修改手机认证接口
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
index a39db67..0b034d6 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
@@ -3,6 +3,7 @@
import com.supwisdom.dlpay.api.bean.JsonResult
import com.supwisdom.dlpay.mobile.service.MobileUserService
import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.data.redis.core.RedisTemplate
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
import org.springframework.web.bind.annotation.RequestMapping
@@ -10,14 +11,39 @@
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import org.springframework.web.bind.annotation.RequestMethod
+import org.springframework.web.bind.annotation.RequestParam
import java.security.Principal
+@RestController
+@RequestMapping("/mobileapi/i")
+class ApiInit {
+ @Autowired
+ lateinit var redisTemplate: RedisTemplate<String, String>
+ /*
+ * TODO 防止重复调用发验证码
+ * */
+ @RequestMapping("/code")
+ fun code(@RequestParam phone: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+
+ @RequestMapping("/checkcode")
+ fun check(@RequestParam phone: String,@RequestParam code: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+
+ @RequestMapping("/register")
+ fun register(@RequestParam uid: String,@RequestParam pwd: String,@RequestParam repwd: String): JsonResult {
+ return JsonResult.ok("OK")
+ }
+}
+
@RestController
-@RequestMapping("/mobileapi")
-class MobileApiController {
+@RequestMapping("/mobileapi/v1")
+class ApiV1 {
@Autowired
- lateinit var userService: MobileUserService
+ lateinit var redisTemplate: RedisTemplate<String, String>
@RequestMapping("/logout")
fun logout(request: HttpServletRequest, response: HttpServletResponse): JsonResult {
SecurityContextHolder.getContext().authentication?.also {
@@ -25,14 +51,17 @@
}
return JsonResult.ok("退出成功")
}
-}
-@RestController
-@RequestMapping("/mobileapi/v1")
-class ApiV1 {
@RequestMapping("/infor")
fun getUserInfor(): JsonResult {
- val p = SecurityContextHolder.getContext().authentication
+ val p = SecurityContextHolder.getContext().authentication
+ return JsonResult.ok("OK").put("name", p.name)!!
+ }
+
+
+ @RequestMapping("/register")
+ fun register(): JsonResult {
+ val p = SecurityContextHolder.getContext().authentication
return JsonResult.ok("OK")
}
}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileUserService.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileUserService.kt
index 6d10c46..f8b5d8d 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileUserService.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileUserService.kt
@@ -1,5 +1,9 @@
package com.supwisdom.dlpay.mobile.service
+import com.supwisdom.dlpay.mobile.domain.TBMobileUser
import org.springframework.security.core.userdetails.UserDetailsService
-interface MobileUserService : UserDetailsService
\ No newline at end of file
+interface MobileUserService : UserDetailsService {
+
+ fun getByUid(uid: String): TBMobileUser?
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
index 9f16334..179f5fe 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
@@ -34,4 +34,12 @@
}
return temp
}
+
+ override fun getByUid(uid: String): TBMobileUser? {
+ var t = mobileUserDao.findById(uid)
+ if(t.isPresent){
+ return t.get()
+ }
+ return null
+ }
}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 614f548..5aad561 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -81,7 +81,7 @@
url = url.replace(context, "")
}
logger.info(url)
- if (!url.startsWith("/api/") && !url.startsWith("/mobileapi/")){
+ if(!url.startsWith("/api/")&&!url.startsWith("/mobileapi/v1/")){
filterChain.doFilter(request, response)
return
}
@@ -98,7 +98,7 @@
return
}
val claims = getUtil().verifyToken(jwt)
- if(url == "/mobileapi/logout"){
+ if(url.equals("/mobileapi/v1/logout")){
SecurityContextHolder.clearContext()
apiJwtRepository.deleteById(claims[ReservedClaimNames.JWT_ID].toString())
throw JoseException("JWT has not been register")
@@ -115,11 +115,11 @@
}
val tenantId = request.getHeader(Constants.HEADER_TETANTID)
if (tenantId == null) {
- response.sendError(HttpStatus.UNAUTHORIZED.value(), "未定义租户ID")
+ response.status=HttpStatus.UNAUTHORIZED.value()
return
}
if (claims[Constants.JWT_CLAIM_TENANTID] != tenantId) {
- response.sendError(HttpStatus.UNAUTHORIZED.value(), "未定义租户ID")
+ response.status=HttpStatus.UNAUTHORIZED.value()
return
}
val auth = UsernamePasswordAuthenticationToken(claims[Constants.JWT_CLAIM_UID], null,
@@ -133,6 +133,7 @@
apiJwtRepository.deleteById(e.jwtContext.jwtClaims.jwtId)
}
response.status=HttpStatus.UNAUTHORIZED.value()
+ return
} catch (e: JoseException) {
SecurityContextHolder.clearContext()
// jwt 失效后返回 401
@@ -224,9 +225,10 @@
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.antMatcher("/mobileapi/**")
+
.addFilterAfter(apiFilter,
UsernamePasswordAuthenticationFilter::class.java)
- .authorizeRequests().anyRequest().authenticated()
+ .authorizeRequests().antMatchers("/mobileapi/i/**").permitAll().anyRequest().authenticated()
.and()
.formLogin()
.loginProcessingUrl("/mobileapi/login")