Authored by fangyeqing

ADD:git openid bind interface

... ... @@ -5,12 +5,20 @@ package com.xkl.config;
*/
public enum ResultStatus {
SUCCESS(100, "成功"),
USER_REGISTER(1000,"用户注册成功"),
USER_LOGOUT(1001,"退出登录成功"),
USER_MODPASS_LOGOUT(1002,"修改密码成功,退出登录"),
USERNAME_OR_PASSWORD_ERROR(-1001, "用户名或密码错误"),
USER_NOT_FOUND(-1002, "用户不存在"),
USER_NOT_LOGIN(-1004, "用户未登录"),
USER_IS_EXIT(-1005, "用户已注册"),
USER_LOGOUT(101,"修改密码成功,退出登录"),
//2开头的都是openId相关
OPENID_BIND_SUCCESS(2001,"OPENID绑定成功"),
OPENID_UNBIND_SUCESS(2002,"OPENID解除绑定成功"),
OPENID_ERROR(-2001,"OPENID错误"),
// 111开头的都是与amp报告上传软件相关的
AMP_KEY_ERROR(-11100, "AMP密钥不匹配"),
... ...
package com.xkl.controller;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.config.ResultStatus;
import com.xkl.domain.User;
import com.xkl.domain.XklMemberOpenidEntity;
import com.xkl.model.ResultModel;
import com.xkl.repository.XklMemberOpenidRespository;
import com.xkl.security.AntiXSS;
import com.xkl.service.ILoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
/**
* Created by win7 on 2016/10/19.
*/
@RestController
@RequestMapping("/openId")
public class OpenIdController {
@Autowired
private ITokenManager tokenManager;
@Autowired
private ILoginService loginService;
@Autowired
private XklMemberOpenidRespository xklMemberOpenidRespository;
@AntiXSS
//@Sign
@RequestMapping(method = RequestMethod.POST)
@ApiOperation(value = "OpenId绑定接口")
public ResponseEntity<ResultModel> openIdBind(HttpServletRequest request,@RequestParam String username, @RequestParam String password, @RequestParam String openId, @RequestParam int openIdtype,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
} else {
XklMemberOpenidEntity xklMemberOpenid=xklMemberOpenidRespository.findByMemberIdAndType(user.getMemberId(),openIdtype);
if(xklMemberOpenid == null ){
xklMemberOpenid = new XklMemberOpenidEntity();
xklMemberOpenid.setType(openIdtype);
xklMemberOpenid.setMemberId(user.getMemberId());
xklMemberOpenid.setOpenid(openId);
}else{//已经存在
xklMemberOpenid.setOpenid(openId);
}
xklMemberOpenidRespository.save(xklMemberOpenid);
}
return new ResponseEntity<>(ResultModel.ok(ResultStatus.OPENID_BIND_SUCCESS), HttpStatus.OK);
}
@AntiXSS
//@Sign
@RequestMapping(method = RequestMethod.DELETE)
@ApiOperation(value = "OpenId解除绑定接口")
public ResponseEntity<ResultModel> openIdUnBind(HttpServletRequest request,@RequestParam String username,@RequestParam String password,@RequestParam String openId, @RequestParam int openIdtype,
@RequestParam String sign,@RequestParam long t,@RequestParam int type) {
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
User user = loginService.check(username, password);
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
} else {
XklMemberOpenidEntity xklMemberOpenid = xklMemberOpenidRespository.findByMemberIdAndTypeAndOpenid(user.getMemberId(), openIdtype,openId);
if(xklMemberOpenid!=null) {
xklMemberOpenidRespository.delete(xklMemberOpenid);
}else{
return new ResponseEntity<>(ResultModel.error(ResultStatus.OPENID_ERROR), HttpStatus.NOT_FOUND);
}
}
return new ResponseEntity<>(ResultModel.ok(ResultStatus.OPENID_UNBIND_SUCESS), HttpStatus.OK);
}
}
... ...
... ... @@ -12,6 +12,7 @@ import com.wordnik.swagger.annotations.ApiImplicitParam;
import com.wordnik.swagger.annotations.ApiImplicitParams;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.security.SecurityTool;
import com.xkl.service.ILoginService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
... ... @@ -29,10 +30,8 @@ import javax.servlet.http.HttpServletRequest;
@RestController
@RequestMapping("/token")
public class TokenController {
@Autowired
private UserRepository userRepository;
private ILoginService loginService;
@Autowired
private ITokenManager tokenManager;
... ... @@ -44,17 +43,9 @@ public class TokenController {
Assert.notNull(username, "username can not be empty");
Assert.notNull(password, "password can not be empty");
User user = userRepository.findByLoginAccount(username);
User user = loginService.check(username, password);
if (user == null) { //用户不存在
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
} else {
String salt = user.getSalt();
String pass_in_db = user.getLoginPwd();
String pass = SecurityTool.getPassword(username, password, salt);
if (!pass.equals(pass_in_db))
// TODO: 2016/11/26 use pwd with salt
// if(!password.equals(pass_in_db)) // for test
if (user == null) {//用户,密码错误
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
}
//生成一个token,保存用户登录状态
... ... @@ -72,7 +63,7 @@ public class TokenController {
})
public ResponseEntity<ResultModel> logout(@CurrentUser User user) {
tokenManager.deleteToken(String.valueOf(user.getId()));
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_LOGOUT), HttpStatus.OK);
}
}
... ...
... ... @@ -25,6 +25,7 @@ import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import javax.xml.transform.Result;
/**
* Created by win7 on 2016/10/19.
... ... @@ -69,7 +70,7 @@ public class UserInfoController {
user.setStatus(true);
userRepository.save(user);
}
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_REGISTER), HttpStatus.OK);
}
... ... @@ -90,7 +91,7 @@ public class UserInfoController {
user.setSalt(salt);
userRepository.save(user);
tokenManager.deleteToken(String.valueOf(user.getId()));//退出登录
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_LOGOUT), HttpStatus.OK);
return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_MODPASS_LOGOUT), HttpStatus.OK);
}
@RequestMapping(method = RequestMethod.GET)
... ...
package com.xkl.domain;
import lombok.Data;
import javax.persistence.*;
/**
* Created by win7 on 2016/12/18.
*/
@Data
@Entity
@Table(name = "xkl_member_openid", schema = "hanhe_test", catalog = "")
public class XklMemberOpenidEntity {
@Id
@GeneratedValue
@Column(name = "id")
private long id;
@Basic
@Column(name = "member_id")
private long memberId;
@Basic
@Column(name = "openid")
private String openid;
@Basic
@Column(name = "type")
private int type;
}
... ...
package com.xkl.repository;
import com.xkl.domain.XklMemberOpenidEntity;
import org.springframework.data.repository.CrudRepository;
/**
* Created by win7 on 2016/11/20.
*/
public interface XklMemberOpenidRespository extends CrudRepository<XklMemberOpenidEntity, Long> {
public XklMemberOpenidEntity findByMemberIdAndType(long memberId, int type);
public XklMemberOpenidEntity findByMemberIdAndTypeAndOpenid(long memberId, int type, String openid);
}
... ...
package com.xkl.service;
import com.xkl.domain.User;
/**
* Created by win7 on 2016/12/18.
*/
public interface ILoginService {
public User check(String username, String password);
}
... ...
package com.xkl.service;
import com.xkl.domain.User;
import com.xkl.repository.UserRepository;
import com.xkl.security.SecurityTool;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
/**
* Created by win7 on 2016/12/18.
*/
@Service
public class LoginServiceImpl implements ILoginService{
@Autowired
private UserRepository userRepository;
@Override
public User check(String username, String password) {
User user = userRepository.findByLoginAccount(username);
if (user == null) { //用户不存在
return null;
} else {
String salt = user.getSalt();
String pass_in_db = user.getLoginPwd();
String pass = SecurityTool.getPassword(username, password, salt);
if (!pass.equals(pass_in_db))//密码错误
return null;
}
return user;
}
}
... ...