3.4.6 20250701 验证码功能优化

distributed-print/install/mysql/upgrade/3.4.6.sql

@@ -19,3 +19,4 @@ UPDATE `sys_config` SET `config_value` = '[{\"name\":\"A3\",\"size\":\"420*297\"
 
 
 UPDATE `sys_privilege` SET `related` = '67,68' WHERE (`id` = '273');
+UPDATE `sys_privilege` SET `related` = '672,902,903,904,905,906,907,908,909,910,911,912,913,931,962,963,965,1132,1133' WHERE (`id` = '901');

distributed-print/src/main/java/com/qmth/distributed/print/api/OpenApiController.java

@@ -7,9 +7,11 @@ import com.qmth.distributed.print.business.bean.params.open.GradeOpenPageParams;
 import com.qmth.distributed.print.business.bean.params.open.GradeOpenParams;
 import com.qmth.distributed.print.business.service.OpenApiService;
 import com.qmth.teachcloud.common.bean.params.OpenParams;
+import com.qmth.teachcloud.common.bean.result.AiRobotResult;
 import com.qmth.teachcloud.common.bean.result.LoginResult;
 import com.qmth.teachcloud.common.contant.SystemConstant;
 import com.qmth.teachcloud.common.entity.BasicSchool;
+import com.qmth.teachcloud.common.entity.SysConfig;
 import com.qmth.teachcloud.common.entity.SysUser;
 import com.qmth.teachcloud.common.enums.AppSourceEnum;
 import com.qmth.teachcloud.common.enums.ExceptionResultEnum;
@@ -19,6 +21,7 @@ import com.qmth.teachcloud.common.service.SysUserService;
 import com.qmth.teachcloud.common.service.TeachcloudCommonService;
 import com.qmth.teachcloud.common.util.*;
 import io.swagger.annotations.*;
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.util.CollectionUtils;
@@ -179,7 +182,8 @@ public class OpenApiController {
             throw ExceptionResultEnum.PARAMS_ERROR.exception("用户不存在");
         }
 
-        LoginResult loginResult = teachcloudCommonService.login(sysUserList.get(0).getPassword(), sysUserList.get(0), AppSourceEnum.CAS_THIRD);
+        SysUser sysUser = sysUserList.get(0);
+        LoginResult loginResult = teachcloudCommonService.login(sysUser.getPassword(), sysUser, AppSourceEnum.CAS_THIRD);
         if (Objects.nonNull(returnUrl) && !Objects.equals(returnUrl, "")) {
             returnUrl = URLDecoder.decode(returnUrl, SystemConstant.CHARSET_NAME);
         }
@@ -192,6 +196,12 @@ public class OpenApiController {
 //            }
 //            loginResult.setSchoolInfo(schoolNativeBeanList);
 //        }
+
+        // 机器人参数
+        SysConfig aiRobotSwitch = commonCacheService.addSysConfigCache(sysUser.getSchoolId(), SystemConstant.AI_ROBOT_ENABLE);
+        SysConfig aiRobotUrl = commonCacheService.addSysConfigCache(sysUser.getSchoolId(), SystemConstant.AI_ROBOT_URL);
+        loginResult.setAiRobotResult(new AiRobotResult(aiRobotSwitch != null && StringUtils.isNotBlank(aiRobotSwitch.getConfigValue()) ? Boolean.valueOf(aiRobotSwitch.getConfigValue()) : false, aiRobotUrl != null && StringUtils.isNotBlank(aiRobotUrl.getConfigValue()) ? aiRobotUrl.getConfigValue() : null));
+
         return ResultUtil.ok(loginResult);
     }
 

distributed-print/src/main/java/com/qmth/distributed/print/api/SysController.java

@@ -137,12 +137,12 @@ public class SysController {
                 throw ExceptionResultEnum.SCHOOL_ENABLE.exception();
             }
         }
-        QueryWrapper<SysUser> wrapper = new QueryWrapper<>();
+        Long schoolId = null;
         if (Objects.nonNull(basicSchool)) {
-            wrapper.lambda().eq(SysUser::getSchoolId, basicSchool.getId());
+            schoolId = basicSchool.getId();
         }
         // 账号密码登录
-        List<SysUser> userList = null;
+        SysUser sysUser = null;
         if (LoginTypeEnum.ACCOUNT.name().equals(login.getType())) {
             String loginName = login.getLoginName();
             String password = login.getPassword();
@@ -153,26 +153,18 @@ public class SysController {
             if (StringUtils.isBlank(password)) {
                 throw ExceptionResultEnum.ERROR.exception("密码不能为空");
             }
-            wrapper.lambda().and(w -> w.eq(SysUser::getLoginName, loginName).or().eq(SysUser::getCode, loginName));
-            userList = sysUserService.list(wrapper);
+            sysUser = sysUserService.getByLoginName(schoolId, loginName);
 
             //用户不存在
-            if (userList == null || userList.isEmpty()) {
-                throw ExceptionResultEnum.ERROR.exception("用户名或密码错误");
-            }
-            if (userList.size() > 1) {
-                throw ExceptionResultEnum.ERROR.exception("用户名或密码错误");
+            if (sysUser == null) {
+                throw ExceptionResultEnum.USER_NO_DATA.exception();
             }
-
-            SysUser sysUser = userList.get(0);
             if (!sysUser.getEnable()) {
-                throw ExceptionResultEnum.ERROR.exception("用户被禁用");
+                throw ExceptionResultEnum.USER_ENABLE.exception();
             }
-
-//            String decodePassword = Base64Util.encode(AesECBUtil.decryptSimple(password).getBytes());
             String decodePassword = Base64Util.encode(RSAUtil.decrypt(password).getBytes());
-            if (!decodePassword.equals(userList.get(0).getPassword())) {
-                throw ExceptionResultEnum.ERROR.exception("用户名或密码错误");
+            if (!decodePassword.equals(sysUser.getPassword())) {
+                throw ExceptionResultEnum.USER_NO_DATA.exception();
             }
 
             //2022.11.10日加入用户/密码模式是否开启短信验证
@@ -181,7 +173,7 @@ public class SysController {
                 if (Objects.nonNull(sysConfigAccount) && Objects.nonNull(sysConfigAccount.getConfigValue())
                         && Boolean.valueOf(sysConfigAccount.getConfigValue())) {
                     // 校验验证码
-                    sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), login.getCode());
+                    sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), login.getCode(), true);
 
                     // 如果不是共用验证码再过期
                     SysConfig sysConfig = commonCacheService.addSysConfigCache(SystemConstant.SMS_NORMAL_CODE);
@@ -201,19 +193,14 @@ public class SysController {
             if (StringUtils.isBlank(code)) {
                 throw ExceptionResultEnum.ERROR.exception("验证码不能为空");
             }
-            wrapper.lambda().eq(SysUser::getMobileNumber, mobileNumber);
-            userList = sysUserService.list(wrapper);
+            sysUser = sysUserService.getByMobileNumber(schoolId, mobileNumber);
 
             //用户不存在
-            if (userList == null || userList.isEmpty()) {
-                throw ExceptionResultEnum.ERROR.exception("用户不存在");
+            if (sysUser == null) {
+                throw ExceptionResultEnum.ERROR.exception("手机号不存在");
             }
-            if (userList.size() > 1) {
-                throw ExceptionResultEnum.ERROR.exception("查出多个用户");
-            }
-            SysUser sysUser = userList.get(0);
             // 校验验证码
-            sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), code);
+            sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), code, false);
 
             // 如果不是共用验证码再过期
             SysConfig sysConfig = commonCacheService.addSysConfigCache(SystemConstant.SMS_NORMAL_CODE);
@@ -226,16 +213,13 @@ public class SysController {
         }
 
         if (login.getSchoolCode().equalsIgnoreCase(SystemConstant.ADMIN_CODE)) {
-            userList.forEach(o -> {
-                AuthBean authBean = teachcloudCommonService.getUserAuth(o.getId());
-                if (Objects.nonNull(authBean) && Objects.nonNull(authBean.getRoleList()) && authBean.getRoleList().size() > 0) {
-                    if (Objects.nonNull(authBean.getSchool())) {
-                        throw ExceptionResultEnum.ERROR.exception("用户无法通过当前页面登录");
-                    }
+            AuthBean authBean = teachcloudCommonService.getUserAuth(sysUser.getId());
+            if (Objects.nonNull(authBean) && Objects.nonNull(authBean.getRoleList()) && authBean.getRoleList().size() > 0) {
+                if (Objects.nonNull(authBean.getSchool())) {
+                    throw ExceptionResultEnum.ERROR.exception("用户无法通过当前页面登录");
                 }
-            });
+            }
         }
-        SysUser sysUser = userList.get(0);
         LoginResult loginResult = teachcloudCommonService.login(login.getPassword(), sysUser, AppSourceEnum.SYSTEM);
         loginResult.setUiSetting(sysUser.getUiSetting());
 

teachcloud-common/src/main/java/com/qmth/teachcloud/common/service/SysUserService.java

@@ -153,7 +153,7 @@ public interface SysUserService extends IService<SysUser> {
      * @param mobileNumber 用户手机号
      * @param code         验证码
      */
-    void checkSmsCode(Long userId, String mobileNumber, String code);
+    void checkSmsCode(Long userId, String mobileNumber, String code, boolean useDefaultCode);
 
     /**
      * 强行过期用户手机号验证码（过期时间改为验证码发送时间）
@@ -249,6 +249,7 @@ public interface SysUserService extends IService<SysUser> {
     void updateUiSetting(Long userId, String unescapeHtml);
 
     SysUser getByLoginName(Long schoolId, String loginName);
+    SysUser getByMobileNumber(Long schoolId, String mobileNumber);
 
     List<SysUserResult> listBySchoolId(Long schoolId);
 

teachcloud-common/src/main/java/com/qmth/teachcloud/common/service/impl/SysUserServiceImpl.java

@@ -1,6 +1,7 @@
 package com.qmth.teachcloud.common.service.impl;
 
 import com.alibaba.fastjson.JSON;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
 import com.baomidou.mybatisplus.core.metadata.IPage;
@@ -233,7 +234,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
         }
         if (SystemConstant.strNotNull(mobileNumber)) {
             // 校验验证码
-            this.checkSmsCode(user.getId(), mobileNumber, verifyCode);
+            this.checkSmsCode(user.getId(), mobileNumber, verifyCode, false);
             // 更新电话
 
             SysUser checkMobileNumber = this.getOne(new QueryWrapper<SysUser>().lambda().eq(SysUser::getSchoolId, sysUser.getSchoolId()).eq(SysUser::getEnable, true).eq(SysUser::getMobileNumber, mobileNumber));
@@ -320,7 +321,7 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
             throw ExceptionResultEnum.ERROR.exception("用户学校不匹配");
         }
         // 校验验证码
-        sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), sysConfig.getConfigValue());
+        sysUserService.checkSmsCode(sysUser.getId(), sysUser.getMobileNumber(), sysConfig.getConfigValue(), false);
 
         return teachcloudCommonService.login(sysUser.getPassword(), sysUser, AppSourceEnum.SYSTEM);
     }
@@ -777,41 +778,33 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
     }
 
     @Override
-    public void checkSmsCode(Long userId, String mobileNumber, String code) {
-        SysConfig value = sysConfigService.getByKey("sys.code.enable");
-        if (Objects.nonNull(value) && value.getConfigValue().equals("true")) {
-            if (Objects.isNull(code)) {
-                throw ExceptionResultEnum.ERROR.exception("验证码不能为空");
-            }
-            SysConfig sysConfig = commonCacheService.addSysConfigCache(SystemConstant.SMS_NORMAL_CODE);
-            Optional.ofNullable(sysConfig).orElseThrow(() -> ExceptionResultEnum.ERROR.exception("未配置万能短信验证码"));
-            if (!sysConfig.getConfigValue().equals(code)) {
-                List<VerifyCodeCheckDto> verifyCodeCheckDtoList = this.baseMapper.findVerifyCodeByUser(userId, mobileNumber);
-                if (verifyCodeCheckDtoList.size() < 1) {
-                    throw ExceptionResultEnum.ERROR.exception("验证码错误");
-                }
-                VerifyCodeCheckDto accessControl = verifyCodeCheckDtoList.get(0);
-                if (accessControl == null || !accessControl.getVerifyCode().equals(code)) {
-                    throw ExceptionResultEnum.ERROR.exception("验证码错误");
-                }
+    public void checkSmsCode(Long userId, String mobileNumber, String code, boolean useDefaultCode) {
+        if (Objects.isNull(code)) {
+            throw ExceptionResultEnum.ERROR.exception("验证码不能为空");
+        }
+        SysConfig sysConfig = commonCacheService.addSysConfigCache(SystemConstant.SMS_NORMAL_CODE);
+        if (useDefaultCode && sysConfig != null && StringUtils.isNotBlank(sysConfig.getConfigValue()) && code.equals(sysConfig.getConfigValue())) {
+            return;
+        }
 
-                if (new Date(accessControl.getExpireTime()).before(new Date())) {
-                    throw ExceptionResultEnum.ERROR.exception("验证码已过期");
-                }
-            }
+        List<VerifyCodeCheckDto> verifyCodeCheckDtoList = this.baseMapper.findVerifyCodeByUser(userId, mobileNumber);
+        if (verifyCodeCheckDtoList.size() < 1) {
+            throw ExceptionResultEnum.ERROR.exception("验证码无效");
+        }
+        VerifyCodeCheckDto accessControl = verifyCodeCheckDtoList.get(0);
+        if (accessControl == null || !accessControl.getVerifyCode().equals(code)) {
+            throw ExceptionResultEnum.ERROR.exception("验证码错误");
+        }
+
+        if (new Date(accessControl.getExpireTime()).before(new Date())) {
+            throw ExceptionResultEnum.ERROR.exception("验证码已过期");
         }
     }
 
     @Transactional
     @Override
     public void expiredVerifyCode(Long userId, String mobileNumber) {
-        SysConfig value = sysConfigService.getByKey("sys.code.enable");
-        if (Objects.nonNull(value) && value.getConfigValue().equals("true")) {
-            int count = this.baseMapper.updateVerifyCodeExpiredTime(userId, mobileNumber);
-            if (count != 1) {
-                throw ExceptionResultEnum.ERROR.exception("验证码过期失败");
-            }
-        }
+        this.baseMapper.updateVerifyCodeExpiredTime(userId, mobileNumber);
     }
 
     /**
@@ -1167,8 +1160,26 @@ public class SysUserServiceImpl extends ServiceImpl<SysUserMapper, SysUser> impl
     @Override
     public SysUser getByLoginName(Long schoolId, String loginName) {
         QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>();
-        queryWrapper.lambda().eq(SysUser::getSchoolId, schoolId)
-                .eq(SysUser::getLoginName, loginName);
+        LambdaQueryWrapper<SysUser> lambda = queryWrapper.lambda();
+        if (schoolId == null) {
+            lambda.isNull(SysUser::getSchoolId);
+        } else {
+            lambda.eq(SysUser::getSchoolId, schoolId);
+        }
+        lambda.eq(SysUser::getLoginName, loginName);
+        return this.getOne(queryWrapper);
+    }
+
+    @Override
+    public SysUser getByMobileNumber(Long schoolId, String mobileNumber) {
+        QueryWrapper<SysUser> queryWrapper = new QueryWrapper<>();
+        LambdaQueryWrapper<SysUser> lambda = queryWrapper.lambda();
+        if (schoolId == null) {
+            lambda.isNull(SysUser::getSchoolId);
+        } else {
+            lambda.eq(SysUser::getSchoolId, schoolId);
+        }
+        lambda.eq(SysUser::getMobileNumber, mobileNumber);
         return this.getOne(queryWrapper);
     }