diff --git a/src/main/java/com/kiisoo/ic/login/controller/LoginController.java b/src/main/java/com/kiisoo/ic/login/controller/LoginController.java index ae27cac..a96b164 100644 --- a/src/main/java/com/kiisoo/ic/login/controller/LoginController.java +++ b/src/main/java/com/kiisoo/ic/login/controller/LoginController.java @@ -4,6 +4,7 @@ import com.kiisoo.ic.common.BaseController; import com.kiisoo.ic.login.bean.LoginBean; import com.kiisoo.ic.login.enums.LoginEnum; import com.kiisoo.ic.login.service.LoginService; +import com.kiisoo.ic.utils.PasswordEncry; import com.kiisoo.ic.wx.service.QWMailListManageService; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; @@ -87,19 +88,29 @@ public class LoginController extends BaseController { } /** - * 小程序登录账号 - * @param loginParams 登录参数 - * @return 成功/失败 + * 解码获得手机号码后,根据手机号码关联账号 + * @param encrypdata + * @param ivdata + * @param sessionkey + * @return 返回成功用户信息 */ @RequestMapping(value = "/mobile/login",method = RequestMethod.GET) @ResponseBody - public Map mobileLoginAccount(@RequestParam("mobile") String mobile){ + public Map mobileLoginAccount(@RequestParam("encrypdata") String encrypdata, @RequestParam("ivdata") String ivdata, @RequestParam("sessionkey")String sessionkey){ try{ Map resultMap = new HashMap<>(); - LoginBean loginBean = loginService.mobileLogin(mobile); - resultMap.put("code", loginBean.getLoginInfo().get("code")); - resultMap.put("results", loginBean); - resultMap.put("success", Boolean.TRUE); + + String mobile = PasswordEncry.encode(encrypdata, ivdata, sessionkey); + if(StringUtils.isNotBlank(mobile)){ + LoginBean loginBean = loginService.mobileLogin(mobile); + resultMap.put("code", loginBean.getLoginInfo().get("code")); + resultMap.put("results", loginBean); + resultMap.put("success", Boolean.TRUE); + }else{ + resultMap.put("code", "0001"); + resultMap.put("success", Boolean.FALSE); + } + return resultMap; }catch (Exception e){ log.error("登录失败", e); diff --git a/src/main/java/com/kiisoo/ic/utils/PasswordEncry.java b/src/main/java/com/kiisoo/ic/utils/PasswordEncry.java index 3d65cef..38dc341 100644 --- a/src/main/java/com/kiisoo/ic/utils/PasswordEncry.java +++ b/src/main/java/com/kiisoo/ic/utils/PasswordEncry.java @@ -1,11 +1,21 @@ package com.kiisoo.ic.utils; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; import com.kiisoo.ic.system.entity.PrivilageAccountDO; +import org.apache.shiro.codec.Base64; import org.apache.shiro.crypto.RandomNumberGenerator; import org.apache.shiro.crypto.SecureRandomNumberGenerator; import org.apache.shiro.crypto.hash.SimpleHash; import org.apache.shiro.util.ByteSource; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import java.security.spec.AlgorithmParameterSpec; +import java.util.HashMap; +import java.util.Map; + /** * 密码加密类 * @author Arvin @@ -33,5 +43,31 @@ public class PasswordEncry { userDO.setPassword(newPassword); return userDO; } + + public static String encode(String encrypdata, String ivdata, String sessionkey){ + byte[] encrypData = Base64.decode(encrypdata); + byte[] ivData = Base64.decode(ivdata); + byte[] sessionKey = Base64.decode(sessionkey); + String str = ""; + try { + str = decrypt(sessionKey, ivData, encrypData); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + JSONObject json = JSON.parseObject(str); + String phone = json.getString("purePhoneNumber"); + return phone; + } + + public static String decrypt(byte[] key, byte[] iv, byte[] encData) throws Exception { + AlgorithmParameterSpec ivSpec = new IvParameterSpec(iv); + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + SecretKeySpec keySpec = new SecretKeySpec(key, "AES"); + cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); + //解析解密后的字符串   + return new String(cipher.doFinal(encData), "UTF-8"); + } } diff --git a/src/main/java/com/kiisoo/ic/wx/controller/WechatController.java b/src/main/java/com/kiisoo/ic/wx/controller/WechatController.java index 3c4a41b..2d2f9f8 100644 --- a/src/main/java/com/kiisoo/ic/wx/controller/WechatController.java +++ b/src/main/java/com/kiisoo/ic/wx/controller/WechatController.java @@ -8,11 +8,19 @@ import com.kiisoo.ic.common.BaseController; import com.kiisoo.ic.common.utils.httpClientUtil.HttpClientUtil; import com.kiisoo.ic.common.utils.httpClientUtil.HttpResult; import org.apache.commons.lang3.StringUtils; +import org.apache.shiro.codec.Base64; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestMethod; +import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; +import javax.crypto.Cipher; +import javax.crypto.spec.IvParameterSpec; +import javax.crypto.spec.SecretKeySpec; +import javax.servlet.http.HttpServletRequest; +import java.security.spec.AlgorithmParameterSpec; import java.util.HashMap; import java.util.Map; @@ -53,10 +61,15 @@ public class WechatController extends BaseController { HttpResult data = HttpClientUtil.httpGet(urlPath.toString()); //http返回参数 - if (JSONObject.parseObject(data.getMessage()).get("errcode").equals("0")) { + if (data.getCode() == 200) { String openid = JSONObject.parseObject(data.getMessage()).get("openid").toString(); String sessionKey = JSONObject.parseObject(data.getMessage()).get("session_key").toString(); - String unionid = JSONObject.parseObject(data.getMessage()).get("unionid").toString(); + + String unionid = ""; + if (JSONObject.parseObject(data.getMessage()).get("unionid") != null) { + unionid = JSONObject.parseObject(data.getMessage()).get("unionid").toString(); + } + result.put("openId", openid); result.put("sessionKey", sessionKey); @@ -68,4 +81,43 @@ public class WechatController extends BaseController { } return fail(); } + + /** + * 解密并且获取用户手机号码 + * + * @param encrypdata + * @param ivdata + * @param sessionkey + * @return + * @throws Exception  + */ + @RequestMapping(value = "encode", method = RequestMethod.GET) + @ResponseBody + public Map deciphering(@RequestParam("encrypdata") String encrypdata, @RequestParam("ivdata") String ivdata, @RequestParam("sessionkey")String sessionkey) { + + byte[] encrypData = Base64.decode(encrypdata); + byte[] ivData = Base64.decode(ivdata); + byte[] sessionKey = Base64.decode(sessionkey); + String str = ""; + try { + str = decrypt(sessionKey, ivData, encrypData); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + System.out.println(str); + Map map = new HashMap<>(); + map.put("phone", str); + return data(map); + + } + + public static String decrypt(byte[] key, byte[] iv, byte[] encData) throws Exception { + AlgorithmParameterSpec ivSpec = new IvParameterSpec(iv); + Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); + SecretKeySpec keySpec = new SecretKeySpec(key, "AES"); + cipher.init(Cipher.DECRYPT_MODE, keySpec, ivSpec); + //解析解密后的字符串   + return new String(cipher.doFinal(encData), "UTF-8"); + } }