package com.doumee.api.web; import com.doumee.biz.system.SystemDictDataBiz; import com.doumee.config.Jwt.JwtProperties; import com.doumee.config.Jwt.JwtTokenUtil; import com.doumee.config.annotation.EncryptionReq; import com.doumee.config.annotation.EncryptionResp; import com.doumee.config.annotation.LoginRequired; import com.doumee.core.annotation.pr.PreventRepeat; import com.doumee.core.constants.Constants; import com.doumee.core.constants.ResponseStatus; import com.doumee.core.exception.BusinessException; import com.doumee.core.model.ApiResponse; import com.doumee.core.model.PageData; import com.doumee.core.model.PageWrap; import com.doumee.dao.business.dto.WebQwSingatureDto; import com.doumee.dao.business.model.Member; import com.doumee.dao.business.vo.WebQwSingatureVO; import com.doumee.dao.web.dto.LoginH5DTO; import com.doumee.dao.web.dto.UpdEmailDTO; import com.doumee.service.business.MemberService; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.apache.shiro.authz.annotation.RequiresPermissions; import org.springframework.http.server.reactive.ServerHttpRequest; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import org.springframework.web.server.ServerWebExchange; import javax.annotation.Resource; import java.math.BigInteger; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.HashMap; import java.util.Map; import java.util.UUID; /** * JWT获取令牌和刷新令牌接口 */ @RestController @Api(tags ="web端用户相关接口") @RequestMapping("/web/member") @Slf4j public class WebMemberController { @Resource private JwtTokenUtil jwtTokenUtil; @Resource private MemberService memberService; @Resource private SystemDictDataBiz systemDictDataBiz; @PreventRepeat(limit = 10, lockTime = 10000) @ApiOperation("H5业务登录") @PostMapping("/loginH5") @EncryptionReq @EncryptionResp public ApiResponse loginH5 (@RequestBody LoginH5DTO dto) { try { //拿CODE换qwid,先查下本系统是否存在,存在直接返回member,否则用qwid查询企业用户数据,插入数据库(member) Member user = memberService.getUserInfo(dto); String token = jwtTokenUtil.generateToken(user); user.setToken(token); return ApiResponse.success(user); }catch (BusinessException e){ return ApiResponse.failed(e.getCode(),e.getMessage()); }catch (Exception e){ e.printStackTrace(); return ApiResponse.failed(ResponseStatus.SERVER_ERROR); } } @LoginRequired @ApiOperation("更新用户邮箱信息") @PostMapping("/upateInfo") @EncryptionReq @EncryptionResp public ApiResponse upateInfo (@RequestBody UpdEmailDTO updEmailDTO ,@RequestHeader(JwtTokenUtil.HEADER_KEY) String token) { try { Member user = jwtTokenUtil.getUserInfoByToken(token); updEmailDTO.setUserId(user.getId()); memberService.updEmail(updEmailDTO); return ApiResponse.success("操作成功"); }catch (BusinessException e){ return ApiResponse.failed(e.getCode(),e.getMessage()); }catch (Exception e){ e.printStackTrace(); return ApiResponse.failed(ResponseStatus.SERVER_ERROR); } } /** * 刷新JWT令牌,用旧的令牌换新的令牌 */ @LoginRequired @GetMapping("/getMemberInfo") @ApiOperation("获取当前登陆用户") public ApiResponse getMemberInfo(@RequestHeader(JwtTokenUtil.HEADER_KEY) String token){ try { Member user = jwtTokenUtil.getUserInfoByToken(token); user = memberService.checkUserValid(user); user.setToken(jwtTokenUtil.refreshToken(token));//每次更新token有效期 if(user !=null){ return ApiResponse.success( user); } }catch (BusinessException e){ return ApiResponse.failed(e.getCode(),e.getMessage()); }catch (Exception e){ return ApiResponse.failed(ResponseStatus.SERVER_ERROR); } return ApiResponse.failed( "登录已失效"); } @ApiOperation("获取企业微信JS签名") @PostMapping("/getQwSignature") @ResponseBody @EncryptionReq @EncryptionResp public ApiResponse getQwSignature(@RequestBody WebQwSingatureDto param) { try { String jsapiTicket = systemDictDataBiz.queryByCode(Constants.QYWX,Constants.QYWX_JS_API_TICKET).getCode(); String noncestr = UUID.randomUUID().toString(); Long timestamp = System.currentTimeMillis() / 1000; String jsapiTicketStr = "jsapi_ticket="+jsapiTicket + "&noncestr=" + noncestr + "×tamp=" + timestamp + "&url=" + param.getUrl(); // MessageDigest instance = MessageDigest.getInstance("SHA-1"); // instance.update(jsapiTicketStr.getBytes()); // byte[] digest = instance.digest(); // BigInteger bigInteger = new BigInteger(1, digest); // String string = bigInteger.toString(); WebQwSingatureVO result = new WebQwSingatureVO(); result.setNoncestr( noncestr); result.setSignature( getSHA1(jsapiTicketStr)); result.setTimestamp( timestamp); result.setUrl( param.getUrl()); result.setTicket(jsapiTicket); return ApiResponse.success( result); } catch ( Exception e) { e.printStackTrace(); log.error("获取签名失败"+e.getMessage()); } return ApiResponse.failed("获取签名失败"); } @LoginRequired @ApiOperation("查询可被抄送人分页") @PostMapping("/getCopySendUserPage") @EncryptionReq @EncryptionResp public ApiResponse> getCopySendUserPage (@RequestBody PageWrap pageWrap) { pageWrap.getModel().setIsSendCopy(Constants.ONE); return ApiResponse.success(memberService.findPage(pageWrap)); } public static String getSHA1(String input) { try { // 获取MessageDigest类的实例,指定使用SHA-1算法 MessageDigest md = MessageDigest.getInstance("SHA-1"); // 使用指定的字节更新摘要 md.update(input.getBytes()); // 获取密文(哈希值) byte[] digest = md.digest(); // 将字节数组转换为十六进制字符串 StringBuilder hexString = new StringBuilder(); for (byte b : digest) { String hex = Integer.toHexString(0xff & b); if (hex.length() == 1) hexString.append('0'); hexString.append(hex); } return hexString.toString(); } catch (NoSuchAlgorithmException e) { throw new RuntimeException(e); } } }