....

examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/AuthController.java

@@ -2,7 +2,6 @@ package cn.com.qmth.examcloud.core.basic.api.controller;
 
 import javax.servlet.http.HttpServletRequest;
 
-import org.apache.commons.lang3.RandomUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
@@ -13,21 +12,16 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 import cn.com.qmth.examcloud.commons.base.exception.StatusException;
-import cn.com.qmth.examcloud.commons.base.util.PropertiesUtil;
 import cn.com.qmth.examcloud.commons.web.security.bean.User;
 import cn.com.qmth.examcloud.commons.web.support.ControllerSupport;
 import cn.com.qmth.examcloud.commons.web.support.ResponseStatus;
 import cn.com.qmth.examcloud.commons.web.support.StatusResponse;
-import cn.com.qmth.examcloud.core.basic.base.constants.PropKeys;
 import cn.com.qmth.examcloud.core.basic.dao.StudentRepo;
 import cn.com.qmth.examcloud.core.basic.dao.entity.StudentEntity;
 import cn.com.qmth.examcloud.core.basic.service.AuthService;
+import cn.com.qmth.examcloud.core.basic.service.SmsCodeService;
 import cn.com.qmth.examcloud.core.basic.service.StudentService;
 import cn.com.qmth.examcloud.core.basic.service.bean.LoginInfo;
-import cn.com.qmth.examcloud.exchange.inner.api.SendSmsCloudService;
-import cn.com.qmth.examcloud.exchange.inner.api.request.CheckSmsCodeReq;
-import cn.com.qmth.examcloud.exchange.inner.api.request.SendSmsReq;
-import cn.com.qmth.examcloud.exchange.inner.api.response.CheckIdentifyingCodeResp;
 import io.swagger.annotations.ApiOperation;
 
 /**
@@ -46,7 +40,7 @@ public class AuthController extends ControllerSupport {
 	AuthService authService;
 
 	@Autowired
-	SendSmsCloudService sendSmsCloudService;
+	SmsCodeService smsCodeService;
 
 	@Autowired
 	StudentRepo studentRepo;
@@ -129,76 +123,21 @@ public class AuthController extends ControllerSupport {
 			throw new StatusException("B-002050", "手机号已被关联");
 		}
 
-		SendSmsReq req = new SendSmsReq();
-		req.setPhone(phone);
-		int code = 1000 + RandomUtils.nextInt(1, 9999);
-		req.setCode(String.valueOf(code));
-
-		int smsEffectivetime = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_EFFECTIVE_TIME,
-				120);
-		int smsIntervalSeconds = PropertiesUtil
-				.getInt(PropKeys.SEND_VERIFICATION_CODE_INTERVAL_SECONDS, 60);
-
-		String smsSign = PropertiesUtil.getString(PropKeys.SEND_VERIFICATION_CODE_SIGN);
-		String smsTemplatecode = PropertiesUtil
-				.getString(PropKeys.SEND_VERIFICATION_CODE_TEMPLATE_CODE);
-
-		if (StringUtils.isBlank(smsSign)) {
-			throw new StatusException("B-001060", "签名未配置");
-		}
-		if (StringUtils.isBlank(smsTemplatecode)) {
-			throw new StatusException("B-001061", "模板未配置");
-		}
-
-		req.setEffectiveTime(smsEffectivetime);
-		req.setIntervalSeconds(smsIntervalSeconds);
-		req.setSign(smsSign);
-		req.setTemplateCode(smsTemplatecode);
-		sendSmsCloudService.sendIdentifyingCode(req);
+		smsCodeService.sendSmsCode(phone);
 	}
 
 	@ApiOperation(value = "发送验证码", notes = "")
 	@PostMapping("/sendVerificationCode")
 	public void sendVerificationCode(@RequestParam String phone) {
-		SendSmsReq req = new SendSmsReq();
-		req.setPhone(phone);
-		int code = 1000 + RandomUtils.nextInt(1, 9999);
-		req.setCode(String.valueOf(code));
-
-		int smsEffectivetime = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_EFFECTIVE_TIME,
-				120);
-		int smsIntervalSeconds = PropertiesUtil
-				.getInt(PropKeys.SEND_VERIFICATION_CODE_INTERVAL_SECONDS, 60);
-
-		String smsSign = PropertiesUtil.getString(PropKeys.SEND_VERIFICATION_CODE_SIGN);
-		String smsTemplatecode = PropertiesUtil
-				.getString(PropKeys.SEND_VERIFICATION_CODE_TEMPLATE_CODE);
-
-		if (StringUtils.isBlank(smsSign)) {
-			throw new StatusException("B-001060", "签名未配置");
-		}
-		if (StringUtils.isBlank(smsTemplatecode)) {
-			throw new StatusException("B-001061", "模板未配置");
-		}
-
-		req.setEffectiveTime(smsEffectivetime);
-		req.setIntervalSeconds(smsIntervalSeconds);
-		req.setSign(smsSign);
-		req.setTemplateCode(smsTemplatecode);
-		sendSmsCloudService.sendIdentifyingCode(req);
+		smsCodeService.sendSmsCode(phone);
 	}
 
 	@ApiOperation(value = "绑定手机号", notes = "")
 	@PostMapping("/bindSecurityPhone")
 	public void bindSecurityPhone(@RequestParam String phone,
 			@RequestParam String verificationCode) {
-		CheckSmsCodeReq req = new CheckSmsCodeReq();
-		req.setCode(verificationCode);
-		req.setPhone(phone);
-		CheckIdentifyingCodeResp resp = sendSmsCloudService.checkIdentifyingCode(req);
-		if (!resp.getSuccess()) {
-			throw new StatusException("B-001050", "验证码错误");
-		}
+
+		smsCodeService.checkSmsCode(phone, verificationCode);
 
 		User accessUser = getAccessUser();
 		Long studentId = accessUser.getUserId();

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/SmsCodeService.java

@@ -0,0 +1,16 @@
+package cn.com.qmth.examcloud.core.basic.service;
+
+/**
+ * 短信验证码服务
+ *
+ * @author WANGWEI
+ * @date 2018年12月26日
+ * @Copyright (c) 2018-? http://qmth.com.cn All Rights Reserved.
+ */
+public interface SmsCodeService {
+
+	void sendSmsCode(String phone);
+
+	void checkSmsCode(String phone, String smsCode);
+
+}

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/AuthServiceImpl.java

@@ -44,12 +44,10 @@ import cn.com.qmth.examcloud.core.basic.dao.entity.ThirdPartyAccessPK;
 import cn.com.qmth.examcloud.core.basic.dao.entity.UserEntity;
 import cn.com.qmth.examcloud.core.basic.dao.entity.UserRoleRelationEntity;
 import cn.com.qmth.examcloud.core.basic.service.AuthService;
+import cn.com.qmth.examcloud.core.basic.service.SmsCodeService;
 import cn.com.qmth.examcloud.core.basic.service.SysConfigService;
 import cn.com.qmth.examcloud.core.basic.service.UserService;
 import cn.com.qmth.examcloud.core.basic.service.bean.LoginInfo;
-import cn.com.qmth.examcloud.exchange.inner.api.SendSmsCloudService;
-import cn.com.qmth.examcloud.exchange.inner.api.request.CheckSmsCodeReq;
-import cn.com.qmth.examcloud.exchange.inner.api.response.CheckIdentifyingCodeResp;
 
 /**
  * 类注释
@@ -95,7 +93,7 @@ public class AuthServiceImpl implements AuthService {
 	SysConfigService sysConfigService;
 
 	@Autowired
-	SendSmsCloudService sendSmsCloudService;
+	SmsCodeService smsCodeService;
 
 	@Override
 	public User login(LoginInfo loginInfo) {
@@ -228,13 +226,7 @@ public class AuthServiceImpl implements AuthService {
 			// 验证码登录
 			if (AccountType.STUDENT_PHONE.equals(accountTypeEnum)
 					&& StringUtils.isNotBlank(smsCode)) {
-				CheckSmsCodeReq req = new CheckSmsCodeReq();
-				req.setCode(smsCode);
-				req.setPhone(accountValue);
-				CheckIdentifyingCodeResp resp = sendSmsCloudService.checkIdentifyingCode(req);
-				if (!resp.getSuccess()) {
-					throw new StatusException("B-001050", "验证码错误");
-				}
+				smsCodeService.checkSmsCode(accountValue, smsCode);
 			}
 			// 密码登录
 			else {
@@ -257,6 +249,19 @@ public class AuthServiceImpl implements AuthService {
 			user.setRoleList(roleList);
 		}
 
+		// 超级管理员短信验证
+		if (isSuperAdmin(user)) {
+			// 验证码不为空时，校验验证码
+			if (StringUtils.isNotBlank(smsCode)) {
+				smsCodeService.checkSmsCode(accountValue, smsCode);
+			}
+			// 验证码为空时，发送验证码
+			else {
+				smsCodeService.sendSmsCode(accountValue);
+				throw new StatusException("B-001100", "需要短信验证码");
+			}
+		}
+
 		user.setClientIp(loginInfo.getClientIp());
 
 		OrgEntity org = null;
@@ -420,6 +425,17 @@ public class AuthServiceImpl implements AuthService {
 		return false;
 	}
 
+	private boolean isSuperAdmin(User user) {
+		List<Role> roleList = user.getRoleList();
+
+		for (Role role : roleList) {
+			if (role.getRoleCode().equals(RoleMeta.SUPER_ADMIN.name())) {
+				return true;
+			}
+		}
+		return false;
+	}
+
 	/**
 	 * 构建key
 	 *

examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/SmsCodeServiceImpl.java

@@ -0,0 +1,65 @@
+package cn.com.qmth.examcloud.core.basic.service.impl;
+
+import org.apache.commons.lang3.RandomUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import cn.com.qmth.examcloud.commons.base.exception.StatusException;
+import cn.com.qmth.examcloud.commons.base.util.PropertiesUtil;
+import cn.com.qmth.examcloud.core.basic.base.constants.PropKeys;
+import cn.com.qmth.examcloud.core.basic.service.SmsCodeService;
+import cn.com.qmth.examcloud.exchange.inner.api.SendSmsCloudService;
+import cn.com.qmth.examcloud.exchange.inner.api.request.CheckSmsCodeReq;
+import cn.com.qmth.examcloud.exchange.inner.api.request.SendSmsReq;
+import cn.com.qmth.examcloud.exchange.inner.api.response.CheckIdentifyingCodeResp;
+
+@Service
+public class SmsCodeServiceImpl implements SmsCodeService {
+
+	@Autowired
+	SendSmsCloudService sendSmsCloudService;
+
+	@Override
+	public void sendSmsCode(String phone) {
+		SendSmsReq req = new SendSmsReq();
+		req.setPhone(phone);
+		int code = 1000 + RandomUtils.nextInt(1, 9999);
+		req.setCode(String.valueOf(code));
+
+		int smsEffectivetime = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_EFFECTIVE_TIME,
+				120);
+		int smsIntervalSeconds = PropertiesUtil
+				.getInt(PropKeys.SEND_VERIFICATION_CODE_INTERVAL_SECONDS, 60);
+
+		String smsSign = PropertiesUtil.getString(PropKeys.SEND_VERIFICATION_CODE_SIGN);
+		String smsTemplatecode = PropertiesUtil
+				.getString(PropKeys.SEND_VERIFICATION_CODE_TEMPLATE_CODE);
+
+		if (StringUtils.isBlank(smsSign)) {
+			throw new StatusException("B-001060", "签名未配置");
+		}
+		if (StringUtils.isBlank(smsTemplatecode)) {
+			throw new StatusException("B-001061", "模板未配置");
+		}
+
+		req.setEffectiveTime(smsEffectivetime);
+		req.setIntervalSeconds(smsIntervalSeconds);
+		req.setSign(smsSign);
+		req.setTemplateCode(smsTemplatecode);
+		sendSmsCloudService.sendIdentifyingCode(req);
+	}
+
+	@Override
+	public void checkSmsCode(String phone, String smsCode) {
+
+		CheckSmsCodeReq req = new CheckSmsCodeReq();
+		req.setCode(smsCode);
+		req.setPhone(phone);
+		CheckIdentifyingCodeResp resp = sendSmsCloudService.checkIdentifyingCode(req);
+		if (!resp.getSuccess()) {
+			throw new StatusException("B-001050", "验证码错误");
+		}
+	}
+
+}