Merge branch 'master' into 20180316-UserStatistics

# Conflicts: # src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java

Merge branch 'master' into 20180316-UserStatistics
# Conflicts: # src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java
b3249311 · 技术部-任文超 · 53c582a1 · b4236d1b · b3249311 · b3249311
Commit b3249311 authored Mar 23, 2018 by 技术部-任文超
8 changed files
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/user/AppController.java
@@ -25,6 +25,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
+import java.util.Objects;
+import java.util.Optional;
+

 import javax.servlet.http.HttpServletRequest;
 import java.util.Objects;
@@ -192,17 +195,15 @@ public class AppController implements IBaseController {
    loginInfo.setLoginContext(context);
    LOGGER.info("第三方用户获取信息登录成功 loginSuper --> loginFrom:{}, phoneNo:{},appChannel:{},channelId:{}", registerFrom, phoneNo, appChannel,channelId);
    /*
-     * 部分免密渠道登录统计
+     * 部分免密渠道登录统计，用户中心不需识别，由统计平台来过滤
     * 贷款导航(84660)；壹账通H5(159384)
     */
-    Long _registerFrom = Optional.ofNullable(user.getRegisteredFrom()).orElse(registerFrom);
-    if(Objects.equals(_registerFrom, 84660L) || Objects.equals(_registerFrom, 159384L)){
-      UserStatistics statistics = new UserStatistics(user, null,4, channelId);
-      //增加登陆统计发送
-      MqUtils.sendLoanVest(statistics);
-    }
-    return JsonResult.buildSuccessResult("", loginInfo);
+    user.setRegisteredFrom(registerFrom);
+    UserStatistics statistics = new UserStatistics(user, null,4, channelId);
+    //增加登陆统计发送
+    MqUtils.sendLoanVest(statistics);

+    return JsonResult.buildSuccessResult("", loginInfo);
  }

 }
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/user/InnerController.java
@@ -11,6 +11,7 @@ import cn.quantgroup.xyqb.model.*;
 import cn.quantgroup.xyqb.service.api.IUserApiService;
 import cn.quantgroup.xyqb.service.auth.IIdCardService;
 import cn.quantgroup.xyqb.service.http.IHttpService;
+import cn.quantgroup.xyqb.service.merchant.IMerchantService;
 import cn.quantgroup.xyqb.service.register.IUserRegisterService;
 import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.sms.ISmsService;
@@ -56,6 +57,8 @@ public class InnerController implements IBaseController {

  private static final org.slf4j.Logger LOGGER = LoggerFactory.getLogger(InnerController.class);

+  @Autowired
+  private IMerchantService merchantService;
  @Autowired
  private IUserService userService;
  @Autowired
@@ -196,7 +199,6 @@ public class InnerController implements IBaseController {
    }
    if (StringUtils.isBlank(password)) {
      password = genRandomPwd();
-      password = PasswordUtil.MD5(password.toLowerCase() + Constants.PASSWORD_SALT);
    }
    if (StringUtils.isBlank(uuid)) {
      return JsonResult.buildErrorStateResult("用户uuid为空.", null);
@@ -1152,12 +1154,16 @@ public class InnerController implements IBaseController {
        count++;
      }
    }
-    return pwd.toString();
+    String password = pwd.toString();
+    // 加密保存
+    password = PasswordUtil.MD5(password.toLowerCase() + Constants.PASSWORD_SALT);
+    return password;
  }

  /**
   * 验证手机号和验证码是否匹配
   * 仅供可信任的内部服务调用，不执行限次记数、销毁等安全策略
+   * 注意：只使用于快速登录类似场景调用
   *
   * @param phoneNo 手机号
   * @param verificationCode 验证码（短信/语音）
@@ -1165,21 +1171,52 @@ public class InnerController implements IBaseController {
   */
  @LogHttpCaller
  @RequestMapping("/verifyPhoneAndCode")
-  public JsonResult verifyPhoneAndCode(@RequestParam String phoneNo, @RequestParam String verificationCode) {
-    User user = null;
-    if (smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
-      user = userService.findByPhoneWithCache(phoneNo);
-    }else {
-      return JsonResult.buildErrorStateResult("校验失败", "");
+  public JsonResult verifyPhoneAndCode(
+          @RequestParam String phoneNo, @RequestParam String verificationCode,
+          @RequestParam String appChannel,
+          @RequestParam(required = false, defaultValue = "1") Long channelId,
+          @RequestParam(required = false, defaultValue = "1") Long createdFrom,
+          @RequestParam(required = false,defaultValue = "xyqb") String key,
+          @RequestParam(required = false)Long btRegisterChannelId,
+          @RequestParam(required = false) String dimension) {
+    LOGGER.info("/innerapi/verifyPhoneAndCode -> phoneNo:{},verificationCode:{},channelId:{},appChannel:{},createdFrom:{},btRegisterChannelId:{},key:{},dimension:{}",phoneNo,verificationCode,channelId,appChannel,createdFrom,btRegisterChannelId,key,dimension);
+    // 验证接入方
+    Merchant merchant = merchantService.findMerchantByName(key);
+    if (merchant == null) {
+      return JsonResult.buildErrorStateResult("未知的连接", null);
+    }
+    // 验证手机号
+    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
+      LOGGER.info("验证手机号和验证码是否匹配，手机号错误, phoneNo:{}", phoneNo);
+      return JsonResult.buildErrorStateResult("手机号错误", "");
+    }
+    // 验证短信验证码
+    if (!smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
+      // 是否需要重新获取
+      if(smsService.needResendCode(phoneNo)){
+        return JsonResult.buildErrorStateResult("验证码失效，请重新获取", "");
+      }
+      LOGGER.info("验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
+      return JsonResult.buildErrorStateResult("短信验证码错误", "");
    }
-    if (user == null) {
-      user = userRegisterService.register(phoneNo, "", null);
+    User user = userService.findByPhoneWithCache(phoneNo);
+    // 检查用户有效性
+    if (user != null && !user.getEnable()) {
+      LOGGER.error("用户不存在，或者已经注销，phoneNo:{}",phoneNo);
+      return JsonResult.buildErrorStateResult("登录失败", null);
    }
+    // 用户不存在时自动注册
    if (Objects.isNull(user)) {
-      return JsonResult.buildErrorStateResult("用户不存在", "");
-    }else{
-      return JsonResult.buildSuccessResult("校验成功", new UserRet(user));
+      user = userRegisterService.register(phoneNo, channelId, createdFrom, appChannel,btRegisterChannelId,dimension);
+      // 注册失败
+      if (Objects.isNull(user)) {
+        return JsonResult.buildErrorStateResult("用户不存在", "");
+      }
    }
+    //增加登陆统计发送
+    UserStatistics statistics=new UserStatistics(user,dimension,3,channelId);
+    MqUtils.sendLoanVest(statistics);
+    return JsonResult.buildSuccessResult("校验成功", new UserRet(user));
  }

  @LogHttpCaller

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java
@@ -188,7 +188,7 @@ public class UserController implements IBaseController {
    JsonResult successResult = validMap.get("success");
    String phoneNo = successResult.getData().toString();
    if (!ValidationUtil.validatePhoneNo(phoneNo)) {
-      LOGGER.info("用户快速注册失败，手机号错误, createdFrom:{},phoneNo:{}", createdFrom, phoneNo);
+      LOGGER.info("用户快速登录失败，手机号错误, createdFrom:{},phoneNo:{}", createdFrom, phoneNo);
      throw new UserNotExistException("手机号错误");
    }
    String verificationCode =  successResult.getMsg();
@@ -509,35 +509,13 @@ public class UserController implements IBaseController {
      return;
    }
    if (!smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
-      smsReSendOrNot(phoneNo);
+      // 是否需要重新发送短信验证码
+      if(smsService.needResendCode(phoneNo)){
+        throw new VerificationCodeErrorException("验证码失效，请重新获取");
+      }
      LOGGER.info("验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
      throw new VerificationCodeErrorException("短信验证码错误");
    }
  }

-  /**
-   * 是否需要重新获取短信验证码
-   * @param phoneNo
-   */
-  private void smsReSendOrNot(String phoneNo) {
-    if(needRetSendCode(phoneNo)){
-      String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
-      stringRedisTemplate.delete(key);
-      String verificationCountKey = Constants.REDIS_VERIFICATION_COUNT + phoneNo;
-      stringRedisTemplate.opsForHash().delete(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT);
-      throw new VerificationCodeErrorException("验证码失效，请重新获取");
-    }
-  }
-
-  /**
-   * 是否需要重新发送短信验证码
-   * @param phoneNo
-   * @return
-   */
-  private boolean needRetSendCode(String phoneNo) {
-    String verificationCountKey = Constants.REDIS_VERIFICATION_COUNT + phoneNo;
-    Long getVerificationCount = stringRedisTemplate.opsForHash().increment(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT, 1);
-    return (getVerificationCount >= Constants.VERIFICATION_CODE_FINITE_COUNT);
-  }
-
 }
--- a/src/main/java/cn/quantgroup/xyqb/model/UserAssociation.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/UserAssociation.java
@@ -14,7 +14,7 @@ public class UserAssociation implements Serializable {
  private String phoneNo;
  private String idNo;
  private String name;
-  private String   gender;
+  private String gender;
  private String marryStatus;
  private String educationEnum;
  private String occupationEnum;

--- a/src/main/java/cn/quantgroup/xyqb/model/UserRet.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/UserRet.java
@@ -46,6 +46,5 @@ public class UserRet implements Serializable {
    this.setUuid(user.getUuid());
    this.setCreatedAt(createTimeStamp);
    this.setUpdatedAt(updateTimeStamp);
-
  }
 }
--- a/src/main/java/cn/quantgroup/xyqb/model/UserRetWithToken.java
+++ b/src/main/java/cn/quantgroup/xyqb/model/UserRetWithToken.java
+package cn.quantgroup.xyqb.model;
+
+import cn.quantgroup.xyqb.entity.User;
+import lombok.Data;
+
+/**
+ * 用户登录简项信息，含Token
+ * 供Auth2.0技术网关手机号+短信验证码登录成功使用
+ */
+@Data
+public class UserRetWithToken extends UserRet {
+  /**
+   * created by user-center,to sync with api-gateway
+   */
+  private String token;
+
+  public UserRetWithToken(User user, String token) {
+    super(user);
+    this.setToken(token);
+  }
+}
--- a/src/main/java/cn/quantgroup/xyqb/service/sms/ISmsService.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/sms/ISmsService.java
 package cn.quantgroup.xyqb.service.sms;

 import cn.quantgroup.sms.SmsSender;
+import cn.quantgroup.xyqb.Constants;

 /**
 * 短信发送服务
@@ -24,4 +25,11 @@ public interface ISmsService {
   */
  boolean verifyPhoneAndCode(String phoneNo, String verificationCode);

+  /**
+   * 是否需要重新发送短信验证码
+   * @param phoneNo
+   * @return
+   */
+  boolean needResendCode(String phoneNo);
+
 }
--- a/src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java
@@ -114,4 +114,17 @@ public class SmsServiceImpl implements ISmsService {
    return StringUtils.equals(code, smsVerificationCode);
  }

+  @Override
+  public boolean needResendCode(String phoneNo) {
+    String verificationCountKey = Constants.REDIS_VERIFICATION_COUNT + phoneNo;
+    Long getVerificationCount = stringRedisTemplate.opsForHash().increment(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT, 1);
+    boolean needResend = getVerificationCount >= Constants.VERIFICATION_CODE_FINITE_COUNT;
+    if(needResend) {
+      String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
+      stringRedisTemplate.delete(key);
+      stringRedisTemplate.opsForHash().delete(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT);
+    }
+    return needResend;
+  }
+
 }