Authored by fangyeqing

FIX:fix some bugs

... ... @@ -81,7 +81,7 @@ public class SignAspect {
String key = getKeyByType(type);
long t1= UtilTools.getNow10Second();
String sign1= SecurityTool.encode("MD5",str+t1+key);
String sign1= SecurityTool.encode("MD5",str+t+key);
/**
* 比较sign和过期时间
*/
... ...
... ... @@ -8,7 +8,7 @@ public enum ResultStatus {
USER_REGISTER(1000,"用户注册成功"),
USER_LOGOUT(1001,"退出登录成功"),
USER_MODPASS_LOGOUT(1002,"修改密码成功,退出登录"),
USER_MODPASS_LOGOUT(1002,"修改密码成功,请重新登录"),
USERNAME_OR_PASSWORD_ERROR(-1001, "用户名或密码错误"),
USER_NOT_FOUND(-1002, "用户不存在"),
USER_NOT_LOGIN(-1004, "用户未登录"),
... ...
package com.xkl.controller;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.authorization.annotation.Sign;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.authorization.model.TokenModel;
import com.xkl.config.ResultStatus;
... ... @@ -35,10 +36,10 @@ public class OpenIdController {
private XklMemberOpenidRespository xklMemberOpenidRespository;
@AntiXSS
//@Sign
@Sign
@RequestMapping(method = RequestMethod.POST)
@ApiOperation(value = "OpenId绑定接口")
public ResponseEntity<ResultModel> openIdBind(HttpServletRequest request,@RequestParam String username, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdtype,
public ResponseEntity<ResultModel> openIdBind(HttpServletRequest request,@RequestParam String username, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -46,12 +47,12 @@ public class OpenIdController {
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
} else {
XklMemberOpenidEntity xklMemberOpenid=xklMemberOpenidRespository.findByAccountIdAndType(user.getId(),openIdtype);
XklMemberOpenidEntity xklMemberOpenid=xklMemberOpenidRespository.findByAccountIdAndType(user.getId(),openIdType);
if(xklMemberOpenid == null ){
xklMemberOpenid = new XklMemberOpenidEntity();
xklMemberOpenid.setType(openIdtype);
xklMemberOpenid.setType(openIdType);
xklMemberOpenid.setAccountId(user.getId());
xklMemberOpenid.setMemberId(user.getMemberId());
xklMemberOpenid.setOpenid(openId);
... ... @@ -65,10 +66,10 @@ public class OpenIdController {
@AntiXSS
//@Sign
@Sign
@RequestMapping(method = RequestMethod.DELETE)
@ApiOperation(value = "OpenId解除绑定接口")
public ResponseEntity<ResultModel> openIdUnBind(HttpServletRequest request,@RequestParam String username,@RequestParam String password,@RequestParam String openId, @RequestParam int openIdtype,
public ResponseEntity<ResultModel> openIdUnBind(HttpServletRequest request,@RequestParam String username,@RequestParam String password,@RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
... ... @@ -76,28 +77,28 @@ public class OpenIdController {
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
} else {
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByAccountIdAndTypeAndOpenid(user.getId(), openIdtype,openId);
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByAccountIdAndTypeAndOpenid(user.getId(), openIdType,openId);
if(xklMemberOpenid!=null) {
xklMemberOpenidRespository.delete(xklMemberOpenid);
}else{
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.OK);
}
}
return new ResponseEntity<>(ResultModel.ok(ResultStatus.OPENID_UNBIND_SUCESS), HttpStatus.OK);
}
@AntiXSS
//@Sign
@Sign
@RequestMapping(value="/login",method = RequestMethod.POST)
@ApiOperation(value = "OpenId登录接口")
public ResponseEntity<ResultModel> openIdLogin(HttpServletRequest request,@RequestParam String openId, @RequestParam int openIdtype,
public ResponseEntity<ResultModel> openIdLogin(HttpServletRequest request,@RequestParam String openId, @RequestParam int openIdType,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByOpenidAndType(openId, openIdtype);
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByOpenidAndType(openId, openIdType);
if(xklMemberOpenid == null){
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.OK);
}
long accountId = xklMemberOpenid.getId();
TokenModel model = tokenManager.createToken(String.valueOf(accountId));
... ...
... ... @@ -5,6 +5,7 @@ import com.wordnik.swagger.annotations.ApiImplicitParams;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.authorization.annotation.Authorization;
import com.xkl.authorization.annotation.CurrentUser;
import com.xkl.authorization.annotation.Sign;
import com.xkl.config.Constants;
import com.xkl.domain.*;
import com.xkl.model.ReportDetailModel;
... ... @@ -46,7 +47,7 @@ public class ReportController {
@RequestMapping(value="/list",method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@ApiOperation(value = "体检报告列表查询接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ... @@ -60,7 +61,7 @@ public class ReportController {
@RequestMapping(value="/detail",method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@ApiOperation(value = "体检报告详情查询接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ... @@ -100,7 +101,7 @@ public class ReportController {
@RequestMapping(value="/score",method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@ApiOperation(value = "健康评分接口(测试service用,后续可以注释掉)")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ... @@ -114,7 +115,7 @@ public class ReportController {
@RequestMapping(value="/itemInfo",method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@ApiOperation(value = "指标解释查询接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ... @@ -138,7 +139,7 @@ public class ReportController {
@RequestMapping(value="/itemGraph",method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@ApiOperation(value = "指标曲线查询接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ...
... ... @@ -2,6 +2,7 @@ package com.xkl.controller;
import com.xkl.authorization.annotation.Authorization;
import com.xkl.authorization.annotation.CurrentUser;
import com.xkl.authorization.annotation.Sign;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.authorization.model.TokenModel;
import com.xkl.config.ResultStatus;
... ... @@ -35,7 +36,7 @@ public class TokenController {
@Autowired
private ITokenManager tokenManager;
//@Sign
@Sign
@RequestMapping(method = RequestMethod.POST)
@ApiOperation(value = "用户登录接口")
public ResponseEntity<ResultModel> login(HttpServletRequest request,@RequestParam String username, @RequestParam String password,
... ... @@ -46,7 +47,7 @@ public class TokenController {
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.OK);
}
//生成一个token,保存用户登录状态
TokenModel model = tokenManager.createToken(String.valueOf(user.getId()));
... ... @@ -55,13 +56,14 @@ public class TokenController {
@Authorization
//@Sign
@Sign
@RequestMapping(method = RequestMethod.DELETE)
@ApiOperation(value = "退出登录")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
})
public ResponseEntity<ResultModel> logout(@CurrentUser User user) {
public ResponseEntity<ResultModel> logout(HttpServletRequest request,@CurrentUser User user,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
tokenManager.deleteToken(String.valueOf(user.getId()));
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_LOGOUT), HttpStatus.OK);
}
... ...
... ... @@ -42,7 +42,7 @@ public class UserInfoController {
@AntiXSS
//@Sign
@Sign
@RequestMapping(method = RequestMethod.POST)
@ApiOperation(value = "用户注册接口")
public ResponseEntity<ResultModel> register(HttpServletRequest request,@RequestParam String username, @RequestParam String password,
... ... @@ -52,7 +52,7 @@ public class UserInfoController {
User user = userRepository.findByLoginAccount(username);
if (user != null ) { //用户已注册
return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND);
return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.OK);
}else{
String salt= SecurityTool.genSalt();
String pass=SecurityTool.getPassword(username,password,salt);
... ... @@ -76,7 +76,7 @@ public class UserInfoController {
@Authorization
@AntiXSS
//@Sign
@Sign
@RequestMapping(method = RequestMethod.PUT)
@ApiOperation(value = "用户密码修改接口")
@ApiImplicitParams({
... ... @@ -94,9 +94,10 @@ public class UserInfoController {
return new ResponseEntity<>(new ResultModel(ResultStatus.USER_MODPASS_LOGOUT), HttpStatus.OK);
}
@RequestMapping(method = RequestMethod.GET)
@Authorization
//@Sign
@Sign
@RequestMapping(method = RequestMethod.GET)
@ApiOperation(value = "个人信息查询接口")
@ApiImplicitParams({
@ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
... ...
This diff could not be displayed because it is too large.