From 9c32918e2d2db0dcc8b3a3af2be72831252019d9 Mon Sep 17 00:00:00 2001
From: liurunyu <lry9898@163.com>
Date: 星期六, 08 二月 2025 09:28:02 +0800
Subject: [PATCH] 涉嫌偷水功能完善代码
---
pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java | 67 ++++++++++++++++++++++++---------
1 files changed, 48 insertions(+), 19 deletions(-)
diff --git a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
index 725177d..2e349e8 100644
--- a/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
+++ b/pipIrr-platform/pipIrr-web/pipIrr-web-sso/src/main/java/com/dy/sso/busi/SsoCtrl.java
@@ -25,11 +25,7 @@
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.*;
-import java.util.List;
-import java.util.Objects;
-import java.util.UUID;
-
-//import org.springframework.cache.CacheManager;
+import java.util.*;
/**
* 娉ㄨВTag 鍦ˋPI涓樉绀猴細 Tag 娉ㄨВ, 缁欐暣涓帴鍙h捣浜嗕釜鍚嶅瓧涓庢弿杩�"
@@ -47,6 +43,7 @@
//鍦ㄥ睘鎬т笂娉ㄨВ@Autowired鏃讹紝浼氳鍛� Field injection is not recommended锛堜笉鍐嶆帹鑽愪娇鐢ㄥ瓧娈垫敞鍏ワ級
private SsoSv sv ;
+ //private KaptchaConfig kaptchaConfig;
//@Autowired
//private CacheManager cacheManager ;
@@ -55,6 +52,10 @@
this.sv = sv ;
}
+ //@Autowired
+ //public void setKaptchaConfig(KaptchaConfig kaptchaConfig) {
+ // this.kaptchaConfig = kaptchaConfig;
+ //}
/**
* 瀹㈡埛绔姹傚緱鍒版墍鏈夌粍缁囨満鏋�
@@ -70,7 +71,7 @@
)
})
@GetMapping(path = "allOrg")
- public BaseResponse<List<Org>> allOrg(){
+ public BaseResponse<List<Org.OrgVo>> allOrg(){
//List<Org> list = Arrays.asList(Org.Ym, Org.Pj) ;
return BaseResponseUtils.buildSuccess(Org.OrgList);
}
@@ -100,20 +101,48 @@
)
})
@PostMapping(path = "loginJson", consumes = MediaType.APPLICATION_JSON_VALUE)
- public BaseResponse<UserVo> loginJson(@RequestBody @Parameter(description = "鐧诲綍json鏁版嵁", required = true) @Valid LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult) {
+ public BaseResponse<UserVo> loginJson(HttpServletRequest request, @RequestBody @Parameter(description = "鐧诲綍json鏁版嵁", required = true) @Valid LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult) {
if(bindingResult != null && bindingResult.hasErrors()){
- return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
+ return BaseResponseUtils.buildErrorMsg(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
if(!vo.phone.equals("admin")){
if(vo.phone.length() != 11){
- return BaseResponseUtils.buildFail("鎵嬫満鍙凤紙闀垮害涓嶆槸11浣嶏級涓嶆纭�");
+ return BaseResponseUtils.buildErrorMsg("鎵嬫満鍙凤紙闀垮害涓嶆槸11浣嶏級涓嶆纭�");
}
}
if(vo.orgTag == null || vo.orgTag.trim().length() == 0){
- return BaseResponseUtils.buildFail("鏈�夋嫨缁勭粐鍗曚綅");
+ return BaseResponseUtils.buildErrorMsg("鏈�夋嫨缁勭粐鍗曚綅");
}
//鎶婄粍缁囧崟浣嶆爣绛句綔涓烘暟鎹簮鍚嶇О
DataSourceContext.set(vo.orgTag);
+
+ String token = Optional.ofNullable(vo.getToken()).orElse("");
+ String code = Optional.ofNullable(vo.getCode()).orElse("");
+
+ if(token.length() > 0 && code.length() > 0) {
+ // 浠巗ession涓幏鍙栭獙璇佺爜
+ //HttpSession session = (HttpSession) request.getSession();
+ //String localCode = session.getAttribute(token).toString();
+
+ Map map = sv.getCodeByToken(token);
+ Long expiration = Long.parseLong(map.get("expiration").toString());
+ Long currentTimestamp = System.currentTimeMillis();
+ if(currentTimestamp > expiration) {
+ return BaseResponseUtils.buildErrorMsg("楠岃瘉鐮佸凡瓒呮椂");
+ }
+
+ // 浠庢暟鎹簱鑾峰彇楠岃瘉鐮�
+ String localCode = map.get("code").toString();
+ if(!code.equals(localCode)) {
+ return BaseResponseUtils.buildErrorMsg("楠岃瘉鐮侀敊璇�");
+ }
+ }
+
+ //寰楀埌鎵�鏈夌敤鎴疯处鍙�
+ List<String> phones = sv.getPhones();
+ if(!phones.contains(vo.phone)){
+ return BaseResponseUtils.buildErrorMsg("璐﹀彿涓嶅瓨鍦�");
+ }
String uuid ;
BaUser userPo ;
@@ -138,7 +167,7 @@
uVo.token = uuid ;
return BaseResponseUtils.buildSuccess(uVo);
}else{
- return BaseResponseUtils.buildFail("鐧诲綍澶辫触");
+ return BaseResponseUtils.buildErrorMsg("瀵嗙爜閿欒");
}
}
@@ -159,10 +188,10 @@
@PostMapping(path = "loginForm", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public BaseResponse<UserVo> loginForm(@Parameter(description = "form琛ㄥ崟鏁版嵁", required = true) @Valid LoginVo vo, @Parameter(hidden = true) BindingResult bindingResult){
if(bindingResult != null && bindingResult.hasErrors()){
- return BaseResponseUtils.buildFail(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
+ return BaseResponseUtils.buildErrorMsg(Objects.requireNonNull(bindingResult.getFieldError()).getDefaultMessage());
}
if(vo.orgTag == null || vo.orgTag.trim().length() == 0){
- return BaseResponseUtils.buildFail("鏈�夋嫨缁勭粐鍗曚綅");
+ return BaseResponseUtils.buildErrorMsg("鏈�夋嫨缁勭粐鍗曚綅");
}
//鎶婄粍缁囧崟浣嶆爣绛句綔涓烘暟鎹簮鍚嶇О
DataSourceContext.set(vo.orgTag);
@@ -190,7 +219,7 @@
uVo.token = uuid ;
return BaseResponseUtils.buildSuccess(uVo);
}else{
- return BaseResponseUtils.buildFail("鐧诲綍澶辫触");
+ return BaseResponseUtils.buildErrorMsg("鐧诲綍澶辫触");
}
}
@@ -215,7 +244,7 @@
this.sv.logout(token) ;
return BaseResponseUtils.buildSuccess(true);
}else{
- return BaseResponseUtils.buildFail("鏈粠header涓緱鍒皌oken");
+ return BaseResponseUtils.buildErrorMsg("鏈粠header涓緱鍒皌oken");
}
}
@@ -229,7 +258,7 @@
@GetMapping(path = "loginUserId")
public Long loginUserId(String token){
BaUser userPo = this.sv.getByUuid(token) ;
- return userPo == null ? null : userPo.userId ;
+ return userPo == null ? null : userPo.id ;
}
/**
* 姝ゆ柟娉曚緵瀛愭ā鍧楃郴缁熻皟鐢紝鎵�浠ヤ笉鍏紑鍦ˋPI鎺ュ彛涓�
@@ -245,10 +274,10 @@
if(userPo != null){
vo.dataSourceName = userPo.orgTag ;
vo.logined = true ;
- vo.hasPower = true ;//榛樿鏈夋潈闄�
+ vo.hasPower = true ;//榛樿鏈夋潈闄愩��2023-12-21 缁忓晢璁紝鐢卞墠绔壌鏉�
}else{
vo.logined = false ;
- vo.hasPower = true ;//榛樿鏈夋潈闄�
+ vo.hasPower = true ;//榛樿鏈夋潈闄愩��2023-12-21 缁忓晢璁紝鐢卞墠绔壌鏉�
}
return vo ;
}
@@ -306,7 +335,7 @@
BaUser userPo = this.sv.getByUuid(token) ;
CurUserVo vo = new CurUserVo();
if(userPo != null){
- vo.id = userPo.userId ;
+ vo.id = userPo.id ;
vo.name = userPo.userName;
}
return vo ;
--
Gitblit v1.8.0