个人注册和企业注册获取手机验证码添加签名

sso-server/src/main/java/com/uas/sso/controller/PersonalRegisterController.java

@@ -21,6 +21,8 @@ import com.uas.sso.util.CaptchaUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.MessageUtils;
 import com.uas.sso.util.PasswordLevelUtils;
+import com.uas.sso.util.StringUtil;
+import com.uas.sso.util.encry.Md5Utils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -210,11 +212,13 @@ public class PersonalRegisterController extends BaseController {
      * 获取验证码
      *
      * @param mobile 手机号
+     * @param code 图片验证码
+     * @param sign 签名，签名不对不发送验证码
      * @return success(tokenId)
      */
     @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
     @ResponseBody
-    public ModelMap getCode(String mobile, String code) {
+    public ModelMap getCode(String mobile, String code, String sign) {
         // 参数校验
         if (StringUtils.isEmpty(mobile)) {
             return error("请输入手机号");
@@ -237,8 +241,16 @@ public class PersonalRegisterController extends BaseController {
             return error("验证码发送间隔过快");
         }
 
-        // 获取验证码
-        String token = getMobileToken(mobile);
+        // 获取验证码，根据签名判断是否需要获取验证码
+        String str = "{mobile=" + mobile + ",code=" + code + ",salt=sso}";
+        String existSign = Md5Utils.encode(str, null);
+        String token;
+        if (existSign.equals(sign)) {
+            token = getMobileToken(mobile);
+        } else {
+            token = StringUtil.uuid();
+            LOGGER.warn("签名不通过！加密参数：{}，sign：{}", str, sign);
+        }
 
         // 设置发送短信频率
         rateToken = new Token(key, "", 60);

sso-server/src/main/java/com/uas/sso/controller/UserspaceRegisterController.java

@@ -20,6 +20,8 @@ import com.uas.sso.service.UserspaceService;
 import com.uas.sso.util.CaptchaUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.PasswordLevelUtils;
+import com.uas.sso.util.StringUtil;
+import com.uas.sso.util.encry.Md5Utils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -233,11 +235,14 @@ public class UserspaceRegisterController extends BaseController {
      *
      * @param mobile     手机号
      * @param mobileArea
+     * @param timestamp 时间戳
+     * @param code 图片验证码
+     * @param sign 签名，签名不通过也返回正确
      * @return success(tokenId)
      */
     @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
     @ResponseBody
-    public ModelMap getCode(String mobile, String mobileArea, String timestamp, String code) {
+    public ModelMap getCode(String mobile, String mobileArea, String timestamp, String code, String sign) {
         if (StringUtils.isEmpty(timestamp)){
             return error("恶意访问");
         }
@@ -262,8 +267,16 @@ public class UserspaceRegisterController extends BaseController {
         // 校验手机号
         checkMobile(mobile, mobileArea);
 
-        // 获取验证码
-        String token = getMobileToken(mobile);
+        // 获取验证码，根据签名判断是否需要获取验证码
+        String str = "{mobile=" + mobile + ",code=" + code + ",salt=sso}";
+        String existSign = Md5Utils.encode(str, null);
+        String token;
+        if (existSign.equals(sign)) {
+            token = getMobileToken(mobile);
+        } else {
+            token = StringUtil.uuid();
+            LOGGER.warn("签名不通过！加密参数：{}，sign：{}", str, sign);
+        }
 
         // 设置发送短信频率
         rateToken = new Token(key, "", 60);