Эхлэл Бүгдийг харах Тусламж
Нэвтрэх
examcloud-backend
/
examcloud-core-basic
2
0
Салаа 0
Файлууд Асуудлууд 0 Хуулах хүсэлтүүд 0 Мэдлэгийн сан
Эх сурвалжийг харах

...

WANG 6 жил өмнө
parent
498554afde
commit
64d434d24b
3 өөрчлөгдсөн 33 нэмэгдсэн , 26 устгасан
Өөрчлөлтийг ялгаж харах Өөрчлөлтийн статистик харах
  1. 11 12
      examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/AuthController.java
  2. 3 2
      examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/AuthService.java
  3. 19 12
      examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/AuthServiceImpl.java

+ 11 - 12
examcloud-core-basic-api-provider/src/main/java/cn/com/qmth/examcloud/core/basic/api/controller/AuthController.java
Файл харах 

@@ -92,10 +92,13 @@ public class AuthController extends ControllerSupport {
 
 

 	@ApiOperation(value = "第三方机构接入", notes = "")

 	@PostMapping("/thirdPartyAccess")

-	public User thirdPartyAccess(@RequestParam Long orgId, @RequestParam String loginName,

-			@RequestParam String appId, @RequestParam String timestamp,

-			@RequestParam String token) {

-		return authService.thirdPartyAccess(orgId, loginName, appId, timestamp, token);

+	public User thirdPartyAccess(HttpServletRequest request, @RequestParam Long orgId, @RequestParam String loginName,

+			@RequestParam String appId, @RequestParam String timestamp, @RequestParam String token) {

+		String realIp = request.getHeader("x-forwarded-for");

+		if (StringUtils.isBlank(realIp)) {

+			realIp = request.getHeader("x-real-ip");

+		}

+		return authService.thirdPartyAccess(orgId, loginName, appId, timestamp, token, realIp);

 	}

 

 	@ApiOperation(value = "发送验证码", notes = "")

@@ -106,14 +109,11 @@ public class AuthController extends ControllerSupport {
 
 		int code = 1000 + RandomUtils.nextInt(1, 9999);

 		req.setCode(String.valueOf(code));

 

-		int smsEffectivetime = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_EFFECTIVE_TIME,

-				120);

-		int smsIntervalSeconds = PropertiesUtil

-				.getInt(PropKeys.SEND_VERIFICATION_CODE_INTERVAL_SECONDS, 60);

+		int smsEffectivetime = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_EFFECTIVE_TIME, 120);

+		int smsIntervalSeconds = PropertiesUtil.getInt(PropKeys.SEND_VERIFICATION_CODE_INTERVAL_SECONDS, 60);

 

 		String smsSign = PropertiesUtil.getString(PropKeys.SEND_VERIFICATION_CODE_SIGN);

-		String smsTemplatecode = PropertiesUtil

-				.getString(PropKeys.SEND_VERIFICATION_CODE_TEMPLATE_CODE);

+		String smsTemplatecode = PropertiesUtil.getString(PropKeys.SEND_VERIFICATION_CODE_TEMPLATE_CODE);

 

 		if (StringUtils.isBlank(smsSign)) {

 			throw new StatusException("B-001060", "签名未配置");

@@ -131,8 +131,7 @@ public class AuthController extends ControllerSupport {
 
 

 	@ApiOperation(value = "绑定手机号", notes = "")

 	@PostMapping("/bindSecurityPhone")

-	public void bindSecurityPhone(@RequestParam String phone,

-			@RequestParam String verificationCode) {

+	public void bindSecurityPhone(@RequestParam String phone, @RequestParam String verificationCode) {

 		CheckSmsCodeReq req = new CheckSmsCodeReq();

 		req.setCode(verificationCode);

 		req.setPhone(phone);

+ 3 - 2
examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/AuthService.java
Файл харах 

@@ -49,10 +49,11 @@ public interface AuthService {
 
 	 * @param appId

 	 * @param timestamp

 	 * @param token

+	 * @param clientIp

 	 * @return

 	 * @throws StatusException

 	 */

-	User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp,

-			String token) throws StatusException;

+	User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp, String token,

+			String clientIp) throws StatusException;

 

 }

+ 19 - 12
examcloud-core-basic-service/src/main/java/cn/com/qmth/examcloud/core/basic/service/impl/AuthServiceImpl.java
Файл харах 

@@ -179,8 +179,7 @@ public class AuthServiceImpl implements AuthService {
 
 			}

 			// 学生身份证号登录

 			else if (AccountType.STUDENT_IDENTITY_NUMBER.equals(accountTypeEnum)) {

-				student = studentRepo.findByIdentityNumberAndRootOrgId(accountValue,

-						rootOrg.getId());

+				student = studentRepo.findByIdentityNumberAndRootOrgId(accountValue, rootOrg.getId());

 			}

 

 			if (null == student) {

@@ -239,8 +238,8 @@ public class AuthServiceImpl implements AuthService {
 
 	 * @param ip

 	 */

 	private void whenPasswordError(AccountType accountType, String accountValue, String ip) {

-		String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_")

-				.append(accountValue).append("_").append(ip).toString();

+		String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_").append(accountValue)

+				.append("_").append(ip).toString();

 

 		Integer times = redisClient.get(key, Integer.class);

 		if (null != times) {

@@ -262,8 +261,8 @@ public class AuthServiceImpl implements AuthService {
 
 	 * @return

 	 */

 	private boolean limited(AccountType accountType, String accountValue, String ip) {

-		String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_")

-				.append(accountValue).append("_").append(ip).toString();

+		String key = new StringBuilder("$_PW_ERR_").append(accountType.getCode()).append("_").append(accountValue)

+				.append("_").append(ip).toString();

 

 		Integer times = redisClient.get(key, Integer.class);

 

@@ -314,6 +313,9 @@ public class AuthServiceImpl implements AuthService {
 
 	 * @param orgId

 	 */

 	private void setSecurityIp(User user, Long orgId) {

+		if (null == orgId) {

+			return;

+		}

 		String key = "IP_" + orgId;

 

 		String clientIp = user.getClientIp();

@@ -374,8 +376,7 @@ public class AuthServiceImpl implements AuthService {
 
 	private String buildUserKey(User user) {

 		Long rootOrgId = user.getRootOrgId();

 		UserType userType = user.getUserType();

-		String key = StringUtil.join("U_", userType.getCode(), "_", rootOrgId, "_",

-				user.getUserId());

+		String key = StringUtil.join("U_", userType.getCode(), "_", rootOrgId, "_", user.getUserId());

 		return key;

 	}

 

@@ -405,8 +406,8 @@ public class AuthServiceImpl implements AuthService {
 
 	}

 

 	@Override

-	public User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp,

-			String token) throws StatusException {

+	public User thirdPartyAccess(Long rootOrgId, String loginName, String appId, String timestamp, String token,

+			String clientIp) throws StatusException {

 

 		OrgEntity rootOrg = orgRepo.findOne(rootOrgId);

 		if (null == rootOrg) {

@@ -455,8 +456,15 @@ public class AuthServiceImpl implements AuthService {
 
 		List<Role> roleList = getUserRoles(userEntity.getId());

 		user.setRoleList(roleList);

 

+		user.setClientIp(clientIp);

 		setSession(user);

 

+		boolean isLcUser = isLcUser(user);

+

+		if (isLcUser) {

+			setSecurityIp(user, userEntity.getOrgId());

+		}

+

 		return user;

 	}

 

@@ -498,8 +506,7 @@ public class AuthServiceImpl implements AuthService {
 
 				if (null == roleEntity) {

 					throw new StatusException("B-002002", "roleId is wrong. roleId=" + roleId);

 				}

-				Role role = new Role(roleEntity.getId(), roleEntity.getCode(),

-						roleEntity.getName());

+				Role role = new Role(roleEntity.getId(), roleEntity.getCode(), roleEntity.getName());

 				roleList.add(role);

 			}

 		}