exchange.git - Gitblit

			@@ -1,12 +1,16 @@
			package com.xcong.excoin.common.system.controller;

			import cn.hutool.core.codec.Base64;
			import cn.hutool.core.util.IdUtil;
			import cn.hutool.core.util.StrUtil;
			import cn.hutool.crypto.SecureUtil;
			import cn.hutool.crypto.asymmetric.KeyType;
			import cn.hutool.crypto.asymmetric.RSA;
			import cn.hutool.crypto.asymmetric.Sign;
			import cn.hutool.crypto.asymmetric.SignAlgorithm;
			import com.alibaba.fastjson.JSONObject;
			import com.xcong.excoin.common.LoginUserUtils;
			import com.xcong.excoin.common.annotations.SubmitRepeat;
			import com.xcong.excoin.common.contants.AppContants;
			import com.xcong.excoin.common.response.Result;
			import com.xcong.excoin.common.system.bean.LoginUserBean;
			@@ -27,6 +31,7 @@
			import org.springframework.web.bind.annotation.*;

			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import java.util.HashMap;
			import java.util.Map;

			@@ -59,13 +64,9 @@

			@ApiOperation(value = "登陆接口", notes = "登陆接口")
			@PostMapping("/login")
			public Result login(@RequestBody @Validated LoginDto loginDto) {
			// 使用md5加密前端传来的密码
			Sign sign = SecureUtil.sign(SignAlgorithm.MD5withRSA);
			byte[] pwdByte = sign.sign(loginDto.getPassword().getBytes());

			public Result login(@RequestBody @Validated LoginDto loginDto, HttpServletRequest request) {
			// 将账号密码交给spring security验证，并调用userServiceDetails
			UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(loginDto.getUsername(), loginDto.getPassword());
			UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(loginDto.getUsername(), SecureUtil.md5(loginDto.getPassword()));
			Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authToken);

			// 获取当前验证过后的用户
			@@ -73,12 +74,30 @@

			// 生成UUID作为token
			String token = IdUtil.simpleUUID();
			redisUtils.set(AppContants.APP_LOGIN_PREFIX + token, JSONObject.toJSONString(loginUserBean), applicationProperties.getRedisExpire());
			String redisToken = "";
			String redisMember = "";
			if (LoginUserUtils.isBrowser(request)) {
			redisToken = AppContants.PC_LOGIN_PREFIX + token;
			redisMember = AppContants.PC_LOGIN_PREFIX + loginUserBean.getMemberEntity().getId();
			} else {
			redisToken = AppContants.APP_LOGIN_PREFIX + token;
			redisMember = AppContants.APP_LOGIN_PREFIX + loginUserBean.getMemberEntity().getId();
			}

			if (StrUtil.isNotBlank(redisUtils.getString(redisMember))) {
			if (redisMember.contains(AppContants.APP_LOGIN_PREFIX)) {
			redisUtils.del(AppContants.APP_LOGIN_PREFIX + redisUtils.getString(redisMember));
			} else {
			redisUtils.del(AppContants.PC_LOGIN_PREFIX + redisUtils.getString(redisMember));
			}
			}
			redisUtils.set(redisToken, JSONObject.toJSONString(loginUserBean.getMemberEntity()), applicationProperties.getRedisExpire());
			redisUtils.set(redisMember, token);
			Map<String, Object> authInfo = new HashMap<>();
			// 开启debug模式，则将加密后的token返回
			if (applicationProperties.isDebug()) {
			authInfo.put("token", token);
			authInfo.put("rsaToken", generateAsaToken(token));
			authInfo.put("rsaToken", AppContants.TOKEN_START_WITH + generateAsaToken(token));
			authInfo.put("user", loginUserBean);
			} else {
			authInfo.put("token", token);
			@@ -89,9 +108,10 @@

			public String generateAsaToken(String token) {
			RSA rsa = new RSA(null, securityProperties.getPublicKey());
			return rsa.encryptBase64(token + "_" +System.currentTimeMillis(), KeyType.PublicKey);
			return rsa.encryptBase64(token + "_" + System.currentTimeMillis(), KeyType.PublicKey);
			}

			@SubmitRepeat
			@ApiOperation(value = "app注册接口", notes = "app注册接口，验证码必须输入可默认为123456")
			@PostMapping(value = "/register")
			public Result register(@RequestBody @Validated RegisterDto registerDto) {