From e89e71158de719c70c487110a0f8d00d4a30d30b Mon Sep 17 00:00:00 2001
From: zyy <zyy@email.com>
Date: Thu, 12 Feb 2026 11:02:48 +0800
Subject: [PATCH] 1
---
src/main/java/com/nq/service/impl/SiteAdminServiceImpl.java | 69 +++++++++++++++++++++-------------
1 files changed, 43 insertions(+), 26 deletions(-)
diff --git a/src/main/java/com/nq/service/impl/SiteAdminServiceImpl.java b/src/main/java/com/nq/service/impl/SiteAdminServiceImpl.java
index 863377c..69b940e 100644
--- a/src/main/java/com/nq/service/impl/SiteAdminServiceImpl.java
+++ b/src/main/java/com/nq/service/impl/SiteAdminServiceImpl.java
@@ -1,8 +1,10 @@
package com.nq.service.impl;
import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.extra.qrcode.QrCodeUtil;
+import cn.hutool.extra.qrcode.QrConfig;
import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
-import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.nq.dao.*;
import com.github.pagehelper.PageHelper;
@@ -30,6 +32,7 @@
import com.nq.utils.PropertiesUtil;
import com.nq.utils.SymmetricCryptoUtil;
+import com.nq.utils.redis.CookieUtils;
import com.nq.utils.redis.JsonUtil;
import com.nq.utils.redis.RedisConst;
import com.nq.utils.redis.RedisShardedPoolUtils;
@@ -109,53 +112,43 @@
@Autowired
AgentUserMapper agentUserMapper;
- public ServerResponse login(String adminPhone, String adminPwd, String verifyCode, HttpServletRequest request) {
+ public ServerResponse login(String adminPhone, String adminPwd, String verifyCode,Integer googleAuthCode, HttpServletRequest request) {
if (StringUtils.isBlank(verifyCode)) {
-
return ServerResponse.createByErrorMsg("验证码不能为空");
-
}
-//
- String original = (String) request.getSession().getAttribute("KAPTCHA_SESSION_KEY");
- /*if (!verifyCode.equalsIgnoreCase(original)) {
-
- return ServerResponse.createByErrorMsg("验证码错误");
-
- }*/
-
-
- if (StringUtils.isBlank(adminPhone) || StringUtils.isBlank(adminPwd)) {
+ if (StringUtils.isBlank(adminPhone) || StringUtils.isBlank(adminPwd) ) {
return ServerResponse.createByErrorMsg("参数不能为空");
}
-
- SymmetricCryptoUtil.decryptPassword("8OTlTNZ9EwQ29Pf0R8a37Q==");
adminPwd = SymmetricCryptoUtil.encryptPassword(adminPwd);
SiteAdmin siteAdmin = this.siteAdminMapper.login(adminPhone, adminPwd);
-// SiteAdmin siteAdmin = (SiteAdmin) siteAdminMapper.selectOne(new QueryWrapper<SiteAdmin>().eq("admin_phone", adminPhone).eq("admin_pwd", adminPwd));
-
if (siteAdmin == null) {
-
return ServerResponse.createByErrorMsg("账号密码错误");
-
}
-
-
if (siteAdmin.getIsLock().intValue() == 1) {
-
return ServerResponse.createByErrorMsg("账号已被锁定");
-
}
-
+ if(siteAdmin.getGoogleAuthBind() && ObjectUtil.isEmpty(googleAuthCode)){
+ return ServerResponse.createByErrorMsg("谷歌验证码不能为空");
+ }
+ if(siteAdmin.getGoogleAuthBind()){
+ long t = System.currentTimeMillis();
+ GoogleAuthenticator ga = new GoogleAuthenticator();
+ ga.setWindowSize(5);
+ boolean userFlag = ga.check_code(siteAdmin.getGoogleAuthSecret(), Long.valueOf(googleAuthCode), t);
+ if (!userFlag) {
+ return ServerResponse.createByErrorMsg("谷歌验证码错误!");
+ }
+ }
siteAdmin.setAdminPwd(null);
HttpSession httpSession = request.getSession();
String token = RedisConst.getAdminRedisKey(httpSession.getId());
- String str = RedisShardedPoolUtils.setEx(token,
+ RedisShardedPoolUtils.setEx(token,
JsonUtil.obj2String(siteAdmin), 999999);
@@ -461,6 +454,30 @@
return ServerResponse.createBySuccess(map);
}
+ @Override
+ public GoogleAuthDto getGoogleAuth(HttpServletRequest request) {
+ String secretKey = GoogleAuthenticator.generateSecretKey();
+ QrConfig config = new QrConfig(345, 345);
+ config.setMargin(3);
+ String cookie_name = PropertiesUtil.getProperty("admin.cookie.name");
+ SiteAdmin siteAdmin = null;
+ if(StringUtils.isNotEmpty(cookie_name)){
+ siteAdmin = getAdmin(cookie_name,request);
+ }
+ String content = String.format("otpauth://totp/%s?secret=%s", siteAdmin.getAdminName(),secretKey);
+ String base64 = QrCodeUtil.generateAsBase64(content, config, "png");
+ GoogleAuthDto dto = new GoogleAuthDto();
+ dto.setGoogleAuthImg(base64);
+ dto.setGoogleAuthSecret(secretKey);
+ return dto;
+ }
+
+ public SiteAdmin getAdmin(String cookie_name,HttpServletRequest request){
+ String logintoken = CookieUtils.readLoginToken(request, cookie_name);
+ String adminJson = RedisShardedPoolUtils.get(logintoken);
+ return (SiteAdmin) JsonUtil.string2Obj(adminJson, SiteAdmin.class);
+ }
+
public static List<Integer> getAllChildrenIds(AgentUserNodeVO parent) {
List<Integer> allChildrenIds = new ArrayList<>();
getAllChildrenIdsHelper(parent, allChildrenIds);
--
Gitblit v1.9.3