| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486 |
- package com.uas.sso.controller;
- import com.alibaba.fastjson.JSON;
- import com.uas.sso.core.Status;
- import com.uas.sso.entity.*;
- import com.uas.sso.service.UserService;
- import com.uas.sso.support.SystemSession;
- import org.springframework.util.Assert;
- import org.springframework.util.CollectionUtils;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.ui.ModelMap;
- import org.springframework.util.StringUtils;
- import org.springframework.web.bind.annotation.*;
- import org.springframework.web.servlet.ModelAndView;
- import java.util.HashMap;
- import java.util.List;
- import java.util.Map;
- /**
- * @author wangmh
- * @create 2018-01-11 17:11
- * @desc 修改用户信息(需要登录)
- **/
- @RestController
- @RequestMapping("/update/user")
- public class UpdateUserController extends BaseController {
- @Autowired
- private UserService userService;
- /**
- * 校验信息token有效期
- */
- private static final int EXPIRES = 7 * 24 * 60 * 60;
- /**
- * 获取可以校验方式
- *
- * @return
- */
- @RequestMapping(value = "/checkType", method = RequestMethod.GET)
- public ModelMap getCheckType() {
- // 获取用户信息
- UserAccount userAccount = SystemSession.getUserAccount();
- User user = userService.findOne(userAccount.getUserUU());
- // 设置返回数据
- ModelMap data = new ModelMap();
- data.put("mobile", Status.AUTHENTICATED.getCode() == user.getMobileValidCode() ? user.getMobile() : null);
- data.put("email", Status.AUTHENTICATED.getCode() == user.getEmailValidCode() ? user.getEmail() : null);
- data.put("questions", !CollectionUtils.isEmpty(user.getQuestions()) ? user.getQuestions() : null);
- request.getSession().setAttribute("user", user);
- return success(data);
- }
- /**
- * 获取校验手机号验证码
- *
- * @author wangmh
- * @date 2018/1/11 20:16
- * @param mobile 手机号
- * @return
- */
- @RequestMapping(value = "/check/mobile", method = RequestMethod.GET)
- public ModelMap checkByMobile(String mobile) {
- // 获取验证码
- String token = getMobileToken(mobile);
- // 设置返回数据
- ModelMap data = new ModelMap();
- data.put("token", token);
- data.put("code", request.getSession().getAttribute("code"));
- request.getSession().setAttribute("token", token);
- return success(data);
- }
- /**
- * 校验手机号
- *
- * @author wangmh
- * @date 2018/1/11 20:17
- * @param mobile 手机号
- * @param code 验证码
- * @param token 验证码token
- * @return
- */
- @RequestMapping(value = "/check/mobile", method = RequestMethod.POST)
- public ModelMap checkByMobile(String mobile, String code, @RequestParam String token) {
- // 校验空参数
- if (StringUtils.isEmpty(mobile)) {
- return error("手机号不能为空");
- }
- if (StringUtils.isEmpty(code)) {
- return error("验证码不能为空");
- }
- // 校验token
- Token existToken = tokenService.findOne(token);
- if (existToken == null) {
- return error("请重新获取验证码");
- }
- // 校验验证码
- checkMobileCode(token, mobile, code);
- tokenService.delete(token);
- // 设置返回数据
- User user = userService.findByMobile(mobile);
- existToken = new Token(user.getUserUU(), EXPIRES);
- tokenService.save(existToken);
- return success(existToken.getId());
- }
- /**
- * 通过邮箱校验,发送邮箱确认
- *
- * @return
- */
- @RequestMapping(value = "/check/email", method = RequestMethod.GET)
- public ModelMap checkByEmail(String operate, @RequestParam String email, String url) {
- // 校验空参数
- if (StringUtils.isEmpty(email)) {
- return error("邮箱不能为空");
- }
- // 根据邮箱找到用户
- UserAccount userAccount = SystemSession.getUserAccount();
- User user = userService.findOne(userAccount.getUserUU());
- // 设置发送邮件信息
- Token token = new Token(user.getUserUU(), EXPIRES);
- tokenService.save(token);
- ModelMap data = new ModelMap();
- data.put("vipName", user.getVipName());
- // TODO 邮件认证地址
- switch (operate) {
- case "mobile":
- data.put("type", "验证手机");
- data.put("url", url + (url.contains("?") ? "&" : "?") + "token=" + token.getId());
- break;
- case "email":
- data.put("type", "验证邮箱");
- data.put("url", url + (url.contains("?") ? "&" : "?") + "step=2&token=" + token.getId());
- break;
- case "question":
- data.put("type", "设置密保");
- data.put("url", getFrontUrl() + "/encrypted-setting/EncryptedSettingSecondStep?token=" + token.getId());
- break;
- default:
- return error("参数错误");
- }
- // 发送邮件
- if (!StringUtils.isEmpty(email)) {
- Setting mailTplId = settingService.findOne("templateForSendMailWhenResetPassword");
- if (!StringUtils.isEmpty(mailTplId)) {
- mailService.send(mailTplId.getValue(), email, data);
- }
- }
- return success();
- }
- /**
- * 修改用户信息,获取密保
- *
- * @author wangmh
- * @date 2018/1/15 16:19
- * @return
- */
- @RequestMapping(value = "/check/question", method = RequestMethod.GET)
- public ModelMap checkByQuestion() {
- UserAccount userAccount = SystemSession.getUserAccount();
- // 查询密保
- User user = userService.findOne(userAccount.getUserUU());
- List<UserQuestion> questions = user.getQuestions();
- // 将问题返回用户,答案放入session
- ModelMap data = new ModelMap();
- data.put("questions", questions);
- return success(data);
- }
- /**
- * 修改用户信息,认证密保
- * @param answers 密保答案
- * @return
- */
- @RequestMapping(value = "/check/question", method = RequestMethod.POST)
- public ModelMap checkByQuestion(String answers) {
- List<Map> answersArray = JSON.parseArray(answers, Map.class);
- // 校验密保答案
- User user = (User) request.getSession().getAttribute("user");
- List<UserQuestion> questions = user.getQuestions();
- Map<String, String> userAnswer = new HashMap<>(questions.size());
- for (UserQuestion question : questions) {
- userAnswer.put(question.getSort(), question.getAnswer());
- }
- for (Map<String, Object> answer : answersArray) {
- if (!answer.get("answer").equals(userAnswer.get(answer.get("sort")))){
- return error("答案错误");
- }
- }
- // 返回token
- Token expireToken = new Token(user.getUserUU(), EXPIRES);
- tokenService.save(expireToken);
- ModelMap data = new ModelMap();
- data.put("token", expireToken.getId());
- return success(data);
- }
- /**
- * 设置手机号校验获取验证码
- *
- * @param mobile 获取验证码手机号
- * @param token 第一步传递的tokenId
- * @return
- */
- @RequestMapping(value = "/setMobile", method = RequestMethod.GET)
- public ModelMap updateMobile(String mobile, @RequestParam String token) {
- // 校验token
- Token existToken = tokenService.findOne(token);
- if (existToken == null || existToken.isExpired()) {
- return error("为防止恶意修改,请从第一步开始校验");
- }
- // 拿出userUU,并删除token
- if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) {
- return error("请求错误");
- }
- Long userUU = (Long) existToken.getBind();
- User user = userService.findOne(userUU);
- // 获取验证码
- token = getMobileToken(mobile);
- request.getSession().setAttribute("user", user);
- ModelMap data = new ModelMap("token", token);
- data.put("code", request.getSession().getAttribute("code"));
- return success(data);
- }
- /**
- * 设置手机号
- *
- * @author wangmh
- * @date 2018/1/11 21:15
- * @param mobile 手机号
- * @param code 验证码
- * @param token 验证码tokenId
- * @return
- */
- @RequestMapping(value = "/setMobile", method = RequestMethod.POST)
- public ModelMap updateMobile(String mobile, String code, @RequestParam String token) {
- // 校验空参数
- Assert.hasText(mobile, "手机号不能为空");
- Assert.hasText(code, "验证码不能为空");
- // 从session中获取用户信息
- User user = (User) request.getSession().getAttribute("user");
- if (user == null) {
- return error("验证信息过期,请从第一步进行校验");
- }
- // 校验手机号是否被使用
- if (!mobile.equals(user.getMobile()) && userService.mobileHasRegistered(mobile)){
- return error("手机号已注册");
- }
- // 校验token
- Token existToken = tokenService.findOne(token);
- if (existToken == null) {
- return error("请重新获取验证码");
- }
- // 校验验证码
- checkMobileCode(token, mobile, code);
- // 修改手机号
- userService.updateMobile(user.getUserUU(), mobile);
- tokenService.delete(token);
- return success();
- }
- /**
- * 修改邮箱,获取校验邮箱验证码
- *
- * @author wangmh
- * @date 2018/1/11 20:16
- * @param email 邮箱
- * @return
- */
- @RequestMapping(value = "/setEmail", method = RequestMethod.GET)
- public ModelMap updateEmail(String email, @RequestParam String token, String url) {
- // 校验token
- Token existToken = tokenService.findOne(token);
- if (existToken == null || existToken.isExpired()) {
- return error("为防止恶意修改,请从第一步开始校验");
- }
- // 校验空参数
- if (StringUtils.isEmpty(email)) {
- return error("邮箱不能为空");
- }
- // 拿出userUU,并删除token
- if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) {
- return error("请求错误");
- }
- Long userUU = (Long) existToken.getBind();
- User user = userService.findOne(userUU);
- tokenService.delete(token);
- // 设置发送邮件信息
- Map<String, Object> tokenMap = new HashMap<>(2);
- tokenMap.put("userUU", userUU);
- tokenMap.put("newEmail", email);
- Token returnToken = new Token(tokenMap, EXPIRES);
- tokenService.save(returnToken);
- ModelMap data = new ModelMap();
- data.put("vipName", user.getVipName());
- // TODO 邮件认证地址
- data.put("type", "验证邮箱");
- if (url.contains("?")) {
- url = getFrontUrl() + "/update/user/email" + url.substring(url.indexOf("?"), url.length());
- } else {
- url = getFrontUrl() + "/update/user/email";
- }
- data.put("url", url + (url.contains("?") ? "&" : "?") + "step=2&token=" + returnToken.getId());
- // 发送邮件
- if (!StringUtils.isEmpty(email)) {
- Setting mailTplId = settingService.findOne("templateForSendMailWhenResetPassword");
- if (!StringUtils.isEmpty(mailTplId)) {
- mailService.send(mailTplId.getValue(), email, data);
- }
- }
- return success();
- }
- /**
- * 设置邮箱
- *
- * @author wangmh
- * @date 2018/1/11 21:15
- * @param token 验证tokenId
- * @return
- */
- @RequestMapping(value = "/email", method = RequestMethod.GET)
- public ModelAndView updateEmail(@RequestParam String token, String returnURL) {
- // 校验token
- Token existToken = tokenService.findOne(token);
- if (existToken == null || existToken.isExpired()) {
- // token过期,跳转到失败页面
- return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/validFail" + (returnURL == null ? "" :"&returnURL=" + returnURL));
- }
- // 拿出userUU,并删除token
- if (existToken.getBind() == null || !(existToken.getBind() instanceof Map)) {
- // token错误,跳转到失败页面
- return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/validFail?step=2&token=" + token + (returnURL == null ? "" :"&returnURL=" + returnURL));
- }
- Map<String, Object> data = (Map) existToken.getBind();
- Long userUU = (Long) data.get("userUU");
- String newEmail = (String) data.get("newEmail");
- userService.updateEmail(userUU, newEmail);
- // 删除token
- // tokenService.delete(token);
- return new ModelAndView("redirect:"+ getFrontUrl() + "/validation/emailValidation?step=3&token=" + token + (returnURL == null ? "" :"&returnURL=" + returnURL));
- }
- @RequestMapping(value = "/setQuestion", method = RequestMethod.POST)
- public ModelMap updateQuestion(@RequestParam String token, @RequestParam String userQuestions) {
- List<UserQuestion> questions = JSON.parseArray(userQuestions, UserQuestion.class);
- // 校验token
- if (StringUtils.isEmpty(token)) {
- return error("为防止恶意修改,请从第一步开始校验");
- }
- Token existToken = tokenService.findOne(token);
- if (existToken == null) {
- return error("验证超时,请重新验证");
- }
- tokenService.delete(token);
- // 拿出userUU,并删除token
- if (existToken.getBind() == null || !(existToken.getBind() instanceof Long)) {
- // token错误,跳转到失败页面
- return error("请求错误");
- }
- Long userUU = (Long) existToken.getBind();
- // 校验空参数
- if (CollectionUtils.isEmpty(questions)) {
- return error("密保不能为空");
- }
- // 设置密保
- userService.setQuestion(userUU, questions);
- return success();
- }
- /**
- * 校验验证码(只用于简单的校验,token不删除)
- * @param type 校验接收验证码类型(mobile or email)
- * @param token 验证码token
- * @param code 验证码
- * @param mobile 接收验证码手机号
- * @param email 接收验证码邮箱
- * @return
- */
- @RequestMapping(value = "/checkCode/{type}", method = RequestMethod.POST)
- public ModelMap checkCode(@PathVariable String type, @RequestParam String token, String code, String mobile, String email) {
- // 校验验证码
- switch (type) {
- case "mobile":
- if (StringUtils.isEmpty(mobile)) {
- return error("手机号不能为空");
- }
- checkMobileCode(token, mobile, code);
- break;
- case "email":
- if (StringUtils.isEmpty(email)) {
- return error("邮箱不能为空");
- }
- checkEmailCode(token, email, code);
- break;
- default:
- return error("参数错误");
- }
- return success();
- }
- /**
- * 设置手机号是校验手机号是否被注册
- * @param mobile 手机号
- * @return
- */
- @RequestMapping(value = "/mobile/hasRegister", method = RequestMethod.GET)
- public ModelMap checkMobile(String mobile) {
- UserAccount loginUser = SystemSession.getUserAccount();
- if (loginUser == null) {
- return error("未登录");
- }
- if (mobile.equals(loginUser.getMobile())) {
- return success(new ModelMap("hasRegister", false));
- }
- User user = userService.findByMobile(mobile);
- if (user != null) {
- return success(new ModelMap("hasRegister", true));
- }
- return success(new ModelMap("hasRegister", false));
- }
- /**
- * 设置邮箱时校验邮箱是否被注册
- * @param email 手机号
- * @return
- */
- @RequestMapping(value = "/email/hasRegister", method = RequestMethod.GET)
- public ModelMap checkEmail(String email) {
- UserAccount loginUser = SystemSession.getUserAccount();
- if (loginUser == null) {
- return error("未登录");
- }
- if (email.equals(loginUser.getEmail())) {
- return success(new ModelMap("hasRegister", false));
- }
- List<User> users = userService.findByEmail(email);
- if (!CollectionUtils.isEmpty(users)) {
- return success(new ModelMap("hasRegister", true));
- }
- return success(new ModelMap("hasRegister", false));
- }
- }
|
