fangyeqing / xkl-interface · Files

Go to a project
UserInfoController.java 5.22 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 
package com.xkl.controller;

import com.xkl.authorization.annotation.*;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.config.Constants;
import com.xkl.config.ResultStatus;
import com.xkl.domain.User;
import com.xkl.domain.XklAdminEntity;
import com.xkl.domain.XklMemberEntity;
import com.xkl.model.ResultModel;
import com.xkl.repository.UserRepository;
import com.xkl.repository.XklMemberRespository;
import com.xkl.security.AntiXSS;
import com.wordnik.swagger.annotations.ApiImplicitParam;
import com.wordnik.swagger.annotations.ApiImplicitParams;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.security.SecurityTool;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.xml.transform.Result;

/**
 * Created by win7 on 2016/10/19.
 */
@RestController
@RequestMapping("/userInfo")
public class UserInfoController {
    @Autowired
    private UserRepository userRepository;
    @Autowired
    private ITokenManager tokenManager;
    @Autowired
    private XklMemberRespository xklMemberRespository;

    @LogAnnotation
    @AntiXSS
    @Sign
    @RequestMapping(method = RequestMethod.POST)
    @ApiOperation(value = "用户注册接口")
    public ResponseEntity<ResultModel> register(HttpServletRequest request,@RequestParam String username, @RequestParam String password,
                                                @RequestParam String sign,@RequestParam long t,@RequestParam int type) {
        if(!(boolean)request.getAttribute("signAspect"))
            return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);

        Assert.notNull(username, "username can not be empty");
        Assert.notNull(password, "password can not be empty");

        User user = userRepository.findByLoginAccountAndStatus(username, Constants.STATUS_OK2);
        if (user != null ) {  //用户已注册
            return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.OK);
        }else{
            String salt= SecurityTool.genSalt();
            String pass=SecurityTool.getPassword(username,password,salt);
            user = new User();
            /**
             * TODO:
             * 1. sign检测注解@Sign先注释掉 ,便于测试
             * 2. 暂时把所有注册的用户的member表member_id都设置为1
             */

            user.setMemberId(1);
            user.setLoginAccount(username);
            user.setLoginPwd(pass);
            user.setSalt(salt);
            user.setStatus(true);
            userRepository.save(user);
        }
        return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_REGISTER), HttpStatus.OK);
    }

    @LogAnnotation
    @AntiXSS
    @Authorization
    @Sign
    @RequestMapping(method = RequestMethod.PUT)
    @ApiOperation(value = "用户密码修改接口")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
    })
    public ResponseEntity<ResultModel> modPassword(HttpServletRequest request,@CurrentUser User user,@RequestParam String password,
                                                   @RequestParam String sign,@RequestParam long t,@RequestParam int type) {
        if(!(boolean)request.getAttribute("signAspect"))
            return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);

        Assert.notNull(password, "password can not be empty");
        String salt= SecurityTool.genSalt();
        String pass=SecurityTool.getPassword(user.getLoginAccount(),password,salt);
        user.setLoginPwd(pass);
        user.setSalt(salt);
        userRepository.save(user);
        tokenManager.deleteToken(String.valueOf(user.getId()));//退出登录
        return new ResponseEntity<>(new ResultModel(ResultStatus.USER_MODPASS_LOGOUT), HttpStatus.OK);
    }

    @LogAnnotation
    @AntiXSS
    @Authorization
    @Sign
    @RequestMapping(method = RequestMethod.GET)
    @ApiOperation(value = "个人信息查询接口")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
    })
    public ResponseEntity<ResultModel> getUserInfo(HttpServletRequest request,@CurrentUser User user,
                                                   @RequestParam String sign,@RequestParam long t,@RequestParam int type) {
        if(!(boolean)request.getAttribute("signAspect"))
            return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);

        long member_id=user.getMemberId();
        XklMemberEntity xklMemberEntity=xklMemberRespository.findOne(member_id);
        return new ResponseEntity<>(ResultModel.ok(xklMemberEntity), HttpStatus.OK);
    }
}