忘记密码

business-common/src/main/java/com/rongwei/bscommon/sys/service/ZhcxApiService.java

@@ -22,4 +22,8 @@ public interface ZhcxApiService {
     R sendReviewSupervisionMail(Map<String, Object> map);
 
     R getCoreInspectionDetailList(Map<String, Object> map);
+
+    R forgetPwdSendSmsCode(Map<String, Object> map);
+
+    R forgetResetPwd(Map<String, Object> map);
 }

business-common/src/main/java/com/rongwei/bscommon/sys/service/impl/ZhcxApiServiceImpl.java

@@ -1,6 +1,7 @@
 package com.rongwei.bscommon.sys.service.impl;
 
 import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.json.JSONUtil;
 import com.alibaba.fastjson.JSONObject;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
@@ -11,23 +12,25 @@ import com.rongwei.bscommon.sys.utils.HwSmsUtil;
 import com.rongwei.bscommon.sys.utils.SmsCodeGenerateUtils;
 import com.rongwei.bsentity.vo.ZhcxOutsideInspectionVo;
 import com.rongwei.commonservice.service.RedisService;
+import com.rongwei.commonservice.service.SysConfigService;
 import com.rongwei.rwadmincommon.system.domain.SysUserDo;
 import com.rongwei.rwadmincommon.system.service.SysUserService;
 import com.rongwei.rwadmincommon.system.vo.SysUserVo;
 import com.rongwei.rwcommon.base.R;
 import com.rongwei.rwcommon.base.exception.CustomException;
 import com.rongwei.rwcommon.utils.CheckPasswordUtils;
+import com.rongwei.rwcommon.utils.RsaUtil;
 import com.rongwei.rwcommon.utils.SecurityUtil;
 import com.rongwei.rwcommon.utils.StringUtils;
+import com.rongwei.rwcommonentity.commonservers.domain.SysConfigDo;
 import lombok.extern.java.Log;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Map;
-import java.util.Random;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
+import java.util.*;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -43,6 +46,8 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
     private RedisService redisService;
     @Autowired
     private SysUserService sysUserService;
+    @Autowired
+    private SysConfigService sysConfigService;
 
     @Override
     public List<ZhcxOutsideInspectionVo> getOutsideInspectionList(Map<String, Object> map) {
@@ -186,6 +191,126 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
         return R.ok(list);
     }
 
+    @Override
+    public R forgetPwdSendSmsCode(Map<String, Object> map) {
+        Object accountObj = map.get("account");
+        List<String> list = new ArrayList<>();
+        if(ObjectUtil.isEmpty(accountObj)){
+            return R.error();
+        }
+        String account = (String) accountObj;
+        LambdaQueryWrapper<SysUserDo> queryWrapper = Wrappers.lambdaQuery();
+        queryWrapper.and(i -> i.eq(SysUserDo::getAccount, account).
+                or().eq(SysUserDo::getMobile, account).
+                or().eq(SysUserDo::getEmail, account));
+        SysUserDo sysUserDo = sysUserService.getOne(queryWrapper);
+        if(sysUserDo == null){
+            return R.error("账号不存在,请联系管理员");
+        }
+        String sendCodeTimeObj = (String) redisService.getRedisCatchObj(CxConstants.FORGET_PASSWORD_COUNT_PREFIX+account);
+        int sendCodeTime = StringUtils.isBlank(sendCodeTimeObj) ? 0 : Integer.parseInt(sendCodeTimeObj);
+        sendCodeTime += 1;
+        if(sendCodeTime <= 20){
+            redisService.redisCatchInit(CxConstants.FORGET_PASSWORD_COUNT_PREFIX+account,String.valueOf(sendCodeTime),CxConstants.SEND_CODE_INTERVAL);
+            try {
+                String code = SmsCodeGenerateUtils.generateVerificationCode(6);
+                list.add(code);
+                JSONObject jsonObject = HwSmsUtil.sendSms(null,null, list, account);
+                String returnCode = jsonObject.getString("code");
+                if("000000".equals(returnCode)){
+                    redisService.redisCatchInit(CxConstants.FORGET_PASSWORD_SEND_CODE_PREFIX+account,code,CxConstants.VERIFICATION_CODE_EXPIRATION);
+                    return R.ok("发送成功");
+                }
+                log.info("华为云短信接口调用返回:"+jsonObject);
+            } catch (Exception e) {
+                log.info("生成短信验证码发送失败"+e);
+            }
+            return R.error("发送短信失败, 请联系管理员!");
+        }{
+            return R.error("验证发送次数频繁,请过5分钟后再尝试");
+        }
+    }
+
+    @Override
+    public R forgetResetPwd(Map<String, Object> map) {
+        Object accountObj = map.get("account");
+        Object codeObj = map.get("code");
+        Object pwdObj = map.get("pwd");
+        if(ObjectUtil.isEmpty(accountObj) || ObjectUtil.isEmpty(codeObj) || ObjectUtil.isEmpty(pwdObj)){
+            return R.error();
+        }
+        String account = (String) accountObj;
+        String code = (String) codeObj;
+        String pwd = (String) pwdObj;
+        boolean exists = redisService.hasKey(CxConstants.FORGET_PASSWORD_SEND_CODE_PREFIX+account);
+        if(!exists){
+            return R.error("验证码已过期,请重新获取");
+        }
+        String oldCodeObj = (String) redisService.getRedisCatchObj(CxConstants.FORGET_PASSWORD_SEND_CODE_PREFIX+account);
+        String oldCode = StringUtils.isBlank(oldCodeObj) ? "" : oldCodeObj;
+        if(StringUtils.isNotBlank(oldCode) && code.equals(oldCode)) {
+            SysConfigDo globalConfigObj = sysConfigService.getObjByConfigCode("global_config");
+            if (globalConfigObj != null) {
+                cn.hutool.json.JSONObject globalConfigJo = JSONUtil.parseObj(globalConfigObj.getRoption());
+                if (globalConfigJo != null) {
+                    cn.hutool.json.JSONObject configs = globalConfigJo.getJSONObject("config");
+                    if (configs != null) {
+                        Boolean enabledSqlEncode = configs.getBool("enabledSqlEncode");
+                        if (enabledSqlEncode != null && enabledSqlEncode) {
+                            cn.hutool.json.JSONObject sqlEncodeCofig = configs.getJSONObject("sqlEncodeCofig");
+                            String encodeType = sqlEncodeCofig.getStr("encodeType");
+                            if (StringUtils.isNotBlank(encodeType)) {
+                                SysConfigDo globalRsaPrviateKey = sysConfigService.getObjByConfigCode("globalRsaPrviateKey");
+                                String configcontent = globalRsaPrviateKey.getConfigcontent();
+                                if ("RSA".equals(encodeType)) {
+                                    String[] sqlStrArr = pwd.split("-_-!");
+                                    StringBuilder sb = new StringBuilder();
+                                    for (String str : sqlStrArr) {
+                                        sb.append(RsaUtil.decrypto(str, configcontent));
+                                    }
+                                    try {
+                                        pwd = URLDecoder.decode(sb.toString(), "utf-8");
+                                    } catch (Exception e) {
+                                        log.info("忘记密码解密失败:" + e);
+                                        e.printStackTrace();
+                                    }
+                                }else if("Base64".equals(encodeType)){
+                                    // 解密
+                                    Base64.Decoder decoder = Base64.getDecoder();
+                                    try {
+                                        String decode = new String(decoder.decode(pwd), "UTF-8");
+                                        pwd = URLDecoder.decode(decode, "utf-8");
+                                    } catch (UnsupportedEncodingException e) {
+                                        e.printStackTrace();
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }else{
+            return R.error("验证码错误,请检查");
+        }
+        LambdaQueryWrapper<SysUserDo> queryWrapper = Wrappers.lambdaQuery();
+        queryWrapper.and(i -> i.eq(SysUserDo::getAccount, account).
+                or().eq(SysUserDo::getMobile, account));
+        List<SysUserDo> list = sysUserService.list(queryWrapper);
+        if(list.size() > 1){
+            return R.error("手机号重复绑定,请联系系统管理员处理");
+        }else if(list.size() == 1){
+            SysUserDo sysUserDo = list.get(0);
+            String saltMd5AndSha = SecurityUtil.getSaltMd5AndSha(pwd, sysUserDo.getId());
+            if(saltMd5AndSha.equals(sysUserDo.getPassword())){
+                return R.error("新密码不能和旧密码一样");
+            }
+            sysUserDo.setPassword(saltMd5AndSha);
+            sysUserService.updateById(sysUserDo);
+            return R.ok();
+        }
+        return R.error("重置失败,请联系系统管理员排查");
+    }
+
     private R sendSmsCode(String templateId, String redisKeyName, String mobile, String redisLabelName) {
         boolean exists = redisService.hasKey(redisKeyName);
         List<String> list = new ArrayList<>();

business-common/src/main/java/com/rongwei/bscommon/sys/utils/CxConstants.java

@@ -22,6 +22,14 @@ public class CxConstants {
      * 登录发送短信标识
      */
     public final static String LOGIN_SEND_CODE_PREFIX = "getCode_";
+    /**
+     * 忘记密码发送短信标识
+     */
+    public final static String FORGET_PASSWORD_SEND_CODE_PREFIX = "forgetPassword_";
+    /**
+     * 忘记密码发送短信次数
+     */
+    public final static String FORGET_PASSWORD_COUNT_PREFIX = "forgetPasswordCount_";
     /**
      * 注册标识 -次数
      */

business-server/src/main/java/com/rongwei/bsserver/controller/ZhcxApiController.java

@@ -64,4 +64,15 @@ public class ZhcxApiController {
         return r;
     }
 
+    @RequestMapping("/forgetPwdSendSmsCode")
+    public R forgetPwdSendSmsCode(@RequestBody Map<String,Object> map){
+        R r = zhcxApiService.forgetPwdSendSmsCode(map);
+        return r;
+    }
+
+    @RequestMapping("/forgetResetPwd")
+    public R forgetResetPwd(@RequestBody Map<String,Object> map){
+        R r = zhcxApiService.forgetResetPwd(map);
+        return r;
+    }
 }