package com.uas.sso.controller; import com.alibaba.fastjson.JSON; import com.uas.sso.core.Status; import com.uas.sso.entity.*; import com.uas.sso.service.UserService; import com.uas.sso.support.SystemSession; import org.springframework.util.Assert; import org.springframework.util.CollectionUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.ui.ModelMap; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.*; import org.springframework.web.servlet.ModelAndView; import java.util.HashMap; import java.util.List; import java.util.Map; /** * @author wangmh * @create 2018-01-11 17:11 * @desc 修改用户信息(需要登录) **/ @RestController @RequestMapping("/update/user") public class UpdateUserController extends BaseController { @Autowired private UserService userService; /** * 校验信息token有效期 */ private static final int EXPIRES = 7 * 24 * 60 * 60; /** * 获取可以校验方式 * * @return */ @RequestMapping(value = "/checkType", method = RequestMethod.GET) public ModelMap getCheckType() { // 获取用户信息 UserAccount userAccount = SystemSession.getUserAccount(); User user = userService.findOne(userAccount.getUserUU()); // 设置返回数据 ModelMap data = new ModelMap(); data.put("mobile", Status.AUTHENTICATED.getCode() == user.getMobileValidCode() ? user.getMobile() : null); data.put("email", Status.AUTHENTICATED.getCode() == user.getEmailValidCode() ? user.getEmail() : null); data.put("questions", !CollectionUtils.isEmpty(user.getQuestions()) ? user.getQuestions() : null); request.getSession().setAttribute("user", user); return success(data); } /** * 获取校验手机号验证码 * * @author wangmh * @date 2018/1/11 20:16 * @param mobile 手机号 * @return */ @RequestMapping(value = "/check/mobile", method = RequestMethod.GET) public ModelMap checkByMobile(String mobile) { // 获取验证码 String token = getMobileToken(mobile); // 设置返回数据 ModelMap data = new ModelMap(); data.put("token", token); data.put("code", request.getSession().getAttribute("code")); request.getSession().setAttribute("token", token); return success(data); } /** * 校验手机号 * * @author wangmh * @date 2018/1/11 20:17 * @param mobile 手机号 * @param code 验证码 * @param token 验证码token * @return */ @RequestMapping(value = "/check/mobile", method = RequestMethod.POST) public ModelMap checkByMobile(String mobile, String code, @RequestParam String token) { // 校验空参数 if (StringUtils.isEmpty(mobile)) { return error("手机号不能为空"); } if (StringUtils.isEmpty(code)) { return error("验证码不能为空"); } // 校验token Token existToken = tokenService.findOne(token); if (existToken == null) { return error("请重新获取验证码"); } // 校验验证码 checkMobileCode(token, mobile, code); tokenService.delete(token); // 设置返回数据 User user = userService.findByMobile(mobile); existToken = new Token(user.getUserUU(), EXPIRES); tokenService.save(existToken); return success(existToken.getId()); } /** * 通过邮箱校验,发送邮箱确认 * * @return */ @RequestMapping(value = "/check/email", method = RequestMethod.GET) public ModelMap checkByEmail(String operate, @RequestParam String email, String url) { // 校验空参数 if (StringUtils.isEmpty(email)) { return error("邮箱不能为空"); } // 根据邮箱找到用户 UserAccount userAccount = SystemSession.getUserAccount(); User user = userService.findOne(userAccount.getUserUU()); // 设置发送邮件信息 Token token = new Token(user.getUserUU(), EXPIRES); tokenService.save(token); ModelMap data = new ModelMap(); data.put("vipName", user.getVipName()); // TODO 邮件认证地址 switch (operate) { case "mobile": data.put("type", "验证手机"); data.put("url", url + (url.contains("?") ? "&" : "?") + "token=" + token.getId()); break; case "email": data.put("type", "验证邮箱"); data.put("url", url + (url.contains("?") ? "&" : "?") + "step=2&token=" + token.getId()); break; case "question": data.put("type", "设置密保"); data.put("url", getFrontUrl() + "/encrypted-setting/EncryptedSettingSecondStep?token=" + token.getId()); break; default: return error("参数错误"); } // 发送邮件 if (!StringUtils.isEmpty(email)) { Setting mailTplId = settingService.findOne("templateForSendMailWhenResetPassword"); if (!StringUtils.isEmpty(mailTplId)) { mailService.send(mailTplId.getValue(), email, data); } } return success(); } /** * 修改用户信息,获取密保 * * @author wangmh * @date 2018/1/15 16:19 * @return */ @RequestMapping(value = "/check/question", method = RequestMethod.GET) public ModelMap checkByQuestion() { UserAccount userAccount = SystemSession.getUserAccount(); // 查询密保 User user = userService.findOne(userAccount.getUserUU()); List questions = user.getQuestions(); // 将问题返回用户,答案放入session ModelMap data = new ModelMap(); data.put("questions", questions); return success(data); } /** * 修改用户信息,认证密保 * @param answers 密保答案 * @return */ @RequestMapping(value = "/check/question", method = RequestMethod.POST) public ModelMap checkByQuestion(String answers) { List answersArray = JSON.parseArray(answers, Map.class); // 校验密保答案 User user = (User) request.getSession().getAttribute("user"); List questions = user.getQuestions(); Map userAnswer = new HashMap<>(questions.size()); for (UserQuestion question : questions) { userAnswer.put(question.getSort(), question.getAnswer()); } for (Map answer : answersArray) { if (!answer.get("answer").equals(userAnswer.get(answer.get("sort")))){ return error("答案错误"); } } // 返回token Token expireToken = new Token(user.getUserUU(), EXPIRES); tokenService.save(expireToken); ModelMap data = new ModelMap(); data.put("token", expireToken.getId()); return success(data); } /** * 设置手机号校验获取验证码 * * @param mobile 获取验证码手机号 * @param token 第一步传递的tokenId * @return */ @RequestMapping(value = "/setMobile", method = RequestMethod.GET) public ModelMap updateMobile(String mobile, @RequestParam String token) { // 校验token Token existToken = tokenService.findOne(token); if (existToken == null || existToken.isExpired()) { return error("为防止恶意修改,请从第一步开始校验"); } // 拿出userUU,并删除token if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) { return error("请求错误"); } Long userUU = (Long) existToken.getBind(); User user = userService.findOne(userUU); // 获取验证码 token = getMobileToken(mobile); request.getSession().setAttribute("user", user); ModelMap data = new ModelMap("token", token); data.put("code", request.getSession().getAttribute("code")); return success(data); } /** * 设置手机号 * * @author wangmh * @date 2018/1/11 21:15 * @param mobile 手机号 * @param code 验证码 * @param token 验证码tokenId * @return */ @RequestMapping(value = "/setMobile", method = RequestMethod.POST) public ModelMap updateMobile(String mobile, String code, @RequestParam String token) { // 校验空参数 Assert.hasText(mobile, "手机号不能为空"); Assert.hasText(code, "验证码不能为空"); // 从session中获取用户信息 User user = (User) request.getSession().getAttribute("user"); if (user == null) { return error("验证信息过期,请从第一步进行校验"); } // 校验手机号是否被使用 if (!mobile.equals(user.getMobile()) && userService.mobileHasRegistered(mobile)){ return error("手机号已注册"); } // 校验token Token existToken = tokenService.findOne(token); if (existToken == null) { return error("请重新获取验证码"); } // 校验验证码 checkMobileCode(token, mobile, code); // 修改手机号 userService.updateMobile(user.getUserUU(), mobile); tokenService.delete(token); return success(); } /** * 修改邮箱,获取校验邮箱验证码 * * @author wangmh * @date 2018/1/11 20:16 * @param email 邮箱 * @return */ @RequestMapping(value = "/setEmail", method = RequestMethod.GET) public ModelMap updateEmail(String email, @RequestParam String token, String url) { // 校验token Token existToken = tokenService.findOne(token); if (existToken == null || existToken.isExpired()) { return error("为防止恶意修改,请从第一步开始校验"); } // 校验空参数 if (StringUtils.isEmpty(email)) { return error("邮箱不能为空"); } // 拿出userUU,并删除token if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) { return error("请求错误"); } Long userUU = (Long) existToken.getBind(); User user = userService.findOne(userUU); tokenService.delete(token); // 设置发送邮件信息 Map tokenMap = new HashMap<>(2); tokenMap.put("userUU", userUU); tokenMap.put("newEmail", email); Token returnToken = new Token(tokenMap, EXPIRES); tokenService.save(returnToken); ModelMap data = new ModelMap(); data.put("vipName", user.getVipName()); // TODO 邮件认证地址 data.put("type", "验证邮箱"); if (url.contains("?")) { url = getFrontUrl() + "/update/user/email" + url.substring(url.indexOf("?"), url.length()); } else { url = getFrontUrl() + "/update/user/email"; } data.put("url", url + (url.contains("?") ? "&" : "?") + "step=2&token=" + returnToken.getId()); // 发送邮件 if (!StringUtils.isEmpty(email)) { Setting mailTplId = settingService.findOne("templateForSendMailWhenResetPassword"); if (!StringUtils.isEmpty(mailTplId)) { mailService.send(mailTplId.getValue(), email, data); } } return success(); } /** * 设置邮箱 * * @author wangmh * @date 2018/1/11 21:15 * @param token 验证tokenId * @return */ @RequestMapping(value = "/email", method = RequestMethod.GET) public ModelAndView updateEmail(@RequestParam String token, String returnURL) { // 校验token Token existToken = tokenService.findOne(token); if (existToken == null || existToken.isExpired()) { // token过期,跳转到失败页面 return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/validFail" + (returnURL == null ? "" :"&returnURL=" + returnURL)); } // 拿出userUU,并删除token if (existToken.getBind() == null || !(existToken.getBind() instanceof Map)) { // token错误,跳转到失败页面 return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/validFail?step=2&token=" + token + (returnURL == null ? "" :"&returnURL=" + returnURL)); } Map data = (Map) existToken.getBind(); Long userUU = (Long) data.get("userUU"); String newEmail = (String) data.get("newEmail"); userService.updateEmail(userUU, newEmail); // 删除token // tokenService.delete(token); return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/emailValidation?step=3&token=" + token + (returnURL == null ? "" :"&returnURL=" + returnURL)); } @RequestMapping(value = "/setQuestion", method = RequestMethod.POST) public ModelMap updateQuestion(@RequestParam String token, @RequestParam String userQuestions) { List questions = JSON.parseArray(userQuestions, UserQuestion.class); // 校验token if (StringUtils.isEmpty(token)) { return error("为防止恶意修改,请从第一步开始校验"); } Token existToken = tokenService.findOne(token); if (existToken == null) { return error("验证超时,请重新验证"); } tokenService.delete(token); // 拿出userUU,并删除token if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) { // token错误,跳转到失败页面 return error("请求错误"); } Long userUU = (Long) existToken.getBind(); // 校验空参数 if (CollectionUtils.isEmpty(questions)) { return error("密保不能为空"); } // 设置密保 userService.setQuestion(userUU, questions); return success(); } /** * 校验验证码(只用于简单的校验,token不删除) * @param type 校验接收验证码类型(mobile or email) * @param token 验证码token * @param code 验证码 * @param mobile 接收验证码手机号 * @param email 接收验证码邮箱 * @return */ @RequestMapping(value = "/checkCode/{type}", method = RequestMethod.POST) public ModelMap checkCode(@PathVariable String type, @RequestParam String token, String code, String mobile, String email) { // 校验验证码 switch (type) { case "mobile": if (StringUtils.isEmpty(mobile)) { return error("手机号不能为空"); } checkMobileCode(token, mobile, code); break; case "email": if (StringUtils.isEmpty(email)) { return error("邮箱不能为空"); } checkEmailCode(token, email, code); break; default: return error("参数错误"); } return success(); } /** * 设置手机号是校验手机号是否被注册 * @param mobile 手机号 * @return */ @RequestMapping(value = "/mobile/hasRegister", method = RequestMethod.GET) public ModelMap checkMobile(String mobile) { UserAccount loginUser = SystemSession.getUserAccount(); if (loginUser == null) { return error("未登录"); } if (mobile.equals(loginUser.getMobile())) { return success(new ModelMap("hasRegister", false)); } User user = userService.findByMobile(mobile); if (user != null) { return success(new ModelMap("hasRegister", true)); } return success(new ModelMap("hasRegister", false)); } /** * 设置邮箱时校验邮箱是否被注册 * @param email 手机号 * @return */ @RequestMapping(value = "/email/hasRegister", method = RequestMethod.GET) public ModelMap checkEmail(String email) { UserAccount loginUser = SystemSession.getUserAccount(); if (loginUser == null) { return error("未登录"); } if (email.equals(loginUser.getEmail())) { return success(new ModelMap("hasRegister", false)); } List users = userService.findByEmail(email); if (!CollectionUtils.isEmpty(users)) { return success(new ModelMap("hasRegister", true)); } return success(new ModelMap("hasRegister", false)); } }