Commit c131b13d by 吴迪

Merge remote-tracking branch 'origin/master'

parents 438b6b92 3e894816
......@@ -17,6 +17,7 @@ import io.office.common.utils.PageUtils;
import io.office.common.utils.R;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
/**
......@@ -44,11 +45,11 @@ public class LogLoginController {
@Login
// @RequiresPermissions("manage:member:list")
public R login(@RequestBody Map<String, Object> params, HttpServletRequest request, HttpServletResponse response){
DomesticCodeVo domesticCodeVo = new DomesticCodeVo(params.get("uuid").toString(),params.get("captcha").toString());
/* DomesticCodeVo domesticCodeVo = new DomesticCodeVo(params.get("uuid").toString(),params.get("captcha").toString());
boolean captcha = sysCaptchaService.validate(domesticCodeVo.getUuid(), domesticCodeVo.getCaptcha());
if(!captcha){
return R.error("验证码不正确");
}
}*/
return R.ok().put("data",logLoginService.login(params,request,response));
}
......
package io.office.modules.manage.controller;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.util.Arrays;
import java.util.HashMap;
......@@ -11,6 +12,8 @@ import io.office.modules.manage.dao.MemberDao;
import io.office.modules.manage.dao.TycpdmFirmDao;
import io.office.modules.manage.entity.MemberEntity;
import io.office.modules.manage.service.TycpdmFirmChangeService;
import io.office.modules.manage.utils.DESUtils;
import io.office.modules.manage.utils.MD5Util;
import io.office.modules.sys.controller.AbstractController;
import org.apache.commons.beanutils.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -115,11 +118,12 @@ public class TycpdmFirmController extends AbstractController {
public static void main(String[] args) throws InvocationTargetException, IllegalAccessException {
MemberEntity memberEntity = new MemberEntity();
Map<String, Object> body = new HashMap<>();
body.put("username","xiaoz");
BeanUtils.populate(memberEntity, body);
System.out.println(memberEntity.getUsername());
/* String s = MD5Util.md5Encrypt32Upper("123123");
System.out.println(s);*/
String userName_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("13515718321".getBytes(),"loginkey".getBytes()));
String pass_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt("718321".getBytes(),"loginkey".getBytes()));
System.out.println(userName_M);
System.out.println(pass_M);
}
/**
* 根据用户名获取企业认证信息
......@@ -139,12 +143,20 @@ public class TycpdmFirmController extends AbstractController {
/**
* 修改
*/
@RequestMapping("/update")
@RequestMapping("/authApi/update")
// @RequiresPermissions("manage:tycpdmfirm:update")
public R update(@RequestBody TycpdmFirmEntity tycpdmFirm){
tycpdmFirmService.updateById(tycpdmFirm);
return R.ok();
public R update(@RequestBody Map body){
TycpdmFirmEntity tycpdmFirm = new TycpdmFirmEntity();
try {
BeanUtils.populate(tycpdmFirm, body);
Integer fId = Integer.valueOf(String.valueOf(body.get("fId")));
tycpdmFirm.setFId(fId);
tycpdmFirmService.updateById(tycpdmFirm);
return R.ok();
} catch (Exception e) {
e.printStackTrace();
return R.error("修改失败");
}
}
/**
......@@ -252,4 +264,39 @@ public class TycpdmFirmController extends AbstractController {
tycpdmFirmService.updateSystem(params);
return R.ok();
}
/**
* 跳转GDS页面
*/
@RequestMapping("/authApi/redirectGDS")
public R redirectGDS(HttpServletResponse response){
MemberEntity memberUser = getMemberUser();
String url= tycpdmFirmService.redirectGDSURL(memberUser);
try {
//response.sendRedirect(url);
return R.ok().put("data",url);
} catch (Exception e) {
e.printStackTrace();
return R.error("跳转失败");
}
}
/**
* 跳转GLN页面
*/
@RequestMapping("/authApi/redirectGLN")
public R redirectGLN(HttpServletResponse response){
MemberEntity memberUser = getMemberUser();
String url= tycpdmFirmService.redirectGDSGLN(memberUser);
try {
//response.sendRedirect(url);
return R.ok().put("data",url);
} catch (Exception e) {
e.printStackTrace();
return R.error("跳转失败");
}
}
}
......@@ -47,5 +47,10 @@ public interface TycpdmFirmService extends IService<TycpdmFirmEntity> {
void returnFile(Map<String, Object> params, HttpServletResponse response) ;
void updateSystem(Map<String, Object> params);
String redirectGDSURL(MemberEntity memberUser);
String redirectGDSGLN(MemberEntity memberUser);
}
......@@ -99,7 +99,10 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
search="manager";
phone=userName;
//TODO tgl 需要中国编码官网提供 条码卡数据 来判断是否是系统用户
JSONObject data = jsonObject.getJSONObject("data");
if (data!=null){
carno = data.getString("gdsCode");
}
}
}
}else {
......@@ -137,9 +140,9 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
}
phone = user.getPhone();
String password = user.getPass();
String passwordMD5 = MD5Util.md5Encrypt32Upper(passWord);
String passwordMD5 = MD5Util.md5Encrypt32Lower(passWord);
//判断密码是否正确
if (!passwordMD5.equals(password)){
if (!passwordMD5.equalsIgnoreCase(password)){
throw new RRException("密码不正确!");
}
......@@ -156,6 +159,7 @@ public class LogLoginServiceImpl extends ServiceImpl<LogLoginDao, LogLoginEntity
jsonObject.put("isQY",isQY);
jsonObject.put("isXT",isXT);
jsonObject.put("id",id);
jsonObject.put("carno",carno);
R token = sysUserTokenService.createToken("qianduan_",id);//将token信息存入 数据库
Object token1 = token.get("token");
jsonObject.put("token",token1);
......
......@@ -110,7 +110,7 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
MemberEntity memberEntity = new MemberEntity();
memberEntity.setUsername(userName);
//MD5加密密码
memberEntity.setPass(MD5Util.md5Encrypt32Upper(passWord));
memberEntity.setPass(MD5Util.md5Encrypt32Lower(passWord));
memberEntity.setEmail(emiail);
memberEntity.setPhone(phone);
memberEntity.setOicq("");
......@@ -143,12 +143,12 @@ public class MemberServiceImpl extends ServiceImpl<MemberDao, MemberEntity> impl
}
MemberEntity memberEntity = memberDao.selectById(id);
String passData = memberEntity.getPass();
String passMD5 = MD5Util.md5Encrypt32Upper(oldPass);
String passMD5 = MD5Util.md5Encrypt32Lower(oldPass);
if (!passMD5.equals(passData)) {
throw new RRException("旧密码输入错误");
}
//修改密码
memberDao.updateByIdPassWord(Integer.valueOf(id), MD5Util.md5Encrypt32Upper(newPass));
memberDao.updateByIdPassWord(Integer.valueOf(id), MD5Util.md5Encrypt32Lower(newPass));
}
@Override
......
......@@ -74,7 +74,7 @@ public class TimescodeFindpsServiceImpl extends ServiceImpl<TimescodeFindpsDao,
//获取6位随机字符串
String uuid = UUID.randomUUID().toString().replaceAll("-", "").substring(0,6);
//更换密码
memberDao.updateByIdPassWord(id,MD5Util.md5Encrypt32Upper(uuid));
memberDao.updateByIdPassWord(id,MD5Util.md5Encrypt32Lower(uuid));
///////// 以下添加短信发送次数验证
int flag = 1;
TimescodeFindpsEntity timescodeFindpsEntity = tFindpsDao.selectById(phone);
......@@ -167,7 +167,7 @@ public class TimescodeFindpsServiceImpl extends ServiceImpl<TimescodeFindpsDao,
//获取6位随机字符串
String uuid = UUID.randomUUID().toString().replaceAll("-", "").substring(0,6);
//更换密码
memberDao.updateByIdPassWord(id,MD5Util.md5Encrypt32Upper(uuid));
memberDao.updateByIdPassWord(id,MD5Util.md5Encrypt32Lower(uuid));
//发送邮箱
String body="您在中国物品编码中心网站注册的用户昵称为:"+userName+", 密码为:"+uuid+",请妥善保管!";
MailUtlis.sendMail(userName,"中国编码用户密码找回",body,emiail);
......
package io.office.modules.manage.service.impl;
import cn.hutool.crypto.symmetric.DES;
import com.alibaba.fastjson.JSONObject;
import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
import io.office.common.exception.RRException;
......@@ -8,6 +9,7 @@ import io.office.modules.manage.dao.TycpdmFirmChangeDao;
import io.office.modules.manage.dao.TycpdmVipUserDao;
import io.office.modules.manage.entity.*;
import io.office.modules.manage.service.TycpdmFirmChangeService;
import io.office.modules.manage.utils.DESUtils;
import io.office.modules.manage.utils.DateUtils;
import org.apache.commons.beanutils.BeanMap;
import org.apache.commons.beanutils.BeanUtils;
......@@ -20,6 +22,7 @@ import java.io.FileInputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.util.*;
import java.util.regex.Pattern;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
......@@ -444,4 +447,63 @@ public class TycpdmFirmServiceImpl extends ServiceImpl<TycpdmFirmDao, TycpdmFirm
}
}
@Override
public String redirectGDSURL(MemberEntity memberUser) {
Integer levels=null;//用户权限 空.代表普通用户 0.代表中心管理员,1.代表校验管理员 其他4位.代表分中心管理员
int dept = -2; //0表示中心管理员;-2表示普通成员。-100表示没有任何值时
String regist_or_login_from_ancc="";
String username = memberUser.getUsername();
String pass = memberUser.getPass();
if (matchPhoneNumber(username)){
//TODO tgl 手机号用户 调用接口获取 条码数据
}else {//其他用户
//密码进行 DES加密
//String pass_DES = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(pass.getBytes(),DESUtils.Key.getBytes()));
levels=memberDao.selectCode_agen(username);
if (levels==null){
dept=-2;
}else if (levels==0){
dept=0;
}
regist_or_login_from_ancc=dept+"{regist_or_login_from_ancc}";
regist_or_login_from_ancc=DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(regist_or_login_from_ancc.getBytes(),DESUtils.Key.getBytes()));
String url="http://v3.gds.org.cn/registerOrLoginFromAncc.aspx?uname="+username+"&pwd="+pass+"&regist_or_login_from_ancc="+regist_or_login_from_ancc+"&dept="+dept;
return url;
}
return null;
}
/**
* 只有官网注册用户登录,已通过厂商实名认证的,此处直接跳转,传参为用户名和密码
* username 参数 进行DES加密
* password 参数 MD5加密后的字段(也就是member表的pass字段) 再进行DES加密
* @param memberUser
* @return
*/
@Override
public String redirectGDSGLN(MemberEntity memberUser) {
//
String userName_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(memberUser.getUsername().getBytes(),"appsGdsn".getBytes()));
String pass_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(memberUser.getPass().getBytes(),"appsGdsn".getBytes()));
String url="http://gln.gs1cn.org/userAction_U.aspx?act=1&&username="+userName_M+"&&password="+pass_M;
return url;
}
/**
* 验证手机号 由于号码段不断的更新,只需要判断手机号有11位,并且全是数字以及1开头等
* @param phoneNumber 手机号码
* @return
*/
private static boolean matchPhoneNumber(String phoneNumber) {
String regex = "1[358][0-9]{9}";
if(phoneNumber==null||phoneNumber.length()<=0){
return false;
}
return Pattern.matches(regex, phoneNumber);
}
}
\ No newline at end of file
package io.office.modules.manage.utils;
import com.sun.mail.smtp.DigestMD5;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
......@@ -10,6 +12,7 @@ public class DESUtils {
public static final String Key="loginkey";
//DES加密
public static byte[] DES_CBC_Encrypt(byte[] content, byte[] keyBytes){
try {
DESKeySpec keySpec=new DESKeySpec(keyBytes);
......@@ -27,6 +30,34 @@ public class DESUtils {
return null;
}
//DES解密
public static byte[] DES_CBC_Decrypt(String content, byte[] keyBytes){
try {
byte [] content1=decodeUtil(content);
DESKeySpec keySpec=new DESKeySpec(keyBytes);
SecretKeyFactory keyFactory=SecretKeyFactory.getInstance("DES");
SecretKey key=keyFactory.generateSecret(keySpec);
Cipher cipher=Cipher.getInstance("DES/CBC/PKCS5Padding");
cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(keyBytes));
byte[] result=cipher.doFinal(content1);
return result;
} catch (Exception e) {
// TODO Auto-generated catch block
System.out.println("exception:"+e.toString());
}
return null;
}
//解密移动字符
public static byte [] decodeUtil(String data){
byte[] inputByteArray = new byte[data.length() / 2];
for (int x = 0; x < data.length() / 2; x++)
{
inputByteArray[x] = (byte)(0xff & Integer.parseInt(data.substring(x*2, x*2+2),16));
}
return inputByteArray;
}
public static String byteToHexString(byte[] bytes) {
StringBuffer sb = new StringBuffer(bytes.length);
......@@ -40,5 +71,25 @@ public class DESUtils {
return sb.toString();
}
public static void main(String[] args) {
String userName="test_tru";
String password="123123";
String password_MD5="4297f44b13955235245b2497399d7a93";
String userName_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(userName.getBytes(),"appsGdsn".getBytes()));
String password_M = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(password.getBytes(),"appsGdsn".getBytes()));
String password_M_MD5 = DESUtils.byteToHexString(DESUtils.DES_CBC_Encrypt(password_MD5.getBytes(),"appsGdsn".getBytes()));
System.out.println(userName_M);
System.out.println(password_M);
System.out.println(password_M_MD5);
String aaa="88DA15B9F9F602F0D32D46808652B06DC6E939D1424CE39F69A2AC39743F7ED7591975685B543E1D";
//String s = new String(DESUtils.DES_CBC_Decrypt(aaa, "appsGdsn".getBytes()));
String s = new String(DESUtils.DES_CBC_Decrypt(aaa, "appsGdsn".getBytes()));
System.out.println("解密"+s);
String s1 = MD5Util.md5Encrypt32Upper(-2 + "{regist_or_login_from_ancc}");
System.out.println(s1);
}
}
......@@ -48,7 +48,7 @@ public class MD5Util {
* @param string 需要进行MD5加密的字符串
* @return 加密后的字符串(小写)
*/
/* public static String md5Encrypt32Lower(String string) {
public static String md5Encrypt32Lower(String string) {
byte[] hash;
try {
//创建一个MD5算法对象,并获得MD5字节数组,16*8=128位
......@@ -66,7 +66,7 @@ public class MD5Util {
hex.append(Integer.toHexString(b & 0xFF));
}
return hex.toString().toLowerCase();
}*/
}
/**
* 将二进制字节数组转换为十六进制字符串
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment