sso-parent/sso-server/src/main/java/com/uas/sso/controller/UserspaceRegisterController.java

package com.uas.sso.controller;

import com.alibaba.fastjson.JSON;
import com.uas.sso.AccountConfig;
import com.uas.sso.SSOHelper;
import com.uas.sso.SSOToken;
import com.uas.sso.entity.register.AdminUserspaceRegister;
import com.uas.sso.core.PasswordStrength;
import com.uas.sso.core.Status;
import com.uas.sso.core.Step;
import com.uas.sso.core.Type;
import com.uas.sso.entity.*;
import com.uas.sso.foreign.entity.ForeignInfo;
import com.uas.sso.logging.LoggerManager;
import com.uas.sso.logging.RegisterBufferedLogger;
import com.uas.sso.service.AppService;
import com.uas.sso.service.UserAccountService;
import com.uas.sso.service.UserService;
import com.uas.sso.service.UserspaceService;
import com.uas.sso.sync.service.SyncSsoService;
import com.uas.sso.util.CaptchaUtil;
import com.uas.sso.util.IpUtils;
import com.uas.sso.util.PasswordLevelUtils;
import com.uas.sso.util.StringUtil;
import com.uas.sso.util.encry.Md5Utils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.ui.ModelMap;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.List;
import java.util.Optional;

/**
 * 企业注册controller
 *
 * @author wangmh
 * @date 2018/1/4
 */
@RequestMapping("/sso/userspace/register")
@RestController
public class UserspaceRegisterController extends BaseController {

    @Autowired
    private UserService userService;

    @Autowired
    private UserspaceService userspaceService;

    @Autowired
    private UserAccountService userAccountService;

    @Autowired
    private AppService appService;

    @Autowired
    private SyncSsoService syncSsoService;

    private RegisterBufferedLogger registerLogger = LoggerManager.getLogger(RegisterBufferedLogger.class);

    private final static Logger LOGGER = LoggerFactory.getLogger(UserspaceRegisterController.class);

    /**
     * 重置密码验证码存session的key
     */
    private static final String RESET_CAPTCHA = "resetCaptcha";

    /**
     * 企业注册第一步，验证手机号
     *
     * @param mobile 手机号
     * @param code   验证码
     * @param token  验证码tokenId
     * @return
     */
    @RequestMapping(value = "/checkAdminTel", method = RequestMethod.POST)
    @ResponseBody
    public ModelMap checkAdminTel(String mobile, String code, String token, String appId) {
        // 校验验证码
        checkMobileCode(token, mobile, code);

        // 设置返回数据
        ModelMap data = new ModelMap();
        User user = userService.findByMobile(mobile);
        if (user == null) {
            data.put("hasRegister", false);
        } else {
            data.put("hasRegister", true);
            data.put("hasEmail", !StringUtils.isEmpty(user.getEmail()));
        }
        request.getSession().setAttribute("mobile", mobile);

        // 删除token
        tokenService.delete(token);

        // 添加日志
        appId = StringUtils.isEmpty(appId) ? AccountConfig.ACCOUNT_CENTER : appId;
        registerLogger.info(Type.REGISTER_USERSPACE.getValue(), Step.FIRST.getValue(), "企业注册", mobile, appId);

        return success(data);
    }

    /**
     * 企业注册第二步，填写企业信息
     *
     * @param userspace 企业信息
     * @return
     */
    @RequestMapping(method = RequestMethod.POST)
    public ModelMap register(Userspace userspace, User user, String appId, String baseUrl, String t, String returnUrl, @RequestParam(defaultValue = "false") boolean isEncry) throws UnsupportedEncodingException {
        // 获取企业信息
        String spaceName = userspace.getSpaceName();
        String businessCode = userspace.getBusinessCode();
        String adminName = user.getVipName();
        String password = user.getPassword();
        String adminEmail = user.getEmail();

        // 校验参数
        appId = StringUtils.isEmpty(appId) ? AccountConfig.ACCOUNT_CENTER : appId;
        String mobile = (String) request.getSession().getAttribute("mobile");
        if (StringUtils.isEmpty(mobile)) {
            return error("请刷新后重试");
        }
        if (StringUtils.isEmpty(spaceName)) {
            return error("请填写正确的企业名称");
        }
        if (StringUtils.isEmpty(businessCode)) {
            return error("请填写正确的企业营业执照号");
        }
        if (StringUtils.isEmpty(password)) {
            return error("密码不能为空");
        }
        User admin = userService.findByMobile(mobile);
        if (admin == null) {
            // 新用户: 管理员名称，密码不能为空
            if (StringUtils.isEmpty(adminName)) {
                return error("请填写正确的管理员名称");
            }

            // 新用户要校验密码强度
            PasswordStrength strength = PasswordLevelUtils.checkPasswordLevel(password);
            if (PasswordStrength.WEAK.getValue() == strength.getValue()) {
                return error("密码须为8-20字符的英文、数字混合");
            }
        }

        // 设置企业管理员信息
        if (admin == null) {
            // 新用户直接注册
            admin = new User();
            admin.setMobile(mobile);
            admin.setVipName(adminName);
            admin.setPassword(password);
            admin.setEmail(adminEmail);
        } else {
            // 老用户校验密码
            userService.checkPassword(admin.getUserUU(), user.getPassword(), isEncry);

            // 老用户邮箱不为已认证的话设置邮箱
            if (admin.getEmailValidCode() != Status.AUTHENTICATED.getCode()) {
                admin.setEmail(adminEmail);
                admin.setEmailValidCode((short) Status.NOT_APPLYING.getCode());
            }
        }

        // 设置第三方id
        if (!StringUtils.isEmpty(t)) {
            Token unionidToken = tokenService.findOne(t);
            Optional<ForeignInfo> foreignInfo = Optional.ofNullable(unionidToken).map(value -> (ModelMap) unionidToken.getBind()).map(value -> (ForeignInfo) value.get("data"));
            if (!foreignInfo.isPresent()) {
                return error("参数错误，绑定失败");
            }
            userService.setForeignOpenId(user, foreignInfo.get());
        }

        // 企业注册
        userspace.setAdmin(admin);
        admin.setFromIp(IpUtils.getIp(request));
        admin.setFromUrl(URLDecoder.decode(returnUrl, "utf-8"));
        userspace = userspaceService.register(userspace, appId);

        if (!StringUtils.isEmpty(t)) {
            tokenService.delete(t);
        }

        // 发送邮件和短信
        ModelMap info = new ModelMap();
        info.addAttribute("enname", userspace.getSpaceName());
        info.addAttribute("enuu", userspace.getSpaceUU());
        sendEmail("templateForSendMailAfterRegister", admin.getEmail(), info);
        sendSms("templateForSendSmsAfterRegister", admin.getMobile(), userspace.getSpaceName(), userspace.getSpaceUU());

        // 添加日志
        registerLogger.info(Type.REGISTER_USERSPACE.getValue(), Step.SECOND.getValue(), "企业注册", userspace, appId);

        // 判断应用是否存在
        App app = appService.findOne(appId);
        if (app == null) {
            LOGGER.warn("企业注册，应用{}不存在，注册企业：{}", appId, userspace.getSpaceUU());
            return success();
        }

        // 登录并返回数据
        UserAccount userAccount = userAccountService.findOneByUserUU(appId, admin.getUserUU(), userspace.getSpaceUU());
        userAccount.setLastLoginTime(System.currentTimeMillis());
        List<String> loginUrls = appService.findAllLoginUrl();
        ModelMap data = new ModelMap();
        data.addAttribute("data", userAccount)
                .addAttribute("loginUrls", loginUrls)
                .addAttribute("currentUrl", baseUrl);
        SSOToken st = new SSOToken(request, userAccount.getMobile());
        st.setData(JSON.toJSONString(userAccount));
        SSOHelper.setSSOCookie(request, response, st, true);
        syncSsoService.sendUserLoginStateToSso(userspace.getSpaceUU(), userspace.getAdminUU(), response, null);
        LOGGER.info("用户（{}）注册并登录成功，时间：{}", admin.getUserUU(), System.currentTimeMillis());
        return success(data);
    }

    /**
     * 通过登录管理员注册企业
     * @return
     * @throws UnsupportedEncodingException
     */
    @PostMapping("/admin")
    public ModelMap registerLogin(AdminUserspaceRegister register) throws UnsupportedEncodingException {
        // 1、拼装数据
        Userspace userspace = new Userspace();
        userspace.setSpaceName(register.getSpaceName());
        userspace.setBusinessCode(register.getBusinessCode());
        // 查询用户信息
        User user = Optional.ofNullable(register.getUserUU())
                .map(userUU -> userService.findOne(userUU))
                .orElse(null);
        if (user == null) {
            LOGGER.warn("通过登录管理员注册企业警告，用户uu号未注册，参数：{}", JSON.toJSONString(register));
            return error("用户uu号未注册");
        }

        ///2、注册
        request.getSession().setAttribute("mobile", user.getMobile());
        ModelMap data = this.register(userspace, user, register.getAppId(), register.getBaseUrl(), register.getT(), register.getReturnUrl(), true);
        return data;
    }

    /**
     * 获取验证码
     *
     * @param mobile     手机号
     * @param mobileArea
     * @param timestamp 时间戳
     * @param code 图片验证码
     * @param sign 签名，签名不通过也返回正确
     * @return success(tokenId)
     */
    @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
    @ResponseBody
    public ModelMap getCode(String mobile, String mobileArea, String timestamp, String code, String sign) {
        if (StringUtils.isEmpty(timestamp)){
            return error("恶意访问");
        }

        // 校验图片验证码
        Token captchaToken = tokenService.findOne(request.getSession().getId());
        if (captchaToken == null) {
            return error("图片验证码过期");
        }
        if (code != null && !code.equalsIgnoreCase((String) captchaToken.getBind())) {
            return error("请输入正确的验证码");
        }
        tokenService.delete(request.getSession().getId());

        // 校验发送短信频率，60秒一次，key为#{sessionId}_#{类名}
        String key = request.getSession().getId() + "_" + this.getClass().getSimpleName();
        Token rateToken = tokenService.findOne(key);
        if (rateToken != null) {
            return error("验证码发送间隔过快");
        }

        // 校验手机号
        checkMobile(mobile, mobileArea);

        // 获取验证码，根据签名判断是否需要获取验证码
        String str = "{mobile=" + mobile + ",code=" + code + ",salt=sso}";
        String existSign = Md5Utils.encode(str, null);
        String token;
        if (existSign.equals(sign)) {
            token = getMobileToken(mobile);
        } else {
            token = StringUtil.uuid();
            LOGGER.warn("签名不通过！加密参数：{}，sign：{}", str, sign);
        }

        // 设置发送短信频率
        rateToken = new Token(key, "", 60);
        tokenService.save(rateToken);

        // 设置返回数据
        ModelMap data = new ModelMap();
        data.put("token", token);
        data.put("code", request.getSession().getAttribute("code"));
        request.getSession().setAttribute("token", token);
        return data;
    }

    /**
     * 校验验证码
     *
     * @param code  验证码
     * @param token 验证码tokenId
     * @return 验证成功：success()
     */
    @RequestMapping(value = "/checkCode", method = RequestMethod.POST)
    @ResponseBody
    public ModelMap checkCode(String token, String mobile, String code) {
        // 校验token是否正确
        String sessionToken = (String) request.getSession().getAttribute("token");
        if (StringUtils.isEmpty(sessionToken) || !sessionToken.equals(token)) {
            return error("请重新获取验证码");
        }

        // 校验验证码
        checkMobileCode(token, mobile, code);

        // 设置返回值
        return success();
    }
}