小程序登录

coolstore-partner-webc/src/main/java/com/cool/store/config/SignValidateFilter.java

@@ -0,0 +1,128 @@
+package com.cool.store.config;
+
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
+import com.cool.store.context.PartnerUserHolder;
+import com.cool.store.enums.ErrorCodeEnum;
+import com.cool.store.response.ResponseResult;
+import com.cool.store.service.WechatMiniAppService;
+import com.cool.store.utils.AesUtil;
+import com.cool.store.utils.Md5Utils;
+import com.cool.store.utils.Sha1Utils;
+import com.cool.store.vo.PartnerUserInfoVO;
+import com.google.common.collect.Lists;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.core.annotation.Order;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
+
+import javax.annotation.Resource;
+import javax.servlet.*;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author ydw
+ * @Description 权限校验
+ * @date 2020/1/15
+ */
+@Component
+@Order(3)
+@Slf4j
+public class SignValidateFilter implements Filter {
+
+    @Resource
+    private WechatMiniAppService wechatMiniAppService;
+
+    @Value("${signKey}")
+    private String signKey;
+
+    private static AntPathMatcher matcher = new AntPathMatcher();
+
+    private static List<String> patternList =
+            Lists.newArrayList("/web/check/ok","/check/ok",
+                    "/partner/pc/doc.html","/partner/pc/v2/api-docs","/**/test/**","/partner/pc/feiShuLogin","/partner/pc/oss/getUploadFileConfig",
+                    "/**/swagger*/**", "/**/webjars/**");
+
+
+    /**
+     * @param uri
+     * @return boolean
+     * @throws
+     * @Title excludePath
+     * @Description 是否是放行的请求
+     */
+    private boolean excludePath(String uri) {
+        for (String pattern : patternList) {
+            if (matcher.match(pattern, uri)) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    @Override
+    public void init(FilterConfig filterConfig) throws ServletException {
+
+    }
+
+    @Override
+    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
+        HttpServletResponse response = (HttpServletResponse) servletResponse;
+        HttpServletRequest request = (HttpServletRequest) servletRequest;
+        String uri = request.getRequestURI();
+        String method = request.getMethod();
+        String userStr = "";
+        boolean isInWhiteList = excludePath(uri);
+
+        Map<String, String[]> parameterMap = request.getParameterMap();
+        String jsonStr  =  JSONObject.toJSONString(parameterMap);
+        JSONObject obj =  JSONObject.parseObject(jsonStr);
+        log.info("params:{}", obj.toJSONString());
+        String params = obj.toJSONString();
+        String sign = request.getHeader("SIGN");
+        String nonce = request.getHeader("NONCE");
+        String timestamp = request.getHeader("TIMESTAMP");
+        String aesPhone = request.getHeader("PHONE");
+        String openid = request.getHeader("OPENID");
+        String phone = AesUtil.decrypt(aesPhone, signKey);
+        String md5Value = phone + Md5Utils.md5(Md5Utils.md5(openid));
+        log.info("sign:{}, nonce:{}, timestamp:{},aesPhone:{}, openid:{}, 解密后的手机号:{}, md5Value:{}",
+                sign, nonce, timestamp, aesPhone, openid, phone, md5Value);
+        String signStr = timestamp + nonce + params + signKey + md5Value;
+        String newSign = Sha1Utils.getSha1(signStr.getBytes());
+        log.info("newSign: {}", newSign);
+
+        log.info("url:{}", uri);
+        if ( !isInWhiteList && !method.equals("OPTIONS")) {
+            // 前后端验签不等
+            if (!newSign.equals(sign)) {
+                response.setStatus(HttpStatus.OK.value());
+                response.getWriter().write(JSON.toJSONString(
+                        ResponseResult.fail(ErrorCodeEnum.SIGN_FAIL)));
+                return;
+            }
+            PartnerUserInfoVO partnerUserInfoVO = wechatMiniAppService.getUserInfo(phone, openid);
+            if(partnerUserInfoVO != null){
+                userStr = JSONObject.toJSONString(partnerUserInfoVO);
+                log.info("url:{}, userStr:{}", uri, userStr);
+            }
+        }
+        try {
+            PartnerUserHolder.setUser(userStr);
+            filterChain.doFilter(servletRequest, servletResponse);
+        } finally {
+            PartnerUserHolder.removeUser();
+        }
+    }
+
+    @Override
+    public void destroy() {
+
+    }
+}

coolstore-partner-webc/src/main/java/com/cool/store/controller/MiniProgramAppController.java

@@ -1,11 +1,12 @@
 package com.cool.store.controller;
 
 
+import com.cool.store.context.PartnerUserHolder;
 import com.cool.store.dto.wx.MiniProgramLoginDTO;
-import com.cool.store.dto.wx.MiniProgramMsgDTO;
+import com.cool.store.request.MobileUpdateRequest;
 import com.cool.store.response.ResponseResult;
 import com.cool.store.service.WechatMiniAppService;
-import com.cool.store.vo.wx.CodeSessionVO;
+import com.cool.store.vo.PartnerUserInfoVO;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.springframework.web.bind.annotation.*;
@@ -29,23 +30,24 @@ public class MiniProgramAppController {
     private WechatMiniAppService wechatMiniAppService;
 
     @ApiOperation("小程序登录")
-    @PostMapping("/code/login")
-    public ResponseResult<CodeSessionVO> login(@RequestBody @Valid MiniProgramLoginDTO param) {
-        CodeSessionVO codeSessionVO = wechatMiniAppService.miniProgramLogin(param);
-        return ResponseResult.success(codeSessionVO);
+    @PostMapping("/login")
+    public ResponseResult<PartnerUserInfoVO> login(@RequestBody @Valid MiniProgramLoginDTO param) {
+        PartnerUserInfoVO userInfoVO = wechatMiniAppService.miniProgramLogin(param);
+        return ResponseResult.success(userInfoVO);
     }
 
-    @ApiOperation("获取手机号")
-    @PostMapping("/code/getUserPhoneNumber")
-    public ResponseResult<CodeSessionVO> getUserPhoneNumber(@RequestBody @Valid MiniProgramLoginDTO param) {
-        CodeSessionVO codeSessionVO = wechatMiniAppService.getUserPhoneNumber(param);
-        return ResponseResult.success(codeSessionVO);
+    @ApiOperation("更新手机号")
+    @PostMapping("/updateUserPhoneNumber")
+    public ResponseResult<Boolean> updateUserPhoneNumber(@RequestBody @Valid MobileUpdateRequest request) {
+        PartnerUserInfoVO userInfoVO = PartnerUserHolder.getUser();
+        return ResponseResult.success(wechatMiniAppService.updateUserPhoneNumber(request, userInfoVO));
     }
 
-    @ApiOperation("获取小程序用户信息")
-    @PostMapping("/user")
-    public ResponseResult<CodeSessionVO> queryMiniProgramUser(@RequestBody @Valid MiniProgramMsgDTO param) {
-        CodeSessionVO codeSessionVO = wechatMiniAppService.queryMiniProgramUser(param);
-        return ResponseResult.success(codeSessionVO);
+    @ApiOperation("根据mobile和openId获取用户信息")
+    @PostMapping("/getUserInfo")
+    public ResponseResult<PartnerUserInfoVO> getUserInfo(@RequestParam(value = "mobile",required = false) String mobile,
+                                                      @RequestParam(value = "openId",required = false) String openId){
+        PartnerUserInfoVO userInfoVO = wechatMiniAppService.getUserInfo(mobile, openId);
+        return ResponseResult.success(userInfoVO);
     }
 }

coolstore-partner-webc/src/main/java/com/cool/store/controller/PartnerController.java

@@ -5,6 +5,8 @@ import com.cool.store.request.PartnerBaseInfoRequest;
 import com.cool.store.request.PartnerClerkInfoRequest;
 import com.cool.store.request.PartnerIntentInfoRequest;
 import com.cool.store.response.ResponseResult;
+import com.cool.store.service.HyPartnerIntentInfoService;
+import com.cool.store.service.PartnerUserInfoService;
 import com.cool.store.vo.*;
 import com.github.pagehelper.PageInfo;
 import io.swagger.annotations.Api;
@@ -14,6 +16,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.web.bind.annotation.*;
 
+import javax.annotation.Resource;
 import java.util.List;
 
 /**
@@ -27,13 +30,16 @@ import java.util.List;
 @Api(tags = "加盟商信息")
 public class PartnerController {
 
+    @Resource
+    private PartnerUserInfoService partnerUserInfoService;
 
+    @Resource
+    HyPartnerIntentInfoService hyPartnerIntentInfoService;
 
     @PostMapping(path = "/applyBaseInfo")
     @ApiOperation("提交基本信息")
     public ResponseResult<Boolean> applyBaseInfo(@RequestBody BaseUserInfoRequest baseUserInfoRequest){
-
-        return ResponseResult.success();
+        return ResponseResult.success(hyPartnerIntentInfoService.updatePartnerIntentInfo(baseUserInfoRequest));
     }
 
 

coolstore-partner-webc/src/main/resources/application-ab.properties

@@ -54,4 +54,9 @@ cdn.url=https://testhsaypic.coolstore.cn
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=77fea013c3a6459685b83c21a2fc3411

coolstore-partner-webc/src/main/resources/application-dev.properties

@@ -51,4 +51,9 @@ corp.id = 171cddee76471740
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=77fea013c3a6459685b83c21a2fc3411

coolstore-partner-webc/src/main/resources/application-hd.properties

@@ -49,4 +49,9 @@ corp.id = 171cddee76471740
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=d851f2a9ac90474abecdc2fbb148d4d7

coolstore-partner-webc/src/main/resources/application-local.properties

@@ -59,3 +59,8 @@ cdn.url=https://testhsaypic.coolstore.cn
 #TRTC
 trtc.sdkAppId=1400811820
 trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=77fea013c3a6459685b83c21a2fc3411

coolstore-partner-webc/src/main/resources/application-online.properties

@@ -49,4 +49,9 @@ corp.id = 171cddee76471740
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=d851f2a9ac90474abecdc2fbb148d4d7

coolstore-partner-webc/src/main/resources/application-pre.properties

@@ -49,4 +49,9 @@ corp.id = 171cddee76471740
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=d851f2a9ac90474abecdc2fbb148d4d7

coolstore-partner-webc/src/main/resources/application-test.properties

@@ -49,4 +49,9 @@ corp.id = 171cddee76471740
 
 #TRTC
 trtc.sdkAppId=1400811820
-trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+trtc.secretKey=4854bab106c2ca2a2fda16a8c966933e28a078a34e458999d6227e8cd8ab8219
+
+weixin.appId=wx6f984e535e571818
+weixin.appSecret=245a483747e6e9f8762d3e8539cf0318
+
+signKey=77fea013c3a6459685b83c21a2fc3411