手机端注册登录接口
diff --git a/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java b/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java
index 2eae021..805a984 100644
--- a/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java
+++ b/src/main/java/com/supwisdom/dlpay/api/domain/TPersonIdentity.java
@@ -33,16 +33,28 @@
@NotNull
private String tenantid = "";
+ @Column(name = "ISSIGNED", length = 20)
+ private String issigned;
+
public TPersonIdentity() {
}
- public TPersonIdentity(String thirdUid, TPerson person, String status, Integer lossflag, Integer lockflag, String createtime) {
+ public TPersonIdentity(String thirdUid, TPerson person, String status, Integer lossflag, Integer lockflag, String createtime,String issigned) {
this.thirdUid = thirdUid;
this.person = person;
this.status = status;
this.lossflag = lossflag;
this.lockflag = lockflag;
this.createtime = createtime;
+ this.issigned = issigned;
+ }
+
+ public String getIssigned() {
+ return issigned;
+ }
+
+ public void setIssigned(String issigned) {
+ this.issigned = issigned;
}
public String getThirdUid() {
diff --git a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
index c8992a8..fbaa21c 100644
--- a/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
+++ b/src/main/java/com/supwisdom/dlpay/framework/core/JwtConfig.java
@@ -29,4 +29,8 @@
public String getTokenHeader() {
return tokenHeader;
}
+
+ public void setExpiration(Long expiration) {
+ this.expiration = expiration;
+ }
}
diff --git a/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java b/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java
index b44b872..5070d62 100644
--- a/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java
+++ b/src/main/java/com/supwisdom/dlpay/framework/tenant/HibernateConfig.java
@@ -57,7 +57,6 @@
em.setPackagesToScan("com.supwisdom");
em.setJpaPropertyMap(properties);
em.setJpaVendorAdapter(getJpaVendorAdapter());
- log.info("setup multi-tenant entityManagerFactor");
return em;
}
diff --git a/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java b/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java
index 07e4aaf..c6788d8 100644
--- a/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java
+++ b/src/main/java/com/supwisdom/dlpay/framework/util/SysparaUtil.java
@@ -12,7 +12,7 @@
public static final int SYSPARAID_NO1 = 1; //系统默认最大余额限制的ID
public static final int SYSPARAID_NO2 = 2; //paraid=2
-
+ public static final int SYSPARAID_NO3 = 3; //用户过期时间,单位秒
public static final double SYSPARA_NO1_DEFAULT = 10000.0; // 系统默认最大余额限制
}
diff --git a/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java b/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java
index a525547..3d93fc1 100644
--- a/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java
+++ b/src/main/java/com/supwisdom/dlpay/util/ConstantUtil.java
@@ -33,4 +33,10 @@
* */
public static final int DICTTYPE_NO1 = 1; //冲正状态字典
public static final int DICTTYPE_NO2 = 2; //流水状态字典
+
+ /*
+ * 页面ID
+ * */
+
+ public static final String PAGE_USERXIEYI = "xieyi";//用户协议页面
}
diff --git a/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java b/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java
index d4521d5..5aa25fb 100644
--- a/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java
+++ b/src/main/java/com/supwisdom/dlpay/util/DlpayUtil.java
@@ -10,6 +10,7 @@
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.Random;
public class DlpayUtil {
/**
@@ -73,4 +74,15 @@
return root.getText();
}
}
+ public static String getCodeRandom() {
+ Random random = new Random();
+ String fourRandom = random.nextInt(1000000) + "";
+ int randLength = fourRandom.length();
+ if (randLength < 6) {
+ for (int i = 1; i <= 6 - randLength; i++)
+ fourRandom = "0" + fourRandom;
+ }
+ return fourRandom;
+ }
+
}
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt
index 6a441fc..60efda7 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/AuthLoginHandler.kt
@@ -8,8 +8,10 @@
import com.supwisdom.dlpay.framework.domain.JwtRedis
import com.supwisdom.dlpay.framework.redisrepo.ApiClientRepository
import com.supwisdom.dlpay.framework.redisrepo.ApiJwtRepository
+import com.supwisdom.dlpay.framework.service.SystemUtilService
import com.supwisdom.dlpay.framework.util.Constants
import com.supwisdom.dlpay.framework.util.DateUtil
+import com.supwisdom.dlpay.framework.util.SysparaUtil
import com.supwisdom.dlpay.framework.util.TradeDict
import com.supwisdom.dlpay.mobile.dao.MobileUserDao
import com.supwisdom.dlpay.mobile.domain.TBMobileUser
@@ -38,13 +40,16 @@
lateinit var jwtConfig: JwtConfig
@Autowired
lateinit var apiJwtRepository: ApiJwtRepository
+ @Autowired
+ lateinit var systemUtilService: SystemUtilService
override fun onAuthenticationSuccess(request: HttpServletRequest, response: HttpServletResponse, authentication: Authentication) {
logger.error(request?.getParameter("platform"))
var temp = authentication!!.principal as TBMobileUser
var user = mobileUserDao.findByPhone(temp.phone)
if(user!=null) {
- //TODO 从数据取jwtConfig.expiration
+ var exp = systemUtilService.getSysparaValueAsInt(SysparaUtil.SYSPARAID_NO3,60*60*24*3)
+ jwtConfig.expiration = exp as Long
val token = JwtTokenUtil(jwtConfig).generateToken(
mapOf("uid" to user.uid, "issuer" to "payapi",
"audience" to temp.phone,
@@ -71,7 +76,10 @@
mobileUserDao.save(user)
response.status = HttpStatus.OK.value()
response.contentType = "application/json;charset=UTF-8"
- response.writer.write(objectMapper.writeValueAsString(JsonResult.ok().put("token", token.jwtToken)
+ response.writer.write(objectMapper.writeValueAsString(JsonResult.ok()
+ .put("token", token.jwtToken)
+ ?.put("expire",token.expiration.valueInMillis)
+ ?.put("now",System.currentTimeMillis())
?.put("tenantid", "mobile")))
}else{
throw UserLoginFailException("登录错误")
@@ -101,13 +109,15 @@
errmsg = exception.message!!
}
var temp = request.getParameter("username")
- mobileUserDao.findByPhone(temp)?.let {
- if (it.loginpwderror == null || it.loginpwderror == 0) {
- it.loginpwderror = 0
- it.loginpwderrortime = System.currentTimeMillis()
+ if(!temp.isNullOrEmpty()) {
+ mobileUserDao.findByPhone(temp)?.let {
+ if (it.loginpwderror == null || it.loginpwderror == 0) {
+ it.loginpwderror = 0
+ it.loginpwderrortime = System.currentTimeMillis()
+ }
+ it.loginpwderror += 1
+ mobileUserDao.save(it)
}
- it.loginpwderror += 1
- mobileUserDao.save(it)
}
response.status = HttpStatus.OK.value()
response.contentType = "application/json;charset=UTF-8"
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
index 0b034d6..df5d623 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/MobileApi.kt
@@ -1,10 +1,21 @@
package com.supwisdom.dlpay.mobile
import com.supwisdom.dlpay.api.bean.JsonResult
+import com.supwisdom.dlpay.framework.core.JwtConfig
+import com.supwisdom.dlpay.framework.core.JwtTokenUtil
+import com.supwisdom.dlpay.framework.domain.JwtRedis
+import com.supwisdom.dlpay.framework.redisrepo.ApiJwtRepository
+import com.supwisdom.dlpay.framework.service.SystemUtilService
+import com.supwisdom.dlpay.framework.util.*
+import com.supwisdom.dlpay.mobile.domain.TBMobileUser
+import com.supwisdom.dlpay.mobile.service.MobileApiService
import com.supwisdom.dlpay.mobile.service.MobileUserService
+import com.supwisdom.dlpay.util.ConstantUtil
+import com.supwisdom.dlpay.util.DlpayUtil
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.data.redis.core.RedisTemplate
import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler
import org.springframework.web.bind.annotation.RequestMapping
import org.springframework.web.bind.annotation.RestController
@@ -13,28 +24,142 @@
import org.springframework.web.bind.annotation.RequestMethod
import org.springframework.web.bind.annotation.RequestParam
import java.security.Principal
+import java.time.Duration
@RestController
@RequestMapping("/mobileapi/i")
class ApiInit {
@Autowired
+ lateinit var mobileApiService: MobileApiService
+ @Autowired
lateinit var redisTemplate: RedisTemplate<String, String>
+ @Autowired
+ lateinit var jwtConfig: JwtConfig
+ @Autowired
+ lateinit var apiJwtRepository: ApiJwtRepository
+ @Autowired
+ lateinit var systemUtilService: SystemUtilService
+
/*
* TODO 防止重复调用发验证码
* */
+ @RequestMapping("/time")
+ fun time(): JsonResult {
+ return JsonResult.ok("OK").put("now", System.currentTimeMillis())!!
+ }
+
+ @RequestMapping("/uxy")
+ fun xieyi(): JsonResult {
+ var page = mobileApiService.findPageById(ConstantUtil.PAGE_USERXIEYI)
+ if (page != null) {
+ return JsonResult.ok("OK").put("page", page.pageContent)!!
+ }
+ return JsonResult.error("页面未配置")
+ }
+
@RequestMapping("/code")
fun code(@RequestParam phone: String): JsonResult {
- return JsonResult.ok("OK")
+ if (phone.isNullOrEmpty() || phone.length != 11 || !StringUtil.isMobile(phone)) {
+ return JsonResult.error("手机号有误")
+ }
+ var user = mobileApiService.findUserByPhone(phone)
+ if (user != null && !user.loginpwd.isNullOrEmpty()) {
+ return JsonResult.error("该手机号已注册,请登录或找回密码")
+ }
+ // 如果未设置密码
+ var temp = redisTemplate.opsForValue().get(phone)
+ if (temp.isNullOrEmpty()) {
+ var code = RandomUtils.randomNumber(6)
+ System.out.println(code)
+ redisTemplate.opsForValue().set(phone, code, Duration.ofMinutes(5))
+ }
+ //TODO code
+ return JsonResult.ok("验证码已发送")
}
@RequestMapping("/checkcode")
- fun check(@RequestParam phone: String,@RequestParam code: String): JsonResult {
- return JsonResult.ok("OK")
+ fun check(@RequestParam phone: String,
+ @RequestParam code: String,
+ @RequestParam platform: String?,
+ @RequestParam uuid: String?): JsonResult {
+ var temp = redisTemplate.opsForValue().get(phone)
+ if (!temp.isNullOrEmpty()) {
+ if (temp != code) {
+ return JsonResult.error("验证码错误")
+ }
+ //TODO general user
+ var user = mobileApiService.findUserByPhone(phone)
+ if (user == null) {
+ user = TBMobileUser()
+ user.phone = phone
+ user.registerplatform = platform
+ user.registerdate = DateUtil.getNow()
+ user.devuid = uuid
+ user.status = TradeDict.STATUS_NORMAL
+ user.paypwderror = 0
+ user.loginpwderror = 0
+ user = mobileApiService.saveUser(user)
+ }
+ var code = RandomUtils.getRandomString(30)
+ redisTemplate.opsForValue().set(user.uid, code, Duration.ofDays(1))
+ return JsonResult.ok("OK").put("uid", user.uid)?.put("code",code)!!
+ } else {
+ return JsonResult.error("验证码已过期,请重新发送")
+ }
}
@RequestMapping("/register")
- fun register(@RequestParam uid: String,@RequestParam pwd: String,@RequestParam repwd: String): JsonResult {
- return JsonResult.ok("OK")
+ fun register(@RequestParam id: String,
+ @RequestParam pwd: String,
+ @RequestParam repwd: String,
+ @RequestParam random: String): JsonResult {
+ if(random.isNullOrEmpty()){
+ return JsonResult.error("注册信息有误,请重新注册")
+ }
+ if (pwd.isNullOrEmpty() || repwd.isNullOrEmpty() || pwd.length < 6) {
+ return JsonResult.error("请重新设置密码,密码不能小于6位字符")
+ }
+ if (pwd != repwd) {
+ return JsonResult.error("两次密码不一致")
+ }
+ var user: TBMobileUser? = mobileApiService.findUserById(id) ?: return JsonResult.error("用户不存在,请注册")
+ var code = redisTemplate.opsForValue().get(id)
+ if(code!=random){
+ return JsonResult.error("注册信息有误,请重新注册")
+ }
+ val encoder = BCryptPasswordEncoder()
+ user!!.loginpwd = encoder.encode(pwd)
+ var exp = systemUtilService.getSysparaValueAsInt(SysparaUtil.SYSPARAID_NO3,60*60*24*3)
+ jwtConfig.expiration = exp as Long
+ val token = JwtTokenUtil(jwtConfig).generateToken(
+ mapOf("uid" to user.uid, "issuer" to "payapi",
+ "audience" to user.phone,
+ Constants.JWT_CLAIM_TENANTID to "mobile",
+ "authorities" to user.authorities))
+ var jwt = JwtRedis().apply {
+ jti = token.jti
+ uid = user.phone
+ status = TradeDict.JWT_STATUS_NORMAL
+ expiration = token.expiration.valueInMillis
+ }.apply {
+ //删除之前的token
+ if(!user.jti.isNullOrEmpty()){
+ apiJwtRepository.deleteById(user.jti!!)
+ }
+ apiJwtRepository.save(this)
+ }
+ if (user.loginpwderror != null && user.loginpwderror!! > 0) {
+ user.loginpwderror = 0
+ user.loginpwderrortime = null
+ }
+ user.lastlogin = DateUtil.getNow()
+ user.jti = jwt.jti
+ mobileApiService.saveUser(user)
+
+ return JsonResult.ok("OK").put("token", token.jwtToken)
+ ?.put("expire",token.expiration.valueInMillis)
+ ?.put("now",System.currentTimeMillis())
+ ?.put("tenantid", "mobile")!!
}
}
@@ -43,22 +168,17 @@
@RequestMapping("/mobileapi/v1")
class ApiV1 {
@Autowired
+ lateinit var mobileApiService: MobileApiService
+
+ @Autowired
lateinit var redisTemplate: RedisTemplate<String, String>
- @RequestMapping("/logout")
- fun logout(request: HttpServletRequest, response: HttpServletResponse): JsonResult {
- SecurityContextHolder.getContext().authentication?.also {
- SecurityContextLogoutHandler().logout(request, response, it)
- }
- return JsonResult.ok("退出成功")
- }
@RequestMapping("/infor")
fun getUserInfor(): JsonResult {
val p = SecurityContextHolder.getContext().authentication
- return JsonResult.ok("OK").put("name", p.name)!!
+ return JsonResult.ok("OK").put("name", p.name)?.put("now", System.currentTimeMillis())!!
}
-
@RequestMapping("/register")
fun register(): JsonResult {
val p = SecurityContextHolder.getContext().authentication
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt
new file mode 100644
index 0000000..8146652
--- /dev/null
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/ApiDao.kt
@@ -0,0 +1,8 @@
+package com.supwisdom.dlpay.mobile.dao
+
+import com.supwisdom.dlpay.mobile.domain.TBPages
+import org.springframework.data.jpa.repository.JpaRepository
+import org.springframework.stereotype.Repository
+
+@Repository
+interface PagesDao : JpaRepository<TBPages,String>
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt
index 5261586..76ad4c6 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/dao/MobileUserDao.kt
@@ -7,4 +7,6 @@
@Repository
interface MobileUserDao : JpaRepository<TBMobileUser, String> {
fun findByPhone(phone: String): TBMobileUser?
-}
\ No newline at end of file
+}
+
+
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt
index da95e4f..d0fbc7f 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBMobileUser.kt
@@ -1,6 +1,7 @@
package com.supwisdom.dlpay.mobile.domain
import com.supwisdom.dlpay.framework.util.TradeDict
+import org.hibernate.annotations.GenericGenerator
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.userdetails.UserDetails
import javax.persistence.*
@@ -40,6 +41,8 @@
@Id
+ @GenericGenerator(name = "idGenerator", strategy = "uuid")
+ @GeneratedValue(generator = "idGenerator")
@Column(name = "uid", nullable = false, length = 32)
var uid: String = ""
/**
@@ -69,7 +72,7 @@
/**
* 注册手机类型
* */
- @Column(name = "registerplatform", length = 20)
+ @Column(name = "registerplatform", length = 100)
var registerplatform: String? = null
/**
@@ -81,7 +84,7 @@
/**
* 最后登录手机类型
* */
- @Column(name = "lastloginplatform", length = 20)
+ @Column(name = "lastloginplatform", length = 100)
var lastloginplatform: String? = null
/**
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt
new file mode 100644
index 0000000..cbe892b
--- /dev/null
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/domain/TBPages.kt
@@ -0,0 +1,23 @@
+package com.supwisdom.dlpay.mobile.domain
+
+import javax.persistence.Column
+import javax.persistence.Entity
+import javax.persistence.Id
+import javax.persistence.Table
+
+@Entity
+@Table(name = "TB_PAGES")
+class TBPages{
+ @Id
+ @Column(name = "pageid", nullable = false, length = 32)
+ var pageid: String = ""
+
+ @Column(name = "pagecontent",columnDefinition = "TEXT")
+ var pageContent:String = ""
+
+ @Column(name = "pagedes", length = 200)
+ var pagedes: String? = null
+
+ @Column(name = "lastupdate", length = 14)
+ var lastupdate: String? = null
+}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt
index c01e430..6ddc123 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/MobileApiService.kt
@@ -1,9 +1,15 @@
package com.supwisdom.dlpay.mobile.service
import com.supwisdom.dlpay.mobile.domain.TBMobileUser
+import com.supwisdom.dlpay.mobile.domain.TBPages
interface MobileApiService {
fun saveUser(user: TBMobileUser): TBMobileUser
+ fun findPageById(pageid: String): TBPages?
+
+ fun findUserByPhone(phone: String): TBMobileUser?
+
+ fun findUserById(id: String): TBMobileUser?
}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt
index fec5155..21cd2ee 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileApiServiceImpl.kt
@@ -1,8 +1,9 @@
package com.supwisdom.dlpay.mobile.service.impl
-import com.supwisdom.dlpay.framework.util.DateUtil
import com.supwisdom.dlpay.mobile.dao.MobileUserDao
+import com.supwisdom.dlpay.mobile.dao.PagesDao
import com.supwisdom.dlpay.mobile.domain.TBMobileUser
+import com.supwisdom.dlpay.mobile.domain.TBPages
import com.supwisdom.dlpay.mobile.service.MobileApiService
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.stereotype.Service
@@ -12,8 +13,30 @@
@Autowired
lateinit var mobileUserDao: MobileUserDao
+ @Autowired
+ lateinit var pagesDao: PagesDao
+
override fun saveUser(user: TBMobileUser): TBMobileUser {
- user.lastlogin = DateUtil.getNow()
return mobileUserDao.save(user)
}
+
+ override fun findPageById(pageid: String): TBPages? {
+ var t = pagesDao.findById(pageid)
+ if (t.isPresent) {
+ return t.get()
+ }
+ return null
+ }
+
+ override fun findUserByPhone(phone: String): TBMobileUser? {
+ return mobileUserDao.findByPhone(phone)
+ }
+
+ override fun findUserById(id: String): TBMobileUser? {
+ var t = mobileUserDao.findById(id)
+ if(t.isPresent){
+ return t.get()
+ }
+ return null
+ }
}
\ No newline at end of file
diff --git a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
index 179f5fe..9c96ad6 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/mobile/service/impl/MobileUserServiceImpl.kt
@@ -4,6 +4,7 @@
import com.supwisdom.dlpay.mobile.domain.TBMobileUser
import com.supwisdom.dlpay.mobile.exception.UserLoginFailException
import com.supwisdom.dlpay.mobile.service.MobileUserService
+import org.slf4j.LoggerFactory
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.AuthorityUtils
@@ -13,12 +14,21 @@
@Service
class MobileUserServiceImpl : MobileUserService {
+ var logger = LoggerFactory.getLogger(MobileUserServiceImpl::class.java)
+
@Autowired
lateinit var mobileUserDao: MobileUserDao
override fun loadUserByUsername(username: String?): UserDetails {
+ logger.error("username:"+username)
+ if(username.isNullOrEmpty()){
+ throw UsernameNotFoundException("用户不存在")
+ }
var temp = mobileUserDao.findByPhone(username!!)
if(temp!=null) {
+ if(temp.loginpwd.isNullOrEmpty()){
+ throw UserLoginFailException("用户注册后未设置登录密码,请重新注册")
+ }
if (temp.loginpwderror != null && temp.loginpwderror!! >= 3 && (System.currentTimeMillis() - temp.loginpwderrortime!!) < 1000 * 60 * 30) {
throw UserLoginFailException("密码错误次数过多,请稍后再试")
} else if (temp.loginpwderror != null && temp.loginpwderror!! >= 3 && (System.currentTimeMillis() - temp.loginpwderrortime!!) > 1000 * 60 * 30) {
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 5aad561..cff3a80 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -38,12 +38,17 @@
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl
import org.springframework.security.web.util.matcher.AntPathRequestMatcher
import org.springframework.stereotype.Component
+import org.springframework.web.cors.CorsConfiguration
+import org.springframework.web.cors.CorsConfigurationSource
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource
import org.springframework.web.filter.OncePerRequestFilter
import java.security.SecureRandom
+import java.util.*
import javax.servlet.FilterChain
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import javax.sql.DataSource
+import kotlin.collections.ArrayList
@Component
@@ -224,11 +229,13 @@
override fun configure(http: HttpSecurity) {
http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
+ .cors()
+ .and()
.antMatcher("/mobileapi/**")
-
.addFilterAfter(apiFilter,
UsernamePasswordAuthenticationFilter::class.java)
- .authorizeRequests().antMatchers("/mobileapi/i/**").permitAll().anyRequest().authenticated()
+ .authorizeRequests().antMatchers("/mobileapi/i/**","/mobileapi/login")
+ .permitAll().anyRequest().authenticated()
.and()
.formLogin()
.loginProcessingUrl("/mobileapi/login")
@@ -238,6 +245,17 @@
.sessionManagement().maximumSessions(1)
.expiredUrl("/mobileapi/sessionexpired")
}
+ @Bean
+ fun corsConfigurationSource(): CorsConfigurationSource {
+ //手机端支持跨域请求
+ val configuration = CorsConfiguration()
+ configuration.allowedOrigins = Arrays.asList("*")
+ configuration.allowedMethods = Arrays.asList("GET","POST")
+ configuration.allowedHeaders = Arrays.asList("*")
+ val source = UrlBasedCorsConfigurationSource()
+ source.registerCorsConfiguration("/mobileapi/**", configuration);
+ return source
+ }
}
@Configuration