From 2becb889a090f6602fdc76452120dfaf8185d1ac Mon Sep 17 00:00:00 2001
From: k94314517 <8417338+k94314517@user.noreply.gitee.com>
Date: 星期四, 25 七月 2024 17:39:45 +0800
Subject: [PATCH] 代码提交
---
server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java | 27 ++++++++++++++++++++++++++-
1 files changed, 26 insertions(+), 1 deletions(-)
diff --git a/server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java b/server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java
index 822d8c6..6c9a1b8 100644
--- a/server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java
+++ b/server/web/src/main/java/com/doumee/api/web/CustomerManageApi.java
@@ -1,10 +1,17 @@
package com.doumee.api.web;
+import cn.hutool.http.HttpRequest;
+import com.amazonaws.util.Md5Utils;
+import com.amazonaws.util.StringUtils;
+import com.doumee.biz.system.SystemDataPermissionBiz;
+import com.doumee.biz.system.SystemDictDataBiz;
import com.doumee.biz.zbom.ZbomCRMService;
import com.doumee.biz.zbom.ZbomZhongTaiService;
import com.doumee.config.annotation.LoginRequired;
import com.doumee.config.annotation.UserLoginRequired;
import com.doumee.core.annotation.trace.Trace;
+import com.doumee.core.constants.ResponseStatus;
+import com.doumee.core.exception.BusinessException;
import com.doumee.core.model.ApiResponse;
import com.doumee.core.model.PageData;
import com.doumee.core.model.PageWrap;
@@ -22,11 +29,15 @@
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.codec.digest.Md5Crypt;
import org.apache.shiro.authz.annotation.RequiresPermissions;
+import org.apache.tomcat.util.security.MD5Encoder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import javax.imageio.ImageIO;
+import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.InputStream;
@@ -60,6 +71,9 @@
@Autowired
public UsersService usersService;
+
+ @Autowired
+ public SystemDictDataBiz systemDictDataBiz;
@UserLoginRequired
@@ -115,7 +129,18 @@
@ApiOperation(value = "鐢熸垚灏忕▼搴忕爜", notes = "PAD绔�")
@PostMapping("/getQrCode")
- public void getQrCode(@RequestBody GenerateQRCodeRequest generateQRCodeRequest, HttpServletResponse response) {
+ @ApiImplicitParams({
+ @ApiImplicitParam(paramType = "header", dataType = "String", name = "interfaceToken", value = "token", required = true),
+ @ApiImplicitParam(paramType = "header", dataType = "String", name = "timestamp", value = "鏃堕棿鎴�", required = true),
+ })
+ public void getQrCode(@RequestBody GenerateQRCodeRequest generateQRCodeRequest, HttpServletRequest httpServletRequest, HttpServletResponse response) {
+ String interfaceToken = httpServletRequest.getHeader("interfaceToken");
+ String timestamp = httpServletRequest.getHeader("timestamp");
+ String interfaceKey = systemDictDataBiz.queryByCode(Constants.ZBOM,Constants.ZBOM_PAD_INTERFACE_KEY).getCode();
+ String token = DigestUtils.md5Hex(timestamp+interfaceKey);
+ if(!token.equals(interfaceToken)){
+ throw new BusinessException(ResponseStatus.NOT_ALLOWED.getCode(),"token宸插け鏁�!");
+ }
try{
response.setHeader("Cache-Control", "no-store, no-cache");
response.setContentType("image/jpeg");
--
Gitblit v1.9.3