添加身份验证功能

2 years ago · b94713672f
5 changed files with 119 additions and 9 deletions
--- a/src/main/java/com/dreamchaser/depository_manage/config/PublicConfig.java
+++ b/src/main/java/com/dreamchaser/depository_manage/config/PublicConfig.java
@ -32,7 +32,7 @@ public class PublicConfig {
    public static String external_url_6666 = "http://kpi.hxgk.group/kpiapi";
    // 外网地址，用于接收验证
-    public static String external_url_extranet = "";
+    public static String external_url_extranet = "http://172.20.2.87:7777";
--- a/src/main/java/com/dreamchaser/depository_manage/config/WebMvcConfig.java
+++ b/src/main/java/com/dreamchaser/depository_manage/config/WebMvcConfig.java
@ -15,7 +15,7 @@ public class WebMvcConfig implements WebMvcConfigurer {
    public void addInterceptors(InterceptorRegistry registry) {
        registry.addInterceptor(new UserInterceptor())
                .addPathPatterns("/**")
-                .excludePathPatterns("/webSocket/{number}","/login", "/register", "/sendCode", "/error","/callback","/QyWxLogin","/getMaterialAll","/approvalcallback")
+                .excludePathPatterns("/webSocket/{number}","/login", "/register", "/sendCode", "/error","/callback","/QyWxLogin","/getMaterialAll","/approvalcallback","/identity/**")
                .excludePathPatterns("classpath:/static/**")
                .excludePathPatterns("/static/**");
    }
--- a/src/main/java/com/dreamchaser/depository_manage/controller/IdentityVerifyController.java
+++ b/src/main/java/com/dreamchaser/depository_manage/controller/IdentityVerifyController.java
@ -0,0 +1,112 @@
 package com.dreamchaser.depository_manage.controller;
 import com.alibaba.fastjson.JSONObject;
 import com.dreamchaser.depository_manage.config.PublicConfig;
 import com.dreamchaser.depository_manage.entity.UserByPort;
 import com.dreamchaser.depository_manage.security.pool.AuthenticationTokenPool;
 import com.dreamchaser.depository_manage.security.pool.RedisPool;
 import com.dreamchaser.depository_manage.service.UserService;
 import com.dreamchaser.depository_manage.utils.EncryptionAlgorithmUtil;
 import com.dreamchaser.depository_manage.utils.HttpUtils;
 import lombok.extern.java.Log;
 import lombok.extern.log4j.Log4j;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.http.protocol.HTTP;
 import org.apache.ibatis.annotations.Param;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.ModelAndView;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.time.Instant;
 import java.util.HashMap;
 import java.util.Map;
@Slf4j
@RestController
 public class IdentityVerifyController {
    @Autowired
    private RedisPool redisPool;
    @Autowired
    private UserService userService;
    /**
     * 用于验证用户身份
     */
    @GetMapping("/identityVerify")
    public ModelAndView identityVerify(@RequestParam Map<String,String> map, HttpServletRequest request, HttpServletResponse response){
        ModelAndView mv = new ModelAndView();
        mv.addObject("userWxId", "");
        mv.setViewName("pages/user/login");
        String url = PublicConfig.external_url_extranet+"/signcode/signcode";
        String userkey = map.get("userkey");
        String usertoken = map.get("usertoken");
        String code = map.get("code");
        EncryptionAlgorithmUtil encryptionAlgorithmUtil = new EncryptionAlgorithmUtil(code);
        // 获取加密后的字符串
        String algorithm = encryptionAlgorithmUtil.Algorithm();
        Map<String,String> paramForPost = new HashMap<>();
        paramForPost.put("code",algorithm);
        String jsonString = JSONObject.toJSONString(paramForPost);
        JSONObject paramObject = JSONObject.parseObject(jsonString);
        try {
            String send = HttpUtils.send(url, paramObject, HTTP.UTF_8, userkey, usertoken);
            JSONObject resultObj = JSONObject.parseObject(send);
            int resultCode = resultObj.getInteger("code");
            if(resultCode == 0){
                // 如果验证成功
                String redisKey = PublicConfig.LoginRedisPrefix + userkey;
                Object usernumber = redisPool.getRedisTemplateByDb(5).opsForHash().get(redisKey, "usernumber");
                if(usernumber != null){
                    UserByPort userByNumber = userService.findUserByNumber(String.valueOf(usernumber));
                    // 设置放入时间
                    userByNumber.setInstant(Instant.now());
                    // 将登录用户存储到池中保存
                    AuthenticationTokenPool.addUserToken(usertoken,userByNumber);
                    // 将key与token设置到session中
                    request.getSession().setAttribute("userKey", userkey);
                    request.getSession().setAttribute("userToken", usertoken);
                    request.getSession().setMaxInactiveInterval(3 * 60 * 60);
                    try {
                        response.sendRedirect("http://localhost:11111");
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                }else{
                    JSONObject captcha = PublicConfig.Captcha(request);
                    String picPath = (String) captcha.get("picPath");
                    String captchaid = (String) captcha.get("captchaid");
                    mv.addObject("picPath", picPath);
                    mv.addObject("captchaid", captchaid);
                }
            }else{
                // 如果验证失败
                JSONObject captcha = PublicConfig.Captcha(request);
                String picPath = (String) captcha.get("picPath");
                String captchaid = (String) captcha.get("captchaid");
                mv.addObject("picPath", picPath);
                mv.addObject("captchaid", captchaid);
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
        return mv;
    }
 }
--- a/src/main/java/com/dreamchaser/depository_manage/controller/UserController.java
+++ b/src/main/java/com/dreamchaser/depository_manage/controller/UserController.java
@ -72,6 +72,9 @@ public class UserController {
            String userToken = (String) data.get("token");
            UserByPort userinfo = JSONObject.toJavaObject((JSONObject) data.get("usercont"), UserByPort.class);
            // 设置放入时间
            userinfo.setInstant(Instant.now());
            // 将登录用户存储到池中保存
            AuthenticationTokenPool.addUserToken(userToken, userinfo);
@ -88,8 +91,7 @@ public class UserController {
                // 将openid写回
                PublicConfig.editUserWechatOpenid(param, userkey, userToken);
            }
-            // 设置放入时间
+
            userinfo.setInstant(Instant.now());
            return new RestResponse(data);
        } else {
            return CrudUtil.NOT_EXIST_USER_OR_ERROR_PWD_RESPONSE;
--- a/src/main/java/com/dreamchaser/depository_manage/utils/HttpUtils.java
+++ b/src/main/java/com/dreamchaser/depository_manage/utils/HttpUtils.java
@ -127,13 +127,9 @@ public class HttpUtils {
                // 获取返回流
                result = getResult(urlConnection.getInputStream());
            }
        } catch (MalformedURLException e) {
            // url格式错误
            e.printStackTrace();
        } catch (IOException e) {
            // url格式错误
            e.printStackTrace();
        } finally {
            // 关闭相应的流
        }
        return result;
    }