package project.web.api; import java.io.IOException; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.ArrayList; import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; import javax.servlet.http.HttpServletRequest; import org.apache.commons.lang3.ObjectUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.providers.encoding.PasswordEncoder; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import kernel.exception.BusinessException; import kernel.util.Arith; import kernel.util.StringUtils; import kernel.web.BaseAction; import kernel.web.ResultObject; import project.Constants; import project.ddos.IpMenuService; import project.hobi.http.HttpHelper; import project.hobi.http.HttpMethodType; import project.log.Log; import project.log.LogService; import project.party.PartyService; import project.party.model.Party; import project.syspara.SysparaService; import project.user.UserSafewordApply; import project.user.UserSafewordApplyService; import project.user.UserService; import project.user.googleauth.GoogleAuthService; import project.user.idcode.IdentifyingCodeTimeWindowService; import project.user.kyc.Kyc; import project.user.token.TokenService; import kernel.web.ApplicationUtil; import security.SaltSigureUtils; import security.SecUser; import security.internal.SecUserService; import util.IpUtil; import org.springframework.jdbc.core.JdbcTemplate; /** * API用户相关 * */ @RestController @CrossOrigin public class UserController extends BaseAction { private Logger logger=LoggerFactory.getLogger(UserController.class); @Autowired private SecUserService secUserService; @Autowired private UserService userService; @Autowired private PartyService partyService; @Autowired private IdentifyingCodeTimeWindowService identifyingCodeTimeWindowService; @Autowired private LogService logService; @Autowired private UserSafewordApplyService userSafewordApplyService; @Autowired private GoogleAuthService googleAuthService; @Autowired private IpMenuService ipMenuService; @Autowired private SysparaService sysparaService; @Autowired private PasswordEncoder passwordEncoder; @Autowired private TokenService tokenService; private final String action = "/api/user!"; /** * 用户名登录接口 * */ @RequestMapping(action + "login.action") public Object login(HttpServletRequest request) { ResultObject resultObject = new ResultObject(); try { String username = request.getParameter("username"); String password = request.getParameter("password"); if (StringUtils.isEmptyString(username)) { throw new BusinessException("用户名不能为空"); } if (StringUtils.isEmptyString(password)) { throw new BusinessException("登录密码不能为空"); } if (password.length() < 6 || password.length() > 12) { throw new BusinessException("登录密码必须6-12位"); } String ip = this.getIp(); if (!IpUtil.isCorrectIpRegular(ip)) { logger.error("校验IP不合法,参数{}", ip); throw new BusinessException("校验IP不合法"); } SecUser secUser = this.userService.login(username, password); String token = tokenService.savePut(secUser.getPartyId(),secUser.getUsername()); userService.online(secUser.getPartyId()); ipMenuService.saveIpMenuWhite(this.getIp()); Party party = this.partyService.cachePartyBy(secUser.getPartyId(), false); Map data = new HashMap(); data.put("token", token); data.put("username", secUser.getUsername()); data.put("usercode", party.getUsercode()); Log log = new Log(); log.setCategory(Constants.LOG_CATEGORY_SECURITY); log.setLog("用户登录,ip[" + this.getIp(getRequest()) + "]"); log.setPartyId(secUser.getPartyId()); log.setUsername(username); logService.saveAsyn(log); // JdbcTemplate jdbcTemplate=ApplicationUtil.getBean(JdbcTemplate.class); // Integer countusdt = jdbcTemplate.queryForObject("SELECT count(USER_NAME) FROM T_PARTY_BLOCKCHAIN WHERE USER_NAME=? AND COIN_SYMBOL='USDT'", Integer.class,party.getUsername()); // logger.info("----------注册地址T_PARTY_BLOCKCHAIN-------"+countusdt); // if(countusdt == 0){ // logger.info("----------注册地址进来了-------"); // //注册地址trc // String addresstrc = registerAddress(party.getUsercode(),"trc","1"); // logger.info("----------地址注册方法返回参数------"+addresstrc); // if (addresstrc == null || "" == addresstrc) { // logger.info("地址注册失败"); // logger.info("----------地址注册失败-------"); // }else { // jdbcTemplate.update("INSERT INTO T_PARTY_BLOCKCHAIN(USER_NAME,CHAIN_NAME,COIN_SYMBOL,QR_IMAGE,ADDRESS,AUTO) VALUES(?,?,?,?,?,?)" // ,party.getUsername(),"TRC20","USDT","/trc01.png",addresstrc,"Y"); // } // // //注册地址erc // // String addresserc = registerAddress(party.getUsercode(),"erc","1"); // // if (addresserc == null || "" == addresserc) { // // logger.info("地址注册失败"); // // }else { // // jdbcTemplate.update("INSERT INTO T_PARTY_BLOCKCHAIN(USER_NAME,CHAIN_NAME,COIN_SYMBOL,QR_IMAGE,ADDRESS,AUTO) VALUES(?,?,?,?,?,?)" // // ,party.getUsername(),"ERC20","USDT","/e102.png",addresserc,"Y"); // // } // } // Integer counteth = jdbcTemplate.queryForObject("SELECT count(USER_NAME) FROM T_PARTY_BLOCKCHAIN WHERE USER_NAME=? AND COIN_SYMBOL='ETH'", Integer.class,party.getUsername()); // if(counteth == 0){ // //注册地址trc // String addresseth = registerAddress(party.getUsercode(),"eth","3"); // if (addresseth == null || "" == addresseth) { // logger.info("地址注册失败"); // }else { // jdbcTemplate.update("INSERT INTO T_PARTY_BLOCKCHAIN(USER_NAME,CHAIN_NAME,COIN_SYMBOL,QR_IMAGE,ADDRESS,AUTO) VALUES(?,?,?,?,?,?)" // ,party.getUsername(),"ETH","ETH","/eth01.png",addresseth,"Y"); // } // } // Integer countbtc = jdbcTemplate.queryForObject("SELECT count(USER_NAME) FROM T_PARTY_BLOCKCHAIN WHERE USER_NAME=? AND COIN_SYMBOL='BTC'", Integer.class,party.getUsername()); // if(countbtc == 0){ // //注册地址trc // String addressbtc = registerAddress(party.getUsercode(),"btc","4"); // if (addressbtc == null || "" == addressbtc) { // logger.info("地址注册失败"); // }else { // jdbcTemplate.update("INSERT INTO T_PARTY_BLOCKCHAIN(USER_NAME,CHAIN_NAME,COIN_SYMBOL,QR_IMAGE,ADDRESS,AUTO) VALUES(?,?,?,?,?,?)" // ,party.getUsername(),"BTC","BTC","/b103.png",addressbtc,"Y"); // } // } party.setLogin_ip(this.getIp(getRequest())); this.partyService.update(party); resultObject.setData(data); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); logger.info("----------地址注册程序错误-------"+e.getMessage()); } catch (Throwable t) { logger.info("----------地址注册程序错误-------"); resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.info("登录爆仓"); t.printStackTrace(); logger.error("error:", t); } logger.info("----------地址注册33333333-------"); return resultObject; } public String registerAddress(String userId,String coin,String itemId){ try{ //先生成备用地址 Map generateMap = new HashMap(); generateMap.put("num", "1"); if("btc".equals(coin)){ generateMap.put("item_id", itemId); } logger.info(coin+"生成备用地址提交字符串为:"+ JsonUtils.toJson(generateMap)); HttpsTransport httpsTransport = new HttpsTransport(); httpsTransport.setSendEncoding("UTF-8"); httpsTransport.setUrl("http://54.254.173.163:80/"+coin+"/generate_address"); String response = (String) httpsTransport.submit(generateMap); logger.info(coin+"生成备用地址提响应字符串为:"+ JsonUtils.toJson(response)); //注册地址 Map reqMap = new HashMap(); reqMap.put("user_id", userId); reqMap.put("item_id", itemId); logger.info(coin+"注册地址提交字符串为:"+ JsonUtils.toJson(reqMap)); HttpsTransport reqhttpsTransport = new HttpsTransport(); reqhttpsTransport.setSendEncoding("UTF-8"); reqhttpsTransport.setUrl("http://54.254.173.163:80/"+coin+"/address"); String reqresponse = (String) reqhttpsTransport.query(reqMap); logger.info(coin+"注册地址响应字符串为:18.163.120.125"+ JsonUtils.toJson(reqresponse)); //8,返回参数转map Map responseMap = JsonUtils.jsonToMap(reqresponse); if(responseMap.get("status").toString().trim().equals("1")){ Map addressMap = (Map)responseMap.get("result"); return addressMap.get("address").toString(); } }catch (Exception e){ e.printStackTrace(); } return null; } private static String generateSign(String prefix, long timestamp) throws NoSuchAlgorithmException { String data = prefix + timestamp; MessageDigest md = MessageDigest.getInstance("MD5"); md.update(data.getBytes()); byte[] digest = md.digest(); StringBuilder sb = new StringBuilder(); for (byte b : digest) { sb.append(String.format("%02x", b & 0xff)); } return sb.toString(); } public Object online() { ResultObject resultObject = new ResultObject(); try { userService.online(this.getLoginPartyId()); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 退出登录 */ @RequestMapping(action + "logout.action") public Object logout(HttpServletRequest request) { ResultObject resultObject = new ResultObject(); String token = request.getParameter("token"); try { this.userService.logout(this.getLoginPartyId()); this.tokenService.delete(token); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 验证资金密码 */ @RequestMapping(action + "verifySafeword.action") public Object verifySafeword(HttpServletRequest request) { ResultObject resultObject = new ResultObject(); String safeWord = request.getParameter("safeWord"); try { String partyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(partyId, false); String md5 = passwordEncoder.encodePassword(safeWord, SaltSigureUtils.saltfigure); if (!md5.equals(party.getSafeword())) { throw new BusinessException("资金密码错误"); } } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 验证码登录 - 暂时不用 */ @RequestMapping(action + "login_idcode.action") public Object login_idcode(HttpServletRequest request) { ResultObject resultObject = new ResultObject(); String username = request.getParameter("username"); String verifcode = request.getParameter("verifcode"); try { SecUser secUser = this.userService.login_idcode(username, verifcode); String token = tokenService.savePut(secUser.getPartyId(),secUser.getUsername()); userService.online(secUser.getPartyId()); ipMenuService.saveIpMenuWhite(this.getIp()); Map data = new HashMap(); data.put("token", token); resultObject.setData(data); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 修改登录密码 用验证码 */ @RequestMapping(action + "updatepsw.action") public Object updatepsw(HttpServletRequest request) { String password = request.getParameter("password"); String verifcode_type = request.getParameter("verifcode_type"); String verifcode = request.getParameter("verifcode"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isEmptyString(password)) { throw new BusinessException("密码不能为空"); } if (password.length() < 6 || password.length() > 12) { throw new BusinessException("密码必须6-12位"); } if (StringUtils.isEmptyString(verifcode_type)) { throw new BusinessException("验证类型不能为空"); } if (StringUtils.isEmptyString(verifcode)) { throw new BusinessException("验证码不能为空"); } String loginPartyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(loginPartyId, false); SecUser secUser = this.secUserService.findUserByPartyId(loginPartyId); // 根据验证类型获取验证key verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; String key = ""; String errMsg = ""; if ("1".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone(); errMsg = "未绑定手机号"; } else if ("2".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail(); errMsg = "未绑定邮箱"; } else if ("3".equals(verifcode_type)) { key = StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret(); errMsg = "未绑定谷歌验证器"; } if (StringUtils.isEmptyString(key)) { throw new BusinessException(errMsg); } // 验证 boolean passed = false; if ("1".equals(verifcode_type) || "2".equals(verifcode_type)) { String authcode = this.identifyingCodeTimeWindowService.getAuthCode(key); if ((null != authcode) && (authcode.equals(verifcode))) { passed = true; this.identifyingCodeTimeWindowService.delAuthCode(key); } } else if ("3".equals(verifcode_type)) { if (this.googleAuthService.checkCode(key, verifcode)) { passed = true; } } // 如果是演示用户,则不判断验证码 if (!"GUEST".contentEquals(party.getRolename())) { if (!passed) { throw new BusinessException("验证码不正确"); } } // 更新密码 this.secUserService.updatePassword(secUser.getUsername(), password); Log log = new Log(); log.setCategory(Constants.LOG_CATEGORY_SECURITY); log.setLog("修改登录密码,ip[" + this.getIp(getRequest()) + "]"); log.setPartyId(party.getId()); log.setUsername(party.getUsername()); logService.saveAsyn(log); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 修改登录密码 用旧密码 */ @RequestMapping(action + "updateOldAndNewPsw.action") public Object updateOldAndNewPsw(HttpServletRequest request) { String old_password = request.getParameter("old_password"); String password = request.getParameter("password"); String re_password = request.getParameter("re_password"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isEmptyString(old_password)) { throw new BusinessException("旧密码不能为空"); } if (StringUtils.isEmptyString(password)) { throw new BusinessException("新密码不能为空"); } if (StringUtils.isEmptyString(re_password)) { throw new BusinessException("新密码确认不能为空"); } if (old_password.length() < 6 || old_password.length() > 12 || password.length() < 6 || password.length() > 12) { throw new BusinessException("密码必须6-12位"); } SecUser secUser = this.secUserService.findUserByPartyId(this.getLoginPartyId()); if (!this.passwordEncoder.encodePassword(old_password, secUser.getUsername()).equals(secUser.getPassword())) { throw new BusinessException("旧密码不正确"); } if (!password.equals(re_password)) { throw new BusinessException("新密码不一致"); } this.secUserService.updatePassword(secUser.getUsername(), password); Log log = new Log(); log.setCategory(Constants.LOG_CATEGORY_SECURITY); log.setLog("用户修改登录密码,ip[" + this.getIp(getRequest()) + "]"); log.setPartyId(secUser.getPartyId()); log.setUsername(secUser.getName()); logService.saveAsyn(log); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 重置登录密码 */ @RequestMapping(action + "resetpsw.action") public Object resetpsw(HttpServletRequest request) { String username = request.getParameter("username"); String password = request.getParameter("password"); String verifcode_type = request.getParameter("verifcode_type"); String verifcode = request.getParameter("verifcode"); ResultObject resultObject = new ResultObject(); try { if (StringUtils.isEmptyString(username)) { throw new BusinessException("用户名不能为空"); } if (StringUtils.isEmptyString(password)) { throw new BusinessException("密码不能为空"); } if (password.length() < 6 || password.length() > 12) { throw new BusinessException("密码必须6-12位"); } if (StringUtils.isEmptyString(verifcode_type)) { throw new BusinessException("验证类型不能为空"); } if (StringUtils.isEmptyString(verifcode)) { throw new BusinessException("验证码不能为空"); } Party party = this.partyService.findPartyByUsername(username); if (null == party) { throw new BusinessException("用户名不存在"); } SecUser secUser = this.secUserService.findUserByPartyId(party.getId().toString()); // 根据验证类型获取验证key verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; String key = ""; String errMsg = ""; if ("1".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername(); errMsg = "未绑定手机号"; } else if ("2".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername(); errMsg = "未绑定邮箱"; } if (StringUtils.isEmptyString(key)) { throw new BusinessException(errMsg); } // 验证 boolean passed = false; if ("1".equals(verifcode_type) || "2".equals(verifcode_type)) { String authcode = this.identifyingCodeTimeWindowService.getAuthCode(key); if ((null != authcode) && (authcode.equals(verifcode))) { passed = true; this.identifyingCodeTimeWindowService.delAuthCode(key); } } else if ("3".equals(verifcode_type)) { if (this.googleAuthService.checkCode(key, verifcode)) { passed = true; } } // 如果是演示用户,则不判断验证码 if (!"GUEST".contentEquals(party.getRolename())) { if (!passed) { throw new BusinessException("验证码不正确"); } } // 更新密码 this.secUserService.updatePassword(username, password); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } // /** // * 三方接口重置登录密码 // */ // @RequestMapping(action + "api_updatepassword.action") // public Object api_updatepassword(HttpServletRequest request) { // String username = request.getParameter("username"); // String password = request.getParameter("password"); // String sign = request.getParameter("sign"); // // ResultObject resultObject = new ResultObject(); // // try { // // String key = this.sysparaService.find("api_rechargedeposit_key").getValue(); // // if (StringUtils.isNullOrEmpty(key)) { // throw new BusinessException("三方接口未开放"); // } // if (StringUtils.isEmptyString(username)) { // throw new BusinessException("用户名不能为空"); // } // if (StringUtils.isEmptyString(password)) { // throw new BusinessException("登录密码不能为空"); // } // if (StringUtils.isEmptyString(sign)) { // throw new BusinessException("加密串不能为空"); // } // // String _sign = project.blockchain.MD5.sign("username=" + username + "&password=" + password + "&key=" + key); // // if (!_sign.equals(sign)) { // resultObject.setCode("1"); // resultObject.setMsg("加密串校验失败"); // return resultObject; // } // // SecUser secUser = this.secUserService.findUserByLoginName(username); // if (null == secUser) { // throw new BusinessException("用户名不存在"); // } // // this.secUserService.updatePassword(username, password); // // } catch (BusinessException e) { // resultObject.setCode("1"); // resultObject.setMsg(e.getMessage()); // } catch (Throwable t) { // resultObject.setCode("1"); // resultObject.setMsg("程序错误"); // logger.error("error:", t); // } // // return resultObject; // } /** * 设置资金密码(注册时) */ @RequestMapping(action + "setSafewordReg.action") public Object setSafewordReg(HttpServletRequest request) { String safeword = request.getParameter("safeword"); ResultObject resultObject = new ResultObject(); resultObject = readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isEmptyString(safeword)) { throw new BusinessException("资金密码不能为空"); } // if (safeword.length() != 6 || !Strings.isNumber(safeword)) { // throw new BusinessException("资金密码不符合设定"); // } String loginPartyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(loginPartyId, false); if (null == party) { throw new BusinessException("user unknown"); } if(ObjectUtils.isNotEmpty(party.getSafeword())&&"307f540f22d9193b590915416636dc7f".equals(party.getSafeword())) { this.partyService.updateSafeword(party, safeword); } } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 修改资金密码 用验证码 */ @RequestMapping(action + "setSafeword.action") public Object setSafeword(HttpServletRequest request) { String safeword = request.getParameter("safeword"); String verifcode_type = request.getParameter("verifcode_type"); String verifcode = request.getParameter("verifcode"); ResultObject resultObject = new ResultObject(); resultObject = readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isEmptyString(safeword)) { throw new BusinessException("资金密码不能为空"); } // if (safeword.length() != 6 || !Strings.isNumber(safeword)) { // throw new BusinessException("资金密码不符合设定"); // } if (StringUtils.isEmptyString(verifcode_type)) { throw new BusinessException("验证类型不能为空"); } if (StringUtils.isEmptyString(verifcode)) { throw new BusinessException("验证码不能为空"); } String loginPartyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(loginPartyId, false); SecUser secUser = this.secUserService.findUserByPartyId(loginPartyId); // 根据验证类型获取验证key verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; String key = ""; String errMsg = ""; if ("1".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone(); errMsg = "未绑定手机号"; } else if ("2".equals(verifcode_type)) { key = StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail(); errMsg = "未绑定邮箱"; } else if ("3".equals(verifcode_type)) { key = StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret(); errMsg = "未绑定谷歌验证器"; } if (StringUtils.isEmptyString(key)) { throw new BusinessException(errMsg); } // 验证 boolean passed = false; if ("1".equals(verifcode_type) || "2".equals(verifcode_type)) { String authcode = this.identifyingCodeTimeWindowService.getAuthCode(key); if ((null != authcode) && (authcode.equals(verifcode))) { passed = true; this.identifyingCodeTimeWindowService.delAuthCode(key); } } else if ("3".equals(verifcode_type)) { if (this.googleAuthService.checkCode(key, verifcode)) { passed = true; } } // 如果是演示用户,则不判断验证码 if (!"GUEST".contentEquals(party.getRolename())) { if (!passed) { throw new BusinessException("验证码不正确"); } } // 更新密码 this.partyService.updateSafeword(party, safeword); Log log = new Log(); log.setCategory(Constants.LOG_CATEGORY_SECURITY); log.setLog("用户修改资金密码,ip[" + this.getIp(getRequest()) + "]"); log.setPartyId(party.getId()); log.setUsername(party.getUsername()); logService.saveAsyn(log); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 修改资金密码 用旧密码 */ @RequestMapping(action + "updateOldAndNewSafeword.action") public Object updateOldAndNewSafeword(HttpServletRequest request) { String old_safeword = request.getParameter("old_safeword"); String safeword = request.getParameter("safeword"); String re_safeword = request.getParameter("re_safeword"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isEmptyString(old_safeword)) { throw new BusinessException("旧密码不能为空"); } if (StringUtils.isEmptyString(safeword)) { throw new BusinessException("新密码不能为空"); } // if (safeword.length() != 6 || !Strings.isNumber(safeword)) { // throw new BusinessException("资金密码不符合设定"); // } if (StringUtils.isEmptyString(re_safeword)) { throw new BusinessException("新密码确认不能为空"); } String loginPartyId = this.getLoginPartyId(); if (!this.partyService.checkSafeword(old_safeword, loginPartyId)) { throw new BusinessException("旧密码不正确"); } if (!safeword.equals(re_safeword)) { throw new BusinessException("新密码不一致"); } Party party = this.partyService.cachePartyBy(loginPartyId, false); this.partyService.updateSafeword(party, safeword); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } // /** // * 三方接口重置资金密码 // */ // @RequestMapping(action + "api_updatesafeword.action") // public Object api_updatesafeword(HttpServletRequest request) { // String username = request.getParameter("username"); // String safeword = request.getParameter("safeword"); // String sign = request.getParameter("sign"); // String password = request.getParameter("password"); // // ResultObject resultObject = new ResultObject(); // // try { // // String key = this.sysparaService.find("api_rechargedeposit_key").getValue(); // // if (StringUtils.isEmptyString(key)) { // throw new BusinessException("三方接口未开放"); // } // if (StringUtils.isEmptyString(username)) { // throw new BusinessException("用户名不能为空"); // } // if (StringUtils.isEmptyString(safeword)) { // throw new BusinessException("资金密码不能为空"); // } // if (StringUtils.isEmptyString(sign)) { // throw new BusinessException("加密串不能为空"); // } // // String _sign = project.blockchain.MD5.sign("username=" + username + "&safeword=" + safeword + "&key=" + key); // // if (!_sign.equals(sign)) { // resultObject.setCode("1"); // resultObject.setMsg("加密串校验失败"); // return resultObject; // } // // SecUser secUser = this.secUserService.findUserByLoginName(username); // if (null == secUser) { // throw new BusinessException("用户名不存在"); // } // // this.secUserService.updatePassword(username, password); // // } catch (BusinessException e) { // resultObject.setCode("1"); // resultObject.setMsg(e.getMessage()); // } catch (Throwable t) { // resultObject.setCode("1"); // resultObject.setMsg("程序错误"); // logger.error("error:", t); // } // // return resultObject; // } /** * 人工重置申请 操作类型 operate: 0/修改资金密码;1/取消谷歌绑定;2/取消手机绑定;3/取消邮箱绑定; */ @RequestMapping(action + "set_safeword_apply.action") public Object set_safeword_apply(HttpServletRequest request) { String idcard_path_front = request.getParameter("idcard_path_front"); String idcard_path_back = request.getParameter("idcard_path_back"); String idcard_path_hold = request.getParameter("idcard_path_hold"); String safeword = request.getParameter("safeword"); String safeword_confirm = request.getParameter("safeword_confirm"); String operate = request.getParameter("operate"); String remark = request.getParameter("remark"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { if (StringUtils.isNullOrEmpty(operate)) { throw new BusinessException("操作类型为空"); } if (!StringUtils.isInteger(operate)) { throw new BusinessException("操作类型不是整数"); } if (Integer.valueOf(operate).intValue() < 0) { throw new BusinessException("操作类型不能小于0"); } Integer operate_int = Integer.valueOf(operate); this.userSafewordApplyService.saveApply(this.getLoginPartyId(), idcard_path_front, idcard_path_back, idcard_path_hold, safeword, safeword_confirm, operate_int, remark); } catch (BusinessException e) { if (401 == e.getSign()) { resultObject.setCode("401"); } else { resultObject.setCode("1"); } resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 获取 人工重置 信息 */ @RequestMapping(action + "get_safeword_apply.action") public Object get_safeword_apply() { ResultObject resultObject = new ResultObject(); resultObject = readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { List> retList = new ArrayList>(); List list = this.userSafewordApplyService.findByPartyId(this.getLoginPartyId()); for (int i = 0; i < list.size(); i++) { retList.add(this.userSafewordApplyService.bindOne(list.get(i))); } resultObject.setData(retList); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * token获取验证方式 */ @RequestMapping(action + "getVerifTarget.action") public Object getVerifTarget(HttpServletRequest request) { String verifcode_type = request.getParameter("verifcode_type"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } Map data = new HashMap<>(); try { String loginPartyId = this.getLoginPartyId(); Party party = this.partyService.cachePartyBy(loginPartyId, false); SecUser secUser = this.secUserService.findUserByPartyId(loginPartyId); // verifcode_type未明确指定,返回所有的方式 if (StringUtils.isEmptyString(verifcode_type) || !Arrays.asList("1", "2", "3").contains(verifcode_type)) { data.put("phone", StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone()); data.put("phone_filled", StringUtils.isEmptyString(party.getPhone()) ? "" : party.getPhone()); data.put("phone_authority", party.getPhone_authority()); data.put("email", party.getEmail()); data.put("email_filled", StringUtils.isEmptyString(party.getEmail()) ? "" : party.getEmail()); data.put("email_authority", true); data.put("google_auth_secret", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_secret_filled", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_bind", secUser.isGoogle_auth_bind()); } else { // verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; if ("1".equals(verifcode_type)) { data.put("phone", StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone()); data.put("phone_filled", StringUtils.isEmptyString(party.getPhone()) ? "" : party.getPhone()); data.put("phone_authority", party.getPhone_authority()); } else if ("2".equals(verifcode_type)) { data.put("email", StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail()); data.put("email_filled", StringUtils.isEmptyString(party.getEmail()) ? "" : party.getEmail()); data.put("email_authority", party.getEmail_authority()); } else if ("3".equals(verifcode_type)) { data.put("google_auth_secret", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_secret_filled", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_bind", secUser.isGoogle_auth_bind()); } } resultObject.setData(data); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 用户名获取验证方式 */ @RequestMapping(action + "getUserNameVerifTarget.action") public Object getUserNameVerifTarget(HttpServletRequest request) { String username = request.getParameter("username"); String verifcode_type = request.getParameter("verifcode_type"); ResultObject resultObject = new ResultObject(); try { Map data = new HashMap<>(); if (StringUtils.isEmptyString(username)) { throw new BusinessException("用户名参数为空"); } Party party = this.partyService.findPartyByUsername(username); if (null == party) { throw new BusinessException("用户名不存在"); } SecUser secUser = this.secUserService.findUserByPartyId(party.getId().toString()); // verifcode_type未明确指定,返回所有的方式 if (StringUtils.isEmptyString(verifcode_type) || !Arrays.asList("1", "2", "3").contains(verifcode_type)) { data.put("phone", StringUtils.isEmptyString(party.getPhone()) || false == party.getPhone_authority() ? "" : party.getPhone()); data.put("phone_filled", StringUtils.isEmptyString(party.getPhone()) ? "" : party.getPhone()); data.put("phone_authority", party.getPhone_authority()); data.put("email", StringUtils.isEmptyString(party.getEmail()) || false == party.getEmail_authority() ? "" : party.getEmail()); data.put("email_filled", StringUtils.isEmptyString(party.getEmail()) ? "" : party.getEmail()); data.put("email_authority", party.getEmail_authority()); data.put("google_auth_secret", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_secret_filled", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_bind", secUser.isGoogle_auth_bind()); } else { // verifcode_type: 1/手机;2/邮箱;3/谷歌验证器; if ("1".equals(verifcode_type)) { data.put("phone", StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername()); data.put("phone_filled", StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername()); data.put("phone_authority", true); } else if ("2".equals(verifcode_type)) { data.put("email", StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername()); data.put("email_filled", StringUtils.isEmptyString(party.getUsername()) ? "" : party.getUsername()); data.put("email_authority", true); } else if ("3".equals(verifcode_type)) { data.put("google_auth_secret", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) || false == secUser.isGoogle_auth_bind() ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_secret_filled", StringUtils.isEmptyString(secUser.getGoogle_auth_secret()) ? "" : secUser.getGoogle_auth_secret()); data.put("google_auth_bind", secUser.isGoogle_auth_bind()); } } resultObject.setData(data); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } @RequestMapping(action + "findNameByUid.action") public Object findNameByUid(HttpServletRequest request) { String usercode = request.getParameter("usercode"); ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { Map map = new HashMap(); Party party = this.partyService.findPartyByUsercode(usercode); if (party != null) { String username = party.getUsername(); char[] username_char = username.toCharArray(); StringBuffer sb = new StringBuffer(); int half_2 = (int) (Arith.div(username_char.length, 2) - 2); int half_big_2 = (int) (Arith.div(username_char.length, 2) + 2); for (int i = 0; i < username_char.length; i++) { String aa = ""; if (i >= half_2 && i < half_big_2) { aa = String.valueOf(username_char[i]).replaceAll(String.valueOf(username_char[i]), "*"); } else { aa = String.valueOf(username_char[i]); } sb.append(aa); } map.put("username", sb.toString()); } resultObject.setData(map); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 通讯录 */ @RequestMapping(action + "login_extend.action") public Object login_extend(HttpServletRequest request) { String login_extend = request.getParameter("login_extend"); ResultObject resultObject = new ResultObject(); try { String contacts_url = this.sysparaService.find("contacts_url").getValue(); if (StringUtils.isEmptyString(contacts_url)) { throw new BusinessException("系统参数错误"); } Map param = new HashMap(); param.put("login_extend", login_extend); String result = HttpHelper.getJSONFromHttp(contacts_url, param, HttpMethodType.POST); JSONObject resultJson = JSON.parseObject(result); if (null == resultJson) { logger.error("login_extend.action,通讯录上传失败:login_extend -> " + login_extend); // throw new BusinessException("通讯录上传失败"); throw new BusinessException("程序错误"); } Integer code = resultJson.getInteger("code"); if (null != code && 200 == code.intValue()) { resultObject.setCode("0"); resultObject.setMsg("操作成功"); } else { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("login_extend.action,通讯录上传失败:login_extend -> " + login_extend); } } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } /** * 获取用户信息 */ @RequestMapping(action + "getUserInfo.action") public Object getUserInfo() throws IOException { ResultObject resultObject = new ResultObject(); resultObject = this.readSecurityContextFromSession(resultObject); if (!"0".equals(resultObject.getCode())) { return resultObject; } try { String partyId = this.getLoginPartyId(); Party party = partyService.cachePartyBy(partyId,false); resultObject.setData(party); } catch (BusinessException e) { resultObject.setCode("1"); resultObject.setMsg(e.getMessage()); } catch (Throwable t) { resultObject.setCode("1"); resultObject.setMsg("程序错误"); logger.error("error:", t); } return resultObject; } }