diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/controller/H5ApiAdvisoryInfoController.java b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/controller/H5ApiAdvisoryInfoController.java index c062c34..8a428b4 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/controller/H5ApiAdvisoryInfoController.java +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/controller/H5ApiAdvisoryInfoController.java @@ -112,7 +112,7 @@ public class H5ApiAdvisoryInfoController extends JeecgController queryByOpenId(@RequestParam(name="openId",required=true) String openId,@RequestParam(name="wechatName",required=true) String wechatName) { + public Result queryByOpenId(@RequestParam(name="openId",required=true) String openId,@RequestParam(name="wechatName",required=false) String wechatName) { NuBizAdvisoryInfo nuBizAdvisoryInfo = nuBizAdvisoryInfoService.queryWeixinInfo(openId,wechatName); return Result.OK(nuBizAdvisoryInfo); } diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/entity/NuBizAdvisoryInfo.java b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/entity/NuBizAdvisoryInfo.java index 130cb1e..157e591 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/entity/NuBizAdvisoryInfo.java +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/entity/NuBizAdvisoryInfo.java @@ -5,7 +5,9 @@ import java.io.UnsupportedEncodingException; import java.util.Date; import java.math.BigDecimal; +import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.annotation.*; +import org.jeecg.common.api.vo.Result; import org.jeecg.common.constant.ProvinceCityArea; import org.jeecg.common.util.SpringContextUtils; import lombok.Data; @@ -35,97 +37,99 @@ public class NuBizAdvisoryInfo implements Serializable { /**id*/ @TableId(type = IdType.ASSIGN_ID) @ApiModelProperty(value = "id") - private java.lang.String id; + private String id; /**微信id*/ @Excel(name = "微信id", width = 15) @ApiModelProperty(value = "微信id") - private java.lang.String openId; + private String openId; /**微信名称*/ @Excel(name = "微信名称", width = 15) @ApiModelProperty(value = "微信名称") - private java.lang.String wechatName; + private String wechatName; /**咨询人姓名*/ @Excel(name = "咨询人姓名", width = 15) @ApiModelProperty(value = "咨询人姓名") - private java.lang.String name; + private String name; /**性别*/ @Excel(name = "性别", width = 15, dicCode = "sex") @Dict(dicCode = "sex") @ApiModelProperty(value = "性别") - private java.lang.String sex; + private String sex; /**联系电话*/ @Excel(name = "联系电话", width = 15) @ApiModelProperty(value = "联系电话") - private java.lang.String tel; + private String tel; /**咨询类型 1入住nu 2入驻机构 3我要加盟*/ @Excel(name = "咨询类型", width = 15, dicCode = "advisory_type") @Dict(dicCode = "advisory_type") @ApiModelProperty(value = "咨询类型") - private java.lang.String advisoryType; + private String advisoryType; /**状态 1审核中 2审核完成 3驳回*/ @Excel(name = "状态", width = 15, dicCode = "advisory_approval") @Dict(dicCode = "advisory_approval") @ApiModelProperty(value = "状态") - private java.lang.String status; + private String status; /**审核备注*/ @Excel(name = "审核备注", width = 15) @ApiModelProperty(value = "审核备注") - private java.lang.String content; + private String content; /**机构访问地址*/ @Excel(name = "机构访问地址", width = 15) @ApiModelProperty(value = "机构访问地址") - private java.lang.String serverUrl; + private String serverUrl; /**创建人*/ @ApiModelProperty(value = "创建人") - private java.lang.String createBy; + private String createBy; /**创建日期*/ @JsonFormat(timezone = "GMT+8",pattern = "yyyy-MM-dd HH:mm:ss") @DateTimeFormat(pattern="yyyy-MM-dd HH:mm:ss") @ApiModelProperty(value = "创建日期") - private java.util.Date createTime; + private Date createTime; /**更新人*/ @ApiModelProperty(value = "更新人") - private java.lang.String updateBy; + private String updateBy; /**更新日期*/ @JsonFormat(timezone = "GMT+8",pattern = "yyyy-MM-dd HH:mm:ss") @DateTimeFormat(pattern="yyyy-MM-dd HH:mm:ss") @ApiModelProperty(value = "更新日期") - private java.util.Date updateTime; + private Date updateTime; /**所属部门*/ @ApiModelProperty(value = "所属部门") - private java.lang.String sysOrgCode; + private String sysOrgCode; /**老人姓名*/ - private java.lang.String oldManName; + private String oldManName; /**老人年龄*/ - private java.lang.String oldManAge; + private String oldManAge; /**医保类型*/ @Dict(dicCode = "medical_insurance_type") - private java.lang.String medicalInsuranceType; + private String medicalInsuranceType; /**老人性别*/ @Dict(dicCode = "sex") - private java.lang.String oldManSex; + private String oldManSex; /**报销类型*/ @Dict(dicCode = "reimb_type") - private java.lang.String reimbType; + private String reimbType; /**护理单元*/ - private java.lang.String nuId; + private String nuId; @TableField(exist = false) - private java.lang.String advisoryTypeName; + private String advisoryTypeName; @TableField(exist = false) - private java.lang.String sexName; + private String sexName; @TableField(exist = false) - private java.lang.String sysOrgCodeName; + private String sysOrgCodeName; @TableField(exist = false) - private java.lang.String statusName; + private String statusName; @TableField(exist = false) - private java.lang.String oldManSexName; + private String oldManSexName; @TableField(exist = false) - private java.lang.String medicalInsuranceTypeName; + private String medicalInsuranceTypeName; @TableField(exist = false) - private java.lang.String reimbTypeName; + private String reimbTypeName; + @TableField(exist = false) + private String token; } diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/NuBizAdvisoryInfoMapper.java b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/NuBizAdvisoryInfoMapper.java index 6ec3aa2..ea5fed0 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/NuBizAdvisoryInfoMapper.java +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/NuBizAdvisoryInfoMapper.java @@ -14,4 +14,7 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper; */ public interface NuBizAdvisoryInfoMapper extends BaseMapper { + NuBizAdvisoryInfo getUserByTel(@Param("mobile") String mobile); + + NuBizAdvisoryInfo findByOpenId(@Param("openId")String openId); } diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/xml/NuBizAdvisoryInfoMapper.xml b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/xml/NuBizAdvisoryInfoMapper.xml index d4b1d8c..fd4d5e9 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/xml/NuBizAdvisoryInfoMapper.xml +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/mapper/xml/NuBizAdvisoryInfoMapper.xml @@ -2,4 +2,10 @@ + + \ No newline at end of file diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/INuBizAdvisoryInfoService.java b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/INuBizAdvisoryInfoService.java index f3bf965..f7876e8 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/INuBizAdvisoryInfoService.java +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/INuBizAdvisoryInfoService.java @@ -12,4 +12,8 @@ import com.baomidou.mybatisplus.extension.service.IService; public interface INuBizAdvisoryInfoService extends IService { NuBizAdvisoryInfo queryWeixinInfo(String openId, String wechatName); + + NuBizAdvisoryInfo getUserByTel(String mobile); + + NuBizAdvisoryInfo findByOpenId(String openId); } diff --git a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/impl/NuBizAdvisoryInfoServiceImpl.java b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/impl/NuBizAdvisoryInfoServiceImpl.java index e6a443a..5cb4501 100644 --- a/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/impl/NuBizAdvisoryInfoServiceImpl.java +++ b/nursing-unit-admin/nu-admin-biz/src/main/java/com/nu/modules/NuBizAdvisoryInfo/service/impl/NuBizAdvisoryInfoServiceImpl.java @@ -1,13 +1,25 @@ package com.nu.modules.NuBizAdvisoryInfo.service.impl; +import com.alibaba.fastjson.JSONObject; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.nu.modules.NuBizAdvisoryInfo.entity.NuBizAdvisoryInfo; import com.nu.modules.NuBizAdvisoryInfo.mapper.NuBizAdvisoryInfoMapper; import com.nu.modules.NuBizAdvisoryInfo.service.INuBizAdvisoryInfoService; +import org.apache.commons.lang.StringUtils; +import org.jeecg.common.api.vo.Result; +import org.jeecg.common.constant.CommonConstant; +import org.jeecg.common.system.util.JwtUtil; +import org.jeecg.common.util.RedisUtil; +import org.jeecg.common.util.oConvertUtils; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; +import javax.servlet.http.HttpServletRequest; +import java.util.LinkedHashMap; +import java.util.List; + /** * @Description: 咨询信息 * @Author: 张明远 @@ -17,11 +29,14 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; @Service public class NuBizAdvisoryInfoServiceImpl extends ServiceImpl implements INuBizAdvisoryInfoService { + @Autowired + private RedisUtil redisUtil; + @Override public NuBizAdvisoryInfo queryWeixinInfo(String openId, String wechatName) { QueryWrapper queryWrapper = new QueryWrapper<>(); queryWrapper.eq("open_id",openId); - queryWrapper.eq("wechat_name",wechatName); + queryWrapper.eq(StringUtils.isNotBlank(wechatName),"wechat_name",wechatName); NuBizAdvisoryInfo nuBizAdvisoryInfo = baseMapper.selectOne(queryWrapper); //查询是否有微信注册信息,没有则创建 if(nuBizAdvisoryInfo==null) { @@ -30,6 +45,37 @@ public class NuBizAdvisoryInfoServiceImpl extends ServiceImplorg.jeecgframework weixin4j + + com.nursingunit.boot + nu-admin-biz + 2.0.0 + compile + - + diff --git a/nursing-unit-system/nu-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java b/nursing-unit-system/nu-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java index d52c0db..c8003ba 100644 --- a/nursing-unit-system/nu-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java +++ b/nursing-unit-system/nu-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java @@ -4,7 +4,10 @@ import cn.hutool.core.util.RandomUtil; import com.alibaba.fastjson.JSONObject; import com.aliyuncs.exceptions.ClientException; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; +import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.toolkit.IdWorker; +import com.nu.modules.NuBizAdvisoryInfo.entity.NuBizAdvisoryInfo; +import com.nu.modules.NuBizAdvisoryInfo.service.INuBizAdvisoryInfoService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; @@ -66,6 +69,8 @@ public class LoginController { private BaseCommonService baseCommonService; @Autowired private JeecgBaseConfig jeecgBaseConfig; + @Autowired + private INuBizAdvisoryInfoService nuBizAdvisoryInfoService; private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890"; @@ -395,6 +400,11 @@ public class LoginController { } + + + + + /** * 手机号登录接口 * @@ -797,8 +807,6 @@ public class LoginController { } return result; } - - /** * 图形验证码 * @param sysLoginModel @@ -824,4 +832,190 @@ public class LoginController { return Result.ok(); } + /** + * 短信验证码 + * @return + */ + @PostMapping(value = "/smsCode") + public Result smsCode(@RequestBody Map map,HttpServletRequest request) { + String mobile = map.get("mobile"); + String smsmode = map.get("smsmode"); + String hkcode = map.get("hkcode"); +// @RequestParam(name="mobile",required=true) String mobile,@RequestParam(name="smsmode",required=true) String smsmode,@RequestParam(name="hkcode",required=true) String hkcode + Result result = new Result(); + String clientIp = IpUtils.getIpAddr(request); +// //手机号模式 登录模式: "2" 注册模式: "1" + log.info("-------- IP:{}, 手机号:{},获取绑定验证码", clientIp, mobile); + + if(oConvertUtils.isEmpty(mobile)){ + result.setMessage("手机号不允许为空!"); + result.setSuccess(false); + return result; + } + + + String redisHKKey = CommonConstant.PHONE_REDIS_KEY_PRE+"HK"+mobile; + Object hkcoderED = redisUtil.get(redisHKKey); + if(!hkcoderED.equals(hkcode)){ + result.setMessage("非法操作,不能获取验证码!"); + result.setSuccess(false); + return result; + }else{ + + } + + //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + String redisKey = CommonConstant.PHONE_REDIS_KEY_PRE+mobile; + Object object = redisUtil.get(redisKey); + //update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + + if (object != null) { + result.setMessage("验证码10分钟内,仍然有效!"); + result.setSuccess(false); + return result; + } + + //------------------------------------------------------------------------------------- + //增加 check防止恶意刷短信接口 + if(!DySmsLimit.canSendSms(clientIp)){ + log.warn("--------[警告] IP地址:{}, 短信接口请求太多-------", clientIp); + result.setMessage("短信接口请求太多,请稍后再试!"); + result.setCode(CommonConstant.PHONE_SMS_FAIL_CODE); + result.setSuccess(false); + return result; + } + //------------------------------------------------------------------------------------- + + //随机数 + String captcha = RandomUtil.randomNumbers(4); + JSONObject obj = new JSONObject(); + obj.put("code", captcha); + try { + boolean b = false; + //注册模板 + if (CommonConstant.SMS_TPL_TYPE_1.equals(smsmode)) { + SysUser sysUser = sysUserService.getUserByPhone(mobile); + if(sysUser!=null) { + result.error500(" 手机号已经注册,请直接登录!"); + baseCommonService.addLog("手机号已经注册,请直接登录!", CommonConstant.LOG_TYPE_1, null); + return result; + } + b = DySmsHelper.sendSms(mobile, obj, DySmsEnum.REGISTER_TEMPLATE_CODE); + }else { + //登录模式,校验用户有效性 + NuBizAdvisoryInfo nuBizAdvisoryInfo = nuBizAdvisoryInfoService.getUserByTel(mobile); + +// SysUser sysUser = sysUserService.getUserByPhone(mobile); +// result = sysUserService.checkUserIsEffective(sysUser); + if(nuBizAdvisoryInfo == null) { + result.error500("该用户不存在或未绑定手机号"); + return result; + } + + /** + * smsmode 短信模板方式 0 .登录模板、1.注册模板、2.忘记密码模板 + */ + if (CommonConstant.SMS_TPL_TYPE_0.equals(smsmode)) { + //登录模板 + b = DySmsHelper.sendSms(mobile, obj, DySmsEnum.LOGIN_TEMPLATE_CODE); + } else if(CommonConstant.SMS_TPL_TYPE_2.equals(smsmode)) { + //忘记密码模板 + b = DySmsHelper.sendSms(mobile, obj, DySmsEnum.FORGET_PASSWORD_TEMPLATE_CODE); + } + } + + if (b == false) { + result.setMessage("短信验证码发送失败,请稍后重试"); + result.setSuccess(false); + return result; + } + + //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + //验证码10分钟内有效 + redisUtil.set(redisKey, captcha, 600); + //update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + + //update-begin--Author:scott Date:20190812 for:issues#391 + //result.setResult(captcha); + //update-end--Author:scott Date:20190812 for:issues#391 + result.setSuccess(true); + + } catch (ClientException e) { + e.printStackTrace(); + result.error500(" 短信接口未配置,请联系管理员!"); + return result; + } + return result; + } + /** + * 手机号验证码验证接口 + * @param request + * @return + */ + @PostMapping("/checkPhoneCode") + public Result checkPhoneCode(@RequestBody Map map, HttpServletRequest request) { + String mobile = map.get("mobile"); + String smscode = map.get("smscode"); + String openId = map.get("openId"); +// @RequestParam(name="mobile",required=true) String mobile,@RequestParam(name="smscode",required=true) String smscode,@RequestParam(name="openId",required=false) String openId, + Result result = new Result(); + String phone = mobile; + //update-begin-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户 + if(isLoginFailOvertimes(phone)){ + return result.error500("该用户登录失败次数过多,请于10分钟后再次登录!"); + } + //update-end-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户 + //校验用户有效性 +// SysUser sysUser = sysUserService.getUserByPhone(phone); +// result = sysUserService.checkUserIsEffective(sysUser); +// if(!result.isSuccess()) { +// return result; +// } + + + //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + String redisKey = CommonConstant.PHONE_REDIS_KEY_PRE+phone; + Object code = redisUtil.get(redisKey); + //update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906 + + if (!smscode.equals(code)) { + addLoginFailOvertimes(phone); + return Result.error("手机验证码错误"); + } + QueryWrapper queryWrapper = new QueryWrapper<>(); + System.out.println("openId = " + openId); + queryWrapper.eq("open_id", openId); + NuBizAdvisoryInfo nuBizAdvisoryInfo = nuBizAdvisoryInfoService.getOne(queryWrapper); + nuBizAdvisoryInfo.setTel(phone); + nuBizAdvisoryInfoService.updateById(nuBizAdvisoryInfo); + + return result; + } + + /** + * 获取滑块code + * @param request + * @return + */ + @PostMapping("/getHkCode") + public Result getHkCode(@RequestBody Map map, HttpServletRequest request) { +// @RequestParam(name="mobile",required=true) String mobile + String mobile = map.get("mobile"); + Result result = new Result(); + String phone = mobile; + //update-begin-author:taoyan date:2022-11-7 for: issues/4109 平台用户登录失败锁定用户 + if(isLoginFailOvertimes(phone)){ + return result.error500("该用户登录失败次数过多,请于10分钟后再次登录!"); + } + + String redisKey = CommonConstant.PHONE_REDIS_KEY_PRE+"HK"+phone; + //随机数 + String captcha = RandomUtil.randomNumbers(6); + redisUtil.set(redisKey, captcha, 600); + result.setMessage(captcha); + + return result; + } + + } diff --git a/nursing-unit-system/nu-system-start/src/main/resources/application-dev.yml b/nursing-unit-system/nu-system-start/src/main/resources/application-dev.yml index 7b84e6d..6e63ea4 100644 --- a/nursing-unit-system/nu-system-start/src/main/resources/application-dev.yml +++ b/nursing-unit-system/nu-system-start/src/main/resources/application-dev.yml @@ -258,14 +258,14 @@ jeecg: excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/bigscreen/category/**,/bigscreen/visual/**,/bigscreen/map/**,/jmreport/bigscreen2/** #阿里云oss存储和大鱼短信秘钥配置 oss: - accessKey: ?? - secretKey: ?? + accessKey: LTAI5tB9WHDf3BZsTcQ64Knc + secretKey: QWwOazCWWZxV7ovqgGGfSCpQcUevUZ endpoint: oss-cn-beijing.aliyuncs.com bucketName: jeecgdev # 短信模板 sms-template: # 签名 - signature: + signature: 吉林省捌零信创科技 # 模板code templateCode: # 登录短信、忘记密码模板编码 @@ -273,7 +273,7 @@ jeecg: # 修改密码短信模板编码 SMS_465391221: # 注册账号短信模板编码 - SMS_175430166: + SMS_175430166: SMS_319245237 # 在线预览文件服务器地址配置 file-view-domain: http://fileview.jeecg.com # minio文件上传 diff --git a/nursing-unit-system/nu-system-start/src/main/resources/application-uat.yml b/nursing-unit-system/nu-system-start/src/main/resources/application-uat.yml index 7164931..374b6a8 100644 --- a/nursing-unit-system/nu-system-start/src/main/resources/application-uat.yml +++ b/nursing-unit-system/nu-system-start/src/main/resources/application-uat.yml @@ -257,14 +257,14 @@ jeecg: excludeUrls: /test/jeecgDemo/demo3,/test/jeecgDemo/redisDemo/**,/bigscreen/category/**,/bigscreen/visual/**,/bigscreen/map/**,/jmreport/bigscreen2/** #阿里云oss存储和大鱼短信秘钥配置 oss: - accessKey: ?? - secretKey: ?? + accessKey: LTAI5tB9WHDf3BZsTcQ64Knc + secretKey: QWwOazCWWZxV7ovqgGGfSCpQcUevUZ endpoint: oss-cn-beijing.aliyuncs.com bucketName: jeecgdev # 短信模板 sms-template: # 签名 - signature: + signature: 吉林省捌零信创科技 # 模板code templateCode: # 登录短信、忘记密码模板编码 @@ -272,7 +272,7 @@ jeecg: # 修改密码短信模板编码 SMS_465391221: # 注册账号短信模板编码 - SMS_175430166: + SMS_175430166: SMS_319245237 # 在线预览文件服务器地址配置 file-view-domain: http://fileview.jeecg.com # minio文件上传