb.service.auth.IIdCardService;
 import cn.quantgroup.xyqb.service.http.IHttpService;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
+import cn.quantgroup.xyqb.service.sms.ISmsService;
 import cn.quantgroup.xyqb.service.user.*;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
 import cn.quantgroup.xyqb.util.*;
@@ -75,7 +77,8 @@ public class InnerController implements IBaseController {
   private ISessionService sessionService;
   @Autowired
   private IUserApiService userApiService;
-
+  @Autowired
+  private ISmsService smsService;
   @Autowired
   private IHttpService httpService;
   @Autowired
@@ -592,8 +595,12 @@ public class InnerController implements IBaseController {
   }
 
   /**
-   * 按照用户主键查询用户综合信息模型
-   * 综合信息模型包含：
+   * 按照用户主键、账号或uuid查询用户综合信息模型
+   *
+   * @param id - 用户表主键
+   * @param phoneNo - 用户账号
+   * @param uuid - 用户全球唯一键（uuid）
+   * @return 综合信息模型包含：
    * {
    *   账号信息
    *   个人信息
@@ -601,18 +608,50 @@ public class InnerController implements IBaseController {
    *   地址信息
    *   联系人信息
    * }
-   *
-   * @param userId - 用户表主键
-   * @return
    */
-  @RequestMapping("/user-association/search/userId")
   @LogHttpCaller
-  public JsonResult findUserAssociationModelByUserId(Long userId) {
-    if (Objects.isNull(userId) || userId < 0) {
-      return JsonResult.buildErrorStateResult("", "");
+  @RequestMapping("/user-association/search")
+  public JsonResult findUserAssociationModel(Long id, String phoneNo, String uuid) {
+    User user = null;
+    if (!Objects.isNull(id) && id > 0) {
+      user = userService.findById(id);
+    }else if (ValidationUtil.validatePhoneNo(phoneNo)) {
+      user = userService.findByPhoneWithCache(phoneNo);
+    }else if (StringUtils.isNotBlank(uuid)) {
+      user = userService.findByUuidWithCache(uuid);
+    }
+    UserAssociationModel bean = null;
+    if (!Objects.isNull(user)) {
+      bean = findUserAssociationModelByUser(user);
+    }
+    if (Objects.isNull(bean)) {
+      return JsonResult.buildErrorStateResult("用户不存在", "");
+    }else{
+      return JsonResult.buildSuccessResult("", bean);
+    }
+  }
+
+  /**
+   * 查询用户综合信息模型
+   *
+   * @param user - 用户User
+   * @return 综合信息模型包含：
+   * {
+   *   账号信息
+   *   个人信息
+   *   扩展信息
+   *   地址信息
+   *   联系人信息
+   * }
+   */
+  private UserAssociationModel findUserAssociationModelByUser(User user) {
+    if (Objects.isNull(user) || Objects.isNull(user.getId()) || user.getId() < 1) {
+      return null;
     }
     UserAssociationModel bean = new UserAssociationModel();
-    UserDetail userDetail = userDetailService.findByUserId(userId);
+    bean.setUuid(user.getUuid());
+    bean.setRegisterFrom(user.getRegisteredFrom());
+    UserDetail userDetail = userDetailService.findByUserId(user.getId());
     if (!Objects.isNull(userDetail)) {
       bean.setId(userDetail.getUserId());
       bean.setPhoneNo(userDetail.getPhoneNo());
@@ -621,12 +660,7 @@ public class InnerController implements IBaseController {
       bean.setQq(userDetail.getQq());
       bean.setGender(Optional.ofNullable(userDetail.getGender()).orElse(cn.quantgroup.xyqb.model.Gender.UNKNOWN).getName());
     }
-    User user = userService.findById(userId);
-    if (!Objects.isNull(user)) {
-      bean.setUuid(user.getUuid());
-      bean.setRegisterFrom(user.getRegisteredFrom());
-    }
-    UserBtRegister userBtRegister = userBtRegisterService.findByUserId(userId);
+    UserBtRegister userBtRegister = userBtRegisterService.findByUserId(user.getId());
     if (!Objects.isNull(userBtRegister)) {
       bean.setMerchantId(userBtRegister.getRegisterBtMerchantId());
     }
@@ -656,6 +690,20 @@ public class InnerController implements IBaseController {
     if (!Objects.isNull(address)) {
       bean.putContactList(contacts);
     }
+    return bean;
+  }
+
+  @LogHttpCaller
+  @RequestMapping("/user-association/search/userId")
+  public JsonResult findUserAssociationModelByUserId(Long userId) {
+    if (Objects.isNull(userId) || userId < 0) {
+      return JsonResult.buildErrorStateResult("", "");
+    }
+    UserAssociationModel bean = null;
+    User user = userService.findById(userId);
+    if (!Objects.isNull(user)) {
+      bean = findUserAssociationModelByUser(user);
+    }
     return JsonResult.buildSuccessResult("", bean);
   }
 
@@ -667,8 +715,8 @@ public class InnerController implements IBaseController {
     return JsonResult.buildSuccessResult("", bean);
   }
 
-  @RequestMapping("/user-association/search/uid")
   @LogHttpCaller
+  @RequestMapping("/user-association/search/uid")
   public JsonResult findUserAssociationByUid(Long uid) {
     UserDetail userDetail = userDetailService.findByUserId(uid);
     UserAssociation bean = getUserAssociation(userDetail);
@@ -1106,6 +1154,23 @@ public class InnerController implements IBaseController {
     return pwd.toString();
   }
 
+  /**
+   * 验证手机号和验证码是否匹配
+   * 仅供可信任的内部服务调用，不执行限次记数、销毁等安全策略
+   *
+   * @param phoneNo 手机号
+   * @param verificationCode 验证码（短信/语音）
+   * @return
+   */
+  @LogHttpCaller
+  @RequestMapping("/verifyPhoneAndCode")
+  public JsonResult verifyPhoneAndCode(@RequestParam String phoneNo, @RequestParam String verificationCode) {
+    if (smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
+      return JsonResult.buildSuccessResult("校验成功", "");
+    }
+    return JsonResult.buildErrorStateResult("校验失败", "");
+  }
+
   @LogHttpCaller
   @RequestMapping("/login")
   public JsonResult login(@RequestParam String phoneNo, @RequestParam String password) {

src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java

@@ -188,7 +188,7 @@ public class UserController implements IBaseController {
     }
     String verificationCode =  successResult.getMsg();
     // 执行短信验证码检查
-    smsValidForFastLogin(phoneNo, verificationCode);
+    verifyPhoneAndCode(phoneNo, verificationCode);
     User user = userService.findByPhoneWithCache(phoneNo);
     if (user != null && !user.getEnable()) {
       LOGGER.error("用户不存在，或者已经注销，phoneNo:{}",phoneNo);
@@ -274,7 +274,7 @@ public class UserController implements IBaseController {
     if (null == registerFrom) {
       registerFrom = 1L;
     }
-    smsValidForRegister(phoneNo, verificationCode);
+    verifyPhoneAndCode(phoneNo, verificationCode);
     if (userService.exist(phoneNo)) {
       LOGGER.info("用户注册失败，该手机号已经被注册：register -> registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
       return JsonResult.buildErrorStateResult("该手机号已经被注册", null);
@@ -338,7 +338,7 @@ public class UserController implements IBaseController {
     if (password.length() < 6 || password.length() > 12) {
       return JsonResult.buildErrorStateResult("密码应为6-12位", null);
     }
-    smsValidForRegister(phoneNo, verificationCode);
+    verifyPhoneAndCode(phoneNo, verificationCode);
     if (!userService.exist(phoneNo)) {
       LOGGER.info("修改密码失败，该手机号尚未注册, registerFrom:{}, phoneNo:{}", registerFrom, phoneNo);
       return JsonResult.buildErrorStateResult("该手机号尚未注册", null);
@@ -488,27 +488,14 @@ public class UserController implements IBaseController {
   }
 
   /**
-   * 注册时校验短信验证码
+   * 校验短信验证码
    * @param phoneNo
    * @param verificationCode
    */
-  private void smsValidForRegister(String phoneNo, String verificationCode) {
-    if (!smsService.validRegisterOrResetPasswdVerificationCode(phoneNo, verificationCode)) {
+  private void verifyPhoneAndCode(String phoneNo, String verificationCode) {
+    if (!smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
       smsReSendOrNot(phoneNo);
-      LOGGER.info("用户快速注册，验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
-      throw new VerificationCodeErrorException("短信验证码错误");
-    }
-  }
-
-  /**
-   * 登录时校验短信验证码
-   * @param phoneNo
-   * @param verificationCode
-   */
-  private void smsValidForFastLogin(String phoneNo, String verificationCode) {
-    if (!smsService.validateFastLoginVerificationCode(phoneNo, verificationCode)) {
-      smsReSendOrNot(phoneNo);
-      LOGGER.info("用户快速登录，验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
+      LOGGER.info("验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
       throw new VerificationCodeErrorException("短信验证码错误");
     }
   }

src/main/java/cn/quantgroup/xyqb/service/sms/ISmsService.java

 package cn.quantgroup.xyqb.service.sms;
 
 import cn.quantgroup.sms.SmsSender;
-import cn.quantgroup.xyqb.model.sms.SmsResult;
 
 /**
  * 短信发送服务
@@ -17,8 +16,12 @@ public interface ISmsService {
 
   void sendAfterRegister(String phoneNo,String contentId);
 
-  boolean validRegisterOrResetPasswdVerificationCode(String phoneNo, String smsVerificationCode);
-
-  boolean validateFastLoginVerificationCode(String phoneNo, String verificationCode);
+  /**
+   * 验证手机号和验证码是否匹配
+   * @param phoneNo 手机号
+   * @param verificationCode 验证码（短信/语音）
+   * @return
+   */
+  boolean verifyPhoneAndCode(String phoneNo, String verificationCode);
 
 }

src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java

@@ -17,7 +17,6 @@ import org.springframework.beans.factory.annotation.Value;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
-import javax.annotation.PostConstruct;
 
 /**
  * @author mengfan.feng
@@ -82,24 +81,7 @@ public class SmsServiceImpl implements ISmsService {
    * 检查验证码是否正确
    */
   @Override
-  public boolean validRegisterOrResetPasswdVerificationCode(String phoneNo,
-      String smsVerificationCode) {
-    //if (StringUtils.isEmpty(smsVerificationCode) || smsVerificationCode.length() != SMS_VERIFICATION_MAXLEN) {
-    //  return false;
-    //}
-    String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
-    String randomCode = stringRedisTemplate.opsForValue().get(key);
-    if (StringUtils.isEmpty(randomCode)) {
-      return false;
-    }
-    String[] arr = randomCode.split(":");
-    String uniqueId = arr[0];
-    String code = arr[1];
-    return confirmSms(smsVerificationCode, uniqueId, code);
-  }
-
-  @Override
-  public boolean validateFastLoginVerificationCode(String phoneNo, String verificationCode) {
+  public boolean verifyPhoneAndCode(String phoneNo, String verificationCode) {
     String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
     String randomCode = stringRedisTemplate.opsForValue().get(key);
     if (StringUtils.isBlank(randomCode)) {