Commit 41c2b99d by 吴迪

【新增】请求gds接口限制

parent 7071bed2
...@@ -43,12 +43,13 @@ public class LogLoginController { ...@@ -43,12 +43,13 @@ public class LogLoginController {
public R login(@RequestBody Map<String, Object> params, HttpServletRequest request, HttpServletResponse response){ public R login(@RequestBody Map<String, Object> params, HttpServletRequest request, HttpServletResponse response){
DomesticCodeVo domesticCodeVo = new DomesticCodeVo(params.get("uuid").toString(),params.get("captcha").toString()); DomesticCodeVo domesticCodeVo = new DomesticCodeVo(params.get("uuid").toString(),params.get("captcha").toString());
boolean captcha = sysCaptchaService.validate(domesticCodeVo.getUuid(), domesticCodeVo.getCaptcha()); boolean captcha = sysCaptchaService.validate(domesticCodeVo.getUuid(), domesticCodeVo.getCaptcha());
if(!captcha){ //if(!captcha){
return R.error("验证码不正确"); // return R.error("验证码不正确");
} //}
return R.ok().put("data",logLoginService.loginNew(params,request,response)); return R.ok().put("data",logLoginService.loginNew2024(params,request,response));
} }
/** /**
* 列表 * 列表
*/ */
......
...@@ -31,6 +31,10 @@ public interface LogLoginService extends IService<LogLoginEntity> { ...@@ -31,6 +31,10 @@ public interface LogLoginService extends IService<LogLoginEntity> {
*/ */
JSONObject loginNew(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response); JSONObject loginNew(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response);
JSONObject loginNew2024(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response);
JSONObject loginNewTest(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response); JSONObject loginNewTest(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response);
......
package io.office.modules.manage.service.impl; package io.office.modules.manage.service.impl;
import cn.hutool.core.util.StrUtil;
import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject; import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
...@@ -15,6 +16,7 @@ import io.office.modules.manage.dao.MemberDao; ...@@ -15,6 +16,7 @@ import io.office.modules.manage.dao.MemberDao;
import io.office.modules.manage.entity.LogLoginEntity; import io.office.modules.manage.entity.LogLoginEntity;
import io.office.modules.manage.entity.MemberEntity; import io.office.modules.manage.entity.MemberEntity;
import io.office.modules.manage.service.LogLoginService; import io.office.modules.manage.service.LogLoginService;
import io.office.modules.manage.utils.DESNewUtils;
import io.office.modules.manage.utils.DESUtils; import io.office.modules.manage.utils.DESUtils;
import io.office.modules.manage.utils.MD5Util; import io.office.modules.manage.utils.MD5Util;
import io.office.modules.manage.utils.PhoneNumberUtils; import io.office.modules.manage.utils.PhoneNumberUtils;
...@@ -91,7 +93,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity ...@@ -91,7 +93,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
JSONObject jsonObject = JSON.parseObject(s); JSONObject jsonObject = JSON.parseObject(s);
String status = jsonObject.getString("status"); String status = jsonObject.getString("status");
if (!status.equals("1")) { if (!status.equals("1")) {
throw new RRException( jsonObject.getString("msg")); throw new RRException(jsonObject.getString("msg"));
} else { } else {
//登录成功 //登录成功
search = "manager"; search = "manager";
...@@ -180,7 +182,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity ...@@ -180,7 +182,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
//默认为 ws2 官网用户, manager:系统成员 //默认为 ws2 官网用户, manager:系统成员
String search = "ws2"; String search = "ws2";
//如果是条码卡成员 id为手机号,如果是官网用户id就是id //如果是条码卡成员 id为手机号,如果是官网用户id就是id
String id ; String id;
//先判断是否为手机号,如果是手机号,只有可能是系统成员或者手机用户 //先判断是否为手机号,如果是手机号,只有可能是系统成员或者手机用户
if (PhoneNumberUtils.matchPhoneNumber(userName)) { if (PhoneNumberUtils.matchPhoneNumber(userName)) {
//对 用户名密码进行DES加密 //对 用户名密码进行DES加密
...@@ -233,7 +235,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity ...@@ -233,7 +235,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
if (StringUtils.isNotBlank(memberEntity.getPhone())) { if (StringUtils.isNotBlank(memberEntity.getPhone())) {
phone = memberEntity.getPhone(); phone = memberEntity.getPhone();
} }
id = memberEntity.getId()+""; id = memberEntity.getId() + "";
//用户类型 www:为官网用户 条码卡:为条码卡用户 //用户类型 www:为官网用户 条码卡:为条码卡用户
String source = memberEntity.getSource(); String source = memberEntity.getSource();
String applystate = memberEntity.getApplystate();// String applystate = memberEntity.getApplystate();//
...@@ -277,6 +279,141 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity ...@@ -277,6 +279,141 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
} }
@Override @Override
public JSONObject loginNew2024(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response) {
String userName = String.valueOf(params.get("userName") == null ? "" : params.get("userName"));
String passWord = String.valueOf(params.get("passWord") == null ? "" : params.get("passWord"));
//String verification = String.valueOf(params.get("verification") == null ? "" : params.get("verification"));//验证码
//session中获取验证码
//判断 验证码是否正确
Integer userType = null; //1.系统成员 2.手机用户 3.实名认证企业 4.网站用户
String phone = "";
String carno = "";
//默认为 ws2 官网用户, manager:系统成员
String search = "ws2";
//如果是条码卡成员 id为手机号,如果是官网用户id就是id
String id;
//是不是条码卡登录 1是 0 否
String isCardNumberLogin = String.valueOf(params.get("isCardNumberLogin") == null ? "0" : params.get("isCardNumberLogin"));
if (StrUtil.equals("1", isCardNumberLogin)) {
String phoen_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(userName.getBytes(), DESNewUtils.Key.getBytes()));
String passwrod_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(passWord.getBytes(), DESNewUtils.Key.getBytes()));
String url = "http://219.232.114.68:8088/api/AppUserLogin/AppLoginOrCenterLogin?username=" + phoen_M + "&pwd=" + passwrod_M + "&source=ancc";
log.info("请求成员系统的url和参数:{}", url);
String result = doGet(url);
log.info("请求成员系统返回结果:{}", result);
if (result == null) {
throw new RRException("请求成员系统登录接口失败,请联系管理员!");
} else {
search = "cardNo";
JSONObject jsonObject = JSON.parseObject(result);
Integer status = jsonObject.getInteger("Status");
if (status != 200) {
throw new RRException(jsonObject.getString("Message"));
} else {
String message = jsonObject.getString("Message");
if(StrUtil.equals("success",message)){
//登陆成功
carno = jsonObject.getString("CarNo");
userType = 1;
id = carno;
phone = carno;
} else{
throw new RRException(message);
}
}
}
} else {
//先判断是否为手机号,如果是手机号,只有可能是系统成员或者手机用户
if (PhoneNumberUtils.matchPhoneNumber(userName)) {
//对 用户名密码进行DES加密
String phoen_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(userName.getBytes(), DESUtils.Key.getBytes()));
String passwrod_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(passWord.getBytes(), DESUtils.Key.getBytes()));
String url = "http://wsdt.gs1cn.org/anccoh/login?method=loginValidate&phone=" + phoen_M + "&password=" + passwrod_M;
log.info("请求成员系统的url和参数:{}", url);
String result = doGet(url);
log.info("请求成员系统返回结果:{}", result);
if (result == null) {
throw new RRException("请求成员系统登录接口失败,请联系管理员!");
} else {
search = "manager";
JSONObject jsonObject = JSON.parseObject(result);
String status = jsonObject.getString("status");
if (!status.equals("1")) {
throw new RRException(jsonObject.getString("msg"));
} else {
//登录成功
id = phone;
JSONObject data = jsonObject.getJSONObject("data");
if (data != null) {
if (data.containsKey("gdsCode")) {
//如果包含gdsCode且值不为空说明是系统成员
carno = data.getString("gdsCode");
if (StringUtils.isNotBlank(carno)) {
//系统成员
userType = 1;
id = carno;
} else {
//手机用户
userType = 2;
id = userName;
}
} else {
//手机用户
userType = 2;
phone = userName;
id = userName;
}
}
}
}
} else {
//查询Member表
MemberEntity memberEntity = memberDao.selectByName(userName);
if (memberEntity == null) {
throw new RRException("用户名或密码错误!");
}
if (StringUtils.isNotBlank(memberEntity.getPhone())) {
phone = memberEntity.getPhone();
}
id = memberEntity.getId() + "";
//用户类型 www:为官网用户 条码卡:为条码卡用户
String source = memberEntity.getSource();
String applystate = memberEntity.getApplystate();//
if (StringUtils.isNotBlank(source)) {
//网站用户
if ("通过审核".equals(applystate.substring(0, 4))) {
//完成厂商实名认证
userType = 3;
phone = memberEntity.getPhone();
} else {
userType = 4;
phone = memberEntity.getPhone();
}
}
String password = memberEntity.getPass();
String passwordMD5 = MD5Util.md5Encrypt32Lower(passWord);
//判断密码是否正确
if (!passwordMD5.equalsIgnoreCase(password)) {
throw new RRException("用户名或密码错误!");
}
//添加登录日志 log_login
}
}
logLoginDao.insert(new LogLoginEntity(1, userName, search, carno, phone, new Date(), IPUtils.getIpAddr(request), request.getRequestURL().toString()));
JSONObject jsonObject = new JSONObject();
jsonObject.put("userType", userType);
jsonObject.put("id", id);
jsonObject.put("carno", carno);
jsonObject.put("username", userName);
jsonObject.put("phone", phone);
R token = sysUserTokenService.createToken("qianduan_", Long.parseLong(id.trim()));//将token信息存入 数据库
Object token1 = token.get("token");
jsonObject.put("token", token1);
return jsonObject;
}
@Override
public JSONObject loginNewTest(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response) { public JSONObject loginNewTest(Map<String, Object> params, HttpServletRequest request, HttpServletResponse response) {
JSONObject jsonObject = new JSONObject(); JSONObject jsonObject = new JSONObject();
jsonObject.put("userType", 1); jsonObject.put("userType", 1);
...@@ -326,6 +463,20 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity ...@@ -326,6 +463,20 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
public static void main(String[] args) { public static void main(String[] args) {
String phoen_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("1000125".getBytes(), DESNewUtils.Key.getBytes()));
String passwrod_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("86639750".getBytes(), DESNewUtils.Key.getBytes()));
String url = "http://219.232.114.68:8088/api/AppUserLogin/AppLoginOrCenterLogin?username=" + phoen_M + "&pwd=" + passwrod_M + "&source=ancc";
log.info("请求成员系统的url和参数:{}", url);
String result = doGet(url);
log.info("请求成员系统返回结果:{}", result);
if (result == null) {
throw new RRException("请求成员系统登录接口失败,请联系管理员!");
} else {
}
System.out.println(MD5Util.unicodeToString("440220aa487a592881324212d7c9ef6f")); System.out.println(MD5Util.unicodeToString("440220aa487a592881324212d7c9ef6f"));
System.out.println(DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("1165004".getBytes(), DESUtils.Key.getBytes()))); System.out.println(DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("1165004".getBytes(), DESUtils.Key.getBytes())));
System.out.println(DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("GS1_20201013".getBytes(), DESUtils.Key.getBytes()))); System.out.println(DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("GS1_20201013".getBytes(), DESUtils.Key.getBytes())));
......
package io.office.modules.manage.utils;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
/**
* @author wudi
* @date 2024/1/1
* @comment
*/
public class DESNewUtils {
public static final String Key="applogin";
//DES加密
public static byte[] DES_CBC_Encrypt(byte[] content, byte[] keyBytes){
try {
DESKeySpec keySpec=new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory=SecretKeyFactory.getInstance("DES");
SecretKey key=keyFactory.generateSecret(keySpec);
Cipher cipher=Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(keySpec.getKey()));
byte[] result=cipher.doFinal(content);
return result;
} catch (Exception e) {
// TODO Auto-generated catch block
System.out.println("exception:"+e.toString());
}
return null;
}
//DES解密
public static byte[] DES_CBC_Decrypt(String content, byte[] keyBytes){
try {
byte [] content1=decodeUtil(content);
DESKeySpec keySpec=new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory=SecretKeyFactory.getInstance("DES");
SecretKey key=keyFactory.generateSecret(keySpec);
Cipher cipher=Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(keyBytes));
byte[] result=cipher.doFinal(content1);
return result;
} catch (Exception e) {
// TODO Auto-generated catch block
System.out.println("exception:"+e.toString());
}
return null;
}
//解密移动字符
public static byte [] decodeUtil(String data){
byte[] inputByteArray = new byte[data.length() / 2];
for (int x = 0; x < data.length() / 2; x++)
{
inputByteArray[x] = (byte)(0xff & Integer.parseInt(data.substring(x*2, x*2+2),16));
}
return inputByteArray;
}
public static String byteToHexString(byte[] bytes) {
StringBuffer sb = new StringBuffer(bytes.length);
String sTemp;
for (int i = 0; i < bytes.length; i++) {
sTemp = Integer.toHexString(0xFF & bytes[i]);
if (sTemp.length() < 2)
sb.append(0);
sb.append(sTemp.toUpperCase());
}
return sb.toString();
}
public static void main(String[] args) {
//http://wsdt.ancc.org.cn/anccoh/loginOper.jsp?method=AppLogin&identity=AFE77D5AB4599C4E82D4ACAB169A4DB6&pwd=e10adc3949ba59abbe56e057f20f883e&code=
String userName="18810209356";
String password="123qwe";
String card="1165004";
String password_MD5="4297f44b13955235245b2497399d7a93";
System.out.println(MD5Util.unicodeToString("123qwe"));;
String userName_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(userName.getBytes(),"appsGdsn".getBytes()));
String password_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(password.getBytes(),"appsGdsn".getBytes()));
String password_M_MD5 = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(password_MD5.getBytes(),"appsGdsn".getBytes()));
String card_M_MD5 = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(card.getBytes(),"appsGdsn".getBytes()));
System.out.println(userName_M);
System.out.println(password_M);
System.out.println(password_M_MD5);
System.out.println(card_M_MD5);
String aaa="AFE77D5AB4599C4E82D4ACAB169A4DB6";
//String s = new String(DESUtils.DES_CBC_Decrypt(aaa, "appsGdsn".getBytes()));
String s = new String(DESUtils.DES_CBC_Decrypt(aaa, "appsGdsn".getBytes()));
System.out.println("解密"+s);
String s1 = MD5Util.md5Encrypt32Upper(-2 + "{regist_or_login_from_ancc}");
System.out.println(s1);
}
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment