feat：12

2025-07-22 16:17:01 +08:00
parent 6fad009386
commit 1751b28dc7
1 changed files with 38 additions and 38 deletions
--- a/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java
+++ b/coolstore-partner-web/src/main/java/com/cool/store/config/SignValidateFilter.java
@@ -101,44 +101,44 @@ public class SignValidateFilter implements Filter {
        String userStr = "";
        boolean isInWhiteList = excludePath(uri);
        log.info("url:{}, method:{}", uri, method);
-//        if ( !isInWhiteList && !method.equals("OPTIONS")) {
-//            String params = "";
-//            if("GET".equalsIgnoreCase(method)){
-//                params  =  request.getQueryString();
-//            }else if("POST".equalsIgnoreCase(method)){
-//                params = wrapper.getBody();
-//            }
-//            log.info("params:{}", params);
-//            String sign = request.getHeader("SIGN");
-//            String nonce = request.getHeader("NONCE");
-//            String timestamp = request.getHeader("TIMESTAMP");
-//            String aesPhone = request.getHeader("PHONE");
-//            String openid = request.getHeader("OPENID");
-//            if(StringUtils.isAnyBlank(sign, nonce, timestamp, aesPhone, openid)){
-//                throw new ServiceException(ErrorCodeEnum.SIGN_FAIL);
-//            }
-//            log.info("aesPhone:{}, signKey:{}", aesPhone, signKey);
-//            String phone = AESDecryptor.decrypt(aesPhone, signKey);
-//            String plaintextOpenid = AESDecryptor.decrypt(openid, signKey);
-//            String md5Value = phone + Md5Utils.md5(Md5Utils.md5(plaintextOpenid));
-//            log.info("sign:{}, nonce:{}, timestamp:{},aesPhone:{}, openid:{}, 解密后的手机号:{}, md5Value:{}, 明文plaintextOpenid:{}",
-//                    sign, nonce, timestamp, aesPhone, openid, phone, md5Value, plaintextOpenid);
-//            String signStr = timestamp + nonce + params + signKey + md5Value;
-//            String newSign = Sha1Utils.getSha1(signStr.getBytes());
-//            log.info("signStr: {}, newSign: {}", signStr, newSign);
-//            // 前后端验签不等
-//            if (!newSign.equals(sign)) {
-//                response.setStatus(HttpStatus.OK.value());
-//                response.setContentType("application/json;charset=UTF-8");
-//                response.getWriter().write(JSON.toJSONString(ResponseResult.fail(ErrorCodeEnum.SIGN_FAIL)));
-//                return;
-//            }
-//            PartnerUserInfoVO partnerUserInfoVO = wechatMiniAppService.getUserInfo(phone, plaintextOpenid);
-//            if(partnerUserInfoVO != null){
-//                userStr = JSONObject.toJSONString(partnerUserInfoVO);
-//                log.info("userStr:{}", userStr);
-//            }
-//        }
+        if ( !isInWhiteList && !method.equals("OPTIONS")) {
+            String params = "";
+            if("GET".equalsIgnoreCase(method)){
+                params  =  request.getQueryString();
+            }else if("POST".equalsIgnoreCase(method)){
+                params = wrapper.getBody();
+            }
+            log.info("params:{}", params);
+            String sign = request.getHeader("SIGN");
+            String nonce = request.getHeader("NONCE");
+            String timestamp = request.getHeader("TIMESTAMP");
+            String aesPhone = request.getHeader("PHONE");
+            String openid = request.getHeader("OPENID");
+            if(StringUtils.isAnyBlank(sign, nonce, timestamp, aesPhone, openid)){
+                throw new ServiceException(ErrorCodeEnum.SIGN_FAIL);
+            }
+            log.info("aesPhone:{}, signKey:{}", aesPhone, signKey);
+            String phone = AESDecryptor.decrypt(aesPhone, signKey);
+            String plaintextOpenid = AESDecryptor.decrypt(openid, signKey);
+            String md5Value = phone + Md5Utils.md5(Md5Utils.md5(plaintextOpenid));
+            log.info("sign:{}, nonce:{}, timestamp:{},aesPhone:{}, openid:{}, 解密后的手机号:{}, md5Value:{}, 明文plaintextOpenid:{}",
+                    sign, nonce, timestamp, aesPhone, openid, phone, md5Value, plaintextOpenid);
+            String signStr = timestamp + nonce + params + signKey + md5Value;
+            String newSign = Sha1Utils.getSha1(signStr.getBytes());
+            log.info("signStr: {}, newSign: {}", signStr, newSign);
+            // 前后端验签不等
+            if (!newSign.equals(sign)) {
+                response.setStatus(HttpStatus.OK.value());
+                response.setContentType("application/json;charset=UTF-8");
+                response.getWriter().write(JSON.toJSONString(ResponseResult.fail(ErrorCodeEnum.SIGN_FAIL)));
+                return;
+            }
+            PartnerUserInfoVO partnerUserInfoVO = wechatMiniAppService.getUserInfo(phone, plaintextOpenid);
+            if(partnerUserInfoVO != null){
+                userStr = JSONObject.toJSONString(partnerUserInfoVO);
+                log.info("userStr:{}", userStr);
+            }
+        }
        try {
            PartnerUserHolder.setUser(userStr);
            filterChain.doFilter(servletRequest, servletResponse);