登录双因素认证后端:登录 发送验证码功能

business-common/src/main/java/com/rongwei/bscommon/sys/service/impl/ZhcxApiServiceImpl.java

@@ -2,12 +2,17 @@ package com.rongwei.bscommon.sys.service.impl;
 
 import cn.hutool.core.util.ObjectUtil;
 import com.alibaba.fastjson.JSONObject;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.rongwei.bscommon.sys.dao.ZhcxApiDao;
 import com.rongwei.bscommon.sys.service.ZhcxApiService;
 import com.rongwei.bscommon.sys.utils.HwSmsUtil;
 import com.rongwei.bsentity.vo.ZhcxOutsideInspectionVo;
 import com.rongwei.commonservice.service.RedisService;
+import com.rongwei.rwadmincommon.system.domain.SysUserDo;
+import com.rongwei.rwadmincommon.system.service.SysUserService;
 import com.rongwei.rwcommon.base.R;
+import com.rongwei.rwcommon.utils.SecurityUtil;
 import com.rongwei.rwcommon.utils.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
@@ -26,6 +31,8 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
     private ZhcxApiDao zhcxApiDao;
     @Autowired
     private RedisService redisService;
+    @Autowired
+    private SysUserService sysUserService;
 
     @Override
     public List<ZhcxOutsideInspectionVo> getOutsideInspectionList(Map<String, Object> map) {
@@ -34,16 +41,34 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
 
     @Override
     public R sendCode(Map<String, Object> map) {
-        Object phoneObj = map.get("phone");
+        //Object phoneObj = map.get("phone");
         Object loginTypeObj = map.get("loginType");
-        Object accountObj = map.get("accountObj");
-        if(ObjectUtil.isEmpty(phoneObj) || ObjectUtil.isEmpty(loginTypeObj)
-                || ObjectUtil.isEmpty(accountObj)){
+        Object accountObj = map.get("account");
+        Object passwordObj = map.get("password");
+        if(ObjectUtil.isEmpty(loginTypeObj)
+                || ObjectUtil.isEmpty(accountObj) || ObjectUtil.isEmpty(passwordObj)){
             return R.error();
         }
-        String phone = (String) phoneObj;
+        //String phone = (String) phoneObj;
         String loginType = (String) loginTypeObj;
         String account = (String) accountObj;
+        String password = (String) passwordObj;
+        LambdaQueryWrapper<SysUserDo> queryWrapper = Wrappers.lambdaQuery();
+        queryWrapper.and(i -> i.eq(SysUserDo::getAccount, account).
+                or().eq(SysUserDo::getMobile, account).
+                or().eq(SysUserDo::getEmail, account));
+        SysUserDo sysUserDo = sysUserService.getOne(queryWrapper);
+        if (sysUserDo == null || StringUtils.isEmpty(sysUserDo.getId())) {
+            return R.error("用户名密码不正确");
+        }
+        String secPas = SecurityUtil.getSaltMd5AndSha(password, sysUserDo.getId());
+        if (!secPas.equals(sysUserDo.getPassword())) {
+            return R.error("用户名密码不正确");
+        }
+        String phone = sysUserDo.getMobile();
+        if(StringUtils.isBlank(phone)){
+            return R.error("未获取到手机号,请联系系统管理员");
+        }
         boolean exists = redisService.hasKey(loginType + phone);
         String sendCodeTimeObj = (String) redisService.getRedisCatchObj(loginType + phone);
         if (StringUtils.isBlank(sendCodeTimeObj)) {
@@ -52,7 +77,7 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
         int sendCodeTime = Integer.parseInt(sendCodeTimeObj);
         if( exists && sendCodeTime >= 3 ){
             sendCodeTime += 1;
-            redisService.redisCatchInit(loginType + phone,sendCodeTime,300);
+            redisService.redisCatchInit(loginType + phone,String.valueOf(sendCodeTime),300);
             return R.error("验证发送次数频繁,请过5分钟后再尝试");
         }
         StringBuilder code = new StringBuilder();
@@ -71,9 +96,11 @@ public class ZhcxApiServiceImpl implements ZhcxApiService {
                     redisService.redisCatchInit(loginType + phone,0,300);
                 }
                 sendCodeTime += 1;
-                redisService.redisCatchInit(loginType + phone,sendCodeTime,300);
+                redisService.redisCatchInit(loginType + phone,String.valueOf(sendCodeTime),300);
                 redisService.redisCatchInit(loginType + account,code.toString(),60);
-                return R.ok("发送成功");
+                JSONObject json = new JSONObject();
+                json.put("phone",phone.replaceAll("(\\d{3})\\d{4}(\\d{4})","$1****$2"));
+                return R.ok("发送成功").putData(json);
             }
         } catch (Exception e) {
             e.printStackTrace();

business-common/src/main/java/com/rongwei/bscommon/sys/service/impl/ZhcxLoginServiceImpl.java

@@ -1,12 +1,19 @@
 package com.rongwei.bscommon.sys.service.impl;
 
 import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
+import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.rongwei.bscommon.sys.feign.RwAdminServerFeignService;
 import com.rongwei.bscommon.sys.service.ZhcxLoginService;
 import com.rongwei.commonservice.service.RedisService;
+import com.rongwei.rwadmincommon.system.domain.SysUserDo;
 import com.rongwei.rwadmincommon.system.domain.UserLoginVo;
+import com.rongwei.rwadmincommon.system.service.SysUserService;
 import com.rongwei.rwcommon.base.R;
+import com.rongwei.rwcommon.utils.SecurityUtil;
+import com.rongwei.rwcommon.utils.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.stereotype.Service;
 
 import java.util.Map;
@@ -46,11 +53,16 @@ public class ZhcxLoginServiceImpl implements ZhcxLoginService {
         if(exist){
             Object yzmObj = redisService.getRedisCatchObj(loginType + account);
             if(ObjectUtil.isEmpty(yzmObj)){
-                return R.error("未获取到验证码");
+                return R.error("未获取到验证码或验证码已过期");
             }else{
                 String yzm = (String) yzmObj;
                 if(yzm.equals(code)){
                     R r = rwAdminServerFeignService.loginIn(userLoginVo);
+                    if("200".equals(r.getCode())){
+                        RedisTemplate redisTemplate = redisService.getRedisTemplate();
+                        redisTemplate.delete(loginType + account);
+                        redisTemplate.delete(loginType + phone);
+                    }
                     return r;
                 }else {
                     return R.error("验证码错误,请重新输入");