| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276 |
- package com.uas.sso.controller;
- import com.alibaba.fastjson.JSON;
- import com.uas.sso.SSOHelper;
- import com.uas.sso.SSOToken;
- import com.uas.sso.entity.register.SmsPersonalRegister;
- import com.uas.sso.core.Step;
- import com.uas.sso.core.Type;
- import com.uas.sso.core.PasswordStrength;
- import com.uas.sso.entity.App;
- import com.uas.sso.entity.Token;
- import com.uas.sso.entity.User;
- import com.uas.sso.entity.UserAccount;
- import com.uas.sso.foreign.entity.ForeignInfo;
- import com.uas.sso.logging.LoggerManager;
- import com.uas.sso.logging.RegisterBufferedLogger;
- import com.uas.sso.service.AppService;
- import com.uas.sso.service.PersonalAccountService;
- import com.uas.sso.service.UserService;
- import com.uas.sso.util.CaptchaUtil;
- import com.uas.sso.util.DomainUtil;
- import com.uas.sso.util.IpUtils;
- import com.uas.sso.util.MessageUtils;
- import com.uas.sso.util.PasswordLevelUtils;
- import com.uas.sso.util.StringUtil;
- import com.uas.sso.util.encry.Md5Utils;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.stereotype.Controller;
- import org.springframework.ui.ModelMap;
- import org.springframework.util.StringUtils;
- import org.springframework.web.bind.annotation.PostMapping;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RequestMethod;
- import org.springframework.web.bind.annotation.ResponseBody;
- import org.springframework.web.bind.annotation.RestController;
- import java.io.UnsupportedEncodingException;
- import java.net.URLDecoder;
- import java.util.List;
- import java.util.Optional;
- import java.util.Random;
- /**
- * 个人注册controller
- *
- * @author uas
- * @date 2018/1/2
- */
- @RestController
- @RequestMapping("/sso/personal/register")
- public class PersonalRegisterController extends BaseController {
- @Autowired
- private UserService userService;
- @Autowired
- private PersonalAccountService personalAccountService;
- @Autowired
- private AppService appService;
- private RegisterBufferedLogger registerLogger = LoggerManager.getLogger(RegisterBufferedLogger.class);
- private final static Logger LOGGER = LoggerFactory.getLogger(PersonalRegisterController.class);
- /**
- * 验证码存session的可以
- */
- private static final String RESET_CAPTCHA = "resetCaptcha";
- /**
- * 注册个人信息
- *
- * @param user 用户信息(需要会员名,手机号,手机号所属区域,密码)
- * @param appId 注册应用标志
- * @param code 验证码
- * @param token 验证码tokenId
- * @return 成功:success(),失败:error("错误码", "错误信息")
- */
- @RequestMapping(method = RequestMethod.POST)
- @ResponseBody
- public ModelMap register(User user, String appId, String code, String token, String baseUrl, String t, String returnUrl) throws UnsupportedEncodingException {
- // 获取参数
- String vipName = user.getVipName();
- String mobile = user.getMobile();
- String mobileArea = user.getMobileArea();
- String password = user.getPassword();
- // 参数空校验
- if (StringUtils.isEmpty(vipName)) {
- return error("会员名不能为空");
- }
- if (StringUtils.isEmpty(password)) {
- return error("密码不能为空");
- }
- if (StringUtils.isEmpty(mobile)) {
- return error("手机号不能为空");
- }
- // 校验手机号
- checkMobile(mobile, mobileArea);
- // 校验验证码
- checkMobileCode(token, mobile, code);
- // 校验密码
- if (PasswordStrength.WEAK.equals(PasswordLevelUtils.checkPasswordLevel(password))) {
- return error("密码须为8-20字符的英文、数字混合");
- }
- // 设置第三方id
- if (!StringUtils.isEmpty(t)) {
- Token unionidToken = tokenService.findOne(t);
- Optional<ForeignInfo> foreignInfo = Optional.ofNullable(unionidToken).map(value -> (ModelMap) unionidToken.getBind()).map(value -> (ForeignInfo) value.get("data"));
- if (!foreignInfo.isPresent()) {
- return error("参数错误,绑定失败");
- }
- userService.setForeignOpenId(user, foreignInfo.get());
- }
- // 注册并添加注册日志
- appId = StringUtils.isEmpty(appId) ? "sso" : appId;
- user.setFromIp(IpUtils.getIp(request));
- user.setFromUrl(URLDecoder.decode(returnUrl, "utf-8"));
- user = userService.register(user, appId);
- registerLogger.info(Type.REGISTER_PERSONAL.getValue(), Step.FIRST.getValue(), "个人注册成功", user, user.getFromApp());
- // 注册成功后删除验证码token
- if (!StringUtils.isEmpty(t)) {
- tokenService.delete(t);
- }
- tokenService.delete(token);
- // 判断应用是否存在
- App app = appService.findOne(appId);
- if (app == null) {
- LOGGER.warn("个人注册,应用{}不存在,注册用户:{}", appId, user.getUserUU());
- return success();
- }
- // 登录并返回数据
- UserAccount userAccount = personalAccountService.findOneByUserUU(appId, user.getUserUU());
- userAccount.setLastLoginTime(System.currentTimeMillis());
- List<String> loginUrls = appService.findAllLoginUrl();
- SSOToken st = new SSOToken(request, userAccount.getMobile());
- st.setData(JSON.toJSONString(userAccount));
- SSOHelper.getSSOService().getConfig().setCookieDomain(DomainUtil.getFirstDomain(request));
- SSOHelper.setSSOCookie(request, response, st, true);
- ModelMap data = new ModelMap();
- data.addAttribute("data", userAccount)
- .addAttribute("loginUrls", loginUrls)
- .addAttribute("currentUrl", baseUrl);
- LOGGER.info("用户({})注册并登录成功,时间:{}", user.getUserUU(), System.currentTimeMillis());
- return success(data);
- }
- @PostMapping("/sms")
- public ModelMap register(SmsPersonalRegister personalRegister) throws UnsupportedEncodingException {
- User user = new User();
- String mobile = personalRegister.getMobile();
- String password = getPassword(mobile.substring(mobile.length() - 3, mobile.length()));
- user.setVipName(mobile);
- user.setMobile(mobile);
- user.setPassword(password);
- ModelMap response = register(user, personalRegister.getAppId(), personalRegister.getCode(), personalRegister.getToken(),
- personalRegister.getBaseUrl(), personalRegister.getT(), personalRegister.getReturnUrl());
- MessageUtils.sendSms("templateForSendSmsAfterRegisterSuccess", mobile, mobile, password);
- return response;
- }
- /**
- * 获取密码
- * @param suffix 密码后缀
- * @return
- */
- private String getPassword(String suffix) {
- Random random = new Random();
- String val = "";
- // 生成4个字母
- for (int i=0; i<3; i++) {
- int choice = random.nextInt(2) % 2 == 0 ? 65 : 97;
- val = val + (char)(choice + random.nextInt(26));
- }
- // 3个数字
- String number = random.nextInt(999) + 1000 + "";
- number = number.substring(number.length() - 3, number.length());
- val = val + number;
- // 后缀
- val = val + suffix;
- return val;
- }
- /**
- * 获取验证码
- *
- * @param mobile 手机号
- * @param code 图片验证码
- * @param sign 签名,签名不对不发送验证码
- * @return success(tokenId)
- */
- @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
- @ResponseBody
- public ModelMap getCode(String mobile, String code, String sign) {
- // 参数校验
- if (StringUtils.isEmpty(mobile)) {
- return error("请输入手机号");
- }
- // 校验图片验证码
- Token captchaToken = tokenService.findOne(request.getSession().getId());
- if (captchaToken == null) {
- return error("图片验证码过期");
- }
- if (code != null && !code.equalsIgnoreCase((String) captchaToken.getBind())) {
- return error("请输入正确的验证码");
- }
- tokenService.delete(request.getSession().getId());
- // 校验发送短信频率,60秒一次,key为#{sessionId}_#{类名}
- String key = request.getSession().getId() + "_" + this.getClass().getSimpleName();
- Token rateToken = tokenService.findOne(key);
- if (rateToken != null) {
- return error("验证码发送间隔过快");
- }
- // 获取验证码,根据签名判断是否需要获取验证码
- String str = "{mobile=" + mobile + ",code=" + code + ",salt=sso}";
- String existSign = Md5Utils.encode(str, null);
- String token;
- if (existSign.equals(sign)) {
- token = getMobileToken(mobile);
- } else {
- token = StringUtil.uuid();
- LOGGER.warn("签名不通过!加密参数:{},sign:{}", str, sign);
- }
- // 设置发送短信频率
- rateToken = new Token(key, "", 60);
- tokenService.save(rateToken);
- // 设置返回数据
- ModelMap data = new ModelMap();
- data.put("token", token);
- data.put("code", request.getSession().getAttribute("code"));
- request.getSession().setAttribute("token", token);
- return data;
- }
- /**
- * 校验验证码
- *
- * @param code 验证码
- * @param token 验证码tokenId
- * @return 验证成功:success(),验证失败:error("错误信息")
- */
- @RequestMapping(value = "/checkCode", method = RequestMethod.POST)
- @ResponseBody
- public ModelMap checkCode(String token, String mobile, String code) {
- // 校验token是否正确
- String sessionToken = (String) request.getSession().getAttribute("token");
- if (StringUtils.isEmpty(sessionToken) || !sessionToken.equals(token)) {
- return error("请重新获取验证码");
- }
- // 校验验证码
- checkMobileCode(token, mobile, code);
- // 设置返回值
- return success();
- }
- }
|
