From d8a34f4b76d3f3b8e5e9843d95e7c75ca2ed6fed Mon Sep 17 00:00:00 2001 From: qiaowei Date: Tue, 2 Jul 2019 15:32:39 +0800 Subject: [PATCH] =?utf8?q?=E6=89=8B=E6=9C=BA=E7=AB=AF=E6=B3=A8=E5=86=8C?= =?utf8?q?=E7=99=BB=E5=BD=95=E6=8E=A5=E5=8F=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit --- .../dlpay/api/domain/TPersonIdentity.java | 14 +- .../dlpay/framework/core/JwtConfig.java | 4 + .../framework/tenant/HibernateConfig.java | 1 - .../dlpay/framework/util/SysparaUtil.java | 2 +- .../supwisdom/dlpay/util/ConstantUtil.java | 6 + .../com/supwisdom/dlpay/util/DlpayUtil.java | 12 ++ .../dlpay/mobile/AuthLoginHandler.kt | 26 ++- .../com/supwisdom/dlpay/mobile/MobileApi.kt | 148 ++++++++++++++++-- .../com/supwisdom/dlpay/mobile/dao/ApiDao.kt | 8 + .../dlpay/mobile/dao/MobileUserDao.kt | 4 +- .../dlpay/mobile/domain/TBMobileUser.kt | 7 +- .../supwisdom/dlpay/mobile/domain/TBPages.kt | 23 +++ .../dlpay/mobile/service/MobileApiService.kt | 6 + .../service/impl/MobileApiServiceImpl.kt | 27 +++- .../service/impl/MobileUserServiceImpl.kt | 10 ++ .../kotlin/com/supwisdom/dlpay/security.kt | 22 ++- 16 files changed, 288 insertions(+), 32 deletions(-) create mode 100644 src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt create mode 100644 src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt diff --git a/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java b/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java index 2eae0216..805a984e 100644 --- a/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java +++ b/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java @@ -33,16 +33,28 @@ public class TPersonIdentity { @NotNull private String tenantid = ""; + @Column(name = "ISSIGNED", length = 20) + private String issigned; + public TPersonIdentity() { } - public TPersonIdentity(String thirdUid, TPerson person, String status, Integer lossflag, Integer lockflag, String createtime) { + public TPersonIdentity(String thirdUid, TPerson person, String status, Integer lossflag, Integer lockflag, String createtime,String issigned) { this.thirdUid = thirdUid; this.person = person; this.status = status; this.lossflag = lossflag; this.lockflag = lockflag; this.createtime = createtime; + this.issigned = issigned; + } + + public String getIssigned() { + return issigned; + } + + public void setIssigned(String issigned) { + this.issigned = issigned; } public String getThirdUid() { diff --git a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java index c8992a86..fbaa21c9 100644 --- a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java +++ b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java @@ -29,4 +29,8 @@ public class JwtConfig { public String getTokenHeader() { return tokenHeader; } + + public void setExpiration(Long expiration) { + this.expiration = expiration; + } } diff --git a/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java b/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java index b44b8729..5070d623 100644 --- a/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java +++ b/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java @@ -57,7 +57,6 @@ public class HibernateConfig { em.setPackagesToScan("com.supwisdom"); em.setJpaPropertyMap(properties); em.setJpaVendorAdapter(getJpaVendorAdapter()); - log.info("setup multi-tenant entityManagerFactor"); return em; } diff --git a/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java b/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java index 07e4aafd..c6788d87 100644 --- a/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java +++ b/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java @@ -12,7 +12,7 @@ public class SysparaUtil { public static final int SYSPARAID_NO1 = 1; //系统默认最大余额限制的ID public static final int SYSPARAID_NO2 = 2; //paraid=2 - + public static final int SYSPARAID_NO3 = 3; //用户过期时间,单位秒 public static final double SYSPARA_NO1_DEFAULT = 10000.0; // 系统默认最大余额限制 } diff --git a/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java b/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java index a5255475..3d93fc12 100644 --- a/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java +++ b/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java @@ -33,4 +33,10 @@ public class ConstantUtil { * */ public static final int DICTTYPE_NO1 = 1; //冲正状态字典 public static final int DICTTYPE_NO2 = 2; //流水状态字典 + + /* + * 页面ID + * */ + + public static final String PAGE_USERXIEYI = "xieyi";//用户协议页面 } diff --git a/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java b/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java index d4521d5c..5aa25fbf 100644 --- a/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java +++ b/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java @@ -10,6 +10,7 @@ import java.net.UnknownHostException; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Random; public class DlpayUtil { /** @@ -73,4 +74,15 @@ public class DlpayUtil { return root.getText(); } } + public static String getCodeRandom() { + Random random = new Random(); + String fourRandom = random.nextInt(1000000) + ""; + int randLength = fourRandom.length(); + if (randLength < 6) { + for (int i = 1; i <= 6 - randLength; i++) + fourRandom = "0" + fourRandom; + } + return fourRandom; + } + } diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt index 6a441fc9..60efda7c 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt @@ -8,8 +8,10 @@ import com.supwisdom.dlpay.framework.core.JwtTokenUtil import com.supwisdom.dlpay.framework.domain.JwtRedis import com.supwisdom.dlpay.framework.redisrepo.ApiClientRepository import com.supwisdom.dlpay.framework.redisrepo.ApiJwtRepository +import com.supwisdom.dlpay.framework.service.SystemUtilService import com.supwisdom.dlpay.framework.util.Constants import com.supwisdom.dlpay.framework.util.DateUtil +import com.supwisdom.dlpay.framework.util.SysparaUtil import com.supwisdom.dlpay.framework.util.TradeDict import com.supwisdom.dlpay.mobile.dao.MobileUserDao import com.supwisdom.dlpay.mobile.domain.TBMobileUser @@ -38,13 +40,16 @@ class AuthLoginSuccessHandler : SimpleUrlAuthenticationSuccessHandler() { lateinit var jwtConfig: JwtConfig @Autowired lateinit var apiJwtRepository: ApiJwtRepository + @Autowired + lateinit var systemUtilService: SystemUtilService override fun onAuthenticationSuccess(request: HttpServletRequest, response: HttpServletResponse, authentication: Authentication) { logger.error(request?.getParameter("platform")) var temp = authentication!!.principal as TBMobileUser var user = mobileUserDao.findByPhone(temp.phone) if(user!=null) { - //TODO 从数据取jwtConfig.expiration + var exp = systemUtilService.getSysparaValueAsInt(SysparaUtil.SYSPARAID_NO3,60*60*24*3) + jwtConfig.expiration = exp as Long val token = JwtTokenUtil(jwtConfig).generateToken( mapOf("uid" to user.uid, "issuer" to "payapi", "audience" to temp.phone, @@ -71,7 +76,10 @@ class AuthLoginSuccessHandler : SimpleUrlAuthenticationSuccessHandler() { mobileUserDao.save(user) response.status = HttpStatus.OK.value() response.contentType = "application/json;charset=UTF-8" - response.writer.write(objectMapper.writeValueAsString(JsonResult.ok().put("token", token.jwtToken) + response.writer.write(objectMapper.writeValueAsString(JsonResult.ok() + .put("token", token.jwtToken) + ?.put("expire",token.expiration.valueInMillis) + ?.put("now",System.currentTimeMillis()) ?.put("tenantid", "mobile"))) }else{ throw UserLoginFailException("登录错误") @@ -101,13 +109,15 @@ class AuthLoginFailHandler : SimpleUrlAuthenticationFailureHandler() { errmsg = exception.message!! } var temp = request.getParameter("username") - mobileUserDao.findByPhone(temp)?.let { - if (it.loginpwderror == null || it.loginpwderror == 0) { - it.loginpwderror = 0 - it.loginpwderrortime = System.currentTimeMillis() + if(!temp.isNullOrEmpty()) { + mobileUserDao.findByPhone(temp)?.let { + if (it.loginpwderror == null || it.loginpwderror == 0) { + it.loginpwderror = 0 + it.loginpwderrortime = System.currentTimeMillis() + } + it.loginpwderror += 1 + mobileUserDao.save(it) } - it.loginpwderror += 1 - mobileUserDao.save(it) } response.status = HttpStatus.OK.value() response.contentType = "application/json;charset=UTF-8" diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt index 0b034d6f..df5d623e 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt @@ -1,10 +1,21 @@ package com.supwisdom.dlpay.mobile import com.supwisdom.dlpay.api.bean.JsonResult +import com.supwisdom.dlpay.framework.core.JwtConfig +import com.supwisdom.dlpay.framework.core.JwtTokenUtil +import com.supwisdom.dlpay.framework.domain.JwtRedis +import com.supwisdom.dlpay.framework.redisrepo.ApiJwtRepository +import com.supwisdom.dlpay.framework.service.SystemUtilService +import com.supwisdom.dlpay.framework.util.* +import com.supwisdom.dlpay.mobile.domain.TBMobileUser +import com.supwisdom.dlpay.mobile.service.MobileApiService import com.supwisdom.dlpay.mobile.service.MobileUserService +import com.supwisdom.dlpay.util.ConstantUtil +import com.supwisdom.dlpay.util.DlpayUtil import org.springframework.beans.factory.annotation.Autowired import org.springframework.data.redis.core.RedisTemplate import org.springframework.security.core.context.SecurityContextHolder +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler import org.springframework.web.bind.annotation.RequestMapping import org.springframework.web.bind.annotation.RestController @@ -13,28 +24,142 @@ import javax.servlet.http.HttpServletResponse import org.springframework.web.bind.annotation.RequestMethod import org.springframework.web.bind.annotation.RequestParam import java.security.Principal +import java.time.Duration @RestController @RequestMapping("/mobileapi/i") class ApiInit { + @Autowired + lateinit var mobileApiService: MobileApiService @Autowired lateinit var redisTemplate: RedisTemplate + @Autowired + lateinit var jwtConfig: JwtConfig + @Autowired + lateinit var apiJwtRepository: ApiJwtRepository + @Autowired + lateinit var systemUtilService: SystemUtilService + /* * TODO 防止重复调用发验证码 * */ + @RequestMapping("/time") + fun time(): JsonResult { + return JsonResult.ok("OK").put("now", System.currentTimeMillis())!! + } + + @RequestMapping("/uxy") + fun xieyi(): JsonResult { + var page = mobileApiService.findPageById(ConstantUtil.PAGE_USERXIEYI) + if (page != null) { + return JsonResult.ok("OK").put("page", page.pageContent)!! + } + return JsonResult.error("页面未配置") + } + @RequestMapping("/code") fun code(@RequestParam phone: String): JsonResult { - return JsonResult.ok("OK") + if (phone.isNullOrEmpty() || phone.length != 11 || !StringUtil.isMobile(phone)) { + return JsonResult.error("手机号有误") + } + var user = mobileApiService.findUserByPhone(phone) + if (user != null && !user.loginpwd.isNullOrEmpty()) { + return JsonResult.error("该手机号已注册,请登录或找回密码") + } + // 如果未设置密码 + var temp = redisTemplate.opsForValue().get(phone) + if (temp.isNullOrEmpty()) { + var code = RandomUtils.randomNumber(6) + System.out.println(code) + redisTemplate.opsForValue().set(phone, code, Duration.ofMinutes(5)) + } + //TODO code + return JsonResult.ok("验证码已发送") } @RequestMapping("/checkcode") - fun check(@RequestParam phone: String,@RequestParam code: String): JsonResult { - return JsonResult.ok("OK") + fun check(@RequestParam phone: String, + @RequestParam code: String, + @RequestParam platform: String?, + @RequestParam uuid: String?): JsonResult { + var temp = redisTemplate.opsForValue().get(phone) + if (!temp.isNullOrEmpty()) { + if (temp != code) { + return JsonResult.error("验证码错误") + } + //TODO general user + var user = mobileApiService.findUserByPhone(phone) + if (user == null) { + user = TBMobileUser() + user.phone = phone + user.registerplatform = platform + user.registerdate = DateUtil.getNow() + user.devuid = uuid + user.status = TradeDict.STATUS_NORMAL + user.paypwderror = 0 + user.loginpwderror = 0 + user = mobileApiService.saveUser(user) + } + var code = RandomUtils.getRandomString(30) + redisTemplate.opsForValue().set(user.uid, code, Duration.ofDays(1)) + return JsonResult.ok("OK").put("uid", user.uid)?.put("code",code)!! + } else { + return JsonResult.error("验证码已过期,请重新发送") + } } @RequestMapping("/register") - fun register(@RequestParam uid: String,@RequestParam pwd: String,@RequestParam repwd: String): JsonResult { - return JsonResult.ok("OK") + fun register(@RequestParam id: String, + @RequestParam pwd: String, + @RequestParam repwd: String, + @RequestParam random: String): JsonResult { + if(random.isNullOrEmpty()){ + return JsonResult.error("注册信息有误,请重新注册") + } + if (pwd.isNullOrEmpty() || repwd.isNullOrEmpty() || pwd.length < 6) { + return JsonResult.error("请重新设置密码,密码不能小于6位字符") + } + if (pwd != repwd) { + return JsonResult.error("两次密码不一致") + } + var user: TBMobileUser? = mobileApiService.findUserById(id) ?: return JsonResult.error("用户不存在,请注册") + var code = redisTemplate.opsForValue().get(id) + if(code!=random){ + return JsonResult.error("注册信息有误,请重新注册") + } + val encoder = BCryptPasswordEncoder() + user!!.loginpwd = encoder.encode(pwd) + var exp = systemUtilService.getSysparaValueAsInt(SysparaUtil.SYSPARAID_NO3,60*60*24*3) + jwtConfig.expiration = exp as Long + val token = JwtTokenUtil(jwtConfig).generateToken( + mapOf("uid" to user.uid, "issuer" to "payapi", + "audience" to user.phone, + Constants.JWT_CLAIM_TENANTID to "mobile", + "authorities" to user.authorities)) + var jwt = JwtRedis().apply { + jti = token.jti + uid = user.phone + status = TradeDict.JWT_STATUS_NORMAL + expiration = token.expiration.valueInMillis + }.apply { + //删除之前的token + if(!user.jti.isNullOrEmpty()){ + apiJwtRepository.deleteById(user.jti!!) + } + apiJwtRepository.save(this) + } + if (user.loginpwderror != null && user.loginpwderror!! > 0) { + user.loginpwderror = 0 + user.loginpwderrortime = null + } + user.lastlogin = DateUtil.getNow() + user.jti = jwt.jti + mobileApiService.saveUser(user) + + return JsonResult.ok("OK").put("token", token.jwtToken) + ?.put("expire",token.expiration.valueInMillis) + ?.put("now",System.currentTimeMillis()) + ?.put("tenantid", "mobile")!! } } @@ -42,23 +167,18 @@ class ApiInit { @RestController @RequestMapping("/mobileapi/v1") class ApiV1 { + @Autowired + lateinit var mobileApiService: MobileApiService + @Autowired lateinit var redisTemplate: RedisTemplate - @RequestMapping("/logout") - fun logout(request: HttpServletRequest, response: HttpServletResponse): JsonResult { - SecurityContextHolder.getContext().authentication?.also { - SecurityContextLogoutHandler().logout(request, response, it) - } - return JsonResult.ok("退出成功") - } @RequestMapping("/infor") fun getUserInfor(): JsonResult { val p = SecurityContextHolder.getContext().authentication - return JsonResult.ok("OK").put("name", p.name)!! + return JsonResult.ok("OK").put("name", p.name)?.put("now", System.currentTimeMillis())!! } - @RequestMapping("/register") fun register(): JsonResult { val p = SecurityContextHolder.getContext().authentication diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt new file mode 100644 index 00000000..81466528 --- /dev/null +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt @@ -0,0 +1,8 @@ +package com.supwisdom.dlpay.mobile.dao + +import com.supwisdom.dlpay.mobile.domain.TBPages +import org.springframework.data.jpa.repository.JpaRepository +import org.springframework.stereotype.Repository + +@Repository +interface PagesDao : JpaRepository \ No newline at end of file diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt index 52615868..76ad4c68 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt @@ -7,4 +7,6 @@ import org.springframework.stereotype.Repository @Repository interface MobileUserDao : JpaRepository { fun findByPhone(phone: String): TBMobileUser? -} \ No newline at end of file +} + + diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt index da95e4f4..d0fbc7f5 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt @@ -1,6 +1,7 @@ package com.supwisdom.dlpay.mobile.domain import com.supwisdom.dlpay.framework.util.TradeDict +import org.hibernate.annotations.GenericGenerator import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.userdetails.UserDetails import javax.persistence.* @@ -40,6 +41,8 @@ class TBMobileUser : UserDetails { @Id + @GenericGenerator(name = "idGenerator", strategy = "uuid") + @GeneratedValue(generator = "idGenerator") @Column(name = "uid", nullable = false, length = 32) var uid: String = "" /** @@ -69,7 +72,7 @@ class TBMobileUser : UserDetails { /** * 注册手机类型 * */ - @Column(name = "registerplatform", length = 20) + @Column(name = "registerplatform", length = 100) var registerplatform: String? = null /** @@ -81,7 +84,7 @@ class TBMobileUser : UserDetails { /** * 最后登录手机类型 * */ - @Column(name = "lastloginplatform", length = 20) + @Column(name = "lastloginplatform", length = 100) var lastloginplatform: String? = null /** diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt new file mode 100644 index 00000000..cbe892b2 --- /dev/null +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt @@ -0,0 +1,23 @@ +package com.supwisdom.dlpay.mobile.domain + +import javax.persistence.Column +import javax.persistence.Entity +import javax.persistence.Id +import javax.persistence.Table + +@Entity +@Table(name = "TB_PAGES") +class TBPages{ + @Id + @Column(name = "pageid", nullable = false, length = 32) + var pageid: String = "" + + @Column(name = "pagecontent",columnDefinition = "TEXT") + var pageContent:String = "" + + @Column(name = "pagedes", length = 200) + var pagedes: String? = null + + @Column(name = "lastupdate", length = 14) + var lastupdate: String? = null +} \ No newline at end of file diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt index c01e4305..6ddc123e 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt @@ -1,9 +1,15 @@ package com.supwisdom.dlpay.mobile.service import com.supwisdom.dlpay.mobile.domain.TBMobileUser +import com.supwisdom.dlpay.mobile.domain.TBPages interface MobileApiService { fun saveUser(user: TBMobileUser): TBMobileUser + fun findPageById(pageid: String): TBPages? + + fun findUserByPhone(phone: String): TBMobileUser? + + fun findUserById(id: String): TBMobileUser? } \ No newline at end of file diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt index fec5155e..21cd2eea 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt @@ -1,8 +1,9 @@ package com.supwisdom.dlpay.mobile.service.impl -import com.supwisdom.dlpay.framework.util.DateUtil import com.supwisdom.dlpay.mobile.dao.MobileUserDao +import com.supwisdom.dlpay.mobile.dao.PagesDao import com.supwisdom.dlpay.mobile.domain.TBMobileUser +import com.supwisdom.dlpay.mobile.domain.TBPages import com.supwisdom.dlpay.mobile.service.MobileApiService import org.springframework.beans.factory.annotation.Autowired import org.springframework.stereotype.Service @@ -12,8 +13,30 @@ class MobileApiServiceImpl : MobileApiService { @Autowired lateinit var mobileUserDao: MobileUserDao + @Autowired + lateinit var pagesDao: PagesDao + override fun saveUser(user: TBMobileUser): TBMobileUser { - user.lastlogin = DateUtil.getNow() return mobileUserDao.save(user) } + + override fun findPageById(pageid: String): TBPages? { + var t = pagesDao.findById(pageid) + if (t.isPresent) { + return t.get() + } + return null + } + + override fun findUserByPhone(phone: String): TBMobileUser? { + return mobileUserDao.findByPhone(phone) + } + + override fun findUserById(id: String): TBMobileUser? { + var t = mobileUserDao.findById(id) + if(t.isPresent){ + return t.get() + } + return null + } } \ No newline at end of file diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt index 179f5fee..9c96ad6e 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt @@ -4,6 +4,7 @@ import com.supwisdom.dlpay.mobile.dao.MobileUserDao import com.supwisdom.dlpay.mobile.domain.TBMobileUser import com.supwisdom.dlpay.mobile.exception.UserLoginFailException import com.supwisdom.dlpay.mobile.service.MobileUserService +import org.slf4j.LoggerFactory import org.springframework.beans.factory.annotation.Autowired import org.springframework.security.core.GrantedAuthority import org.springframework.security.core.authority.AuthorityUtils @@ -13,12 +14,21 @@ import org.springframework.stereotype.Service @Service class MobileUserServiceImpl : MobileUserService { + var logger = LoggerFactory.getLogger(MobileUserServiceImpl::class.java) + @Autowired lateinit var mobileUserDao: MobileUserDao override fun loadUserByUsername(username: String?): UserDetails { + logger.error("username:"+username) + if(username.isNullOrEmpty()){ + throw UsernameNotFoundException("用户不存在") + } var temp = mobileUserDao.findByPhone(username!!) if(temp!=null) { + if(temp.loginpwd.isNullOrEmpty()){ + throw UserLoginFailException("用户注册后未设置登录密码,请重新注册") + } if (temp.loginpwderror != null && temp.loginpwderror!! >= 3 && (System.currentTimeMillis() - temp.loginpwderrortime!!) < 1000 * 60 * 30) { throw UserLoginFailException("密码错误次数过多,请稍后再试") } else if (temp.loginpwderror != null && temp.loginpwderror!! >= 3 && (System.currentTimeMillis() - temp.loginpwderrortime!!) > 1000 * 60 * 30) { diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt index 5aad561c..cff3a801 100644 --- a/src/main/kotlin/com/supwisdom/dlpay/security.kt +++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt @@ -38,12 +38,17 @@ import org.springframework.security.web.authentication.UsernamePasswordAuthentic import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl import org.springframework.security.web.util.matcher.AntPathRequestMatcher import org.springframework.stereotype.Component +import org.springframework.web.cors.CorsConfiguration +import org.springframework.web.cors.CorsConfigurationSource +import org.springframework.web.cors.UrlBasedCorsConfigurationSource import org.springframework.web.filter.OncePerRequestFilter import java.security.SecureRandom +import java.util.* import javax.servlet.FilterChain import javax.servlet.http.HttpServletRequest import javax.servlet.http.HttpServletResponse import javax.sql.DataSource +import kotlin.collections.ArrayList @Component @@ -223,12 +228,14 @@ class WebSecurityConfig { override fun configure(http: HttpSecurity) { http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) + .and() + .cors() .and() .antMatcher("/mobileapi/**") - .addFilterAfter(apiFilter, UsernamePasswordAuthenticationFilter::class.java) - .authorizeRequests().antMatchers("/mobileapi/i/**").permitAll().anyRequest().authenticated() + .authorizeRequests().antMatchers("/mobileapi/i/**","/mobileapi/login") + .permitAll().anyRequest().authenticated() .and() .formLogin() .loginProcessingUrl("/mobileapi/login") @@ -238,6 +245,17 @@ class WebSecurityConfig { .sessionManagement().maximumSessions(1) .expiredUrl("/mobileapi/sessionexpired") } + @Bean + fun corsConfigurationSource(): CorsConfigurationSource { + //手机端支持跨域请求 + val configuration = CorsConfiguration() + configuration.allowedOrigins = Arrays.asList("*") + configuration.allowedMethods = Arrays.asList("GET","POST") + configuration.allowedHeaders = Arrays.asList("*") + val source = UrlBasedCorsConfigurationSource() + source.registerCorsConfiguration("/mobileapi/**", configuration); + return source + } } @Configuration -- 2.17.1