登陆日志增加登陆方式

src/main/java/cn/quantgroup/user/enums/LoginType.java

+package cn.quantgroup.user.enums;
+
+/**
+ * Created by FrankChow on 15/7/15.
+ */
+public enum LoginType {
+    ACCOUNTPASSWORD("账密登陆"),
+    VERIFICATIONCODE("验证码登陆"),
+    AUTHLOGIN("一键登录"),
+    WECHATLOGIN("微信登陆"),
+    APPLETLOGIN("小程序登陆"),
+    SUPERLOGIN("免密登陆"),
+    SUPERLOGINTWO("免密登陆2, 新手机不注册"),
+    ;
+
+    private String name;
+
+    LoginType(String name) {
+        this.name = name;
+    }
+
+    public String getName() {
+        return name;
+    }
+
+    @Override
+    public String toString() {
+        return name;
+    }
+}

src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java

 package cn.quantgroup.xyqb.controller.external;
 
+import cn.quantgroup.user.enums.LoginType;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
 import cn.quantgroup.xyqb.aspect.captcha.CaptchaFiniteValidator;
@@ -707,7 +708,7 @@ public class UserController implements IBaseController {
             return JsonResult.buildErrorStateResult("登录时微信关联失败", null);
         }
         LoginProperties loginProperties = new LoginProperties("", 1, channelId, createdFrom, appChannel, merchant.getId(), merchant.getName(), null);
-        AuthBean authBean=sessionService.createSession(user, loginProperties);
+        AuthBean authBean=sessionService.createSession(user, loginProperties, LoginType.ACCOUNTPASSWORD.ordinal());
         if(authBean!=null){
             authBean.setRegister(false);
         }
@@ -768,6 +769,9 @@ public class UserController implements IBaseController {
                 lockIpv4Service.countErrorByPhoneNo(phoneNo);
                 return null;
             }
+            // 校验老密码正确更新新加密方式
+            user.setEncryptedPassword(BctyptPasswordUtil.BCryptWithSalt(pass));
+            userService.saveUser(user);
         }
 
         // 向该ipv4添加成功计数器
@@ -796,7 +800,7 @@ public class UserController implements IBaseController {
             geetestLogService.updateByUidGeetestLog(geetestLogId, user.getId());
         }
         //更新session
-        return new JsonResult(sessionService.createSession(user, loginProperties));
+        return new JsonResult(sessionService.createSession(user, loginProperties, LoginType.ACCOUNTPASSWORD.ordinal()));
     }
 
     /**

src/main/java/cn/quantgroup/xyqb/controller/external/WeChatController.java

 package cn.quantgroup.xyqb.controller.external;
 
+import cn.quantgroup.user.enums.LoginType;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.controller.IBaseController;
 import cn.quantgroup.xyqb.entity.Merchant;
@@ -15,7 +16,6 @@ import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.service.wechat.IWechatFollowService;
 import cn.quantgroup.xyqb.service.wechat.IWechatService;
 import cn.quantgroup.xyqb.util.EmojiUtil;
-import cn.quantgroup.xyqb.util.TenantUtil;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.TypeReference;
 import com.google.common.base.Joiner;
@@ -362,14 +362,14 @@ public class WeChatController implements IBaseController {
             if (Constants.MERCHANT_BAITIAO.equals(merchant.getName())) {
                 return loginInWechatWithSessionCreated(user, merchant, "cashTarget5", Constants.Channel.BAITIAO, domain, Constants.Channel.WECHAT);
             } else if (Constants.MERCHANT_WECHAT_PAY.equals(merchant.getName())) {
-                AuthBean authBean = sessionService.createSession(user, loginProperties);
+                AuthBean authBean = sessionService.createSession(user, loginProperties, LoginType.WECHATLOGIN.ordinal());
                 return domain + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom + "&channelId=" + Constants.Channel.WECHAT + "&key=" + merchant.getName() + "&target=cashTarget5";
             } else {
                 return loginInWechatWithSessionCreated(user, merchant, "cashTarget4", 1L, domain, registerFrom);
             }
         } else if (Constants.LOCAL.equals(redirect)) {
             log.info("微信登录:redirect不为null,创建session跳到指定前端页面.");
-            AuthBean authBean = sessionService.createSession(user, loginProperties);
+            AuthBean authBean = sessionService.createSession(user, loginProperties, LoginType.WECHATLOGIN.ordinal());
             log.info("微信登录:跳转地址{}", domain + "/weixin/callback?phoneNo=" + user.getPhoneNo() + "&token=" + authBean.getToken());
             Long channelId = Constants.MERCHANT_BAITIAO.equals(merchant.getName()) ? Constants.Channel.BAITIAO : 1L;
             String target = Constants.MERCHANT_BAITIAO.equals(merchant.getName()) ? "cashTarget5" : "cashTarget4";
@@ -377,7 +377,7 @@ public class WeChatController implements IBaseController {
                     "&channelId=" + channelId + "&key=" + merchant.getName() + "&target=" + target + "&isWechat=true";
         } else if(Constants.REDIRECT_ORDER.equals(redirect)){
             log.info("微信登录:redirect为orders,创建session跳到指定前端页面.(兼容多订单页面)");
-            AuthBean authBean = sessionService.createSession(user, loginProperties);
+            AuthBean authBean = sessionService.createSession(user, loginProperties, LoginType.WECHATLOGIN.ordinal());
             return String.format("%s/loan-list?token=%s&registerFrom=%s&key=%s", xjdDomain, authBean.getToken(), registerFrom, merchant.getName());
         }
         return null;
@@ -385,7 +385,7 @@ public class WeChatController implements IBaseController {
 
     private String loginInWechatWithSessionCreated(User user, Merchant merchant, String target, Long channelId, String domain, Long registerFrom) {
         LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, String.valueOf(Constants.Channel.WECHAT), merchant.getId(), merchant.getName(), null);
-        AuthBean authBean = sessionService.createSession(user, loginProperties);
+        AuthBean authBean = sessionService.createSession(user, loginProperties, LoginType.WECHATLOGIN.ordinal());
         log.info("[WeChatController][loginInWechatWithSessionCreated]微信授权及跳转：user:{},merchant:{},target:{},channelId:{},domain:{},registerFrom:{}", user, merchant, target, channelId, domain, registerFrom);
         return domain + "/landing?token=" + authBean.getToken() + "&registerFrom=" + registerFrom + "&channelId=" + channelId + "&key=" + merchant.getName() + "&target=" + target;
     }

src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java

 package cn.quantgroup.xyqb.controller.internal.user;
 
+import cn.quantgroup.user.enums.LoginType;
 import cn.quantgroup.xyqb.aspect.accessable.IpValidator;
 import cn.quantgroup.xyqb.aspect.captcha.LoginInterceptor;
 import cn.quantgroup.xyqb.controller.IBaseController;
@@ -103,7 +104,7 @@ public class AppController implements IBaseController {
                         result = JsonResult.buildErrorStateResult("无效的商户", null);
                     }else{
                         LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, appChannel, merchant.getId(), merchant.getName(), null);
-                        AuthBean bean = sessionService.createSession(user, loginProperties);
+                        AuthBean bean = sessionService.createSession(user, loginProperties, LoginType.AUTHLOGIN.ordinal());
                         LoginInfo.LoginContext context = new LoginInfo.LoginContext();
                         context.setChannelId(channelId);
                         context.setCreatedFrom(registerFrom);
@@ -173,7 +174,7 @@ public class AppController implements IBaseController {
         }
 
         LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, appChannel, merchant.getId(), merchant.getName(), null);
-        AuthBean bean = sessionService.createSession(user, loginProperties);
+        AuthBean bean = sessionService.createSession(user, loginProperties, LoginType.SUPERLOGIN.ordinal());
         log.info("第三方用户登录成功 [AppController] login --> loginFrom:{}, phoneNo:{},appChannel:{}", registerFrom, phoneNo, appChannel);
         return JsonResult.buildSuccessResult("登录成功", bean);
     }
@@ -242,7 +243,7 @@ public class AppController implements IBaseController {
 
         log.info("=addLoginInfo end");
         LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, appChannel, merchant.getId(), merchant.getName(), tenantId);
-        AuthBean bean = sessionService.createSession(user, loginProperties);
+        AuthBean bean = sessionService.createSession(user, loginProperties, LoginType.SUPERLOGIN.ordinal());
         log.info("=createSession end");
         LoginInfo loginInfo = new LoginInfo();
         loginInfo.setUser(new UserRet(user));
@@ -339,7 +340,7 @@ public class AppController implements IBaseController {
         //校验租户ID tenantId
         oauthLoginInfoService.addLoginInfo(user, tenantId);
         LoginProperties loginProperties = new LoginProperties("", 4, channelId, registerFrom, appChannel, null, "", tenantId);
-        AuthBean bean = sessionService.createSession(user, loginProperties);
+        AuthBean bean = sessionService.createSession(user, loginProperties, LoginType.SUPERLOGINTWO.ordinal());
         log.info("第三方用户登录成功 [AppController] login2 --> loginFrom:{}, phoneNo:{},appChannel:{}", registerFrom, phoneNo, appChannel);
         return JsonResult.buildSuccessResult("登录成功", bean);
     }

src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java

@@ -1366,9 +1366,20 @@ public class InnerController implements IBaseController {
         if (Objects.isNull(user) || Objects.equals(Boolean.FALSE, user.getEnable())) {
             return null;
         }
-        //验证密码
-        if (!PasswordUtil.validatePassword(bufPassword, user.getPassword())) {
-            return null;
+
+        // 有限校验新密码加密方式
+        if (StringUtils.isNotBlank(user.getEncryptedPassword())) {
+            if (!BctyptPasswordUtil.BCryptCheckPw(password, user.getEncryptedPassword())) {
+                return null;
+            }
+        } else {
+            //验证密码
+            if (!PasswordUtil.validatePassword(bufPassword, user.getPassword())) {
+                return null;
+            }
+            // 老密码校验后更新新密码加密方式
+            user.setEncryptedPassword(BctyptPasswordUtil.BCryptWithSalt(password));
+            userService.saveUser(user);
         }
         return user;
     }

src/main/java/cn/quantgroup/xyqb/controller/middleoffice/login/LoginModule.java

 package cn.quantgroup.xyqb.controller.middleoffice.login;
 
+import cn.quantgroup.user.enums.LoginType;
 import cn.quantgroup.xyqb.controller.middleoffice.common.VerifyStrategyFactory;
 import cn.quantgroup.xyqb.controller.middleoffice.common.VerifyTypeEnum;
 import cn.quantgroup.xyqb.entity.User;
@@ -61,7 +62,7 @@ public class LoginModule implements ILoginModule {
                 .channelId(channelId)
                 .merchantName("xyqb")
                 .build();
-        AuthBean session = sessionService.createSession(user, loginProperties);
+        AuthBean session = sessionService.createSession(user, loginProperties, LoginType.ACCOUNTPASSWORD.ordinal());
         return LoginVo.builder()
                 .hasPassword(user.getHasPassword())
                 .phoneNo(phoneNo)
@@ -94,7 +95,7 @@ public class LoginModule implements ILoginModule {
                 .channelId(channelId)
                 .tenantId(tenantId)
                 .build();
-        AuthBean session = sessionService.createSession(user, loginProperties);
+        AuthBean session = sessionService.createSession(user, loginProperties, LoginType.APPLETLOGIN.ordinal());
         return LoginVo.builder()
                 .hasPassword(user.getHasPassword())
                 .phoneNo(user.getPhoneNo())

src/main/java/cn/quantgroup/xyqb/entity/LoginRecord.java

@@ -46,4 +46,7 @@ public class LoginRecord extends BaseEntity implements Serializable {
 
     @Column(name = "app_channel")
     private String appChannel;
+
+    @Column(name = "login_type")
+    private Integer loginType;
 }

src/main/java/cn/quantgroup/xyqb/service/register/impl/UserRegisterServiceImpl.java

@@ -166,7 +166,7 @@ public class UserRegisterServiceImpl implements IUserRegisterService {
         user = userService.saveUser(user);
 
         // 注册添加日志
-        loginRecordService.saveLoginRecord(user.getId(), RecordType.REGISTERRECORD.getName());
+        loginRecordService.saveLoginRecord(user.getId(), RecordType.REGISTERRECORD.getName(), 0);
         userRegisterParam.setUser(user);
         return user;
     }

src/main/java/cn/quantgroup/xyqb/service/session/ISessionService.java

@@ -13,16 +13,6 @@ import java.util.List;
  */
 public interface ISessionService {
 
-    /**
-     * 更新session
-     * 用户信息存在,更新session中的最后访问时间,重新写入缓存.
-     * 存在则保存用户session信息,userId为uuid
-     *
-     * @param user - 登录用户
-     * @param loginProperties - 登录参数
-     * @return
-     */
-    AuthBean createSession(User user, LoginProperties loginProperties);
 
     SessionStruct createSessionAndPersist(User user, LoginProperties loginProperties);
 
@@ -45,4 +35,16 @@ public interface ISessionService {
     void persistSessionExchange(String token, SessionValue sessionValue, long expire);
 
     void kdspDeleteSession(Long userId, LoginProperties loginProperties);
+
+    /**
+     * 更新session
+     * 用户信息存在,更新session中的最后访问时间,重新写入缓存.
+     * 存在则保存用户session信息,userId为uuid
+     *
+     * @param user - 登录用户
+     * @param loginProperties - 登录参数
+     * @param ordinal - 登录方式
+     * @return
+     */
+    AuthBean createSession(User user, LoginProperties loginProperties, int ordinal);
 }

src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java

@@ -47,6 +47,7 @@ public class SessionServiceImpl implements ISessionService {
     @Value("${token.prefix}")
     private String prefix;
 
+
     /**
      * 更新session
      * 用户信息存在,更新session中的最后访问时间,重新写入缓存.
@@ -56,7 +57,7 @@ public class SessionServiceImpl implements ISessionService {
      * @return
      */
     @Override
-    public AuthBean createSession(User user, LoginProperties properties) {
+    public AuthBean createSession(User user, LoginProperties properties, int loginType) {
         //找到用户
         //TODO: 使用userId
         String sessionId = findSessionIdByUserIdLoginProperties(user.getId(), properties);
@@ -82,7 +83,7 @@ public class SessionServiceImpl implements ISessionService {
         log.info("用户登录成功, loginFrom:{}, phoneNo:{},appChannel:{},channelId:{}", properties.getCreatedFrom(), user.getPhoneNo(), properties.getAppChannel(), properties.getChannelId());
 
         // 添加登陆日志
-        loginRecordService.saveLoginRecord(user.getId(), RecordType.LOGINRECORD.getName());
+        loginRecordService.saveLoginRecord(user.getId(), RecordType.LOGINRECORD.getName(), loginType);
 
         return authBean;
     }

src/main/java/cn/quantgroup/xyqb/service/user/ILoginRecordService.java

 package cn.quantgroup.xyqb.service.user;
 
-import cn.quantgroup.user.enums.RecordType;
-import cn.quantgroup.xyqb.controller.internal.user.resp.UserFullResp;
 import cn.quantgroup.xyqb.entity.LoginRecord;
-import cn.quantgroup.xyqb.entity.Merchant;
-import cn.quantgroup.xyqb.entity.User;
-import cn.quantgroup.xyqb.model.JsonResult;
-import cn.quantgroup.xyqb.model.LoginProperties;
-import cn.quantgroup.xyqb.model.UserInfo;
-
-import javax.servlet.http.HttpServletRequest;
-import java.util.List;
-import java.util.Map;
 
 /**
  * Created by Miraculous on 15/7/5.
  */
 public interface ILoginRecordService {
 
-
-    void saveLoginRecord(Long id, String name);
-
     LoginRecord findFirstLoginRecord(String deviceId);
+
+    void saveLoginRecord(Long id, String name, int loginType);
 }

src/main/java/cn/quantgroup/xyqb/service/user/impl/LoginRecordServiceImpl.java

 package cn.quantgroup.xyqb.service.user.impl;
 
-import cn.quantgroup.tech.db.DSType;
-import cn.quantgroup.tech.db.TargetDataSource;
-import cn.quantgroup.user.enums.BizType;
-import cn.quantgroup.user.enums.IncomeRangeEnum;
-import cn.quantgroup.xyqb.Constants;
-import cn.quantgroup.xyqb.aspect.lock.RedisLock;
+import cn.quantgroup.user.enums.RecordType;
 import cn.quantgroup.xyqb.controller.IBaseController;
-import cn.quantgroup.xyqb.controller.internal.user.resp.UserFullResp;
-import cn.quantgroup.xyqb.entity.*;
-import cn.quantgroup.xyqb.event.PhoneNoUpdateEvent;
-import cn.quantgroup.xyqb.exception.DataException;
-import cn.quantgroup.xyqb.exception.UserNotExistException;
-import cn.quantgroup.xyqb.exception.UserRegisterLoginException;
-import cn.quantgroup.xyqb.model.*;
-import cn.quantgroup.xyqb.repository.*;
-import cn.quantgroup.xyqb.service.register.IUserDeregisterService;
-import cn.quantgroup.xyqb.service.register.IUserRegisterService;
-import cn.quantgroup.xyqb.service.session.ISessionService;
-import cn.quantgroup.xyqb.service.user.*;
-import cn.quantgroup.xyqb.service.wechat.IWechatService;
-import cn.quantgroup.xyqb.util.*;
-import com.alibaba.fastjson.JSON;
-import com.google.common.collect.Lists;
-import com.google.common.collect.Maps;
-import com.sensorsdata.analytics.javasdk.ISensorsAnalytics;
-import com.sensorsdata.analytics.javasdk.bean.EventRecord;
+import cn.quantgroup.xyqb.entity.LoginRecord;
+import cn.quantgroup.xyqb.repository.ILoginRecordRepository;
+import cn.quantgroup.xyqb.service.user.ILoginRecordService;
 import lombok.extern.slf4j.Slf4j;
-import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.cache.annotation.CacheEvict;
-import org.springframework.cache.annotation.Caching;
-import org.springframework.context.ApplicationEventPublisher;
-import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
-import org.springframework.transaction.annotation.Transactional;
-import org.springframework.util.CollectionUtils;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import javax.annotation.Resource;
 import javax.servlet.http.HttpServletRequest;
-import java.util.*;
-import java.util.concurrent.TimeUnit;
-import java.util.stream.Collectors;
 
 /**
  * Created by Miraculous on 15/7/5.
@@ -56,11 +24,15 @@ public class LoginRecordServiceImpl implements ILoginRecordService, IBaseControl
     private ILoginRecordRepository loginRecordRepository;
 
     @Override
-    public void saveLoginRecord(Long userId, String name) {
+    public void saveLoginRecord(Long userId, String name, int loginType) {
         HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
         LoginRecord loginRecord = new LoginRecord();
         loginRecord.setUserId(userId);
         loginRecord.setType(name);
+        // 如果登陆记录登陆方式
+        if (RecordType.LOGINRECORD.getName().equals(name)) {
+            loginRecord.setLoginType(loginType);
+        }
         String qgTenantId = request.getHeader("qg-tenant-id");
         String vccChannel = request.getHeader("vccChannel");
         if (null != qgTenantId && !"".equals(qgTenantId)) {

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java

@@ -4,6 +4,7 @@ import cn.quantgroup.tech.db.DSType;
 import cn.quantgroup.tech.db.TargetDataSource;
 import cn.quantgroup.user.enums.BizType;
 import cn.quantgroup.user.enums.IncomeRangeEnum;
+import cn.quantgroup.user.enums.LoginType;
 import cn.quantgroup.xyqb.Constants;
 import cn.quantgroup.xyqb.aspect.lock.RedisLock;
 import cn.quantgroup.xyqb.controller.IBaseController;
@@ -429,7 +430,7 @@ public class UserServiceImpl implements IUserService, IBaseController {
             geetestLogService.updateByUidGeetestLog(geetestLogId, user.getId());
         }
         LoginProperties loginProperties = new LoginProperties("", 3, channelId, createdFrom, appChannel, merchant.getId(), merchant.getName(), tenantId);
-        AuthBean session = sessionService.createSession(user, loginProperties);
+        AuthBean session = sessionService.createSession(user, loginProperties, LoginType.ACCOUNTPASSWORD.ordinal());
         session.setRegister(register);
         lockIpv4Service.unLockPhone(phoneNo);
         return new JsonResult(session);