From 6cfc2e4258089c953b67054229170c1178585590 Mon Sep 17 00:00:00 2001
From: rk <94314517@qq.com>
Date: 星期一, 23 三月 2026 14:19:33 +0800
Subject: [PATCH] 小程序 接口开发
---
server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java | 29 ++++++++++++++
server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java | 51 ++++++++++++++++++++-----
2 files changed, 70 insertions(+), 10 deletions(-)
diff --git a/server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java b/server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java
index f29d2fb..c1cba43 100644
--- a/server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java
+++ b/server/dmmall_service/src/main/java/com/doumee/service/business/impl/CommentServiceImpl.java
@@ -1,5 +1,7 @@
package com.doumee.service.business.impl;
+import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckRequest;
+import cn.binarywang.wx.miniapp.bean.security.WxMaMsgSecCheckCheckResponse;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
import com.baomidou.mybatisplus.core.metadata.IPage;
@@ -12,6 +14,7 @@
import com.doumee.core.model.PageWrap;
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.Utils;
+import com.doumee.core.wx.WxMiniConfig;
import com.doumee.dao.business.*;
import com.doumee.dao.business.model.*;
import com.doumee.dao.web.dto.CommentDTO;
@@ -22,6 +25,7 @@
import com.doumee.service.business.CommentService;
import com.doumee.service.business.ZanService;
import com.github.yulichang.wrapper.MPJLambdaWrapper;
+import me.chanjar.weixin.common.error.WxErrorException;
import org.apache.commons.collections4.MapUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.shiro.SecurityUtils;
@@ -67,6 +71,26 @@
@Override
public Comment apply(CommentApplyRequest comment, Integer memberId) {
+ if (StringUtils.isNotBlank(comment.getContent())) {
+ try {
+ WxMaMsgSecCheckCheckRequest checkRequest = WxMaMsgSecCheckCheckRequest.builder()
+ .version("2")
+ .scene(3)
+ .openid(getMemberOpenId(memberId))
+ .content(comment.getContent())
+ .build();
+ WxMaMsgSecCheckCheckResponse checkResponse = WxMiniConfig.wxMaService.getSecurityService().checkMessage(checkRequest);
+ if (checkResponse.getResult() != null && checkResponse.getResult().getSuggest() != null) {
+ String suggest = checkResponse.getResult().getSuggest();
+ if ("risky".equalsIgnoreCase(suggest)) {
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "璇勮鍐呭鍖呭惈杩濊淇℃伅锛岃淇敼鍚庨噸鏂板彂甯�");
+ }
+ }
+ } catch (WxErrorException e) {
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(), "鍐呭瀹夊叏妫�娴嬪け璐ワ紝璇风◢鍚庨噸璇�");
+ }
+ }
+
Comment target = new Comment();
target.setCreateDate(new Date());
target.setEditDate(new Date());
@@ -408,4 +432,9 @@
});
return PageData.from(result);
}
+
+ private String getMemberOpenId(Integer memberId) {
+ Member member = memberMapper.selectById(memberId);
+ return member != null ? member.getOpenId() : null;
+ }
}
diff --git a/server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java b/server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java
index bb0a3f1..c985442 100644
--- a/server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java
+++ b/server/dmmall_web/src/main/java/com/doumee/api/common/PublicController.java
@@ -7,11 +7,13 @@
import com.doumee.core.utils.Constants;
import com.doumee.core.utils.DateUtil;
import com.doumee.core.utils.aliyun.ALiYunUtil;
+import com.doumee.core.wx.WxMiniConfig;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
+import me.chanjar.weixin.common.error.WxErrorException;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
@@ -23,6 +25,7 @@
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import java.io.File;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.HashMap;
@@ -98,17 +101,14 @@
MultipartHttpServletRequest multipartRequest = (MultipartHttpServletRequest) request;
Iterator<String> it = multipartRequest.getFileNames();
while (it.hasNext()) {
- MultipartFile file = multipartRequest.getFile((String) it.next());// file
- // multipartRequest.getFile((String)
- // it.next());
+ MultipartFile file = multipartRequest.getFile((String) it.next());
if (file != null) {
- // 1銆佷笂浼犲埌鏈嶅姟鍣ㄤ复鏃舵枃浠跺す
String uploadFileName = file.getOriginalFilename();
String originname = uploadFileName;
if (originname.lastIndexOf("/") >= 0) {
originname = originname.substring(originname.lastIndexOf("/") + 1);
}
- String nfix = "";// 鍚庣紑鍚�
+ String nfix = "";
if (StringUtils.isNotBlank(uploadFileName)) {
nfix = uploadFileName.substring(uploadFileName.lastIndexOf("."));
}
@@ -122,14 +122,36 @@
context.put("message", "瀵逛笉璧凤紝鏂囦欢鏍煎紡\".dll\"涓婁紶鏈夎锛�");
return;
}
- String nowDate = DateUtil.getNowShortDate();// 褰撳墠鏃堕棿锛堝勾鏈堟棩锛�
+
+ if (isImageFile(nfix)) {
+ File tempFile = null;
+ try {
+ tempFile = File.createTempFile("wx_check_", nfix);
+ java.io.FileOutputStream fos = new java.io.FileOutputStream(tempFile);
+ fos.write(file.getBytes());
+ fos.close();
+ boolean isSafe = WxMiniConfig.wxMaService.getSecurityService().checkImage(tempFile);
+ if (!isSafe) {
+ context.put("code", 4001);
+ context.put("message", "鍥剧墖鍐呭涓嶅悎瑙勶紝璇锋洿鎹㈠浘鐗囧悗閲嶈瘯");
+ writerJson(response, context);
+ return;
+ }
+ } catch (WxErrorException e) {
+ log.warn("寰俊鍥剧墖瀹夊叏妫�娴嬪け璐�: {}", e.getMessage());
+ } finally {
+ if (tempFile != null && tempFile.exists()) {
+ tempFile.delete();
+ }
+ }
+ }
+
+ String nowDate = DateUtil.getNowShortDate();
String fileName = UUID.randomUUID().toString() + nfix;
String tempFileName = nowDate + "/" + fileName;
- String key = folder + tempFileName;// 鏂囦欢鍚�
+ String key = folder + tempFileName;
ALiYunUtil obs = new ALiYunUtil(endpoint,access_id, access_key);
if (obs.uploadOnlineObject(file.getInputStream(),bucketName, key,null)) {
- // 绉诲姩鎴愬姛,杩斿洖鏂囦欢鍚�
- // sendSuccessMessage(response, resourcePath+key);
context.put("success", true);
context.put("code", 200);
context.put("errno",0);
@@ -143,7 +165,6 @@
writerJson(response, context);
return;
} else {
- // 绉诲姩澶辫触
context.put("code", 0);
context.put("message", "涓婁紶澶辫触");
writerJson(response, context);
@@ -160,6 +181,16 @@
return;
}
+ private boolean isImageFile(String suffix) {
+ if (StringUtils.isBlank(suffix)) {
+ return false;
+ }
+ String lowerSuffix = suffix.toLowerCase();
+ return lowerSuffix.equals(".jpg") || lowerSuffix.equals(".jpeg")
+ || lowerSuffix.equals(".png") || lowerSuffix.equals(".gif")
+ || lowerSuffix.equals(".bmp") || lowerSuffix.equals(".webp");
+ }
+
public static void writerJson(HttpServletResponse response, Object object) {
response.setContentType("application/json");
writer(response, JSONObject.toJSONString(object));
--
Gitblit v1.9.3