From b426757e13490d9d88a75faf7ba94455b890f582 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Sat, 04 Apr 2026 23:10:20 +0800
Subject: [PATCH] 1
---
trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java | 139 ++++++++++++++++++++++++++++++++++++++++++++--
1 files changed, 133 insertions(+), 6 deletions(-)
diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
index 1948fec..f33025d 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiUserController.java
@@ -1,6 +1,7 @@
package com.yami.trading.api.controller;
import cn.hutool.core.util.StrUtil;
+import cn.hutool.core.collection.CollectionUtil;
import com.yami.trading.api.dto.UserDto;
import com.yami.trading.api.model.SetSafewordModel;
import com.yami.trading.api.service.UserCacheService;
@@ -9,7 +10,9 @@
import com.yami.trading.bean.model.RealNameAuthRecord;
import com.yami.trading.bean.model.User;
import com.yami.trading.bean.model.UserRecom;
+import com.yami.trading.bean.model.UserSimRelation;
import com.yami.trading.bean.model.UserSafewordApply;
+import com.yami.trading.bean.model.RiskClient;
import com.yami.trading.bean.syspara.domain.Syspara;
import com.yami.trading.common.constants.Constants;
import com.yami.trading.common.domain.Result;
@@ -31,6 +34,7 @@
import com.yami.trading.security.common.manager.TokenStore;
import com.yami.trading.security.common.util.SecurityUtils;
import com.yami.trading.security.common.vo.TokenInfoVO;
+import com.yami.trading.security.common.util.RiskClientUtil;
import com.yami.trading.service.HighLevelAuthRecordService;
import com.yami.trading.service.IdentifyingCodeTimeWindowService;
import com.yami.trading.service.QRGenerateService;
@@ -41,6 +45,8 @@
import com.yami.trading.service.user.UserRecomService;
import com.yami.trading.service.user.UserSafewordApplyService;
import com.yami.trading.service.user.UserService;
+import com.yami.trading.service.user.UserSimRelationService;
+import com.yami.trading.service.WalletService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
@@ -94,6 +100,10 @@
@Autowired
TokenStore tokenStore;
@Autowired
+ UserSimRelationService userSimRelationService;
+ @Autowired
+ WalletService walletService;
+ @Autowired
LogService logService;
@Autowired
QRGenerateService qrGenerateService;
@@ -103,6 +113,7 @@
*/
@GetMapping("login")
public Result login(String username, String password) {
+ validateMainlandIpAccess();
if (StringUtils.isEmptyString(username)) {
throw new YamiShopBindException("用户名不能为空");
}
@@ -136,7 +147,12 @@
userInfoInToken.setEnabled(secUser.getStatus() == 1);
secUser.setUserLastip(IPHelper.getIpAddr());
secUser.setUserLasttime(now);
+ // 登录时清除主账户与模拟账户的旧 token(若有关联)
tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), String.valueOf(secUser.getUserId()));
+ String simUserId = userSimRelationService.getSimUserId(secUser.getUserId());
+ if (simUserId != null) {
+ tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), simUserId);
+ }
// 存储token返回vo
TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
@@ -146,6 +162,9 @@
data.put("token", tokenInfoVO.getAccessToken());
data.put("username", secUser.getUserName());
data.put("usercode", secUser.getUserCode());
+ data.put("accountType", secUser.getAccountType() != null ? secUser.getAccountType() : 0);
+ data.put("mainUserId", userSimRelationService.getMainUserId(secUser.getUserId()));
+ data.put("simUserId", simUserId);
Log log = new Log();
log.setCategory(Constants.LOG_CATEGORY_SECURITY);
log.setLog("用户登录,ip[" + IPHelper.getIpAddr() + "]");
@@ -158,6 +177,83 @@
userService.updateById(secUser);
+ return Result.succeed(data);
+ }
+
+ @GetMapping("switchAccount")
+ @ApiOperation("切换主账户/模拟账户")
+ public Result switchAccount() {
+ String currentUserId = SecurityUtils.getUser().getUserId();
+ User currentUser = userService.getById(currentUserId);
+ if (currentUser == null) {
+ throw new YamiShopBindException("用户不存在");
+ }
+ Integer accountType = currentUser.getAccountType() != null ? currentUser.getAccountType() : 0;
+ String targetUserId;
+ Integer targetAccountType;
+ if (accountType == 1) {
+ // 当前是模拟账户,切换到主账户
+ UserSimRelation relation = userSimRelationService.findBySimUserId(currentUserId);
+ if (relation == null) {
+ throw new YamiShopBindException("未找到关联的主账户");
+ }
+ targetUserId = relation.getMainUserId();
+ targetAccountType = 0;
+ } else {
+ // 当前是主账户,切换到模拟账户:没有则先创建,再切换
+ String simId = userSimRelationService.getSimUserId(currentUserId);
+ if (simId == null) {
+ userService.createSimAccountIfAbsent(currentUserId);
+ simId = userSimRelationService.getSimUserId(currentUserId);
+ }
+ if (simId == null) {
+ throw new YamiShopBindException("创建模拟账户失败");
+ }
+ targetUserId = simId;
+ targetAccountType = 1;
+ }
+ User targetUser = userService.getById(targetUserId);
+ if (targetUser == null || targetUser.getStatus() != 1) {
+ throw new YamiShopBindException("目标账户不可用");
+ }
+ tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), currentUserId);
+ tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), targetUserId);
+ UserInfoInTokenBO userInfoInToken = new UserInfoInTokenBO();
+ userInfoInToken.setUserId(targetUserId);
+ userInfoInToken.setSysType(SysTypeEnum.ORDINARY.value());
+ userInfoInToken.setEnabled(targetUser.getStatus() == 1);
+ TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
+ tokenInfoVO.setToken(tokenInfoVO.getAccessToken());
+ userService.online(targetUserId);
+ Map<String, Object> data = new HashMap<>();
+ data.put("token", tokenInfoVO.getAccessToken());
+ data.put("userId", targetUserId);
+ data.put("accountType", targetAccountType);
+ data.put("username", targetUser.getUserName());
+ data.put("usercode", targetUser.getUserCode());
+ String mainId = userSimRelationService.getMainUserId(targetUserId);
+ data.put("mainUserId", mainId);
+ data.put("simUserId", targetAccountType == 0 ? userSimRelationService.getSimUserId(targetUserId) : targetUserId);
+ return Result.succeed(data);
+ }
+
+ @PostMapping("resetSimFunds")
+ @ApiOperation("重置模拟账户资金(仅模拟账户可用)")
+ public Result resetSimFunds() {
+ String userId = SecurityUtils.getUser().getUserId();
+ User user = userService.getById(userId);
+ if (user == null || user.getAccountType() == null || user.getAccountType() != 1) {
+ throw new YamiShopBindException("仅模拟账户可重置资金");
+ }
+ double amount = 100000;
+ Syspara virtualGift = sysparaService.find("virtual_register_gift_coin");
+ if (virtualGift != null) {
+ amount = virtualGift.getDouble();
+ }
+ walletService.resetSimWallet(userId, amount);
+ Map<String, Object> data = new HashMap<>();
+ data.put("message", "重置成功");
+ data.put("balance", amount);
return Result.succeed(data);
}
@@ -195,17 +291,19 @@
*/
@RequestMapping("register")
public Object register(String username, String password, String safeword, String verifcode, String usercode, String type) {
+ validateMainlandIpAccess();
// 注册类型:1/手机;2/邮箱;
String error = this.validateParam(username, verifcode, password, type);
if (!StringUtils.isNullOrEmpty(error)) {
throw new YamiShopBindException(error);
}
- if (StringUtils.isEmptyString(safeword)) {
- throw new YamiShopBindException("资金密码不能为空");
- }
- if (safeword.length() != 6 || !Strings.isNumber(safeword)) {
- throw new YamiShopBindException("资金密码不符合设定");
- }
+ validateMainlandEmailRegister(username, type);
+// if (StringUtils.isEmptyString(safeword)) {
+// throw new YamiShopBindException("资金密码不能为空");
+// }
+// if (safeword.length() != 6 || !Strings.isNumber(safeword)) {
+// throw new YamiShopBindException("资金密码不符合设定");
+// }
userService.saveRegister(username, password, usercode, safeword, verifcode, type);
User secUser = userService.findByUserName(username);
Log log = new Log();
@@ -483,6 +581,7 @@
// 如:级别11表示:新注册的前端显示为VIP1;
map.put("user_level", (int) (party.getUserLevel() % 10));
map.put("user_level_custom", (int) Math.floor(party.getUserLevel() / 10));
+ map.put("credit_score", party.getCreditScore() != null ? party.getCreditScore() : 100);
map.put("username", party.getUserName());
map.put("userrole", party.getRoleName());
map.put("usercode", party.getUserCode());
@@ -879,6 +978,7 @@
String username = null;
try {
username = request.getParameter("username").replace(" ", "");
+ validateMainlandIpAccess();
String password = request.getParameter("password").replace(" ", "");
String safeword = request.getParameter("safeword").replace(" ", "");
String usercode = request.getParameter("usercode");
@@ -1008,4 +1108,31 @@
return null;
}
+ private void validateMainlandIpAccess() {
+ String clientIp = IPHelper.getIpAddr();
+ List<RiskClient> riskList = RiskClientUtil.getRiskInfoByIp(clientIp, "badnetwork");
+ if (CollectionUtil.isNotEmpty(riskList)) {
+ throw new YamiShopBindException("大陆IP禁止访问");
+ }
+ }
+
+ private void validateMainlandEmailRegister(String username, String type) {
+ if (!"2".equals(type) || StringUtils.isEmptyString(username)) {
+ return;
+ }
+ int atPos = username.lastIndexOf("@");
+ if (atPos <= 0 || atPos >= username.length() - 1) {
+ return;
+ }
+ String domain = username.substring(atPos + 1).trim().toLowerCase();
+ if (domain.endsWith(".cn")) {
+ throw new YamiShopBindException("大陆邮箱不支持注册");
+ }
+ if (Arrays.asList("qq.com", "foxmail.com", "163.com", "126.com", "yeah.net",
+ "sina.com", "sina.cn", "sohu.com", "aliyun.com", "21cn.com",
+ "189.cn", "tom.com").contains(domain)) {
+ throw new YamiShopBindException("大陆邮箱不支持注册");
+ }
+ }
+
}
--
Gitblit v1.9.3