Commit 40696f81 authored by cy's avatar cy

shiro管理

parent a1511200
......@@ -20,9 +20,11 @@
<module>wisenergy-model</module>
<module>wisenergy-mapper</module>
<module>wisenergy-service</module>
<!-- <module>wisenergy-shrio</module>-->
<module>wisenergy-web-admin</module>
</modules>
<!--POM属性变量-->
<properties>
<!-- 文件拷贝时的编码 -->
......@@ -36,6 +38,7 @@
<moduleVersion.wisenergy-model>1.0.0-${projectDevMode}</moduleVersion.wisenergy-model>
<moduleVersion.wisenergy-mapper>1.0.0-${projectDevMode}</moduleVersion.wisenergy-mapper>
<moduleVersion.wisenergy-service>1.0.0-${projectDevMode}</moduleVersion.wisenergy-service>
<!-- <moduleVersion.wisenergy-shiro>1.0.0-${projectDevMode}</moduleVersion.wisenergy-shiro>-->
<moduleVersion.wisenergy-web-admin>1.0.0-${projectDevMode}</moduleVersion.wisenergy-web-admin>
</properties>
......
......@@ -47,6 +47,8 @@
<orderEntry type="library" name="Maven: org.springframework:spring-expression:5.1.7.RELEASE" level="project" />
<orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-undertow:2.1.5.RELEASE" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-core:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.xnio:xnio-api:3.3.8.Final" level="project" />
<orderEntry type="library" scope="RUNTIME" name="Maven: org.jboss.xnio:xnio-nio:3.3.8.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-servlet:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.spec.javax.annotation:jboss-annotations-api_1.2_spec:1.0.2.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-websockets-jsr:2.0.20.Final" level="project" />
......
......@@ -16,5 +16,5 @@ public interface PriceMapper extends BaseMapper<Price> {
int count();
Price getByMoney(@Param("money") Integer money);
Price getByMoney(@Param("money") Double money);
}
......@@ -8,7 +8,7 @@ import org.apache.ibatis.annotations.Param;
import java.util.List;
import java.util.Map;
public interface StaffMapper extends BaseMapper<Banner> {
public interface StaffMapper extends BaseMapper<Staff> {
/**
* 禁用员工账号
*
......
package cn.wisenergy.mapper;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.model.app.StaffUserVip;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.apache.ibatis.annotations.Param;
import java.util.List;
public interface StaffUserVipMapper {
public interface StaffUserVipMapper extends BaseMapper<StaffUserVip> {
List<StaffUserVip> getList(@Param("staffId") Integer staffId);
List<StaffUserVip> getAllList();
int add(StaffUserVip staffUserVip);
}
......@@ -10,6 +10,7 @@
<result column="is_delete" property="isDelete"/>
<result column="create_time" property="createTime"/>
<result column="update_time" property="updateTime"/>
<result column="sex" property="sex"/>
</resultMap>
<sql id="table">
......@@ -22,12 +23,12 @@
</sql>
<sql id="cols_exclude_id">
staff_name,login_name,password, phone,is_delete,create_time,update_time
staff_name,login_name,password, phone,is_delete,create_time,update_time,sex
</sql>
<sql id="vals">
#{staffName},#{loginName},#{password},#{phone},
#{isDelete},now(),now()
#{isDelete},now(),now(),#{sex}
</sql>
<sql id="updateCondition">
......@@ -36,6 +37,7 @@
<if test="password != null">password =#{password},</if>
<if test="phone != null">phone =#{phone},</if>
<if test="isDelete != null">is_delete = #{isDelete},</if>
<if test="sex != null">sex = #{sex},</if>
update_time =now()
</sql>
......@@ -48,6 +50,7 @@
<if test="isDelete != null">and is_delete = #{isDelete}</if>
<if test="createTime != null">and create_time &gt;= #{createTime}</if>
<if test="updateTime != null">and #{updateTime} &gt;= update_time</if>
<if test="sex != null">sex = #{sex}</if>
</sql>
<insert id="addStaff" parameterType="cn.wisenergy.model.app.Staff">
......
......@@ -47,7 +47,14 @@
select user_vip_id
from <include refid="table"/>
where
staff_id=#{staffId}
is_delete = 0 and staff_id=#{staffId}
</select>
<select id="getAllList" resultMap="staffUserMap">
select user_vip_id
from <include refid="table"/>
where
is_delete = 0
</select>
<insert id="add" parameterType="cn.wisenergy.model.app.StaffUserVip">
......
......@@ -68,7 +68,7 @@
<if test="isDelete != null">and is_delete = #{isDelete}</if>
<if test="createTime != null">and create_time &gt;= #{createTime}</if>
<if test="updateTime != null">and #{updateTime} &gt;= update_time</if>
<if test="isVip != null">and is_vip = #{isVip},</if>
<if test="isVip != null">and is_vip = #{isVip}</if>
<if test="openid != null">and openid =#{openid}</if>
</sql>
......@@ -188,21 +188,20 @@
<include refid="table"/>
<where>
is_delete=0
<if test="list != null">
<if test="list != null and (list.size)>0">
and id in
<foreach collection="list" index="index" item="id" separator="," open="(" close=")">
#{id.userVipId}
</foreach>
</if>
<if test="userName != null">and user_name like ('%' #{userName} '%')</if>
<if test="phone != null">and phone like ('%' #{phone} '%')</if>
<if test="userName != null and userName!=''"> and user_name like ('%' #{userName} '%')</if>
<if test="phone != null and phone!=''"> and phone like ('%' #{phone} '%')</if>
order by create_time desc
<if test="pageNo != null">
limit #{pageNo},#{pageSize}
</if>
</where>
</select>
</mapper>
......@@ -123,7 +123,7 @@
</foreach>
</if>
order by major_name,lowest_mark desc
limit #{number}
</where>
</select>
......
......@@ -51,6 +51,8 @@
<orderEntry type="library" name="Maven: org.springframework:spring-expression:5.1.7.RELEASE" level="project" />
<orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-undertow:2.1.5.RELEASE" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-core:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.xnio:xnio-api:3.3.8.Final" level="project" />
<orderEntry type="library" scope="RUNTIME" name="Maven: org.jboss.xnio:xnio-nio:3.3.8.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-servlet:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.spec.javax.annotation:jboss-annotations-api_1.2_spec:1.0.2.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-websockets-jsr:2.0.20.Final" level="project" />
......
package cn.wisenergy.model.app;
import com.baomidou.mybatisplus.annotation.TableName;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
......@@ -12,6 +13,7 @@ import java.util.Date;
*/
@Data
@ApiModel(value = "AccountInfo")
@TableName("account")
public class AccountInfo implements Serializable {
private static final long serialVersionUID = 3050641578536493424L;
......
......@@ -52,7 +52,7 @@ public class PayRecord implements Serializable {
* 充值所花金额
*/
@ApiModelProperty(value = "充值所花金额",name = "money")
private Integer money;
private Double money;
/**
* 充值结果 0:成功 1:失败
......
......@@ -36,7 +36,7 @@ public class Price implements Serializable {
* 购买需要的钱
*/
@ApiModelProperty(value = "购买需要的钱", name = "money")
private Integer money;
private Double money;
/**
* 创建时间
......
......@@ -59,4 +59,10 @@ public class Staff implements Serializable {
*/
@ApiModelProperty(name = "updateTime", value = "修改时间")
private Date updateTime;
/**
* 性别
*/
@ApiModelProperty(name = "sex", value = "性别")
private Integer sex;
}
......@@ -75,9 +75,9 @@ public class User implements Serializable {
private Integer examType;
/**
* 来源 1:PC 2: APP
* 来源 1:PC 2:h5 3:小程序
*/
@ApiModelProperty(name = "source", value = "来源 1:PC 2: APP")
@ApiModelProperty(value = "来源 1:PC 2:h5 3:小程序", name = "source")
private Integer source;
/**
......
......@@ -18,7 +18,7 @@ public class PayPageDto {
/**
* 支付金额 :金额不能为0
*/
private Integer total;
private Double total;
/**
* 用户id
......
......@@ -5,6 +5,7 @@ import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import java.io.Serializable;
import java.util.Date;
@Data
@ApiModel("StaffDto")
......@@ -29,4 +30,27 @@ public class StaffDto implements Serializable {
@ApiModelProperty(name = "phone",value = "电话号码")
private String phone;
/**
* 性别(0:男 1:女)
*/
@ApiModelProperty(name = "sex", value = "性别(0:男 1:女)")
private Integer sex;
/**
* 更新时间
*/
@ApiModelProperty(value = "更新时间",name = "updateTime")
private Date updateTime;
/**
* 创建时间
*/
@ApiModelProperty(value = "创建时间",name = "createTime")
private Date createTime;
/**
* 是否禁用(0:正常 1:禁用)
*/
@ApiModelProperty(name = "isDelete", value = "是否禁用(0:正常 1:禁用)")
private Integer isDelete;
}
......@@ -153,7 +153,11 @@ public class UserInfoDto implements Serializable {
@ExcelProperty(value = "用户最后登陆时间")
private Date lastLoginTime;
/**
* 员工名称
*/
@ApiModelProperty(name = "staffName",value = "员工名字")
private String staffName;
}
......@@ -34,7 +34,7 @@ public class AddLimitVo implements Serializable {
* 支付金额
*/
@ApiModelProperty(value = "支付金额", name = "payMoney")
private Integer payMoney;
private Double payMoney;
/**
* 充值卡密码
......
package cn.wisenergy.model.vo;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
@Data
@ApiModel("StaffLoginVo")
public class StaffLoginVo {
/**
* 员工账号
*/
@ApiModelProperty(name = "loginName",value = "员工账号")
private String loginName;
/**
* 账号密码
*/
@ApiModelProperty(name="password",value = "账号密码")
private String password;
}
......@@ -35,4 +35,15 @@ public class StaffVo implements Serializable {
@ApiModelProperty(name = "phone",value = "电话号码")
private String phone;
/**
* 性别(0:男 1:女)
*/
@ApiModelProperty(name = "sex", value = "性别")
private Integer sex;
/**
* 是否禁用(0:正常 1:禁用)
*/
@ApiModelProperty(name = "isDelete", value = "是否禁用")
private Integer isDelete;
}
......@@ -42,8 +42,8 @@ public class UserLoginVo implements Serializable {
private Integer scene;
/**
* 来源: 1:PC 2:APP
* 来源 1:PC 2:h5 3:小程序
*/
@ApiModelProperty(value = "来源: 1:PC 2:APP", name = "source")
@ApiModelProperty(value = "来源 1:PC 2:h5 3:小程序", name = "source")
private Integer source;
}
......@@ -37,9 +37,9 @@ public class UserRegisterVo implements Serializable {
private String smCode;
/**
* 来源 1:PC 2:APP
* 来源 1:PC 2:h5 3:小程序
*/
@ApiModelProperty(value = "来源 1:PC 2:APP", name = "source")
@ApiModelProperty(value = "来源 1:PC 2:h5 3:小程序", name = "source")
private Integer source;
/**
......
......@@ -63,9 +63,9 @@ public class UserVipCommitVo implements Serializable {
private Integer studentType;
/**
* 用户来源 1:PC 2:APP
* 来源 1:PC 2:h5 3:小程序
*/
@ApiModelProperty(value = "用户来源 1:PC 2:APP", name = "source")
@ApiModelProperty(value = "来源 1:PC 2:h5 3:小程序", name = "source")
private Integer source;
......
......@@ -49,6 +49,8 @@
<orderEntry type="library" name="Maven: org.springframework:spring-expression:5.1.7.RELEASE" level="project" />
<orderEntry type="library" name="Maven: org.springframework.boot:spring-boot-starter-undertow:2.1.5.RELEASE" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-core:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.xnio:xnio-api:3.3.8.Final" level="project" />
<orderEntry type="library" scope="RUNTIME" name="Maven: org.jboss.xnio:xnio-nio:3.3.8.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-servlet:2.0.20.Final" level="project" />
<orderEntry type="library" name="Maven: org.jboss.spec.javax.annotation:jboss-annotations-api_1.2_spec:1.0.2.Final" level="project" />
<orderEntry type="library" name="Maven: io.undertow:undertow-websockets-jsr:2.0.20.Final" level="project" />
......
......@@ -80,6 +80,7 @@
<artifactId>itext-asian</artifactId>
<version>5.2.0</version>
</dependency>
</dependencies>
<!-- MAVEN构建 -->
......
......@@ -40,4 +40,11 @@ public interface StaffService {
* @return true: 成功 false:失败
*/
R<Boolean> addStaff(StaffVo staff);
/**
* 重置密码
* @param staffId 员工id
* @return
*/
R<Boolean> resetPassword(Integer staffId);
}
......@@ -3,10 +3,7 @@ package cn.wisenergy.service.app;
import cn.wisenergy.common.utils.R;
import cn.wisenergy.model.app.Local;
import cn.wisenergy.model.dto.UserInfoDto;
import cn.wisenergy.model.vo.AccountLoginVo;
import cn.wisenergy.model.vo.UserQueryVo;
import cn.wisenergy.model.vo.UserVipCommitVo;
import cn.wisenergy.model.vo.UserVipQueryVo;
import cn.wisenergy.model.vo.*;
import com.github.pagehelper.PageInfo;
import javax.servlet.http.HttpServletResponse;
......@@ -19,7 +16,7 @@ public interface StaffUserVipService {
*
* @return true:成功 false:失败
*/
R<Boolean> staffLogin(AccountLoginVo accountLoginVo);
R<StaffVo> staffLogin(StaffLoginVo loginVo);
/**
* 获取员工学生关系表
......@@ -29,6 +26,7 @@ public interface StaffUserVipService {
*/
R<PageInfo<UserInfoDto>> getList(UserVipQueryVo userVipQueryVo);
/**
* 添加员工和vip客户关系
* @param staffId 员工id
......
......@@ -29,7 +29,7 @@ public interface UserLoginService {
* @param userLoginVo 登录信息
* @return true 成功 false 失败
*/
R<UserInfoVo> loginCode(UserLoginVo userLoginVo);
R<UserInfoVo> loginCode(UserLoginVo userLoginVo, HttpServletRequest request);
/**
* 手机-密码登录
......@@ -39,6 +39,14 @@ public interface UserLoginService {
*/
R<UserInfoVo> login(UserLoginVo userLoginVo, HttpServletRequest request);
/**
* 手机-密码登录测试
*
* @param userLoginVo 登录信息
* @return true 成功 false 失败
*/
R<UserInfoVo> loginTest(UserLoginVo userLoginVo, HttpServletRequest request) throws Exception;
/**
* 退出登录
*
......@@ -47,6 +55,8 @@ public interface UserLoginService {
*/
R<Boolean> loginOut(Integer userId);
/**
* 修改密码
*
......
......@@ -40,11 +40,5 @@ public interface VolunteerService extends IService<Volunteer> {
*/
void excelTemplate(HttpServletResponse response) throws IOException;
/**
* Excel批量添加方案志愿
* @param file 志愿文件
* @param response 相应数据
* @throws IOException 异常
*/
void ceshi(MultipartFile file, HttpServletResponse response) throws IOException;
}
......@@ -6,8 +6,15 @@ import cn.wisenergy.mapper.AccountMapper;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.model.dto.AccountDto;
import cn.wisenergy.model.vo.AccountLoginVo;
import cn.wisenergy.model.vo.UserInfoVo;
import cn.wisenergy.service.app.AccountSerivce;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
......@@ -33,8 +40,10 @@ public class AccountSerivceImpl implements AccountSerivce {
if (StringUtils.isEmpty(accountLoginVo.getUserName())||StringUtils.isEmpty(accountLoginVo.getPassword())) {
return R.error("账号或密码为空");
}
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(accountLoginVo.getUserName(),accountLoginVo.getPassword(),"admin" );
//创建参数容器map
/*//创建参数容器map
HashMap<String, Object> map = new HashMap<>(4);
map.put("userName",accountLoginVo.getUserName());
......@@ -51,8 +60,23 @@ public class AccountSerivceImpl implements AccountSerivce {
}
//查询超过则进行数据copy
AccountDto accountDto = new AccountDto();
BeanUtils.copyProperties(accountInfo,accountDto);
BeanUtils.copyProperties(accountInfo,accountDto);*/
//返回数据
return R.ok(accountDto);
try {
subject.login(token);
AccountDto accountDto = new AccountDto();
AccountInfo info=(AccountInfo)SecurityUtils.getSubject().getPrincipal();
accountDto.setId(info.getId());
accountDto.setUserName(info.getUserName());
return R.ok(0, accountDto);
} catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
} catch (LockedAccountException e) {
return R.error(1, "登录失败!请联系管理员");
} catch (AuthenticationException e) {
return R.error(1, "该用户不存在");
} catch (Exception e) {
return R.error(1, "系统异常");
}
}
}
......@@ -65,8 +65,6 @@ public class AliPayServiceImpl implements AliPayService {
AlipayClient alipayClient = new DefaultAlipayClient(Common.PAY_URL, APP_ID, PRIVATE_KEY, "json", CHARSET, ALIPAY_PUBLIC_KEY, "RSA2");
AlipayTradePagePayRequest alipayRequest = new AlipayTradePagePayRequest();
String tradeNo = "21" + System.currentTimeMillis();
int random=(int)(Math.random()*10+1);
double amount = random/100;
//支付成功跳转地址
alipayRequest.setReturnUrl(Common.RETURN_URL_PC);
//支付回调地址
......@@ -74,8 +72,7 @@ public class AliPayServiceImpl implements AliPayService {
//alipayRequest.setNotifyUrl("http://bga7hc.natappfree.cc/pay/aliPayCallBack.do");
alipayRequest.setBizContent("{" +
"\"out_trade_no\":\"" + tradeNo + "\"," +
//"\"total_amount\":" + payPageDto.getTotal() + "," +
"\"total_amount\":" + amount + "," +
"\"total_amount\":" + payPageDto.getTotal() + "," +
"\"subject\":\"充值\"," +
"\"body\":\"充值\"," +
"\"product_code\":\"FAST_INSTANT_TRADE_PAY\"" +
......@@ -120,8 +117,6 @@ public class AliPayServiceImpl implements AliPayService {
AlipayClient alipayClient = new DefaultAlipayClient(Common.PAY_URL, APP_ID, PRIVATE_KEY, "json", CHARSET, ALIPAY_PUBLIC_KEY, "RSA2");
AlipayTradeWapPayRequest alipayRequest = new AlipayTradeWapPayRequest();
String tradeNo = "21" + System.currentTimeMillis();
int random=(int)(Math.random()*10+1);
double amount = random/100;
//支付成功跳转地址
alipayRequest.setReturnUrl(Common.RETURN_URL_WAP);
//支付后回调地址
......@@ -129,8 +124,7 @@ public class AliPayServiceImpl implements AliPayService {
alipayRequest.setBizContent("{" +
"\"out_trade_no\":\"" + tradeNo + "\"," +
//"\"total_amount\":" + payPageDto.getTotal() + "," +
"\"total_amount\":" + amount + "," +
"\"total_amount\":" + payPageDto.getTotal() + "," +
"\"subject\":\"充值\"," +
"\"body\":\"充值\"," +
"\"product_code\":\"QUICK_WAP_WAY\"" +
......
......@@ -186,7 +186,7 @@ public class SchemeServiceImpl extends ServiceImpl<SchemeMapper, SchemeInfo> imp
//判断考生是否有报取资格
//专科类比分 = 本年录取分 -去年录取分 + 考生分数
double secondCulture = secondRule.getCurrentYearCulture() - secondRule.getCultureMin() +
Double.parseDouble(queryVo.getMajorGrade());
Double.parseDouble(queryVo.getCultureGrade());
double secondMajor = secondRule.getCurrentYearMajor() - secondRule.getProfessionMin() +
Double.parseDouble(queryVo.getMajorGrade());
if (secondCulture < secondRule.getCultureMin() || secondMajor < secondRule.getProfessionMin()) {
......@@ -247,6 +247,13 @@ public class SchemeServiceImpl extends ServiceImpl<SchemeMapper, SchemeInfo> imp
//设置查询时间
SetQueryTime(result);
volunteerVo.setVolunteers(result);
List<Volunteer> volunteers = volunteerVo.getVolunteers();
//除本科文化以外,其余最低位次用--代替
for (Volunteer info : volunteers) {
if (info.getType()!= SchemeTypeEnums.UNDERGRADUATE_CULTURE.getCode()) {
info.setLowestRank("--");
}
}
return R.ok(volunteerVo);
}
......@@ -264,6 +271,7 @@ public class SchemeServiceImpl extends ServiceImpl<SchemeMapper, SchemeInfo> imp
SetQueryTime(list);
volunteerVo.setVolunteers(list);
volunteerVo.setTotal(list.size());
return R.ok(volunteerVo);
}
......@@ -998,6 +1006,7 @@ public class SchemeServiceImpl extends ServiceImpl<SchemeMapper, SchemeInfo> imp
* @return 集合
*/
private List<Volunteer> fillUpVolunteer(List<Volunteer> list, Integer number, double max, double min, Integer type) {
//已存在的志愿ids
List<Integer> volunteerIds = list.stream().map(Volunteer::getId).collect(Collectors.toList());
......@@ -1006,11 +1015,56 @@ public class SchemeServiceImpl extends ServiceImpl<SchemeMapper, SchemeInfo> imp
Map<String, Object> map = new HashMap<>(16);
map.put("volunteerIds", volunteerIds);
map.put("number", totalNumber);
map.put("upGrade", max);
map.put("downGrade", min);
map.put("type", type);
return volunteerMapper.getFillList(map);
List<Volunteer> fillList = volunteerMapper.getFillList(map);
List<Volunteer> resultList = new ArrayList<>();
List<Volunteer> otherList = new ArrayList<>();
Map<Double, List<Volunteer>> mapObj = fillList.stream().collect(Collectors.groupingBy(Volunteer::getLowestMark
));
for (Map.Entry<Double, List<Volunteer>> entry : mapObj.entrySet()) {
List<Volunteer> volunteers = entry.getValue();
if (volunteers.size() > 1) {
Random mRandom = new Random();
int count = mRandom.nextInt(volunteers.size());
resultList.add(volunteers.get(count));
volunteers.remove(count);
otherList.addAll(volunteers);
} else {
resultList.addAll(volunteers);
}
if (resultList.size() >= totalNumber) {
return resultList.subList(0, totalNumber);
}
}
//从剩下的数据中随机抽取,添满数组
if (resultList.size() < totalNumber) {
int num = totalNumber - resultList.size();
List<Volunteer> volunteers = new ArrayList<>();
if (otherList.size() > 0) {
for (int i = 0; i < num; i++) {
Random mRandom = new Random();
if (otherList.size() > 0) {
int count = mRandom.nextInt(otherList.size());
if (resultList.contains(otherList.get(count))) {
otherList.remove(count);
continue;
}
volunteers.add(otherList.get(count));
otherList.remove(count);
} else {
break;
}
}
}
resultList.addAll(volunteers);
}
return resultList;
}
/**
......
......@@ -71,7 +71,9 @@ public class SendSmsSerViceImpl implements SendSmsSerVice {
//保存验证到缓存,以便做验证
String source = SourceType.getByCode(sendSmsVo.getSource());
String scene = SceneType.getNameByCode(sendSmsVo.getScene());
boolean bool = redisService.set(CachePrefix.SMS_CODE.getPrefix() + scene + "_" +
/* boolean bool = redisService.set(CachePrefix.SMS_CODE.getPrefix() + scene + "_" +
source + "_" + sendSmsVo.getPhone(), code, Common.SMS_TIMEOUT);*/
boolean bool = redisService.set(CachePrefix.SMS_CODE.getPrefix() + "_" +
source + "_" + sendSmsVo.getPhone(), code, Common.SMS_TIMEOUT);
log.info(CachePrefix.SMS_CODE.getPrefix());
if (!bool) {
......@@ -113,8 +115,8 @@ public class SendSmsSerViceImpl implements SendSmsSerVice {
public R<Boolean> valid(String phone, String code, Integer type, String source) {
String value = SceneType.getNameByCode(type);
//获取短信验证码key
String key = CachePrefix.SMS_CODE.getPrefix() + value + "_" + source + "_" + phone;
//String key = CachePrefix.SMS_CODE.getPrefix() + value + "_" + source + "_" + phone;
String key = CachePrefix.SMS_CODE.getPrefix() + "_" + source + "_" + phone;
//判断缓存是否过期
long time = redisService.getExpire(key);
if (time < 0) {
......
......@@ -3,12 +3,15 @@ package cn.wisenergy.service.app.impl;
import cn.wisenergy.common.utils.Md5Util;
import cn.wisenergy.common.utils.R;
import cn.wisenergy.mapper.StaffMapper;
import cn.wisenergy.model.app.Banner;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.model.app.User;
import cn.wisenergy.model.dto.StaffDto;
import cn.wisenergy.model.dto.UserInfoDto;
import cn.wisenergy.model.vo.QueryVo;
import cn.wisenergy.model.vo.StaffVo;
import cn.wisenergy.service.app.StaffService;
import cn.wisenergy.service.common.Common;
import com.github.pagehelper.PageInfo;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.BeanUtils;
......@@ -164,4 +167,25 @@ public class StaffServiceImpl implements StaffService {
}
return R.ok(0,true);
}
@Override
public R<Boolean> resetPassword(Integer staffId) {
log.info("volunteer-service[]UserLoginServiceImpl[]resetPassword[]input.param.staffId:" + staffId);
if (null == staffId) {
return R.error("入参为空!");
}
//获取用户信息
Staff staff = staffMapper.selectById(staffId);
//加密重置密码
String password = Md5Util.digestMD5(Common.RESET_PASSWORD_VALUE + staff.getPhone());
staff.setPassword(password);
staff.setId(staffId);
int count = staffMapper.updateById(staff);
if (count == 0) {
return R.ok(1, false);
}
return R.ok(0, true);
}
}
......@@ -18,6 +18,12 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import com.github.pagehelper.PageInfo;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
......@@ -62,42 +68,74 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
@Autowired
private LocalMapper localMapper;
//初始密码
private static final String PASSWORD = "123456";
@Override
public R<Boolean> staffLogin(AccountLoginVo loginVo) {
public R<StaffVo> staffLogin(StaffLoginVo loginVo) {
log.info("StaffUserVipServiceImpl[].staffLogin[].input:param:" + loginVo);
//判断参数是否为空
if (null == loginVo || StringUtils.isBlank(loginVo.getUserName()) || StringUtils.isBlank(loginVo.getPassword())) {
if (null == loginVo || StringUtils.isBlank(loginVo.getLoginName()) || StringUtils.isBlank(loginVo.getPassword())) {
return R.error("账号或密码为空");
}
//创建参数容器map
/* //创建参数容器map
HashMap<String, Object> map = new HashMap<>(4);
map.put("loginName", loginVo.getUserName());
map.put("loginName", loginVo.getLoginName());
//查询管理者信息
Staff staff = staffMapper.getStaff(map);
if (null == staff) {
Staff staff = staffMapper.getStaff(map);*/
/* if (null == staff) {
return R.error("用户不存在");
}
if (!staff.getPassword().equals(Md5Util.digestMD5(loginVo.getPassword()))) {
return R.error("账号或者密码错误");
}*/
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(loginVo.getPassword() );
UsernamePasswordToken token = new UsernamePasswordToken(loginVo.getLoginName(), credentialsSalt,"staff");
try {
subject.login(token);
QueryWrapper<Staff> objectQueryWrapper = new QueryWrapper<>();
objectQueryWrapper.eq("login_name",loginVo.getLoginName());
Staff staffInfo = staffMapper.selectOne(objectQueryWrapper);
StaffVo staffVo = new StaffVo();
staffVo.setId(staffInfo.getId());
staffVo.setLoginName(staffInfo.getLoginName());
staffVo.setStaffName(staffInfo.getStaffName());
staffVo.setPhone(staffInfo.getPhone());
staffVo.setSex(staffInfo.getSex());
return R.ok(0, staffVo);
} catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
} catch (LockedAccountException e) {
return R.error(1, "登录失败!请联系管理员");
} catch (AuthenticationException e) {
return R.error(1, "该用户不存在");
} catch (Exception e) {
return R.error(1, "系统异常");
}
return R.ok(0, true);
}
@Override
public R<PageInfo<UserInfoDto>> getList(UserVipQueryVo queryVo) {
log.info("StaffUserVipServiceImpl[].getList[].input.param:" + queryVo);
if (null==queryVo||null==queryVo.getStaffId()) {
if (null==queryVo) {
return R.error("入参为空");
}
List<StaffUserVip> listStaff = staffUserVipMapper.getList(queryVo.getStaffId());
List<StaffUserVip> listStaff = new ArrayList<>();
if(null != queryVo.getStaffId()){
listStaff = staffUserVipMapper.getList(queryVo.getStaffId());
}else{
listStaff = staffUserVipMapper.getAllList();
}
//创建参数容器
Map<String, Object> map = new HashMap<>(4);
......@@ -142,20 +180,20 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
Integer rechargeTimes = 0;
//支付宝充值总金额
Integer alipayMoney = 0;
Double alipayMoney = null;
//微信充值总金额
Integer weChatMoney = 0;
Double weChatMoney = null;
if (!CollectionUtils.isEmpty(byId)) {
for (PayRecord payRecord : byId) {
if (payRecord.getType() == 1) {
alipayMoney += Integer.valueOf(null == payRecord.getMoney() ? 0 : payRecord.getMoney());
alipayMoney += Double.valueOf(null == payRecord.getMoney() ? 0 : payRecord.getMoney());
}
if (payRecord.getType() == 2) {
weChatMoney += Integer.valueOf(null == payRecord.getMoney() ? 0 : payRecord.getMoney());
weChatMoney += Double.valueOf(null == payRecord.getMoney() ? 0 : payRecord.getMoney());
}
if (payRecord.getType() == 3) {
......@@ -172,6 +210,13 @@ public class StaffUserVipServiceImpl extends ServiceImpl<LocalMapper, Local> imp
userInfoDto.setUserId(user.getId());
userInfoDto.setRegisterTime(user.getCreateTime());
list.add(userInfoDto);
for(UserInfoDto userInfo : list){
QueryWrapper<StaffUserVip> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("user_vip_id",userInfo.getUserId());
StaffUserVip staffUserVip = staffUserVipMapper.selectOne(queryWrapper);
Staff staff = staffMapper.selectById(staffUserVip.getStaffId());
userInfo.setStaffName(staff.getStaffName());
}
}
PageInfo<UserInfoDto> info = new PageInfo<>();
......
......@@ -117,7 +117,7 @@ public class TestWxPayServiceImpl implements TestWxPayService {
System.out.println(orderInfo);
//调用统一下单接口
Map<String, String> map = unifiedOrder(unifiedOrderUrl,orderInfo);
String urlString = URLEncoder.encode("http://111.203.232.171:8999/#/history", "GBK");
String urlString = URLEncoder.encode("https://jygkzy.com/#/history", "GBK");
String mweb_url = map.get("mweb_url") + "&redirect_url=" + urlString;
log.info("返回信息:", map.get("return_msg"));
if (map!=null && "SUCCESS".equals(map.get("return_code")) && "SUCCESS".equals(map.get("result_code"))) {
......@@ -182,7 +182,7 @@ public class TestWxPayServiceImpl implements TestWxPayService {
return R.ok("0",mapParams);
} catch (Exception e) {
e.printStackTrace();
return R.error("获取mweb_url失败");
return R.error("支付参数获取失败");
}
}
......
......@@ -15,6 +15,7 @@ import cn.wisenergy.model.vo.UserLoginVo;
import cn.wisenergy.model.vo.UserRegisterVo;
import cn.wisenergy.service.app.SendSmsSerVice;
import cn.wisenergy.service.app.UserLoginService;
import cn.wisenergy.service.cache.RedisService;
import cn.wisenergy.service.common.Common;
import cn.wisenergy.service.common.VolunteerManager;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
......@@ -22,12 +23,22 @@ import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.util.HashMap;
import java.util.Map;
/**
* @author 86187
......@@ -52,6 +63,8 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
@Autowired
private VolunteerManager volunteerManager;
@Autowired
private RedisService redisService;
//VIP客户初始密码
private static final String PASSWORD = "123456";
......@@ -90,32 +103,45 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
}
@Override
public R<UserInfoVo> loginCode(UserLoginVo userVo) {
public R<UserInfoVo> loginCode(UserLoginVo userVo, HttpServletRequest request) {
log.info("volunteer-service[]UserLoginServiceImpl[]loginCode[]input.param.userVo:" + userVo);
if (null == userVo || StringUtils.isBlank(userVo.getPhone()) || StringUtils.isBlank(userVo.getCode()) ||
null == userVo.getSource() || null == userVo.getScene()) {
return R.error("入参为空!");
}
//1、判断手机号账户是否存在
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", userVo.getPhone());
queryWrapper.eq("is_delete", 0);
User user = baseMapper.selectOne(queryWrapper);
if (null == user) {
/* if (null == user) {
return R.error("该手机号未注册,请先注册!");
}
}*/
//2、判断验证码是否正确
String source = SourceType.getByCode(userVo.getSource());
/* String source = SourceType.getByCode(userVo.getSource());
R<Boolean> result = sendSmsSerVice.valid(userVo.getPhone(), userVo.getCode(), userVo.getScene(), source);
if (null != result && result.getCode() == ERROR_CODE) {
return R.error(result.getMessage());
}
}*/
//判断该用户是否登录,保存session到redis
/* User userInfo = (User) request.getSession().getAttribute("user");
if (null != userInfo && userInfo.getId().equals(user.getId())) {
HttpSession session = (HttpSession) redisService.get(user.getId().toString());
session.invalidate();
request.getSession().setAttribute("user", user);
redisService.set(user.getId().toString(), request.getSession());
System.out.println(redisService.get(user.getId().toString()));
}*/
//3、保存登录信息
LoginRecord loginRecord = new LoginRecord();
/* LoginRecord loginRecord = new LoginRecord();
loginRecord.setType(OperationTypeEnum.USER_LOGIN.getCode());
loginRecord.setUserId(user.getId());
String name = OperationTypeEnum.getByCode(OperationTypeEnum.USER_LOGIN.getCode());
......@@ -127,7 +153,39 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
userInfoVo.setPhone(user.getPhone());
return R.ok(userInfoVo);*/
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userVo.getPassword() + userVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userVo.getPhone(), credentialsSalt,"user");
try {
subject.login(token);
//3、构造返回参数
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
userInfoVo.setPhone(user.getPhone());
//3、保存操作记录
LoginRecord loginRecord = new LoginRecord();
loginRecord.setType(OperationTypeEnum.USER_LOGIN.getCode());
loginRecord.setUserId(user.getId());
String name = OperationTypeEnum.getByCode(OperationTypeEnum.USER_LOGIN.getCode());
loginRecord.setOperationName(name);
int sum = loginRecordMapper.add(loginRecord);
if (sum == 0) {
return R.error("保存操作记录失败!");
}
return R.ok(userInfoVo);
}catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
} catch (LockedAccountException e) {
return R.error(1, "登录失败!请联系管理员");
} catch (AuthenticationException e) {
return R.error(1, "该用户不存在");
} catch (Exception e) {
return R.error(1, "系统异常");
}
}
@Override
......@@ -142,6 +200,41 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
queryWrapper.eq("phone", userVo.getPhone());
queryWrapper.eq("is_delete", 0);
User user = usersMapper.selectOne(queryWrapper);
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userVo.getPassword() + userVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userVo.getPhone(), credentialsSalt,"user");
try {
subject.login(token);
//3、构造返回参数
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
userInfoVo.setPhone(user.getPhone());
//3、保存操作记录
LoginRecord loginRecord = new LoginRecord();
loginRecord.setType(OperationTypeEnum.USER_LOGIN.getCode());
loginRecord.setUserId(user.getId());
String name = OperationTypeEnum.getByCode(OperationTypeEnum.USER_LOGIN.getCode());
loginRecord.setOperationName(name);
int sum = loginRecordMapper.add(loginRecord);
if (sum == 0) {
return R.error("保存操作记录失败!");
}
return R.ok(userInfoVo);
}catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
} catch (LockedAccountException e) {
return R.error(1, "登录失败!请联系管理员");
} catch (AuthenticationException e) {
return R.error(1, "该用户不存在");
} catch (Exception e) {
return R.error(1, "系统异常");
}
/*
if (null == user) {
return R.error("该用户不存在,请您注册账号!");
}
......@@ -152,10 +245,9 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
if (!user.getPassword().equals(secret)) {
return R.error("密码错误,请您输入正确密码!");
}
HttpSession session = request.getSession();
String seeionId = session.getId();
//3、构造返回参数
}*/
/* //3、构造返回参数
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setUserName(user.getUserName());
......@@ -171,7 +263,37 @@ public class UserLoginServiceImpl extends ServiceImpl<UsersMapper, User> impleme
if (sum == 0) {
return R.error("保存操作记录失败!");
}
return R.ok(userInfoVo);
return R.ok(userInfoVo);*/
}
@Override
public R<UserInfoVo> loginTest(UserLoginVo userLoginVo, HttpServletRequest request) throws Exception {
//1、根据手机号,获取用户信息
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", userLoginVo.getPhone());
queryWrapper.eq("is_delete", 0);
User user = usersMapper.selectOne(queryWrapper);
Subject subject = SecurityUtils.getSubject();
String credentialsSalt = Md5Util.digestMD5(userLoginVo.getPassword() + userLoginVo.getPhone());
UsernamePasswordToken token = new UsernamePasswordToken(userLoginVo.getPhone(), credentialsSalt,"user");
try {
subject.login(token);
UserInfoVo userInfoVo = new UserInfoVo();
userInfoVo.setUserId(user.getId());
userInfoVo.setPhone(user.getPhone());
userInfoVo.setStudentType(user.getExamType());
userInfoVo.setSex(user.getSex());
return R.ok(0, userInfoVo);
} catch (IncorrectCredentialsException e) {
return R.error(1, "账户密码错误");
} catch (LockedAccountException e) {
return R.error(1, "登录失败!请联系管理员");
} catch (AuthenticationException e) {
return R.error(1, "该用户不存在");
} catch (Exception e) {
return R.error(1, "系统异常");
}
}
@Override
......
......@@ -216,7 +216,7 @@ public class UserServiceImpl extends ServiceImpl<UsersMapper, User> implements U
@Override
public R<Boolean> edit(UserCommitDto userDto) {
if (null == userDto) {
if (null == userDto || StringUtils.isBlank(userDto.getUserName())) {
return R.error("入参为空!");
}
......
......@@ -85,33 +85,7 @@ public class VolunteerServiceImpl extends ServiceImpl<VolunteerMapper, Volunteer
volunteerManager.saveSchemeAndVolunteer(schemeInfo, list);
}
@Override
public void ceshi(MultipartFile file, HttpServletResponse response) throws IOException {
if (file == null || file.isEmpty()) {
throw new BaseException("操作错误");
}
VolunteerListener excelListener = new VolunteerListener();
//判断文件类型=
boolean valid = this.validContentType(file.getOriginalFilename());
if (!valid) {
throw new BaseException("请传入Excel文件");
}
//2.读取数据进行入库操作
EasyExcel.read(file.getInputStream(), Volunteer.class, excelListener).sheet().doRead();
List<Volunteer> list = excelListener.getList();
//3、保存方案和志愿信息
SchemeInfo schemeInfo = new SchemeInfo();
schemeInfo.setSchemeName("本科文化一批");
schemeInfo.setType(1);
schemeInfo.setUploadTime(new Date());
schemeInfo.setIsDelete(0);
volunteerManager.saveSchemeAndVolunteer(schemeInfo, list);
log.info("导入方案数据成功!");
}
@Override
public void excelTemplate(HttpServletResponse response) throws IOException {
......
......@@ -36,27 +36,27 @@ public class Common {
public static final String PAY_URL = "https://openapi.alipay.com/gateway.do";
/***
* 支付宝--回调地址(测试服务器)
* 支付宝--回调地址
*/
//测试服务器
//public static final String NOTIFY_URL = "http://111.203.232.171:8997/pay/aliPayCallBack.do";
public static final String NOTIFY_URL = "http://111.203.232.171:8997/pay/aliPayCallBack.do";
//线上
public static final String NOTIFY_URL = "https://jygkzy.com/api/pay/aliPayCallBack.do";
//public static final String NOTIFY_URL = "https://jygkzy.com/api/pay/aliPayCallBack.do";
/***
* 支付宝--pc端支付成功跳转地址
*/
//测试服务器
//public static final String RETURN_URL_PC = "http://111.203.232.171:8999/wallet";
public static final String RETURN_URL_PC = "http://111.203.232.171:8999/wallet";
//线上
public static final String RETURN_URL_PC = "https://jygkzy.com/wallet";
//public static final String RETURN_URL_PC = "https://jygkzy.com/wallet";
/***
* 支付宝--手机网页支付成功跳转地址
*/
//测试服务器
//public static final String RETURN_URL_WAP = "http://111.203.232.171:8999/#/history";
public static final String RETURN_URL_WAP = "http://111.203.232.171:8999/#/history";
//线上
public static final String RETURN_URL_WAP = "https://jygkzy.com/#/history";
//public static final String RETURN_URL_WAP = "https://jygkzy.com/#/history";
......
......@@ -5,7 +5,7 @@ import com.alibaba.excel.context.AnalysisContext;
import com.alibaba.excel.event.AnalysisEventListener;
import com.alibaba.excel.metadata.Head;
import lombok.extern.slf4j.Slf4j;
import org.springframework.util.StringUtils;
import org.apache.commons.lang.StringUtils;
import java.util.*;
......@@ -56,7 +56,7 @@ public class VolunteerListener extends AnalysisEventListener<Volunteer> {
if (StringUtils.isEmpty(volunteer.getAcademy())) {
throw new RuntimeException("院校不能为空!");
}
if (StringUtils.isEmpty(volunteer.getLowestRank())) {
if (StringUtils.isBlank(volunteer.getLowestRank())) {
volunteer.setLowestRank("--");
}
......@@ -76,7 +76,7 @@ public class VolunteerListener extends AnalysisEventListener<Volunteer> {
throw new RuntimeException("计划数数不能为空!");
}
if (StringUtils.isEmpty(volunteer.getLowestMark())) {
if (StringUtils.isEmpty(volunteer.getLowestMark().toString())) {
throw new RuntimeException("最低分不能为空!");
}
......
......@@ -136,7 +136,7 @@ public class VolunteerManager {
//3、保存充值记录
PayRecord payRecord = new PayRecord();
payRecord.setCardId(cardInfo.getId());
payRecord.setMoney(Integer.valueOf(cardInfo.getMoney()));
payRecord.setMoney(Double.valueOf(cardInfo.getMoney()));
payRecord.setPayLimit(cardInfo.getLimit());
payRecord.setResult(0);
payRecord.setType(addLimitVo.getPayType());
......
package cn.wisenergy.service.util;
import cn.wisenergy.model.vo.UserLoginVo;
import cn.wisenergy.service.cache.RedisService;
import org.springframework.beans.factory.annotation.Autowired;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
public class SessionUntil {
@Autowired
private RedisService redisService;
public String saveSession(UserLoginVo userVo, HttpServletRequest request, HttpServletResponse response){
request.getSession().setAttribute("user",userVo);
redisService.set("","");
return null;
}
}
package cn.wisenergy.service.util;
import cn.wisenergy.common.utils.R;
import cn.wisenergy.model.dto.PayPageDto;
import cn.wisenergy.service.httpClient.WechatPayHttpClientBuilder;
import cn.wisenergy.service.httpClient.auth.AutoUpdateCertificatesVerifier;
......@@ -178,7 +179,6 @@ public class WxPayUtil {
* pc端生成统一下单格式的订单,生成一个XML格式的字符串
*/
public static String createOrderInfo(PayPageDto payPageDto,String tradeNo,String product_id,String time_expire,String appid,String mchid,String key) throws UnsupportedEncodingException {
int random=(int)(Math.random()*10+1);
String nonce_str = RandomStringUtils.randomAlphanumeric(16);
SortedMap<String,String> parameters = new TreeMap<>();
parameters.put("appid", appid);
......@@ -187,8 +187,7 @@ public class WxPayUtil {
parameters.put("out_trade_no",tradeNo);
parameters.put("notify_url",WxCommon.NOTIFY_URL);
DecimalFormat df = new DecimalFormat("#");
//parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("total_fee", df.format(random));
parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("nonce_str", nonce_str);
parameters.put("trade_type","NATIVE");
parameters.put("product_id", product_id);
......@@ -212,7 +211,6 @@ public class WxPayUtil {
* h5生成统一下单格式的订单,生成一个XML格式的字符串
*/
public static String createOrderInfoH5(PayPageDto payPageDto,String tradeNo, HttpServletRequest request, String appid, String mchid, String key) {
int random=(int)(Math.random()*10+1);
String nonce_str = RandomStringUtils.randomAlphanumeric(16);
String sceneInfo="{'h5_info':{'type':'WAP','wap_url': 'https://jygkzy.com','wap_name': '充值'}}";
String spbill_create_ip = getRealIp(request);
......@@ -223,8 +221,7 @@ public class WxPayUtil {
parameters.put("out_trade_no", tradeNo);
parameters.put("nonce_str", nonce_str);
DecimalFormat df = new DecimalFormat("#");
//parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("total_fee", df.format(random));
parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("notify_url",WxCommon.NOTIFY_URL);
parameters.put("trade_type","MWEB");
parameters.put("scene_info",sceneInfo);
......@@ -247,7 +244,6 @@ public class WxPayUtil {
* 小程序生成统一下单格式的订单,生成一个XML格式的字符串
*/
public static String createOrderInfoWx(PayPageDto payPageDto,String tradeNo,String nonce_str,String Applets_ID,String secrt_key,String mchid,String key) {
int random=(int)(Math.random()*10+1);
Map<String, Object> infoByCode = WxUtil.getInfoByCode(payPageDto.getCode(), Applets_ID, secrt_key);
SortedMap<String,String> parameters = new TreeMap<>();
parameters.put("appid", Applets_ID);
......@@ -257,8 +253,7 @@ public class WxPayUtil {
parameters.put("notify_url",WxCommon.NOTIFY_URL);
parameters.put("nonce_str", nonce_str);
DecimalFormat df = new DecimalFormat("#");
//parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("total_fee", df.format(random));
parameters.put("total_fee", df.format(payPageDto.getTotal()*100));
parameters.put("trade_type","JSAPI");
parameters.put("openid", infoByCode.get("openid").toString());
parameters.put("spbill_create_ip","0.0.0.0");
......
......@@ -29,6 +29,7 @@ public class WxUtil {
} catch (Exception e) {
e.printStackTrace();
}
System.out.println("code解析数据:"+map);
return map;
}
......
......@@ -12,8 +12,8 @@ public class WxCommon {
public static final String MCHID = "1606042985";
//public static final String NOTIFY_URL = "http://111.203.232.171:8997/pay/wxPayCallBack.do";
public static final String NOTIFY_URL = "https://jygkzy.com/api/pay/wxPayCallBack.do";
public static final String NOTIFY_URL = "http://111.203.232.171:8997/pay/wxPayCallBack.do";
//public static final String NOTIFY_URL = "https://jygkzy.com/api/pay/wxPayCallBack.do";
public static final String WX_PAY_URL_pc = "https://api.mch.weixin.qq.com/v3/pay/transactions/native";
......
......@@ -4,8 +4,8 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>cn.wisenergy</groupId>
<artifactId>wisenergy-parent</artifactId>
<groupId>org.yun</groupId>
<version>1.0-SNAPSHOT</version>
<relativePath>../pom.xml</relativePath>
</parent>
......@@ -30,6 +30,6 @@
<!-- MAVEN构建 -->
<build>
<finalName>${project.artifactId}-${moduleVersion.project-shiro}</finalName>
<finalName>${project.artifactId}-${moduleVersion.wisenergy-shiro}</finalName>
</build>
</project>
\ No newline at end of file
......@@ -175,6 +175,27 @@ public class ShiroConfig {
return new ShiroRedisSessionDAO();
}
/**
* 限制同一账号登录同时登录人数控制
* @return
*/
public KickoutSessionControlFilter kickoutSessionControlFilter(){
KickoutSessionControlFilter kickoutSessionControlFilter = new KickoutSessionControlFilter();
//使用cacheManager获取相应的cache来缓存用户登录的会话;用于保存用户—会话之间的关系的;
//这里我们还是用之前shiro使用的redisManager()实现的cacheManager()缓存管理
//也可以重新另写一个,重新配置缓存时间之类的自定义缓存属性
kickoutSessionControlFilter.setCacheManager(cacheManager());
//用于根据会话ID,获取会话进行踢出操作的;
kickoutSessionControlFilter.setSessionManager(sessionManager());
//是否踢出后来登录的,默认是false;即后者登录的用户踢出前者登录的用户;踢出顺序。
kickoutSessionControlFilter.setKickoutAfter(false);
//同一个用户最大的会话数,默认1;比如2的意思是同一个用户允许最多同时两个人登录;
kickoutSessionControlFilter.setMaxSession(1);
//被踢出后重定向到的地址;
kickoutSessionControlFilter.setKickoutUrl("/kickout");
return kickoutSessionControlFilter;
}
/**
* 这里需要设置一个cookie的名称 原因就是会跟原来的session的id值重复的
*/
......
......@@ -28,6 +28,12 @@
<artifactId>shiro-spring</artifactId>
<version>1.4.0</version>
</dependency>
<dependency>
<groupId>org.crazycake</groupId>
<artifactId>shiro-redis</artifactId>
<version>3.1.0</version>
</dependency>
</dependencies>
<!-- MAVEN构建 -->
......
......@@ -11,6 +11,7 @@ import springfox.documentation.swagger2.annotations.EnableSwagger2;
/**
* 配置netty启动
*/
@EnableCaching
@SpringBootApplication(exclude = {MultipartAutoConfiguration.class})
@MapperScan(
......
......@@ -48,7 +48,6 @@ public class SchemeController {
if (null == queryVo) {
return R.error("入参为空!");
}
return schemeService.getList(queryVo);
}
......@@ -67,19 +66,6 @@ public class SchemeController {
return R.ok("添加成功");
}
@ApiOperation(value = "测试Excel", notes = "测试Excel")
@ApiImplicitParam(name = "file", value = "志愿查询参数", dataType = "MultipartFile")
@PostMapping("/excel/add/ceshi")
public R ceshi(@RequestBody MultipartFile file, HttpServletResponse response) throws IOException {
log.info("");
if (file == null || file.isEmpty()) {
throw new BaseException("操作错误");
}
volunteerService.ceshi(file, response);
return R.ok("添加成功");
}
@ApiOperation(value = "方案上传Excel模板", notes = "方案上传Excel模板")
@PostMapping("/excel/template")
......
......@@ -58,4 +58,13 @@ public class StaffController {
return staffService.delete(staffId);
}
@ApiOperation(value ="重置员工密码",notes = "重置员工密码",httpMethod = "GET")
@ApiImplicitParam(name = "staffId",value = "员工id",dataType = "int")
@GetMapping("/resetPassword")
public R<Boolean> resetPassword(Integer staffId){
log.info("StaffController[].delete[].input.param:"+staffId);
return staffService.resetPassword(staffId);
}
}
......@@ -29,7 +29,7 @@ public class StaffUserVipController {
@ApiOperation(value = "员工登录",notes = "员工登录",httpMethod = "POST")
@ApiModelProperty(name = "loginVo",value = "登录信息",dataType = "AccountLoginVo")
@PostMapping("/login")
public R<Boolean> login(@RequestBody AccountLoginVo loginVo){
public R<StaffVo> login(@RequestBody StaffLoginVo loginVo){
log.info("StaffUserVipController[].login[].input.param:"+loginVo);
return staffUserVipService.staffLogin(loginVo);
......@@ -48,7 +48,7 @@ public class StaffUserVipController {
return staffUserVipService.addUserByPhone(staffId,phone);
}
@ApiOperation(value = "查询Vip客户",notes = "查询Vip客户",httpMethod = "POST")
@ApiOperation(value = "查询Vip客户(查询所有vip客户就不用传staffId)",notes = "查询Vip客户(查询所有vip客户就不用传staffId)",httpMethod = "POST")
@ApiModelProperty(name = "queryVo",value = "vip客户信息",dataType = "UserVipQueryVo")
@PostMapping("/getList")
public R<PageInfo<UserInfoDto>> getUserVipList(@RequestBody UserVipQueryVo queryVo){
......@@ -65,10 +65,10 @@ public class StaffUserVipController {
return staffUserVipService.getLocal();
}
@ApiOperation(value = "vip客户方案查询", notes = "vip客户方案查询", httpMethod = "GET")
@ApiOperation(value = "vip客户方案查询", notes = "vip客户方案查询", httpMethod = "POST")
@ApiImplicitParam(name = "queryVo", value = "志愿查询参数", dataType = "SchemeVipVo")
@GetMapping("/getList")
public R<VolunteerVo> getList(SchemeVipVo queryVo) {
@PostMapping("/getSchemeList")
public R<VolunteerVo> getSchemeList(SchemeVipVo queryVo) {
log.info("volunteer-service[]SchemeController[]getList[]input.param.queryVo:" + queryVo);
if (null == queryVo) {
return R.error("入参为空!");
......
......@@ -10,6 +10,9 @@ import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
......@@ -48,7 +51,7 @@ public class UserLoginController extends BaseController {
@ApiOperation(value = "用户验证码登录", notes = "用户验证码登录", httpMethod = "POST")
@ApiImplicitParam(name = "userVo", value = "用户信息", dataType = "UserLoginVo")
@PostMapping("/loginCode")
public R<UserInfoVo> loginCode(@RequestBody UserLoginVo userVo) {
public R<UserInfoVo> loginCode(@RequestBody UserLoginVo userVo, HttpServletRequest request) {
log.info("volunteer-service[]UserLongController[]loginCode[]input.param.userVo:" + userVo);
if (null == userVo || StringUtils.isBlank(userVo.getPhone()) || StringUtils.isBlank(userVo.getCode()) ||
......@@ -56,7 +59,7 @@ public class UserLoginController extends BaseController {
return R.error("入参为空!");
}
return userLoginService.loginCode(userVo);
return userLoginService.loginCode(userVo,request);
}
@ApiOperation(value = "用户账号密码登录", notes = "用户账号密码登录", httpMethod = "POST")
......@@ -71,6 +74,18 @@ public class UserLoginController extends BaseController {
return userLoginService.login(userVo,request);
}
@ApiOperation(value = "用户账号密码登录--shrio测试", notes = "用户账号密码登录--shrio测试", httpMethod = "POST")
@ApiImplicitParam(name = "userVo", value = "登录用户信息", dataType = "UserLoginVo")
@PostMapping("/loginTest")
public R<UserInfoVo> loginTest(@RequestBody UserLoginVo userVo, HttpServletRequest request) throws Exception {
log.info("volunteer-service[]UserLongController[]login[]input.param.userVo:" + userVo);
if (null == userVo || StringUtils.isBlank(userVo.getPhone()) || StringUtils.isBlank(userVo.getPassword())) {
return R.error("入参不能为空!");
}
return userLoginService.loginTest(userVo,request);
}
@ApiOperation(value = "退出登录", notes = "退出登录", httpMethod = "POST")
@ApiImplicitParam(name = "outVo", value = "退出用户信息", dataType = "LoginOutVo")
......@@ -81,6 +96,7 @@ public class UserLoginController extends BaseController {
return R.error("入参不能为空!");
}
return userLoginService.loginOut(outVo.getUserId());
}
......
package cn.wisenergy.web.shir.cache;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.web.servlet.ShiroHttpServletRequest;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.apache.shiro.web.util.WebUtils;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import java.io.Serializable;
public class MySessionManager extends DefaultWebSessionManager {
//前端传递sessionid参数名称
private static final String AUTHORIZATION = "sessionId";
private static final String REFERENCED_SESSION_ID_SOURCE = "Stateless request";
public MySessionManager() {
super();
}
@Override
protected Serializable getSessionId(ServletRequest request, ServletResponse response) {
String id = WebUtils.toHttp(request).getHeader(AUTHORIZATION);
//如果请求头中有 token 则其值为sessionId
if (!StringUtils.isEmpty(id)) {
request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_SOURCE, REFERENCED_SESSION_ID_SOURCE);
request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID, id);
request.setAttribute(ShiroHttpServletRequest.REFERENCED_SESSION_ID_IS_VALID, Boolean.TRUE);
return id;
} else {
//否则按默认规则从cookie取sessionId
return super.getSessionId(request, response);
}
}
}
package cn.wisenergy.web.shir.config;
import cn.wisenergy.web.shir.cache.MySessionManager;
import cn.wisenergy.web.shir.filter.KickoutSessionControlFilter;
import cn.wisenergy.web.shir.realm.Realm;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.IRedisManager;
import org.crazycake.shiro.RedisCacheManager;
import org.crazycake.shiro.RedisManager;
import org.crazycake.shiro.RedisSessionDAO;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.Filter;
import java.util.LinkedHashMap;
import java.util.Map;
@Configuration
public class ShiroConfig {
//redis地址
@Value("${spring.redis.host}")
private String host;
//redis端口
@Value("${spring.redis.port}")
private int port;
//redis连接超时时间
@Value("${spring.redis.timeout}")
private String timeout;
//redis密码
@Value("${spring.redis.password}")
private String password;
//设置session会话过期时间为两小时
private static final Integer expireTime = 3600 * 2;
/**
* 创建ShrioFilterFactoryBean
*/
@Bean("shiroFilter")
public ShiroFilterFactoryBean getShiroFilterFactoryBean(DefaultWebSecurityManager securityManager){
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
shiroFilterFactoryBean.setSecurityManager(securityManager);
//添加shrio内置过滤器
/**
* 常用的过滤器:
* anon:无需认证(登录)就可以访问
* authc:必须认证才能访问
* user:使用rememberMe功能可以直接访问
* perms:该资源必须得到资源权限才能访问
* role:该资源必须得到角色权限才能访问
*/
Map<String,String> filterChainDefinitionMap=new LinkedHashMap<>();
//自定义拦截器
Map<String, Filter> filtersMap = new LinkedHashMap<>();
filtersMap.put("kickout",kickoutSessionControlFilter());
shiroFilterFactoryBean.setFilters(filtersMap);
filterChainDefinitionMap.put("/authInformation/save", "anon");//存储设备IMEI号和手机SIM卡ID号
filterChainDefinitionMap.put("/user/login/*", "anon"); // 登录页面-身份认证
filterChainDefinitionMap.put("/account/login", "anon"); // 登录页面-身份认证
filterChainDefinitionMap.put("/staff/staffUser", "anon"); // 登录页面-身份认证
filterChainDefinitionMap.put("/swagger-ui.html", "anon"); // swagger接口-匿名访问
filterChainDefinitionMap.put("/swagger/**", "anon");
filterChainDefinitionMap.put("/admin/anon/**", "anon");
filterChainDefinitionMap.put("/webjars/springfox-swagger-ui/**", "anon");
filterChainDefinitionMap.put("/swagger-resources/**", "anon");
filterChainDefinitionMap.put("/v2/api-docs", "anon");
filterChainDefinitionMap.put("/upload_flowChart/**", "anon");//图片地址
filterChainDefinitionMap.put("/webSocket/**", "anon");//socket
filterChainDefinitionMap.put("/message/**", "anon");//消息推送接口
//filterChainDefinitionMap.put("/**", "authc");
filterChainDefinitionMap.put("/account/**", "kickout");
filterChainDefinitionMap.put("/banner/**", "kickout");
filterChainDefinitionMap.put("/pic/**", "kickout");
filterChainDefinitionMap.put("/school/**", "kickout");
filterChainDefinitionMap.put("/pay/**", "kickout");
filterChainDefinitionMap.put("/price/**", "kickout");
filterChainDefinitionMap.put("/profession/**", "kickout");
filterChainDefinitionMap.put("/refillCard/**", "kickout");
filterChainDefinitionMap.put("/scheme/**", "kickout");
filterChainDefinitionMap.put("/user/**", "kickout");
filterChainDefinitionMap.put("/staff/**", "kickout");
filterChainDefinitionMap.put("/staffUser/**", "kickout");
filterChainDefinitionMap.put("/volunteer/**", "kickout");
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
/**
* 创建DefaultWebSecurityManager
*/
@Bean
public DefaultWebSecurityManager securityManager() {
DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
securityManager.setRealm(getRealm());
// 自定义session管理 使用redis
securityManager.setSessionManager(sessionManager());
// 自定义缓存实现 使用redis
securityManager.setCacheManager(cacheManagers());
return securityManager;
}
/**
* 创建Realm
*/
@Bean("Realm")
public Realm getRealm(){
Realm shiroRealm = new Realm();
shiroRealm.setCachingEnabled(true);
//启用身份验证缓存,即缓存AuthenticationInfo信息,默认false 启用需开启remaberme
// shiroRealm.setAuthenticationCachingEnabled(true);
//缓存AuthenticationInfo信息的缓存名称 在ehcache-shiro.xml中有对应缓存的配置
shiroRealm.setAuthenticationCacheName("authenticationCache");
//启用授权缓存,即缓存AuthorizationInfo信息,默认false
shiroRealm.setAuthorizationCachingEnabled(true);
//配置自定义密码比较器
/*shiroRealm.setCredentialsMatcher(new PasswordMatcher());*/
return new Realm();
}
/**
* 开启shrio注解
*/
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(DefaultWebSecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
/**
*自定义sessionManager
*/
@Bean
public MySessionManager sessionManager() {
MySessionManager mySessionManager = new MySessionManager();
mySessionManager.setSessionDAO(redisSessionDAO());
return mySessionManager;
}
/**
* 配置shiro redisManager
* 使用的是shiro-redis开源插件
*/
public IRedisManager redisManager() {
RedisManager redisManager = new RedisManager();
redisManager.setHost(host);
redisManager.setPort(port);
redisManager.setPassword(password);
redisManager.setDatabase(5);
return redisManager;
}
/**
* cacheManager 缓存 redis实现
* 使用的是shiro-redis开源插件
*/
@Bean
public RedisCacheManager cacheManagers() {
RedisCacheManager redisCacheManager = new RedisCacheManager();
redisCacheManager.setRedisManager(redisManager());
redisCacheManager.setExpire(expireTime);
return redisCacheManager;
}
/**
* RedisSessionDAO shiro sessionDao层的实现 通过redis
* SessionDAO的作用是为Session提供CRUD并进行持久化的一个shiro组件
* MemorySessionDAO 直接在内存中进行会话维护
* EnterpriseCacheSessionDAO 提供了缓存功能的会话维护,默认情况下使用MapCache实现,内部使用ConcurrentHashMap保存缓存的会话。
*/
@Bean
public RedisSessionDAO redisSessionDAO() {
RedisSessionDAO redisSessionDAO = new RedisSessionDAO();
redisSessionDAO.setRedisManager(redisManager());
redisSessionDAO.setExpire(expireTime);
return redisSessionDAO;
}
/**
* 限制同一账号登录同时登录人数控制
*
* @return
*/
@Bean
public KickoutSessionControlFilter kickoutSessionControlFilter() {
KickoutSessionControlFilter kickoutSessionControlFilter = new KickoutSessionControlFilter();
kickoutSessionControlFilter.setCacheManager(cacheManagers());
kickoutSessionControlFilter.setSessionManager(sessionManager());
kickoutSessionControlFilter.setKickoutAfter(false);
kickoutSessionControlFilter.setMaxSession(1);
return kickoutSessionControlFilter;
}
}
package cn.wisenergy.web.shir.filter;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.model.app.User;
import cn.wisenergy.web.shir.cache.MySessionManager;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.serializer.SerializerFeature;
import com.itextpdf.text.log.Logger;
import com.itextpdf.text.log.LoggerFactory;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.session.mgt.DefaultSessionKey;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.AccessControlFilter;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
import java.io.PrintWriter;
import java.io.Serializable;
import java.util.Deque;
import java.util.HashMap;
import java.util.LinkedList;
import java.util.Map;
public class KickoutSessionControlFilter extends AccessControlFilter {
private final Logger logger = LoggerFactory.getLogger(KickoutSessionControlFilter.class);
private boolean kickoutAfter = false; //踢出之前登录的/之后登录的用户 默认踢出之前登录的用户
private int maxSession = 1; //同一个帐号最大会话数 默认1
private MySessionManager sessionManager;
private Cache<String, Deque<Serializable>> cache;
public void setKickoutAfter(boolean kickoutAfter) {
this.kickoutAfter = kickoutAfter;
}
public void setMaxSession(int maxSession) {
this.maxSession = maxSession;
}
public void setSessionManager(MySessionManager sessionManager) {
this.sessionManager = sessionManager;
}
//设置Cache的key的前缀
public void setCacheManager(CacheManager cacheManager) {
this.cache = cacheManager.getCache("shiro_redis_cache");
}
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
//如果是小程序,就放行
boolean filter = isFilter((HttpServletRequest) request);
return filter;
}
@Override
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
Subject subject = getSubject(request, response);
Map<String, Object> map = new HashMap<>();
//判断是否登录
if (!subject.isAuthenticated() && !subject.isRemembered()) {
return true;
}
Session session = subject.getSession();
long timeout = session.getTimeout();
session.setTimeout(3600*2);
Serializable sessionId;
String username = null;
Deque<Serializable> deque = null;
try {
User user = (User) SecurityUtils.getSubject().getPrincipal();
user.getPhone();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
} catch (Exception e) {
try {
PrincipalCollection principals = subject.getPrincipals();
AccountInfo accountInfo = (AccountInfo) SecurityUtils.getSubject().getPrincipal();
username = accountInfo.getUserName();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
} catch (Exception en) {
Staff staff = (Staff) SecurityUtils.getSubject().getPrincipal();
username = staff.getLoginName();
sessionId = session.getId();
//读取缓存 没有就存入
cache.get(username);
}
}
//如果此用户没有session队列,也就是还没有登录过,缓存中没有
//就new一个空队列,不然deque对象为空,会报空指针
if (deque == null) {
deque = new LinkedList<Serializable>();
}
//如果队列里没有此sessionId,且用户没有被踢出;放入队列
if (!deque.contains(sessionId) && session.getAttribute("kickout") == null) {
//将sessionId存入队列
deque.push(sessionId);
//将用户的sessionId队列缓存
cache.put(username, deque);
}
//如果队列里的sessionId数超出最大会话数,开始踢人
while (deque.size() > maxSession) {
Serializable kickoutSessionId;
if (kickoutAfter) { //如果踢出后者
kickoutSessionId = deque.removeFirst();
//踢出后再更新下缓存队列
} else { //否则踢出前者
kickoutSessionId = deque.removeLast();
//踢出后再更新下缓存队列
}
cache.put(username, deque);
try {
//获取被踢出的sessionId的session对象
DefaultSessionKey defaultSessionKey = new DefaultSessionKey(kickoutSessionId);
Session kickoutSession = sessionManager.getSession(defaultSessionKey);
//Session kickoutSession = (Session) sessionManager.getSession(String.valueOf(new DefaultSessionKey(kickoutSessionId)));
if (kickoutSession != null) {
//设置会话的kickout属性表示踢出了
kickoutSession.setAttribute("kickout", true);
}
} catch (Exception e) {//ignore exception
}
}
//如果被踢出了,直接退出,重定向到踢出后的地址
if (session.getAttribute("kickout") != null) {
logger.info("------" + "踢出用户" + username + "登录sessionId=" + sessionId + "------");
//会话被踢出了
try {
//退出登录
subject.logout();
} catch (Exception e) { //ignore
}
saveRequest(request);
map.put("status", "1002");
map.put("message", "您已经在其他地方登录,请重新登录。如有疑问请联系管理员!");
out(response, map);
}
return true;
}
private void out(ServletResponse hresponse, Map<String, Object> map) throws IOException {
hresponse.setContentType("text/json");
//设置字符集为'UTF-8'
hresponse.setCharacterEncoding("UTF-8");
PrintWriter out = hresponse.getWriter();
out.write(JSON.toJSONString(map, SerializerFeature.WriteMapNullValue));
out.flush();
out.close();
}
public boolean isFilter(HttpServletRequest request) {
return null != request.getHeader("identity") && request.getHeader("identity").equals("miniprogram");
}
}
package cn.wisenergy.web.shir.realm;
import cn.wisenergy.common.utils.Md5Util;
import cn.wisenergy.mapper.AccountMapper;
import cn.wisenergy.mapper.StaffMapper;
import cn.wisenergy.mapper.UsersMapper;
import cn.wisenergy.model.app.AccountInfo;
import cn.wisenergy.model.app.Staff;
import cn.wisenergy.model.app.User;
import cn.wisenergy.model.enums.SceneType;
import cn.wisenergy.model.enums.SourceType;
import cn.wisenergy.service.cache.RedisService;
import cn.wisenergy.service.common.CachePrefix;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;
import org.springframework.beans.factory.annotation.Autowired;
public class Realm extends AuthorizingRealm {
@Autowired
private UsersMapper usersMapper;
@Autowired
private AccountMapper accountMapper;
@Autowired
private StaffMapper staffMapper;
@Autowired
private RedisService redisService;
/**
* 执行授权逻辑
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principal) {
return null;
}
/**
* 执行认证逻辑
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken tok = (UsernamePasswordToken) token;
//管理端登录
if (tok.getHost().equals("admin")) {
QueryWrapper<AccountInfo> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("user_name", tok.getUsername());
queryWrapper.eq("is_delete", 0);
AccountInfo accountInfo = accountMapper.selectOne(queryWrapper);
if (accountInfo == null) {
return null;
}
String password = Md5Util.digestMD5(accountInfo.getPassword());
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
accountInfo,
password,
accountInfo.getUserName()
);
return authenticationInfo;
}
//密码登录
else if (tok.getHost().equals("user")) {
//通过username从数据库中查找 User对象
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", tok.getUsername());
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
userInfo.getPassword(),
userInfo.getPhone()
);
return authenticationInfo;
}
//短信验证码登录
else if (tok.getHost().equals("code")) {
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("phone", tok.getUsername());
queryWrapper.eq("is_delete", 0);
User userInfo = usersMapper.selectOne(queryWrapper);
if (userInfo == null) {
return null;
}
String source = SourceType.getByCode(userInfo.getSource());
//获取短信验证码key
String key = CachePrefix.SMS_CODE.getPrefix() + source + "_" + userInfo.getPhone();
String code = redisService.get(key).toString();
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
userInfo,
code,
userInfo.getPhone()
);
return authenticationInfo;
}
//员工端登录
else {
QueryWrapper<Staff> queryWrapper = new QueryWrapper<>();
queryWrapper.eq("login_name", tok.getUsername());
queryWrapper.eq("is_delete", 0);
Staff staff = staffMapper.selectOne(queryWrapper);
if (staff == null) {
return null;
}
SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
staff,
staff.getPassword(),
staff.getLoginName()
);
return authenticationInfo;
}
}
}
package cn.wisenergy.web.shir.util;
import cn.wisenergy.model.app.User;
import cn.wisenergy.web.shir.realm.Realm;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.Authenticator;
import org.apache.shiro.authc.LogoutAware;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.apache.shiro.mgt.RealmSecurityManager;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.SimplePrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.subject.support.DefaultSubjectContext;
import org.apache.shiro.util.ByteSource;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.crazycake.shiro.RedisSessionDAO;
import java.util.Collection;
import java.util.Objects;
public class ShiroUtils {
/**
* 私有构造器
**/
private ShiroUtils() {
}
private static RedisSessionDAO redisSessionDAO = SpringUtil.getBean(RedisSessionDAO.class);
/**
* 获取当前用户Session
*
* @Return SysUserEntity 用户信息
*/
public static Session getSession() {
return SecurityUtils.getSubject().getSession();
}
/**
* 用户登出
*/
public static void logout() {
SecurityUtils.getSubject().logout();
}
/**
* 获取当前用户信息
*
* @Return SysUserEntity 用户信息
*/
public static User getUserInfo() {
User user = (User) SecurityUtils.getSubject().getPrincipal();
return user;
}
/**
* 获取登录用户的id
*
* @return
*/
public static Integer getLoginUserId() {
return getUserInfo().getId();
}
/**
* 获取登录用户的名称
*
* @return
*/
public static String getLoginUserName() {
return getUserInfo().getUserName();
}
/**
* 删除用户缓存信息
*
* @Param username 用户名称
* @Param isRemoveSession 是否删除Session,删除后用户需重新登录 如果为false代表只需要重新授权即可
*/
public static void deleteCache(String username, boolean isRemoveSession) {
//从缓存中获取Session
Session session = null;
// 获取当前已登录的用户session列表
Collection<Session> sessions = redisSessionDAO.getActiveSessions();
Object attribute = null;
// 遍历Session,找到该用户名称对应的Session
for (Session sessionInfo : sessions) {
attribute = sessionInfo.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
if (attribute == null) {
continue;
}
String name = ((SimplePrincipalCollection) attribute).getPrimaryPrincipal().toString();
if (name == null) {
continue;
}
if (Objects.equals(name, username)) {
session = sessionInfo;
// 清除该用户以前登录时保存的session,强制退出 -> 单用户登录处理
if (isRemoveSession) {
redisSessionDAO.delete(session);
}
}
}
if (session == null || attribute == null) {
return;
}
//删除session重新登录
if (isRemoveSession) {
redisSessionDAO.delete(session);
}
//删除Cache,再访问受限接口时会重新授权
DefaultWebSecurityManager securityManager = (DefaultWebSecurityManager) SecurityUtils.getSecurityManager();
Authenticator authc = securityManager.getAuthenticator();
((LogoutAware) authc).onLogout((SimplePrincipalCollection) attribute);
}
/**
* 从缓存中获取指定用户名的Session
*
* @param username
*/
private static Session getSessionByUsername(String username) {
// 获取当前已登录的用户session列表
Collection<Session> sessions = redisSessionDAO.getActiveSessions();
User user;
Object attribute;
// 遍历Session,找到该用户名称对应的Session
for (Session session : sessions) {
attribute = session.getAttribute(DefaultSubjectContext.PRINCIPALS_SESSION_KEY);
if (attribute == null) {
continue;
}
user = (User) ((SimplePrincipalCollection) attribute).getPrimaryPrincipal();
if (user == null) {
continue;
}
if (Objects.equals(user.getPhone(), username)) {
return session;
}
}
return null;
}
/**
* @param principal
* @title 刷新用户权限 重新授权
* @desc principal为用户的认证信息
*/
public static void reloadAuthorizing(Object principal) throws Exception {
RealmSecurityManager rsm = (RealmSecurityManager) SecurityUtils.getSecurityManager();
Realm myShiroRealm = (Realm) rsm.getRealms().iterator().next();
Subject subject = SecurityUtils.getSubject();
if (subject != null) {
String realmName = subject.getPrincipals().getRealmNames().iterator().next();
SimplePrincipalCollection principals = new SimplePrincipalCollection(principal, realmName);
subject.runAs(principals);
if (myShiroRealm.isAuthenticationCachingEnabled()) {
myShiroRealm.getAuthenticationCache().remove(principals);
}
if (myShiroRealm.isAuthorizationCachingEnabled()) {
// 删除指定用户shiro权限
myShiroRealm.getAuthorizationCache().remove(principals);
}
// 刷新权限
subject.releaseRunAs();
}
}
}
package cn.wisenergy.web.shir.util;
import org.springframework.beans.BeansException;
import org.springframework.context.ApplicationContext;
import org.springframework.context.ApplicationContextAware;
import org.springframework.stereotype.Component;
@Component
public class SpringUtil implements ApplicationContextAware {
private static ApplicationContext applicationContext;
@Override
public void setApplicationContext(ApplicationContext applicationContext) throws BeansException {
if(SpringUtil.applicationContext == null) {
SpringUtil.applicationContext = applicationContext;
}
System.out.println("========ApplicationContext配置成功,在普通类可以通过调用SpringUtils.getAppContext()获取applicationContext对象,applicationContext="+SpringUtil.applicationContext+"========");
System.out.println("---------------------------------------------------------------------");
}
//获取applicationContext
public static ApplicationContext getApplicationContext() {
return applicationContext;
}
//通过name获取 Bean.
public static Object getBean(String name){
return getApplicationContext().getBean(name);
}
//通过class获取Bean.
public static <T> T getBean(Class<T> clazz){
return getApplicationContext().getBean(clazz);
}
//通过name,以及Clazz返回指定的Bean
public static <T> T getBean(String name,Class<T> clazz){
return getApplicationContext().getBean(name, clazz);
}
}
......@@ -2,15 +2,18 @@ package cn.wisenergy.web.shiro;
import cn.wisenergy.web.shiro.filter.AuthFilter;
import cn.wisenergy.web.shiro.filter.AuthRealm;
import io.undertow.server.session.SessionManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import javax.servlet.Filter;
import java.util.HashMap;
import java.util.LinkedHashMap;
......@@ -19,7 +22,7 @@ import java.util.Map;
/**
* shiro配置类
*/
@Configuration
/*@Configuration*/
public class ShiroConfig {
/**
......@@ -38,7 +41,7 @@ public class ShiroConfig {
* <p>
* 配置身份验证成功,失败的跳转路径
*/
@Bean("shiroFilter")
/* @Bean("shiroFilter")
public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
// 设置securityManager
......@@ -53,7 +56,7 @@ public class ShiroConfig {
// 设置拦截器集合
Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
/*filterChainDefinitionMap.put("/authInformation/save", "anon");//存储设备IMEI号和手机SIM卡ID号
*//*filterChainDefinitionMap.put("/authInformation/save", "anon");//存储设备IMEI号和手机SIM卡ID号
filterChainDefinitionMap.put("/user/login/*", "anon"); // 登录页面-身份认证
filterChainDefinitionMap.put("/swagger-ui.html", "anon"); // swagger接口-匿名访问
filterChainDefinitionMap.put("/swagger/**", "anon");
......@@ -65,15 +68,15 @@ public class ShiroConfig {
filterChainDefinitionMap.put("/webSocket/**", "anon");//socket
filterChainDefinitionMap.put("/message/**", "anon");//消息推送接口
filterChainDefinitionMap.put("/**", "oauth2"); // 其他路径均需要身份认证,一般位于最下面,优先级最低
*/
*//*
// 设置拦截器
shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
return shiroFilterFactoryBean;
}
/**
*//**
* 配置Shiro生命周期处理器
*/
*//*
@Bean("lifecycleBeanPostProcessor")
public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
return new LifecycleBeanPostProcessor();
......@@ -86,9 +89,9 @@ public class ShiroConfig {
return defaultAdvisorAutoProxyCreator;
}
/**
*//**
* 配置加密匹配,使用MD5的方式,进行1024次加密
*/
*//*
// @Bean
// public HashedCredentialsMatcher hashedCredentialsMatcher() {
// HashedCredentialsMatcher hashedCredentialsMatcher = new HashedCredentialsMatcher();
......@@ -104,14 +107,17 @@ public class ShiroConfig {
return securityManager;
}
/**
*//**
* 开启Shiro的注解
*/
*//*
@Bean
public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
advisor.setSecurityManager(securityManager);
return advisor;
}
}*/
}
......@@ -3,8 +3,8 @@ spring:
type: com.alibaba.druid.pool.DruidDataSource
druid:
driver-class-name: com.mysql.cj.jdbc.Driver
#url: jdbc:mysql://192.168.110.165:3306/volunteer?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true&serverTimezone=GMT%2B8
url: jdbc:mysql://localhost:3306/volunteer?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true&serverTimezone=GMT%2B8
url: jdbc:mysql://192.168.110.165:3306/volunteer?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true&serverTimezone=GMT%2B8
#url: jdbc:mysql://localhost:3306/volunteer?useUnicode=true&characterEncoding=UTF-8&allowMultiQueries=true&serverTimezone=GMT%2B8
username: root
password: adm4HYservice$
initial-size: 10
......
......@@ -181,6 +181,15 @@
<orderEntry type="library" name="Maven: org.apache.shiro:shiro-config-ogdl:1.4.0" level="project" />
<orderEntry type="library" name="Maven: org.apache.shiro:shiro-event:1.4.0" level="project" />
<orderEntry type="library" name="Maven: org.apache.shiro:shiro-web:1.4.0" level="project" />
<orderEntry type="library" name="Maven: org.crazycake:shiro-redis:3.1.0" level="project" />
<orderEntry type="library" name="Maven: redis.clients:jedis:2.9.3" level="project" />
<orderEntry type="library" name="Maven: org.apache.commons:commons-pool2:2.6.2" level="project" />
<orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.26" level="project" />
<orderEntry type="library" name="Maven: com.puppycrawl.tools:checkstyle:8.3" level="project" />
<orderEntry type="library" name="Maven: antlr:antlr:2.7.7" level="project" />
<orderEntry type="library" name="Maven: org.antlr:antlr4-runtime:4.7" level="project" />
<orderEntry type="library" name="Maven: commons-cli:commons-cli:1.4" level="project" />
<orderEntry type="library" name="Maven: net.sf.saxon:Saxon-HE:9.8.0-4" level="project" />
<orderEntry type="library" name="Maven: org.apache.commons:commons-lang3:3.8.1" level="project" />
<orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
<orderEntry type="library" name="Maven: commons-pool:commons-pool:1.6" level="project" />
......@@ -206,7 +215,6 @@
<orderEntry type="library" name="Maven: stax:stax-api:1.0.1" level="project" />
<orderEntry type="library" name="Maven: cglib:cglib:3.1" level="project" />
<orderEntry type="library" name="Maven: org.ow2.asm:asm:4.2" level="project" />
<orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.26" level="project" />
<orderEntry type="library" name="Maven: org.ehcache:ehcache:3.6.3" level="project" />
</component>
</module>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment