健康小屋- 用户登录

server/svr-authentication/pom.xml

@@ -10,7 +10,7 @@
    </parent>
    <modelVersion>4.0.0</modelVersion>
    <artifactId>svr-authentication</artifactId>
    <artifactId>svr-authentication</artifactId>rred
    <dependencies>
        <!-- 支持Tomcat启动 -->

server/svr-authentication/src/main/java/com/yihu/jw/security/oauth2/provider/endpoint/WlyyLoginEndpoint.java

@@ -281,7 +281,7 @@ public class WlyyLoginEndpoint extends AbstractEndpoint {
            Map<String, Object> sms =  (Map)result.get("obj");
            String captcha = (String) sms.get("captcha");
            Date deadline = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse((String) sms.get("deadline"));
            Long expire = (deadline.getTime() - new Date().getTime()) / 1000;
            Long expire = (deadline.getTime() - System.currentTimeMillis()) / 1000;
            Captcha _captcha = new Captcha();
            _captcha.setCode(captcha);
            _captcha.setExpiresIn(expire.intValue());

svr/svr-healthy-house/pom.xml

@@ -104,6 +104,24 @@
			<version>4.2.3-GA</version>
			<!--<classifier>GA</classifier>-->
		</dependency>
		<!-- Redis  -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-data-redis</artifactId>
		</dependency>
		<dependency>
			<groupId>redis.clients</groupId>
			<artifactId>jedis</artifactId>
		</dependency>
		<!-- Redis  -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<dependency>
			<groupId>org.springframework.security.oauth</groupId>
			<artifactId>spring-security-oauth2</artifactId>
		</dependency>
	</dependencies>

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/HealthyHouseApplication.java

@@ -3,15 +3,25 @@ package com.yihu.jw.healthyhouse;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.boot.autoconfigure.security.oauth2.OAuth2AutoConfiguration;
import org.springframework.cloud.client.loadbalancer.LoadBalanced;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.EnableAspectJAutoProxy;
import org.springframework.web.client.RestTemplate;
@SpringBootApplication(exclude = OAuth2AutoConfiguration.class)
@ComponentScan(basePackages = {"com"})
@SpringBootApplication
@ComponentScan(basePackages = {"com.yihu"})
@EnableAspectJAutoProxy(proxyTargetClass = true, exposeProxy = true)
public class HealthyHouseApplication {
	public static void main(String[] args) {
		SpringApplication.run(HealthyHouseApplication.class, args);
	}
	@Bean
	@LoadBalanced
	RestTemplate restTemplate() {
		return new RestTemplate();
	}
}

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/cache/WlyyRedisVerifyCodeService.java

@@ -0,0 +1,60 @@
package com.yihu.jw.healthyhouse.cache;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Service;
import org.springframework.util.StringUtils;
import java.util.concurrent.TimeUnit;
/**
 * Service - 验证码缓存
 * Created by progr1mmer on 2018/4/18.
 */
@Service
public class WlyyRedisVerifyCodeService {
    private final String KEY_SUFFIX = ":code";
    private final RedisTemplate redisTemplate;
    public WlyyRedisVerifyCodeService(RedisTemplate redisTemplate) {
        this.redisTemplate = redisTemplate;
    }
    public void store (String client_id, String username, String code, int expire) {
        String key = client_id + ":" + username + KEY_SUFFIX;
        redisTemplate.opsForValue().set(key, code);
        redisTemplate.expire(key, expire, TimeUnit.SECONDS);
        String intervalKey = key + ":" + code + "_interval";
        redisTemplate.opsForValue().set(intervalKey, 60);
        redisTemplate.expire(intervalKey, 60, TimeUnit.SECONDS);
    }
    public boolean isIntervalTimeout(String client_id, String username) {
        String key = client_id + ":" + username + KEY_SUFFIX;
        String code = (String) redisTemplate.opsForValue().get(key);
        if (null == code) {
            return true;
        }
        String intervalKey = key + ":" + code + "_interval";
        if (redisTemplate.opsForValue().get(intervalKey) != null) {
            return false;
        }
        return true;
    }
    public boolean verification (String client_id, String username, String code) {
        if (StringUtils.isEmpty(code)) {
            return false;
        }
        String key = client_id + ":" + username + KEY_SUFFIX;
        String _code = (String) redisTemplate.opsForValue().get(key);
        if (null == _code) {
            return false;
        }
        if (code.equalsIgnoreCase(_code)) {
            return true;
        }
        return false;
    }
}

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/constant/LoginInfo.java

@@ -6,7 +6,14 @@ package com.yihu.jw.healthyhouse.constant;
 */
public class LoginInfo {
    public static final String IS_LOGIN = "isLogin";
    public static final String USER_NAME = "loginName";
    public static final String LOGIN_NAME = "loginName";
    public static final String LOGIN_CODE = "loginCode";
    public static final String USER_ID = "userId";
    public static final String TOKEN = "token";
    public static final String DEFAULT_PASSWORD = "123456";
    //用户创建类型
    public static final String SAVE_TYPE_IJK = "ijkLogin";  //i健康登录注册
    public static final String SAVE_TYPE_PHONE = "phoneLogin";//手机登录注册
}

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/controller/LoginController.java

@@ -1,17 +1,28 @@
package com.yihu.jw.healthyhouse.controller;
import com.yihu.jw.exception.business.ManageException;
import com.yihu.jw.healthyhouse.cache.WlyyRedisVerifyCodeService;
import com.yihu.jw.healthyhouse.model.user.User;
import com.yihu.jw.healthyhouse.service.user.LoginService;
import com.yihu.jw.restmodel.web.Envelop;
import com.yihu.jw.restmodel.web.ObjEnvelop;
import com.yihu.jw.restmodel.web.endpoint.EnvelopRestEndpoint;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiParam;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.http.*;
import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.client.RestTemplate;
import javax.servlet.http.HttpServletRequest;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -19,34 +30,108 @@ import java.util.Map;
 * @author HZY
 * @created 2018/9/18 19:55
 */
@RestController
public class LoginController extends EnvelopRestEndpoint {
    @Autowired
    private LoginService loginService;
    @Autowired
    private RestTemplate restTemplate;
    private String clientId;
    @Autowired
    private WlyyRedisVerifyCodeService wlyyRedisVerifyCodeService;
    /**
     * 获取验证码
     * @param parameters
     * @return
     * @throws Exception
     */
    @GetMapping(value = "/login/captcha")
    public ResponseEntity<HashMap> captcha(@RequestParam Map<String, String> parameters) throws  Exception{
        String client_id = parameters.get("client_id");
        String username = parameters.get("username");
        if (StringUtils.isEmpty(client_id)) {
            throw new InvalidRequestException("client_id");
        }
        if (StringUtils.isEmpty(username)){
            throw new InvalidRequestException("username");
        }
        //验证请求间隔超时，防止频繁获取验证码
        if (!wlyyRedisVerifyCodeService.isIntervalTimeout(client_id, username)) {
            throw new IllegalAccessException("SMS request frequency is too fast");
        }
        //发送短信获取验证码
        HttpHeaders reqHeaders = new HttpHeaders();
        reqHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
        params.add("clientId", client_id);
        params.add("type", "login");
        params.add("to", username);
        HttpEntity<MultiValueMap<String, String>> httpEntity = new HttpEntity<>(params, reqHeaders);
        HashMap<String, Object> result = restTemplate.postForObject("http://svr-base:10020/sms_gateway/send", httpEntity, HashMap.class);
        if (200 == (Integer) result.get("status")){
            Map<String, Object> sms =  (Map)result.get("obj");
            String captcha = (String) sms.get("captcha");
            Date deadline = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").parse((String) sms.get("deadline"));
            Long expire = (deadline.getTime() - System.currentTimeMillis()) / 1000;
            wlyyRedisVerifyCodeService.store(client_id, username, captcha, expire.intValue());
            HttpHeaders headers = new HttpHeaders();
            headers.set("Cache-Control", "no-store");
            headers.set("Pragma", "no-cache");
            return new ResponseEntity<>(result, headers, HttpStatus.OK);
        }
        throw new IllegalStateException((String) result.get("message"));
    }
    @GetMapping("/login")
    @ApiOperation(value = "登陆")
    public Envelop login(
    @GetMapping("/mobile/login")
    @ApiOperation(value = "手机登录注册")
    public ObjEnvelop register(
            HttpServletRequest request,
            @ApiParam(name = "username", value = "账号", required = true)@RequestParam(required = true, name = "username") String username,
            @ApiParam(name = "password", value = "密码", required = true)@RequestParam(required = true, name = "password") String password) throws ManageException {
        User data = loginService.login(request,username, password);
            @ApiParam(name = "username", value = "短信验证码", required = true)@RequestParam(required = true, name = "captcha") String captcha) throws ManageException, ParseException {
        if (wlyyRedisVerifyCodeService.verification(clientId, username, captcha)) {
            User user = loginService.phoneLogin(request,username);
            ObjEnvelop envelop = new ObjEnvelop();
            envelop.setStatus(200);
            envelop.setMessage("登录成功");
            envelop.setObj(user);
            return envelop;
        return Envelop.getSuccess("登陆成功");
        } else {
            return ObjEnvelop.getError("验证码错误");
        }
    }
    @PostMapping("/ijk/login")
    @ApiOperation(value = "i健康用户登陆")
    public ObjEnvelop ijkLogin(
            HttpServletRequest request,
            @ApiParam(name = "username", value = "账号", required = true)@RequestParam(required = true, name = "username") String username,
            @ApiParam(name = "password", value = "密码", required = true)@RequestParam(required = true, name = "password") String password) throws ManageException {
        User user = loginService.iJklogin(request,username, password);
        if (user !=null) {
            ObjEnvelop envelop = new ObjEnvelop();
            envelop.setStatus(200);
            envelop.setMessage("登录成功");
            envelop.setObj(user);
            return envelop;
        }else {
            return ObjEnvelop.getError("登录失败");
        }
    }
    @GetMapping("/loginout")
    @ApiOperation(value = "退出")
    @PostMapping("/loginout")
    @ApiOperation(value = "登出")
    public Envelop loginout(
            HttpServletRequest request,
            @ApiParam(name = "userCode", value = "用户code", required = true)@RequestParam(required = true, name = "userCode") String userCode) {
        try {
            //修改用户状态  离线
           return Envelop.getSuccess("登出成功");
           return ObjEnvelop.getSuccess("登出成功");
        } catch (Exception e) {
            e.printStackTrace();
            return Envelop.getError("登出成功:" + e.getMessage(), -1);
            return ObjEnvelop.getError("登出成功:" + e.getMessage(), -1);
        }
    }

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/service/user/LoginService.java

@@ -6,10 +6,16 @@ import com.yihu.jw.healthyhouse.model.user.User;
import com.yihu.jw.restmodel.wlyy.HouseUserContant;
import com.yihu.jw.util.security.MD5;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap;
import org.springframework.web.client.RestTemplate;
import javax.servlet.http.HttpServletRequest;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@@ -23,22 +29,71 @@ public class LoginService {
    @Autowired
    private UserService userService;
    @Autowired
    private RestTemplate restTemplate;
    private String clientId;
    /**
     * 登录
     * @param username
     *  手机验证码方式登录并自动注册
     * @param loginCode
     * @return
     * @throws Exception
     */
    @Transactional(noRollbackForClassName = "ManageException")
    public User phoneLogin(HttpServletRequest request, String loginCode) throws ManageException {
        //判断用户信息是否存在
        User user = userService.findByCode(loginCode);
        if (user == null) {
            //未注册用户进行账户注册
            user = new User();
            user.setLoginCode(loginCode);
            user.setName(loginCode);
            user.setTelephone(loginCode);
            user.setCreator(loginCode);
            user.setPassword(LoginInfo.DEFAULT_PASSWORD);
            userService.saveOrUpdate(user,LoginInfo.SAVE_TYPE_PHONE);//设置默认密码123456
        }else {
            //已注册用户更改用户状态
            user.setActivated(HouseUserContant.activated_active);
            userService.saveOrUpdate(user,LoginInfo.SAVE_TYPE_PHONE);
        }
        request.getSession().setAttribute(LoginInfo.IS_LOGIN, true);
        request.getSession().setAttribute(LoginInfo.TOKEN, ""); //TODO token是否添加
        request.getSession().setAttribute(LoginInfo.LOGIN_NAME, user.getName());
        request.getSession().setAttribute(LoginInfo.LOGIN_CODE, user.getLoginCode());
        request.getSession().setAttribute(LoginInfo.USER_ID, user.getId());
        return user;
    }
    /**
     * i健康账户登录&注册
     * @param loginCode
     * @param password
     * @return
     * @throws Exception
     */
    @Transactional(noRollbackForClassName = "ManageException")
    public User login(HttpServletRequest request, String username, String password) throws ManageException {
        Map<String, List> data = new HashMap<>();
    public User iJklogin(HttpServletRequest request, String loginCode, String password) throws ManageException {
        //判断登陆信息是否正确
        User user = userService.findByCode(username);
        User user = userService.findByCode(loginCode);
        if (user == null) {
            //保存登陆信息
            String message = "账号不存在";
            throw new ManageException(message);
            //i健康登录认证
            Map<String, Object> data = oauthIjkLogin(loginCode, password);
            if (data!=null ) {
                user = new User();
                user.setPassword(password);
                user.setLoginCode((String) data.get("user"));
                user.setName((String) data.get("name"));
                user.setGender((String) data.get("gender"));
                user.setIdCardNo((String) data.get("idcard"));
                user.setTelephone((String) data.get("mobile"));
                userService.saveOrUpdate(user,LoginInfo.SAVE_TYPE_IJK);
            }else {
                String message = "账号不存在";
                throw new ManageException(message);
            }
        }
        if (!user.getPassword().equals(MD5.GetMD5Code(password + user.getSalt()))) {
            //保存登陆信息
@@ -47,14 +102,41 @@ public class LoginService {
        }
        request.getSession().setAttribute(LoginInfo.IS_LOGIN, true);
        request.getSession().setAttribute(LoginInfo.TOKEN, ""); //TODO token是否添加
        request.getSession().setAttribute(LoginInfo.USER_NAME, user.getName());
        request.getSession().setAttribute(LoginInfo.LOGIN_NAME, user.getName());
        request.getSession().setAttribute(LoginInfo.USER_ID, user.getId());
        user.setActivated(HouseUserContant.activated_active);
        userService.saveOrUpdate(user,password,"systemLogin");
        userService.saveOrUpdate(user,"systemLogin");
        return user;
    }
    /**
     *  i健康用户信息认证
     * @param username
     * @param password
     * @return
     * @throws ManageException
     */
    public Map<String, Object> oauthIjkLogin(String username, String password) throws ManageException{
        HashMap<String, Object> userDetail = null;
        HttpHeaders reqHeaders = new HttpHeaders();
        reqHeaders.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
        MultiValueMap<String, String> params = new LinkedMultiValueMap<>();
        params.add("client_id", clientId);
        params.add("username", username);
        params.add("password", password);
        params.add("login_type", "1");
        HttpEntity<MultiValueMap<String, String>> httpEntity = new HttpEntity<>(params, reqHeaders);
        HashMap<String, Object> result = restTemplate.postForObject("http://svr-authentication:10260/oauth/login", httpEntity, HashMap.class);
        if (200 == (Integer) result.get("status")){
            userDetail =  (HashMap)result.get("obj");
        return userDetail;
        }else {
            throw new ManageException("i健康用户认证失败");
        }
    }
    /**
     *  登出
     * @param username
@@ -79,10 +161,10 @@ public class LoginService {
        }
        request.getSession().removeAttribute(LoginInfo.IS_LOGIN);
        request.getSession().removeAttribute(LoginInfo.TOKEN); //TODO token是否添加
        request.getSession().removeAttribute(LoginInfo.USER_NAME);
        request.getSession().removeAttribute(LoginInfo.LOGIN_NAME);
        request.getSession().removeAttribute(LoginInfo.USER_ID);
        user.setActivated(HouseUserContant.activated_offline);
        userService.saveOrUpdate(user,password,"systemLogin");
        userService.saveOrUpdate(user,"systemLogin");
        return user;
    }

svr/svr-healthy-house/src/main/java/com/yihu/jw/healthyhouse/service/user/UserService.java

@@ -17,6 +17,7 @@ import org.springside.modules.persistence.DynamicSpecifications;
import org.springside.modules.persistence.SearchFilter;
import javax.transaction.Transactional;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
@@ -35,11 +36,19 @@ public class UserService {
        return userDao.findByLoginCode(code);
    }
    public User findByAccount(String username) {
    public User findByName(String username) {
        return userDao.findByName(username);
    }
    /**
     *  分页获取用户列表
     * @param page
     * @param pageSize
     * @param map
     * @return
     * @throws ManageException
     */
    public Page<User> userList(Integer page, Integer pageSize, Map<String,String> map)throws ManageException {
        // 排序
        Sort sort = new Sort(Sort.Direction.DESC, "modifyDate");
@@ -65,24 +74,32 @@ public class UserService {
    /**
     *
     * 更改用户状态
     * @param codes        待删除code
     * @param userCode     修改者code
     */
    @Transactional
    public void delete(String codes, String userCode) {
    public void updateStatus(String codes, String userCode,Integer status) {
        User user = userDao.findByLoginCode(userCode);
        String userName = user.getName();
        for(String code:codes.split(",")){
            User user1 = findByCode(code);
            user1.setActivated(-1);
            user1.setActivated(status);
            user1.setModifierName(userName);
            user1.setModifier(userCode);
            userDao.save(user1);
        }
    }
    public Envelop saveOrUpdate(User user, String oldPsd, String userCode) throws ManageException {
    /**
     *  新增/修改用户
     * @param user      用户信息
     * @param oldPsd    密码
     * @param userCode  操作者编码
     * @return
     * @throws ManageException
     */
    public Envelop saveOrUpdate(User user, String userCode) throws ManageException {
        User loginUser = userDao.findByLoginCode(userCode);
        String userName = loginUser.getName();
        if(user.getId()==null){//保存
@@ -98,15 +115,16 @@ public class UserService {
            String code = UUID.randomUUID().toString().replaceAll("-", "");
            user.setId(code);
            user.setCreator(userCode);
            user.setCreateDate(new Date());
            user.setActivated(1);
            userDao.save(user);
            return Envelop.getSuccess("保存成功");
        }else{//修改
            User user1 = findByCode(user.getLoginCode());
            String psd = MD5.GetMD5Code(oldPsd + user1.getSalt());
            if(!user1.getPassword().equals(psd)){//判断密码是否相同
                throw new ManageException("原密码错误");
            }
//            String psd = MD5.GetMD5Code(oldPsd + user1.getSalt());
//            if(!user1.getPassword().equals(psd)){//判断密码是否相同
//                throw new ManageException("原密码错误");
//            }
            user.setModifier(userCode);
            user.setModifierName(userName);
            userDao.save(user);

svr/svr-healthy-house/src/main/resources/application.yml

@@ -2,6 +2,10 @@
server:
  port: 10081
security:
  basic:
    enabled: false
spring:
  application:
    name:  svr-healthy-house
@@ -69,7 +73,7 @@ spring:
  profiles: dev
  datasource:
    url: jdbc:mysql://172.19.103.77:3306/wlyy_archives?useUnicode=true&characterEncoding=utf-8&autoReconnect=true
    url: jdbc:mysql://172.19.103.77:3306/healthy_house?useUnicode=true&characterEncoding=utf-8&autoReconnect=true
    username: root
    password: 123456
fastDFS: