fangyeqing / xkl-interface · Commits

Go to a project

Authored by fangyeqing
Commit 71473bfc6ab72cd79b7641da2ab6cecb91967335 1 parent 6d1efda3

FIX:fix sign

Inline Side-by-side
Showing 6 changed files with 44 additions and 4 deletions
... ... @@ -86,9 +86,9 @@ public class SignAspect {
* 比较sign和过期时间
*/
if(sign1.equals(sign)&&Math.abs(t1-t)<300){
request.setAttribute("signAspect",true);
}else{
throw new Exception("您无权操作!");
request.setAttribute("signAspect",false);
}
}
}
... ...
... ... @@ -5,6 +5,7 @@ package com.xkl.config;
*/
public enum ResultStatus {
SUCCESS(100, "成功"),
SIGN_ERROR(-100, "签名错误或者客户端时间有误"),
USER_REGISTER(1000,"用户注册成功"),
USER_LOGOUT(1001,"退出登录成功"),
... ...
... ... @@ -41,6 +41,9 @@ public class OpenIdController {
@ApiOperation(value = "OpenId绑定接口")
public ResponseEntity<ResultModel> openIdBind(HttpServletRequest request,@RequestParam String username, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -71,6 +74,9 @@ public class OpenIdController {
@ApiOperation(value = "OpenId解除绑定接口")
public ResponseEntity<ResultModel> openIdUnBind(HttpServletRequest request,@RequestParam String username,@RequestParam String password,@RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -95,6 +101,9 @@ public class OpenIdController {
@ApiOperation(value = "OpenId登录接口")
public ResponseEntity<ResultModel> openIdLogin(HttpServletRequest request,@RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByOpenidAndType(openId, openIdType);
if(xklMemberOpenid == null){
... ...
... ... @@ -7,6 +7,7 @@ import com.xkl.authorization.annotation.Authorization;
import com.xkl.authorization.annotation.CurrentUser;
import com.xkl.authorization.annotation.Sign;
import com.xkl.config.Constants;
import com.xkl.config.ResultStatus;
import com.xkl.domain.*;
import com.xkl.model.ReportDetailModel;
import com.xkl.model.ReportItemGraphModel;
... ... @@ -54,6 +55,9 @@ public class ReportController {
})
public ResponseEntity<ResultModel> getReportList(HttpServletRequest request, @CurrentUser User user,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
long member_id=user.getMemberId();
List<XklAmpReportEntity> xklAmpReportEntity=xklAmpReportRespository.findByMemberId(member_id);
return new ResponseEntity<>(ResultModel.ok(xklAmpReportEntity), HttpStatus.OK);
... ... @@ -68,6 +72,9 @@ public class ReportController {
})
public ResponseEntity<ResultModel> getReportDetail(HttpServletRequest request, @CurrentUser User user,@RequestParam long report_id,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
XklAmpReportEntity report=xklAmpReportRespository.findOne(report_id);
List<ReportDetailModel> reportDetailModelList = new ArrayList<>();
if(report != null ){
... ... @@ -99,7 +106,7 @@ public class ReportController {
return new ResponseEntity<>(ResultModel.ok(reportModel), HttpStatus.OK);
}
@RequestMapping(value="/score",method = RequestMethod.GET)
/*@RequestMapping(value="/score",method = RequestMethod.GET)
@Authorization
@Sign
@ApiOperation(value = "健康评分接口(测试service用,后续可以注释掉)")
... ... @@ -108,10 +115,13 @@ public class ReportController {
})
public ResponseEntity<ResultModel> getReportScore(HttpServletRequest request, @CurrentUser User user,@RequestParam long report_id,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
//单独测试需要删除xkl_amp_report_health_scroe表中数据
scoreService.getScore(report_id);
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
}
}*/
@RequestMapping(value="/itemInfo",method = RequestMethod.GET)
@Authorization
... ... @@ -122,6 +132,9 @@ public class ReportController {
})
public ResponseEntity<ResultModel> getReportItemInfo(HttpServletRequest request, @CurrentUser User user,@RequestParam int itemId,@RequestParam int status,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
XklAmpReportMetaItemsEntity metaItems = Constants.itemMetaMap.get(itemId);
String result="";
//0, normal,1, lower,2, higher
... ... @@ -146,6 +159,9 @@ public class ReportController {
})
public ResponseEntity<ResultModel> getReportItemGraph(HttpServletRequest request, @CurrentUser User user,@RequestParam int itemId,@RequestParam String stime,@RequestParam String etime,
@RequestParam String sign, @RequestParam long t, @RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
long member_id=user.getMemberId();
List<XklAmpReportEntity> xklAmpReportEntity=xklAmpReportRespository.findByMemberId(member_id);
List<ReportItemGraphModel> reportItemGraphModelList =new ArrayList<>();
... ...
... ... @@ -41,6 +41,9 @@ public class TokenController {
@ApiOperation(value = "用户登录接口")
public ResponseEntity<ResultModel> login(HttpServletRequest request,@RequestParam String username, @RequestParam String password,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -64,6 +67,9 @@ public class TokenController {
})
public ResponseEntity<ResultModel> logout(HttpServletRequest request,@CurrentUser User user,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
tokenManager.deleteToken(String.valueOf(user.getId()));
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_LOGOUT), HttpStatus.OK);
}
... ...
... ... @@ -47,6 +47,9 @@ public class UserInfoController {
@ApiOperation(value = "用户注册接口")
public ResponseEntity<ResultModel> register(HttpServletRequest request,@RequestParam String username, @RequestParam String password,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -84,6 +87,9 @@ public class UserInfoController {
})
public ResponseEntity<ResultModel> modPassword(HttpServletRequest request,@CurrentUser User user,@RequestParam String password,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
Assert.notNull(password, "password can not be empty");
String salt= SecurityTool.genSalt();
String pass=SecurityTool.getPassword(user.getLoginAccount(),password,salt);
... ... @@ -104,6 +110,8 @@ public class UserInfoController {
})
public ResponseEntity<ResultModel> getUserInfo(HttpServletRequest request,@CurrentUser User user,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
if(!(boolean)request.getAttribute("signAspect"))
return new ResponseEntity<>(ResultModel.error(ResultStatus.SIGN_ERROR), HttpStatus.OK);
long member_id=user.getMemberId();
XklMemberEntity xklMemberEntity=xklMemberRespository.findOne(member_id);
... ...