志邦优家羡慕
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
k94314517
2024-07-31 686f53edd64c21516001942d0265a55fefd1be15 
 server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java


@@ -2,13 +2,13 @@




import cn.hutool.http.HttpRequest;


import com.amazonaws.util.Md5Utils;


import com.amazonaws.util.StringUtils;


import com.doumee.biz.system.SystemDataPermissionBiz;


import com.doumee.biz.system.SystemDictDataBiz;


import com.doumee.biz.zbom.ZbomCRMService;


import com.doumee.biz.zbom.ZbomZhongTaiService;


import com.doumee.config.annotation.LoginRequired;


import com.doumee.config.annotation.UserLoginRequired;


import com.doumee.core.annotation.pr.PreventRepeat;


import com.doumee.core.annotation.trace.Trace;


import com.doumee.core.constants.ResponseStatus;


import com.doumee.core.exception.BusinessException;


@@ -31,6 +31,7 @@


import lombok.extern.slf4j.Slf4j;


import org.apache.commons.codec.digest.DigestUtils;


import org.apache.commons.codec.digest.Md5Crypt;


import org.apache.commons.lang3.StringUtils;


import org.apache.shiro.authz.annotation.RequiresPermissions;


import org.apache.tomcat.util.security.MD5Encoder;


import org.springframework.beans.factory.annotation.Autowired;


@@ -111,10 +112,9 @@


    })


    public ApiResponse<PageData<News>> newsPage (@RequestBody PageWrap<News> pageWrap) {


        pageWrap.getModel().setIsPublish(Constants.ONE);


        pageWrap.getModel().setStatus(Constants.ZERO);


        return ApiResponse.success(newsService.findPage(pageWrap));


    }








    @UserLoginRequired


    @ApiOperation(value = "获取客户管理授权-列表跳转地址", notes = "获取客户管理授权跳转地址")


@@ -127,18 +127,26 @@


        return  ApiResponse.success(zbomCRMService.getCrmGoUrl(this.getLoginUserInfo().getIamUsername(),type));


    }




    @PreventRepeat(lockTime = 2000)


    @ApiOperation(value = "生成小程序码", notes = "PAD端")


    @PostMapping("/getQrCode")


    @ApiImplicitParams({


            @ApiImplicitParam(paramType = "header", dataType = "String", name = "interfaceToken", value = "token", required = true),


            @ApiImplicitParam(paramType = "header", dataType = "String", name = "timestamp", value = "时间戳", required = true),


            @ApiImplicitParam(paramType = "header", dataType = "String", name = "sign", value = "签名(使用timestamp+appkey进行md5加密)", required = true),


            @ApiImplicitParam(paramType = "header", dataType = "Long", name = "timestamp", value = "时间戳(当前时间毫秒,2小时内有效)", required = true),


    })


    public void getQrCode(@RequestBody GenerateQRCodeRequest generateQRCodeRequest, HttpServletRequest httpServletRequest, HttpServletResponse response) {


        String interfaceToken = httpServletRequest.getHeader("interfaceToken");


        String timestamp = httpServletRequest.getHeader("timestamp");


    public void getQrCode(@RequestParam(value = "sign")String sign,


                          @RequestParam(value = "timestamp")Long timestamp,


                          @RequestBody GenerateQRCodeRequest generateQRCodeRequest,HttpServletResponse response) {


        if(StringUtils.isBlank(sign) || timestamp == null){


            throw  new BusinessException(ResponseStatus.BAD_REQUEST);


        }


        String interfaceKey = systemDictDataBiz.queryByCode(Constants.ZBOM,Constants.ZBOM_PAD_INTERFACE_KEY).getCode();


        //判断时间戳是否超过两小时


        if(System.currentTimeMillis()-timestamp > 2 * 60 * 3600 * 1000){


            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"token已失效!");


        }


        String token = DigestUtils.md5Hex(timestamp+interfaceKey);


        if(!token.equals(interfaceToken)){


        if(!token.equals(sign)){


            throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"token已失效!");


        }


        try{


@@ -150,5 +158,4 @@


            e.printStackTrace();


        }


    }




}