Commit 4a7781be by 唐功亮

【修改】 手机验证码存储改为redis

parent 9513bae4
......@@ -64,8 +64,9 @@ public class MemberController extends AbstractController {
/**
* 获取验证码
*/
@RequestMapping("/authApi/getVerificationCode")
@RequestMapping("/api/getVerificationCode")
// @RequiresPermissions("manage:timescoderegi:list")
@Login
public R getVerificationCode(@RequestBody Map<String, Object> params, HttpServletRequest request, HttpServletResponse response){
String msg = memberService.getVerificationCode(params,request,response);
return R.ok();
......
......@@ -24,7 +24,10 @@ import io.office.modules.manage.service.TycpdmFirmService;
import io.office.common.utils.PageUtils;
import io.office.common.utils.R;
import org.springframework.web.multipart.MultipartFile;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
......@@ -89,9 +92,9 @@ public class TycpdmFirmController extends AbstractController {
}
/**
* 保存(保存企业信息)
* 保存(保存企业信息) status 申请状态 1.新增 2.修改
* @param
* @param
* @param status 申请状态 1.新增 2.修改
* @return
*/
@RequestMapping("/authApi/save")
......@@ -226,8 +229,9 @@ public class TycpdmFirmController extends AbstractController {
/**
* 根据文件地址返回文件
*/
@RequestMapping("/authApi/returnFile")
public R returnFile(@RequestBody Map<String, Object> params, HttpServletResponse response){
@RequestMapping("/api/returnFile")
@Login
public R returnFile(@RequestParam Map<String, Object> params, HttpServletResponse response){
tycpdmFirmService.returnFile(params,response);
return R.ok();
}
......
......@@ -36,8 +36,8 @@ public interface TycpdmFirmDao extends BaseMapper<TycpdmFirmEntity> {
@Update("UPDATE tycpdm_firm SET logout_flag = #{logout_flag} WHERE f_id = #{id}")
void updateBYIdLogoutFlag(@Param("logout_flag") String logout_flag, @Param("id") String id);
@Select("select count(1) from tycpdm_firm where firmName=#{firmname} and logout_flag=#{logout_flag}")
int selectByIdFirmName(@Param("firmname")String firmname, @Param("logout_flag")int logout_flag);
@Select("select count(1) from tycpdm_firm where firmName=#{firmname} and logout_flag=#{logout_flag} and base_user<>#{userName}")
int selectByIdFirmName(@Param("firmname")String firmname, @Param("logout_flag")int logout_flag,@Param("userName")String userName);
@Update("UPDATE tycpdm_firm SET branchCode = #{branchCode} WHERE f_id = #{id}")
void updateByIdBranchCode(@Param("id") Integer id,@Param("branchCode") Integer branchCode);
......
......@@ -11,9 +11,12 @@ import org.apache.commons.httpclient.methods.PostMethod;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
......@@ -28,7 +31,7 @@ import javax.servlet.http.HttpSession;
@Service("memberService")
@Transactional
public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> implements MemberService {
@Autowired
......@@ -46,6 +49,16 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
@Autowired
private LogMessageDao logMessageDao;
@Autowired
private RedisTemplate<String,String> redisTemplate;
public static void main(String[] args) {
RedisTemplate<String, String> redisTemplate = new RedisTemplate<>();
}
@Override
public PageUtils queryPage(Map<String, Object> params) {
IPage<MemberEntity> page = this.page(
......@@ -86,14 +99,9 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
throw new RRException("手机格式不正确,请重新填写");
}
//利用获取验证码时保存的session,判断手机验证码非空,和发送的短信内容是否一致,提交时的手机号与接收验证码的手机号是否相同,验证码是否已失效
String subjoinReq = request.getSession().getAttribute("subjoin") == null ? "" : String.valueOf(request.getSession().getAttribute("subjoin"));
String telReq = request.getSession().getAttribute("tel") == null ? "" : String.valueOf(request.getSession().getAttribute("tel"));
Long dateReq = request.getSession().getAttribute("date") == null ? 0 : Long.valueOf(String.valueOf(request.getSession().getAttribute("date")));//毫秒值
subjoinReq = "344942";
telReq = "13159872863";
long l = System.currentTimeMillis();
//dateReq=(l-dateReq)/1000;
dateReq = 30L;
ValueOperations forValue = redisTemplate.opsForValue();
Object o = forValue.get(phone);
//获取验证码验证次数
TimescodeRegiEntity timescodeRegiEntity = timescodeRegiDao.selectById(phone);
if (timescodeRegiEntity == null) {
......@@ -102,7 +110,7 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
Integer timesValidate = timescodeRegiEntity.getTimesValidate();//验证码输入错误次数;
//校验验证码
checkSubjoinRegi(subjoin, subjoinReq, phone, telReq, dateReq, timesValidate);
checkSubjoinRegi(subjoin, o, phone, timesValidate);
//存入数据库 密码加密
MemberEntity memberEntity = new MemberEntity();
memberEntity.setUsername(userName);
......@@ -231,24 +239,19 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
if (verification.equals("")) {
throw new RRException("请输入验证码");
}
String verUpdatephone = request.getSession().getAttribute("verification").toString();//获取手机验证码
long verUpdateData = Long.valueOf(request.getSession().getAttribute("verUpdateData").toString());//获取手机有效时间
if (!verUpdatephone.equals(verification)) {
throw new RRException("验证码输入错误");
}
long l = System.currentTimeMillis();
if (l - verUpdateData > 300) {
ValueOperations operations = redisTemplate.opsForValue();
Object o = operations.get(phone);
if (o==null){
throw new RRException("验证码已超时");
}
if (!o.toString().equals(verification)) {
throw new RRException("验证码输入错误");
}
memberDao.updateByIDPhone(Integer.valueOf(id), phone);
}
public static void main(String[] args) {
String t123456 = MD5Util.md5Encrypt32Upper("t123456");
System.out.println(t123456);
}
/**
* 以下为短信验证码验证次数判断
......@@ -256,15 +259,13 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
* @param sub 验证码
* @param reSub session存储的验证码
* @param tel 手机号
* @param reTel session存储的手机号
* @param time_diff session存储的毫秒值
* @param times_validate 验证码失败次数
* @return
*/
public boolean checkSubjoinRegi(String sub, String reSub, String tel, String reTel, long time_diff, int times_validate) {
public boolean checkSubjoinRegi(String sub, Object reSub, String tel, int times_validate) {
if (sub.equals("")) {
throw new RRException("手机验证码不能为空!");
} else if (time_diff >= 300) {
} else if (reSub ==null) {
throw new RRException("验证码已超时!");
} else if (times_validate >= 3) {
throw new RRException("该验证码输入错误满3次,已失效,请重新获取!");
......@@ -272,13 +273,11 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
if (!sub.equals(reSub)) {
if (times_validate <= 3) {
times_validate += 1;
timescodeRegiDao.updateByIdTimes_validate(reTel, times_validate);
timescodeRegiDao.updateByIdTimes_validate(tel, times_validate);
throw new RRException("验证码已输入错误" + times_validate + "次(输入错误满3次时,该验证码失效)!");
}
}
if (!tel.equals(reTel)) {
throw new RRException("手机号码错误!");
}
}
return false;
}
......@@ -346,10 +345,11 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
}
//TODO tgl 判断手机号码是否在黑名单内
//写入session
HttpSession session = request.getSession();
session.setAttribute("verification", pass);//验证码
session.setAttribute("tel", phone);//手机号
session.setAttribute("date", System.currentTimeMillis());//毫秒值
//手机验证码写入redis
ValueOperations forValue = redisTemplate.opsForValue();
forValue.set(phone, pass);
redisTemplate.expire(phone, 60*5, TimeUnit.SECONDS);//过期时间5分钟
//发送状态
String state = "";
// 以下添加同一个手机号短信发送次数验证
......
......@@ -16,10 +16,13 @@ import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Node;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.stereotype.Service;
import java.util.Date;
import java.util.Map;
import java.util.concurrent.TimeUnit;
import java.util.regex.Pattern;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
......@@ -49,6 +52,9 @@ public class TimescodeRegiServiceImpl extends ServiceImpl<TimescodeRegiDao, Time
@Autowired
private LogMessageDao logMessageDao;
@Autowired
private RedisTemplate<String,String> redisTemplate;
@Override
public PageUtils queryPage(Map<String, Object> params) {
IPage<TimescodeRegiEntity> page = this.page(
......@@ -99,13 +105,10 @@ public class TimescodeRegiServiceImpl extends ServiceImpl<TimescodeRegiDao, Time
throw new RRException("手机格式不正确,请重新填写");
}
//TODO tgl 判断手机号码是否在黑名单内
//写入session
HttpSession session = request.getSession();
session.setAttribute("subjoin",pass);//验证码
session.setAttribute("tel",phone);//手机号
session.setAttribute("date",System.currentTimeMillis());//毫秒值
//手机验证码写入redis
ValueOperations forValue = redisTemplate.opsForValue();
forValue.set(phone, pass);
Boolean expire = redisTemplate.expire(phone, 60*5, TimeUnit.SECONDS);//过期时间5分钟
//发送状态
String state = "";
// 以下添加同一个手机号短信发送次数验证
......@@ -207,6 +210,8 @@ public class TimescodeRegiServiceImpl extends ServiceImpl<TimescodeRegiDao, Time
if (returnstatus.equals("Success")){
//保存验证码信息log_message表
state="发送成功";
//初始化验证码失效次数
timescodeRegiDao.updateByIdTimes_validate(phone,0);
return "Success";
}else if (returnstatus.equals("Faild")){
state="发送失败";
......
......@@ -310,7 +310,7 @@ public class TycpdmFirmServiceImpl extends ServiceImpl<TycpdmFirmDao, TycpdmFirm
if (firmname==null||"".equals(tycpdmFirm)){
throw new RRException("企业名称不能为空");
}
int count=tycpdmFirmDao.selectByIdFirmName(firmname,1);
int count=tycpdmFirmDao.selectByIdFirmName(firmname,1,userName);
if (count>0){
throw new RRException("企业名称已经存在");
}
......@@ -359,7 +359,7 @@ public class TycpdmFirmServiceImpl extends ServiceImpl<TycpdmFirmDao, TycpdmFirm
if (firmname==null||"".equals(tycpdmFirm)){
throw new RRException("企业名称不能为空");
}
int count=tycpdmFirmDao.selectByIdFirmName(firmname,1);
int count=tycpdmFirmDao.selectByIdFirmName(firmname,1,userName);
if (count>0){
throw new RRException("企业名称已经存在");
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment