From a70a7dcdf56c981f9ef9c669cef9c1d659e7537a Mon Sep 17 00:00:00 2001 From: qiaowei Date: Wed, 10 Jul 2019 10:13:02 +0800 Subject: [PATCH] =?utf8?q?=E6=8E=A5=E5=8F=A3=E4=BF=AE=E6=94=B9?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- .../com/supwisdom/dlpay/mobile/MobileApi.kt | 125 +++++++++++++----- 1 file changed, 89 insertions(+), 36 deletions(-) diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt index 64cfcea4..25191890 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt @@ -12,6 +12,7 @@ import com.supwisdom.dlpay.framework.redisrepo.ApiJwtRepository import com.supwisdom.dlpay.framework.service.SystemUtilService import com.supwisdom.dlpay.framework.util.* import com.supwisdom.dlpay.mobile.domain.TBMobileUser +import com.supwisdom.dlpay.mobile.exception.UserLoginFailException import com.supwisdom.dlpay.mobile.service.MobileApiService import com.supwisdom.dlpay.util.ConstantUtil import org.apache.commons.lang.StringUtils @@ -47,6 +48,11 @@ class ApiInit { return JsonResult.ok("OK").put("now", System.currentTimeMillis())!! } + @RequestMapping("/test") + fun test(uid: String): JsonResult { + return JsonResult.ok("OK").put("uid", uid)!! + } + @RequestMapping("/uxy") fun xieyi(): JsonResult { var page = mobileApiService.findPageById(ConstantUtil.PAGE_USERXIEYI) @@ -55,17 +61,28 @@ class ApiInit { } return JsonResult.error("页面未配置") } + /** * 注册或找回时使用的验证码生成接口 * */ @RequestMapping("/code") - fun code(@RequestParam phone: String): JsonResult { + fun code(@RequestParam phone: String, @RequestParam type: String?): JsonResult { if (phone.isNullOrEmpty() || phone.length != 11 || !StringUtil.isMobile(phone)) { return JsonResult.error("手机号有误") } var user = mobileApiService.findUserByPhone(phone) - if (user != null && !user.loginpwd.isNullOrEmpty()) { - return JsonResult.error("该手机号已注册,请登录或找回密码") + if (type.isNullOrEmpty() || "new" == type) { + if (user != null && !user.loginpwd.isNullOrEmpty()) { + return JsonResult.error("该手机号已注册,请登录或找回密码") + } + } else { + if ("find" == type) { + if (user == null) { + return JsonResult.error("手机号不存在,请注册") + } + } else { + return JsonResult.error("类型错误") + } } // 如果未设置密码 var temp = redisTemplate.opsForValue().get(phone) @@ -77,6 +94,7 @@ class ApiInit { //TODO call send code sdk return JsonResult.ok("验证码已发送") } + /** * 注册或找回时使用的验证码校验接口 * */ @@ -102,6 +120,7 @@ class ApiInit { user.loginpwderror = 0 user = mobileApiService.saveUser(user) } + user.status = TradeDict.STATUS_NORMAL user.registerplatform = platform user.devuid = uuid user = mobileApiService.saveUser(user) @@ -113,6 +132,7 @@ class ApiInit { return JsonResult.error(-1, "验证码无效或已过期,请重新获取") } } + /** * 注册 * */ @@ -122,7 +142,7 @@ class ApiInit { @RequestParam repwd: String, @RequestParam random: String): JsonResult { if (random.isNullOrEmpty()) { - return JsonResult.error("注册信息有误,请重新注册") + return JsonResult.error("信息有误,请返回上一步") } if (pwd.isNullOrEmpty() || repwd.isNullOrEmpty() || pwd.length < 6) { return JsonResult.error("请重新设置密码,密码不能小于6位字符") @@ -133,7 +153,7 @@ class ApiInit { var user: TBMobileUser? = mobileApiService.findUserById(id) ?: return JsonResult.error("用户不存在,请注册") var code = redisTemplate.opsForValue().get(id) if (random != code) { - return JsonResult.error("注册信息有误,请返回上一步,并重新发送验证码") + return JsonResult.error("信息有误,请返回上一步,并重新发送验证码") } val encoder = BCryptPasswordEncoder() user!!.loginpwd = encoder.encode(pwd) @@ -201,25 +221,11 @@ class ApiV1 { fun getUserInfor(): JsonResult { val p = SecurityContextHolder.getContext().authentication var user: TBMobileUser? = mobileApiService.findUserById(p.name) ?: return JsonResult.error("用户不存在,请注册") - var payseted = false - if (!user!!.paypwd.isNullOrEmpty()) { - payseted = true - } - var name = "" - if (!user.userid.isNullOrEmpty()) { - var person = userService.findOnePersonByUserid(user.userid!!) - if (person != null) { - name = person.name - } - } - return JsonResult.ok("OK").put("now", System.currentTimeMillis()) - ?.put("paypwdset", payseted) - ?.put("name", name) - ?.put("signed", if (user.issigned.isNullOrEmpty()) "" else user.issigned) - ?.put("userid", if (user?.userid.isNullOrEmpty()) "" else user?.userid)!! + return JsonResult.ok("OK").put("now", System.currentTimeMillis())!! } + /** * 验证码生成,内部校验 * */ @@ -333,9 +339,22 @@ class ApiV1 { if (oldpwd.isNullOrEmpty()) { return JsonResult.error("原支付密码错误") } + if (user.paypwderror != null && user.paypwderror!! >= 5 && (System.currentTimeMillis() - user.paypwderrortime!!) < 1000 * 60 * 30) { + return JsonResult.error("密码错误次数过多,请30分钟后再试") + }else if (user.paypwderror != null && user.paypwderror!! >= 5 && (System.currentTimeMillis() - user.paypwderrortime!!) > 1000 * 60 * 30) { + //更新时间 + user.paypwderror = 0 + user.paypwderrortime = null + } val encoder = BCryptPasswordEncoder() var b = encoder.encode(oldpwd) - if (b != user.paypwd) { + if (!encoder.matches(oldpwd,user.paypwd)) { + if (user.paypwderror == null || user.paypwderror == 0) { + user.paypwderror = 0 + user.paypwderrortime = System.currentTimeMillis() + } + user.paypwderror += 1 + mobileApiService.saveUser(user) return JsonResult.error("原支付密码错误") } user!!.paypwd = encoder.encode(pwd) @@ -408,7 +427,7 @@ class ApiV1 { in 18..23 -> t = "晚上好" } if (user!!.userid.isNullOrEmpty()) { - return JsonResult.ok("OK").put("t",t)!! + return JsonResult.ok("OK").put("t", t)!! } var no = if (pageno <= 0) { 1 @@ -417,24 +436,36 @@ class ApiV1 { } var today = DateUtil.getNow("yyyyMMdd") var yester = DateUtil.getNowInterDay(-1) - var acc = userService.findAccountByUserid(user.userid!!,null) + var acc = userService.findAccountByUserid(user.userid!!, null) var point = userService.findPointsAccountByUserid(user.userid!!) var amount = 0.0; - var pi=0L - if(acc!=null&&acc.availbal!=null){ + var pi = 0L + if (acc != null && acc.availbal != null) { amount = acc.availbal } - if(point!=null&&point.points!=null){ - pi=point.points + if (point != null && point.points != null) { + pi = point.points + } + var payseted = false + if (!user!!.paypwd.isNullOrEmpty()) { + payseted = true + } + var name = "" + var person = userService.findOnePersonByUserid(user.userid!!) + if (person != null) { + name = person.name } - var page = userService.findPersondtlByUserid(user!!.userid!!, no) return JsonResult.ok("OK").put("page", page) - ?.put("today",today) - ?.put("yesterday",yester) - ?.put("point",pi) - ?.put("amount",amount) - ?.put("t",t)!! + ?.put("today", today) + ?.put("yesterday", yester) + ?.put("point", pi) + ?.put("amount", amount) + ?.put("paypwdset", payseted) + ?.put("name", name) + ?.put("signed", if (user.issigned.isNullOrEmpty()) "" else user.issigned) + ?.put("userid", if (user?.userid.isNullOrEmpty()) "" else user?.userid)!! + ?.put("t", t)!! } /** @@ -455,10 +486,31 @@ class ApiV1 { * 密码修改 * */ @RequestMapping("/pwdset") - fun pwdset(pwd: String, newpwd: String, renewpwd: String): JsonResult { + fun pwdset(oldpwd: String, newpwd: String, renewpwd: String): JsonResult { val p = SecurityContextHolder.getContext().authentication var user: TBMobileUser? = mobileApiService.findUserById(p.name) ?: return JsonResult.error("用户不存在,请注册") - return JsonResult.ok("OK") + if (newpwd != renewpwd) { + return JsonResult.error("两次密码不一致,请确认") + } + if (newpwd.isNullOrEmpty() || newpwd.length < 6) { + return JsonResult.error("请重新设置密码,密码不能小于6位字符") + } + if (user!!.loginpwderror > 5) { + return JsonResult.error(-1, "原密码错误次数过多,将退出系统,请重新登录系统或点击忘记密码功能找回密码") + } + val encoder = BCryptPasswordEncoder() + if (!encoder.matches(oldpwd,user!!.loginpwd)) { + user.loginpwderror += 1 + mobileApiService.saveUser(user) + return JsonResult.error("原密码错误") + } + if (user.loginpwderror != null && user.loginpwderror!! > 0) { + user.loginpwderror = 0 + user.loginpwderrortime = null + } + user.loginpwd = encoder.encode(newpwd) + mobileApiService.saveUser(user) + return JsonResult.ok("密码修改成功") } /** @@ -472,6 +524,7 @@ class ApiV1 { //TODO cardlost return JsonResult.ok("ok") } + /** * * 二维码在线生成 -- 2.17.1