优软云同步密码

base-servers/account/account-api/pom.xml

@@ -29,6 +29,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-redis</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.usoftchina.saas</groupId>
+            <artifactId>auth-common</artifactId>
+        </dependency>
     </dependencies>
 
 </project>

base-servers/account/account-api/src/main/java/com/usoftchina/saas/account/api/AccountApi.java

@@ -4,6 +4,7 @@ import com.usoftchina.saas.account.dto.AccountCopyDTO;
 import com.usoftchina.saas.account.dto.AccountDTO;
 import com.usoftchina.saas.account.dto.AccountRegDTO;
 import com.usoftchina.saas.account.dto.AccountUpdateDTO;
+import com.usoftchina.saas.auth.common.cookie.CookieInfo;
 import com.usoftchina.saas.base.Result;
 import com.usoftchina.saas.commons.dto.ShareAddDTO;
 import org.springframework.cloud.openfeign.FeignClient;
@@ -105,4 +106,14 @@ public interface AccountApi {
      */
     @PostMapping("/account/share/join")
     Result shareJoin(@RequestBody ShareAddDTO shareAddDTO);
+
+    /**
+    * @Description 同步优软云密码
+    * @Param: [info]
+    * @return: void
+    * @Author: guq
+    * @Date: 2019/1/4
+    */
+    @PostMapping("/account/updatePassword")
+    Result updatePassword(@RequestBody CookieInfo info);
 }

base-servers/account/account-server/src/main/java/com/usoftchina/saas/account/controller/AccountController.java

@@ -11,6 +11,7 @@ import com.usoftchina.saas.account.service.CompanyService;
 import com.usoftchina.saas.account.service.RoleService;
 import com.usoftchina.saas.account.vo.CompanyBaseVO;
 import com.usoftchina.saas.auth.client.annotation.IgnoreAuth;
+import com.usoftchina.saas.auth.common.cookie.CookieInfo;
 import com.usoftchina.saas.base.Result;
 import com.usoftchina.saas.commons.dto.ListReqDTO;
 import com.usoftchina.saas.commons.dto.ShareAddDTO;
@@ -20,13 +21,12 @@ import com.usoftchina.saas.exception.ExceptionCode;
 import com.usoftchina.saas.page.PageDefault;
 import com.usoftchina.saas.page.PageRequest;
 import com.usoftchina.saas.sms.api.SmsApi;
-import com.usoftchina.saas.utils.BeanMapper;
-import com.usoftchina.saas.utils.CollectionUtils;
-import com.usoftchina.saas.utils.ObjectUtils;
-import com.usoftchina.saas.utils.RegexpUtils;
+import com.usoftchina.saas.utils.*;
 import com.usoftchina.sso.api.SsoUserApi;
 import com.usoftchina.sso.api.SsoUserSpaceApi;
 import com.usoftchina.sso.dto.*;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
@@ -57,7 +57,10 @@ public class AccountController {
     private SmsApi smsApi;
 
     private final String msgTemplateCode = "SMS_152288990";
+    private final static String CHECK_OPERATR = "fuzzyCheck";
 
+
+    private Logger logger = LoggerFactory.getLogger(getClass());
     /**
      * 注册
      *
@@ -196,16 +199,30 @@ public class AccountController {
         if (null == account) {
             return Result.error(ExceptionCode.USER_NOT_EXIST);
         }
-
+        if (StringUtils.isEmpty(account.getUu())) {
+            return Result.error(ExceptionCode.USER_NOT_EXISTUU);
+        }
         if (!account.isEnabled()) {
             return Result.error(ExceptionCode.USER_NOT_ENABLE);
         }
 
         boolean checked = accountService.checkPwd(account, password);
         if (!checked) {
-            return Result.error(ExceptionCode.USER_PWD_ERROR);
+            //去优软云检测密码
+            SsoResult ssoResult = ssoUserApi.fuzzyCheck(CHECK_OPERATR, account.getMobile(), password);
+            if (!ssoResult.isError()) {
+                //同步本地密码
+                CookieInfo info = new CookieInfo();
+                info.setUserUU(account.getUu());
+                info.setSalt(String.valueOf(account.getUu()));
+                String encryptedPassword = accountService.getEncryptedPassword(password, String.valueOf(account.getUu()));
+                info.setPassword(encryptedPassword);
+                accountService.updatePassword(info);
+            } else {
+                logger.error(ssoResult.getErrMsg());
+                return Result.error(ExceptionCode.USER_PWD_ERROR);
+            }
         }
-
         return Result.success(getAccountDTO(account));
     }
 
@@ -494,4 +511,18 @@ public class AccountController {
         ResourceCache.current().clear();
         return Result.success();
     }
+
+
+    /**
+    * @Description  同步优软云代码
+    * @Param: [info]
+    * @return: com.usoftchina.saas.base.Result
+    * @Author: guq
+    * @Date: 2019/1/4
+    */
+    @PostMapping("/account/updatePassword")
+    Result updatePassword(@RequestBody CookieInfo info) {
+        accountService.updatePassword(info);
+        return Result.success();
+    }
 }

base-servers/account/account-server/src/main/java/com/usoftchina/saas/account/mapper/AccountMapper.java

@@ -130,4 +130,8 @@ public interface AccountMapper {
      * @param status
      */
     void updateBindCompanyStatus(@Param("accountId") Long accountId, @Param("companyId") Long companyId, @Param("status") String status);
+
+    Integer checkPassword(@Param("userUU") Long userUU, @Param("salt") String salt, @Param("password") String password);
+
+    void updatePassword(@Param("userUU") Long userUU, @Param("salt") String salt, @Param("password") String password);
 }

base-servers/account/account-server/src/main/java/com/usoftchina/saas/account/service/AccountService.java

@@ -5,6 +5,7 @@ import com.usoftchina.saas.account.dto.AccountAddDTO;
 import com.usoftchina.saas.account.dto.AccountRoleDTO;
 import com.usoftchina.saas.account.po.Account;
 import com.usoftchina.saas.account.po.RoleResource;
+import com.usoftchina.saas.auth.common.cookie.CookieInfo;
 import com.usoftchina.saas.base.Result;
 import com.usoftchina.saas.commons.dto.ListReqDTO;
 import com.usoftchina.saas.commons.dto.ShareAddDTO;
@@ -217,4 +218,6 @@ public interface AccountService {
      * @param shareAddDTO
      */
     void shareJoin(ShareAddDTO shareAddDTO);
+
+    void updatePassword(CookieInfo info);
 }

base-servers/account/account-server/src/main/java/com/usoftchina/saas/account/service/impl/AccountServiceImpl.java

@@ -17,6 +17,7 @@ import com.usoftchina.saas.account.po.RoleResource;
 import com.usoftchina.saas.account.service.AccountService;
 import com.usoftchina.saas.account.service.CompanyService;
 import com.usoftchina.saas.account.service.RoleService;
+import com.usoftchina.saas.auth.common.cookie.CookieInfo;
 import com.usoftchina.saas.base.Result;
 import com.usoftchina.saas.commons.dto.ListReqDTO;
 import com.usoftchina.saas.commons.dto.ShareAddDTO;
@@ -380,6 +381,17 @@ public class AccountServiceImpl implements AccountService {
         clearCache(account.getId());
     }
 
+    @Override
+    public void updatePassword(CookieInfo info) {
+        if (StringUtils.isEmpty(info) || StringUtils.isEmpty(info.getUserUU())) {
+            return;
+        }
+        Integer count = accountMapper.checkPassword(info.getUserUU(), info.getSalt(), info.getPassword());
+        if (count == 0) {
+            accountMapper.updatePassword(info.getUserUU(), info.getSalt(), info.getPassword());
+        }
+    }
+
     /**
      * 校验短信验证码准确性
      * @param mobile

base-servers/account/account-server/src/main/resources/mapper/AccountMapper.xml

@@ -223,4 +223,12 @@
     <update id="updateBindCompanyStatus">
         UPDATE AC_ACCOUNT_COMPANY SET STATUS = #{status} WHERE ACCOUNT_ID = #{accountId} AND COMPANY_ID = #{companyId}
     </update>
+
+    <select id="checkPassword" resultType="integer">
+        select count(1) from ac_account where uu=#{userUU} and password = #{password} and salt = #{salt}
+    </select>
+
+    <update id="updatePassword" >
+        update ac_account set salt=#{salt}, password=#{password} where uu = #{userUU}
+    </update>
 </mapper>

base-servers/auth/auth-server/src/main/java/com/usoftchina/saas/auth/controller/AuthController.java

@@ -254,6 +254,11 @@ public class AuthController {
                         ServletUtils.writeJsonPMessage(response, callback, false);
                         return;
                     }
+                } else {
+                    logger.info("同步密码: uu{} mobile{} salt{} password{}", info.getUserUU(),
+                            info.getMobile(), info.getSalt(), info.getPassword());
+                    //同步优软云密码
+                    accountApi.updatePassword(info);
                 }
             }
             // TODO

base-servers/auth/sso-api/pom.xml

@@ -27,6 +27,12 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-redis</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
 </project>

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/api/SsoUserApi.java

@@ -68,6 +68,17 @@ public interface SsoUserApi {
     @RequestMapping(params = "_operate=bind", method = RequestMethod.POST)
     String bind(@RequestParam("_operate") String _operate, @RequestParam("appId") String appId, @RequestParam("userUU") Long userUU, @RequestParam("spaceUU") Long spaceUU);
 
+
+    /**
+    * @Description
+    * @Param: [_operate, appId, userUU, spaceUU]
+    * @return: java.lang.String
+    * @Author: guq
+    * @Date: 2019/1/4
+    */
+    @RequestMapping(params = "_operate=fuzzyCheck", method = RequestMethod.POST)
+    SsoResult fuzzyCheck(@RequestParam("_operate") String _operate, @RequestParam("mobile") String mobile, @RequestParam("password") String password);
+
     /**
      * 企业添加未注册用户
      * @param _operate  add
@@ -109,6 +120,11 @@ public interface SsoUserApi {
             return null;
         }
 
+        @Override
+        public SsoResult fuzzyCheck(String _operate, String mobile, String password) {
+            return null;
+        }
+
         @Override
         public SsoResult add(String _operate, String appId, String vipName, String mobile, String password, Long spaceUU) {
             return null;

base-servers/auth/sso-api/src/main/java/com/usoftchina/sso/dto/SsoResult.java

@@ -82,4 +82,16 @@ public class SsoResult<T> {
     public void setContent(T content) {
         this.content = content;
     }
+
+    @Override
+    public String toString() {
+        return "SsoResult{" +
+                "success=" + success +
+                ", error=" + error +
+                ", errCode='" + errCode + '\'' +
+                ", errMsg='" + errMsg + '\'' +
+                ", errDetail='" + errDetail + '\'' +
+                ", content=" + content +
+                '}';
+    }
 }

base-servers/auth/sso-api/src/test/java/com/usoftchina/sso/test/SsoUserApiTest.java

@@ -35,13 +35,13 @@ public class SsoUserApiTest {
         }
     }
 
-    @Test
+    /*@Test
     public void testB_getUserSpacesByMobile() {
         SsoUserSpaceList list = ssoUserApi.getUserSpacesByMobile(mobile);
         if (null != list && !CollectionUtils.isEmpty(list.getSpaces())) {
             list.getSpaces().forEach(space -> System.out.println(space.getSpaceName()));
         }
-    }
+    }*/
 
     @Test
     public void testC_checkMobile(){
@@ -71,4 +71,10 @@ public class SsoUserApiTest {
         SsoResult result = ssoUserApi.add("add", "sp","陈炜","18702604854","123456",10050513L);
         System.out.println(result);
     }
+
+    @Test
+    public void testH_fuzzyCheck(){
+        SsoResult result = ssoUserApi.fuzzyCheck("fuzzyCheck", "13267166319","lect123456");
+        System.out.println(result);
+    }
 }

base-servers/auth/sso-api/src/test/resources/application.yml

@@ -1,3 +1,7 @@
 sso:
   base-url: https://test-sso.uuzcc.cn
-#  base-url: https://sso.ubtob.com
+#  base-url: https://sso.ubtob.com
+spring:
+  redis:
+    host: 10.1.81.62
+    port: 6379

framework/core/src/main/java/com/usoftchina/saas/exception/ExceptionCode.java

@@ -42,6 +42,7 @@ public enum ExceptionCode implements BaseExceptionCode {
     USER_PWD_ERROR(53003, "密码错误"),
     USER_PWD_NOT_EQUALS(53004, "密码与确认密码不一致"),
     USER_NOT_EXIST(53005, "用户不存在"),
+    USER_NOT_EXISTUU(53008, "用户uu不存在"),
     USER_NOT_ENABLE(53006, "用户禁止使用"),
     ROLE_NOT_EXIST(53020, "角色不存在"),
     MISSING_PERMISSIONS(53030, "权限缺失"),