sso-parent/sso-server/src/main/java/com/uas/sso/controller/PersonalRegisterController.java

package com.uas.sso.controller;

import com.alibaba.fastjson.JSON;
import com.uas.sso.SSOHelper;
import com.uas.sso.SSOToken;
import com.uas.sso.entity.register.SmsPersonalRegister;
import com.uas.sso.core.Step;
import com.uas.sso.core.Type;
import com.uas.sso.core.PasswordStrength;
import com.uas.sso.entity.App;
import com.uas.sso.entity.Token;
import com.uas.sso.entity.User;
import com.uas.sso.entity.UserAccount;
import com.uas.sso.foreign.entity.ForeignInfo;
import com.uas.sso.logging.LoggerManager;
import com.uas.sso.logging.RegisterBufferedLogger;
import com.uas.sso.service.AppService;
import com.uas.sso.service.PersonalAccountService;
import com.uas.sso.service.UserService;
import com.uas.sso.util.CaptchaUtil;
import com.uas.sso.util.IpUtils;
import com.uas.sso.util.MessageUtils;
import com.uas.sso.util.PasswordLevelUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.List;
import java.util.Optional;
import java.util.Random;

/**
 * 个人注册controller
 *
 * @author uas
 * @date 2018/1/2
 */
@RestController
@RequestMapping("/sso/personal/register")
public class PersonalRegisterController extends BaseController {

    @Autowired
    private UserService userService;

    @Autowired
    private PersonalAccountService personalAccountService;

    @Autowired
    private AppService appService;

    private RegisterBufferedLogger registerLogger = LoggerManager.getLogger(RegisterBufferedLogger.class);

    private final static Logger LOGGER = LoggerFactory.getLogger(PersonalRegisterController.class);

    /**
     * 验证码存session的可以
     */
    private static final String RESET_CAPTCHA = "resetCaptcha";

    /**
     * 注册个人信息
     *
     * @param user  用户信息（需要会员名，手机号，手机号所属区域，密码）
     * @param appId 注册应用标志
     * @param code  验证码
     * @param token 验证码tokenId
     * @return 成功：success()，失败：error("错误码", "错误信息")
     */
    @RequestMapping(method = RequestMethod.POST)
    @ResponseBody
    public ModelMap register(User user, String appId, String code, String token, String baseUrl, String t, String returnUrl) throws UnsupportedEncodingException {
        // 获取参数
        String vipName = user.getVipName();
        String mobile = user.getMobile();
        String mobileArea = user.getMobileArea();
        String password = user.getPassword();

        // 参数空校验
        if (StringUtils.isEmpty(vipName)) {
            return error("会员名不能为空");
        }
        if (StringUtils.isEmpty(password)) {
            return error("密码不能为空");
        }
        if (StringUtils.isEmpty(mobile)) {
            return error("手机号不能为空");
        }

        // 校验手机号
        checkMobile(mobile, mobileArea);

        // 校验验证码
        checkMobileCode(token, mobile, code);

        // 校验密码
        if (PasswordStrength.WEAK.equals(PasswordLevelUtils.checkPasswordLevel(password))) {
            return error("密码须为8-20字符的英文、数字混合");
        }

        // 设置第三方id
        if (!StringUtils.isEmpty(t)) {
            Token unionidToken = tokenService.findOne(t);
            Optional<ForeignInfo> foreignInfo = Optional.ofNullable(unionidToken).map(value -> (ModelMap) unionidToken.getBind()).map(value -> (ForeignInfo) value.get("data"));
            if (!foreignInfo.isPresent()) {
                return error("参数错误，绑定失败");
            }
            userService.setForeignOpenId(user, foreignInfo.get());
        }

        // 注册并添加注册日志
        appId = StringUtils.isEmpty(appId) ? "sso" : appId;
        user.setFromIp(IpUtils.getIp(request));
        user.setFromUrl(URLDecoder.decode(returnUrl, "utf-8"));
        user = userService.register(user, appId);
        registerLogger.info(Type.REGISTER_PERSONAL.getValue(), Step.FIRST.getValue(), "个人注册成功", user, user.getFromApp());

        // 注册成功后删除验证码token
        if (!StringUtils.isEmpty(t)) {
            tokenService.delete(t);
        }
        tokenService.delete(token);

        App app = appService.findOne(appId);
        if ("mall".equals(appId)) {
            UserAccount userAccount = personalAccountService.findOneByUserUU(appId, user.getUserUU());
            userAccount.setLastLoginTime(System.currentTimeMillis());
            List<String> loginUrls = appService.findAllLoginUrl();
            ModelMap data = new ModelMap();
            data.addAttribute("data", userAccount)
                    .addAttribute("loginUrls", loginUrls)
                    .addAttribute("currentUrl", baseUrl)
                    .addAttribute("type", "mall");
            SSOToken st = new SSOToken(request, userAccount.getMobile());
            st.setData(JSON.toJSONString(userAccount));
            SSOHelper.setSSOCookie(request, response, st, true);
            LOGGER.info("用户（{}）注册并登录成功，时间：{}", user.getUserUU(), System.currentTimeMillis());
            return success(data);
        } else if ("city".equals(appId) || "city".equals(app == null ? "" : app.getUserControl())) {
            UserAccount userAccount = personalAccountService.findOneByUserUU(appId, user.getUserUU());
            userAccount.setLastLoginTime(System.currentTimeMillis());
            List<String> loginUrls = appService.findAllLoginUrl();
            ModelMap data = new ModelMap();
            data.addAttribute("data", userAccount)
                    .addAttribute("loginUrls", loginUrls)
                    .addAttribute("currentUrl", baseUrl)
                    .addAttribute("type", "city");
            data.addAttribute("bgImage", "https://dfs.ubtob.com/group1/M00/88/AE/CgpkyFsPxC-ADHD8ACBM14PiAS8632.png")
                    .addAttribute("type", "city");
            SSOToken st = new SSOToken(request, userAccount.getMobile());
            st.setData(JSON.toJSONString(userAccount));
            SSOHelper.setSSOCookie(request, response, st, true);
            LOGGER.info("用户（{}）注册并登录成功，时间：{}", user.getUserUU(), System.currentTimeMillis());
            return success(data);
        }

        // 设置返回数据
        LOGGER.info("用户（{}）注册成功，时间：{}", user.getUserUU(), System.currentTimeMillis());
        return success(new ModelMap("userUU", user.getUserUU()));
    }

    @PostMapping("/sms")
    public ModelMap register(SmsPersonalRegister personalRegister) throws UnsupportedEncodingException {
        User user = new User();
        String mobile = personalRegister.getMobile();
        String password = getPassword(mobile.substring(mobile.length() - 3, mobile.length()));
        user.setVipName(mobile);
        user.setMobile(mobile);
        user.setPassword(password);
        ModelMap response = register(user, personalRegister.getAppId(), personalRegister.getCode(), personalRegister.getToken(),
                personalRegister.getBaseUrl(), personalRegister.getT(), personalRegister.getReturnUrl());
        MessageUtils.sendSms("templateForSendSmsAfterRegisterSuccess", mobile, mobile, password);
        return response;
    }

    /**
     * 获取密码
     * @param suffix 密码后缀
     * @return
     */
    private String getPassword(String suffix) {
        Random random = new Random();
        String val = "";
        // 生成4个字母
        for (int i=0; i<3; i++) {
            int choice = random.nextInt(2) % 2 == 0 ? 65 : 97;
            val = val + (char)(choice + random.nextInt(26));
        }

        // 3个数字
        String number = random.nextInt(999) + 1000 + "";
        number = number.substring(number.length() - 3, number.length());
        val = val + number;

        // 后缀
        val = val + suffix;
        return val;
    }

    /**
     * 获取验证码
     *
     * @param mobile 手机号
     * @return success(tokenId)
     */
    @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
    @ResponseBody
    public ModelMap getCode(String mobile, String code) {
        // 参数校验
        if (StringUtils.isEmpty(mobile)) {
            return error("请输入手机号");
        }

        // 校验图片验证码
        Token captchaToken = tokenService.findOne(request.getSession().getId());
        if (captchaToken == null) {
            return error("图片验证码过期");
        }
        if (code != null && !code.equalsIgnoreCase((String) captchaToken.getBind())) {
            return error("请输入正确的验证码");
        }
        tokenService.delete(request.getSession().getId());

        // 校验发送短信频率，60秒一次，key为#{sessionId}_#{类名}
        String key = request.getSession().getId() + "_" + this.getClass().getSimpleName();
        Token rateToken = tokenService.findOne(key);
        if (rateToken != null) {
            return error("验证码发送间隔过快");
        }

        // 获取验证码
        String token = getMobileToken(mobile);

        // 设置发送短信频率
        rateToken = new Token(key, "", 60);
        tokenService.save(rateToken);

        // 设置返回数据
        ModelMap data = new ModelMap();
        data.put("token", token);
        data.put("code", request.getSession().getAttribute("code"));
        request.getSession().setAttribute("token", token);
        return data;
    }

    /**
     * 校验验证码
     *
     * @param code  验证码
     * @param token 验证码tokenId
     * @return 验证成功：success()，验证失败：error("错误信息")
     */
    @RequestMapping(value = "/checkCode", method = RequestMethod.POST)
    @ResponseBody
    public ModelMap checkCode(String token, String mobile, String code) {
        // 校验token是否正确
        String sessionToken = (String) request.getSession().getAttribute("token");
        if (StringUtils.isEmpty(sessionToken) || !sessionToken.equals(token)) {
            return error("请重新获取验证码");
        }

        // 校验验证码
        checkMobileCode(token, mobile, code);

        // 设置返回值
        return success();
    }
}