用户密码加密和monitorRecord修改

themis-admin/src/main/java/com/qmth/themis/admin/api/TBUserController.java

@@ -27,7 +27,7 @@ import com.qmth.themis.common.enums.Source;
 import com.qmth.themis.common.exception.BusinessException;
 import com.qmth.themis.common.signature.SignatureInfo;
 import com.qmth.themis.common.signature.SignatureType;
-import com.qmth.themis.common.util.AesUtil;
+import com.qmth.themis.common.util.Base64Util;
 import com.qmth.themis.common.util.Result;
 import com.qmth.themis.common.util.ResultUtil;
 import io.swagger.annotations.*;
@@ -39,6 +39,7 @@ import org.springframework.transaction.annotation.Transactional;
 import org.springframework.web.bind.annotation.*;
 
 import javax.annotation.Resource;
+import java.io.UnsupportedEncodingException;
 import java.security.NoSuchAlgorithmException;
 import java.util.*;
 
@@ -87,7 +88,7 @@ public class TBUserController {
             @ApiJsonObject(name = "loginAccount", value = {@ApiJsonProperty(key = "loginName", description = "登录名"),
                     @ApiJsonProperty(key = "password", description = "密码"),
                     @ApiJsonProperty(key = "code", description = "机构代码")}) @ApiParam(value = "用户信息", required = true) @RequestBody Map<String, Object> mapParameter)
-            throws NoSuchAlgorithmException {
+            throws NoSuchAlgorithmException, UnsupportedEncodingException {
         if (Objects.isNull(mapParameter)) {
             throw new BusinessException(ExceptionResultEnum.USER_INFO_IS_NULL);
         }
@@ -145,15 +146,15 @@ public class TBUserController {
         if (Objects.nonNull(user.getOrgId()) && user.getOrgId().longValue() != tbOrg.getId().longValue()) {
             throw new BusinessException("用户机构不匹配");
         }
-        String loginPassword = AesUtil.decryptCs7(password, Constants.AES_RULE);
-        //密码错误
-        String aesPassword = AesUtil.decryptCs7(user.getPassword(), Constants.AES_RULE);
-        if (!Objects.equals(loginPassword, aesPassword)) {
+//        String loginPassword = new String(Base64Util.decode(password), Constants.CHARSET_NAME);
+//        密码错误
+//        String base64Password = new String(Base64Util.decode(user.getPassword()), Constants.CHARSET_NAME);
+        if (!Objects.equals(password, user.getPassword())) {
             throw new BusinessException(ExceptionResultEnum.PASSWORD_ERROR);
         }
         return userLoginCommon(user);
     }
-
+    
     @ApiOperation(value = "短信验证码登陆接口")
     @RequestMapping(value = "/login/verifyCode", method = RequestMethod.POST)
     @ApiResponses({@ApiResponse(code = 200, message = "用户信息", response = TBUser.class)})
@@ -224,10 +225,10 @@ public class TBUserController {
         mqDtoService.assembleSendOneWayMsg(mqDtoLog);
         //mq发送消息end
         //测试
-        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
+//        String test = SignatureInfo.build(SignatureType.TOKEN, sessionId, token);
         Map<String, Object> map = new HashMap<>();
-//        map.put(SystemConstant.ACCESS_TOKEN, token);
-        map.put(SystemConstant.ACCESS_TOKEN, test);
+        map.put(SystemConstant.ACCESS_TOKEN, token);
+//        map.put(SystemConstant.ACCESS_TOKEN, test);
         map.put(SystemConstant.ACCOUNT, user);
         map.put(SystemConstant.SESSION_ID, sessionId);
         map.put("roleCodes", authDto.getRoleCodes());

themis-admin/src/main/java/com/qmth/themis/admin/api/TEExamController.java

@@ -95,7 +95,7 @@ public class TEExamController {
         if (Objects.isNull(teExamDto.getCode()) || Objects.equals(teExamDto.getCode(), "")) {
             throw new BusinessException("批次编码不能为空");
         }
-        TEExam teExam = null;
+        TEExam teExam = new TEExam(teExamDto);
         Long oldId = null;
         String activityCode = null;
         try {
@@ -135,7 +135,6 @@ public class TEExamController {
                 teExamDto.setId(uidUtil.getId());
                 teExamDto.setCreateId(tbUser.getId());
             }
-            teExam = new TEExam(teExamDto);
             if (oldTeExam != null) {
                 teExam.setMonitorStatus(oldTeExam.getMonitorStatus());
             } else {

themis-business/src/main/java/com/qmth/themis/business/cache/bean/ExamCacheBean.java

@@ -143,8 +143,8 @@ public class ExamCacheBean implements Serializable {
 
     private Boolean monitorAudioEnable = false;//客户端监控是否启用音频与麦克风
 
-    //是否开始监控转录，0：开启，1：不开启
-    private Integer monitorRecord;
+    //是否开始监控转录，off:禁用; mix:混流转录
+    private MonitorRecordEnum monitorRecord;
 
     //是否允许使用移动端拍照答题，0：不开启，1：开启
     private Integer mobilePhotoUpload;
@@ -224,11 +224,11 @@ public class ExamCacheBean implements Serializable {
         this.monitorVideoSource = monitorVideoSource;
     }
 
-    public Integer getMonitorRecord() {
+    public MonitorRecordEnum getMonitorRecord() {
         return monitorRecord;
     }
 
-    public void setMonitorRecord(Integer monitorRecord) {
+    public void setMonitorRecord(MonitorRecordEnum monitorRecord) {
         this.monitorRecord = monitorRecord;
     }
 

themis-business/src/main/java/com/qmth/themis/business/dto/request/TEExamDto.java

@@ -164,9 +164,9 @@ public class TEExamDto extends BaseEntity {
     @TableField(value = "monitor_video_source")
     private List<String> monitorVideoSource;
 
-    @ApiModelProperty(value = "是否开始监控转录，0：开启，1：不开启")
+    @ApiModelProperty(value = "是否开始监控转录，off:禁用; mix:混流转录")
     @TableField(value = "monitor_record")
-    private Integer monitorRecord;
+    private MonitorRecordEnum monitorRecord;
 
     @ApiModelProperty(value = "算分进度")
     @TableField(value = "progress")
@@ -577,11 +577,11 @@ public class TEExamDto extends BaseEntity {
         this.monitorVideoSource = monitorVideoSource;
     }
 
-    public Integer getMonitorRecord() {
+    public MonitorRecordEnum getMonitorRecord() {
         return monitorRecord;
     }
 
-    public void setMonitorRecord(Integer monitorRecord) {
+    public void setMonitorRecord(MonitorRecordEnum monitorRecord) {
         this.monitorRecord = monitorRecord;
     }
 

themis-business/src/main/java/com/qmth/themis/business/dto/response/TBOrgDto.java

@@ -29,7 +29,7 @@ public class TBOrgDto implements Serializable {
     @ApiModelProperty(name = "机构logo")
     private String logo;//logo
 
-    @ApiModelProperty(name = "是否开启模考")
+    @ApiModelProperty(name = "是否开启模考，0：不开启，1：开启")
     private Integer enableSimulate;//是否开启模考
 
     @ApiModelProperty(name = "是否启用，0：停用，1：启用")
@@ -51,10 +51,10 @@ public class TBOrgDto implements Serializable {
     @ApiModelProperty(name = "模考试卷id")
     private Long simulatePaperId;//模考试卷id
 
-    @ApiModelProperty(name = "是否允许监控转录")
+    @ApiModelProperty(name = "是否允许监控转录，0：不允许，1：允许")
     private Integer enableMonitorRecord;//是否允许监控转录
 
-    @ApiModelProperty(name = "是否允许使用活体")
+    @ApiModelProperty(name = "是否允许使用活体，0：不允许，1：允许")
     private Integer enableLiveness;//是否允许使用活体
 
     @ApiModelProperty(name = "外部访问凭证")

themis-business/src/main/java/com/qmth/themis/business/entity/TBOrg.java

@@ -33,7 +33,7 @@ public class TBOrg extends BaseEntity {
     @TableField(value = "enable")
     private Integer enable;
 
-    @ApiModelProperty(value = "是否开启模考")
+    @ApiModelProperty(value = "是否开启模考，0：不开启，1：开启")
     @TableField(value = "enable_simulate")
     private Integer enableSimulate;
 
@@ -58,11 +58,11 @@ public class TBOrg extends BaseEntity {
     @TableField(value = "contact_phone")
     private String contactPhone;
 
-    @ApiModelProperty(value = "是否允许使用活体")
+    @ApiModelProperty(value = "是否允许使用活体，0：不允许，1：允许")
     @TableField(value = "enable_liveness")
     private Integer enableLiveness;
 
-    @ApiModelProperty(value = "是否允许监控转录")
+    @ApiModelProperty(value = "是否允许监控转录，0：不允许，1：允许")
     @TableField(value = "enable_monitor_record")
     private Integer enableMonitorRecord;
 

themis-business/src/main/java/com/qmth/themis/business/entity/TEExam.java

@@ -8,14 +8,7 @@ import com.fasterxml.jackson.databind.annotation.JsonSerialize;
 import com.fasterxml.jackson.databind.ser.std.ToStringSerializer;
 import com.qmth.themis.business.base.BaseEntity;
 import com.qmth.themis.business.dto.request.TEExamDto;
-import com.qmth.themis.business.enums.EntryAuthenticationPolicyEnum;
-import com.qmth.themis.business.enums.ExamModeEnum;
-import com.qmth.themis.business.enums.InProcessLivenessJudgePolicyEnum;
-import com.qmth.themis.business.enums.InvigilateMonitorStatusEnum;
-import com.qmth.themis.business.enums.InvigilateVerifyEnum;
-import com.qmth.themis.business.enums.ObjectiveScorePolicyEnum;
-import com.qmth.themis.business.enums.RecordSelectStrategyEnum;
-import com.qmth.themis.business.enums.ScoreStatusEnum;
+import com.qmth.themis.business.enums.*;
 
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
@@ -176,9 +169,9 @@ public class TEExam extends BaseEntity {
     @TableField(value = "monitor_video_source", updateStrategy = FieldStrategy.IGNORED)
     private String monitorVideoSource;
 
-    @ApiModelProperty(value = "是否开始监控转录，0：开启，1：不开启")
+    @ApiModelProperty(value = "是否开始监控转录，off:禁用; mix:混流转录")
     @TableField(value = "monitor_record")
-    private Integer monitorRecord;
+    private MonitorRecordEnum monitorRecord;
 
     @ApiModelProperty(value = "算分进度")
     @TableField(value = "progress")
@@ -323,11 +316,11 @@ public class TEExam extends BaseEntity {
         this.monitorVideoSource = monitorVideoSource;
     }
 
-    public Integer getMonitorRecord() {
+    public MonitorRecordEnum getMonitorRecord() {
         return monitorRecord;
     }
 
-    public void setMonitorRecord(Integer monitorRecord) {
+    public void setMonitorRecord(MonitorRecordEnum monitorRecord) {
         this.monitorRecord = monitorRecord;
     }
 

themis-business/src/main/java/com/qmth/themis/business/enums/MonitorRecordEnum.java

@@ -0,0 +1,25 @@
+package com.qmth.themis.business.enums;
+
+/**
+ * @Description: 监控转录 enum
+ * @Param:
+ * @return:
+ * @Author: wangliang
+ * @Date: 2020/11/30
+ */
+public enum MonitorRecordEnum {
+
+    OFF("禁用"),
+
+    MIX("混流转录");
+
+    private String code;
+
+    private MonitorRecordEnum(String code) {
+        this.code = code;
+    }
+
+    public String getCode() {
+        return code;
+    }
+}

themis-business/src/main/java/com/qmth/themis/business/util/AuthUtil.java

@@ -145,14 +145,14 @@ public class AuthUtil {
                                     long time,
                                     String method,
                                     String url) {
-//        if (SystemConstant.expire(time)) {
-//            log.warn("Authorization faile: time expired, server time=" + System.currentTimeMillis());
-//            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
-//        }
+        if (SystemConstant.expire(time)) {
+            log.warn("Authorization faile: time expired, server time=" + System.currentTimeMillis());
+            throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);
+        }
         //测试
-        final SignatureInfo info = SignatureInfo.parse(authorization);
+//        final SignatureInfo info = SignatureInfo.parse(authorization);
         //校验签名信息
-//        final SignatureInfo info = SignatureInfo.parse(method.toLowerCase(), url, time, authorization);
+        final SignatureInfo info = SignatureInfo.parse(method.toLowerCase(), url, time, authorization);
         if (info == null) {
             log.warn("Authorization faile: signature decode error");
             throw new BusinessException(ExceptionResultEnum.AUTHORIZATION_ERROR);

themis-common/src/main/java/com/qmth/themis/common/signature/SignatureInfo.java

@@ -104,32 +104,32 @@ public class SignatureInfo {
         return Base64Util.encode(ShaUtils.sha1(StringUtils.join(values, PARAM_JOINER)));
     }
 
-//    /**
-//     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证
-//     *
-//     * @param secret
-//     * @return
-//     */
-//    public boolean validate(String secret) {
-//        if (method != null && uri != null && timestamp >= 0 && secret != null && ciphertext != null) {
-//            return encrypt(method, uri, String.valueOf(timestamp), secret).equals(ciphertext);
-//        }
-//        return false;
-//    }
-
     /**
-     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证(测试用)
+     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证
      *
      * @param secret
      * @return
      */
     public boolean validate(String secret) {
-        if (secret != null && ciphertext != null) {
-            return encrypt(secret).equals(ciphertext);
+        if (method != null && uri != null && timestamp >= 0 && secret != null && ciphertext != null) {
+            return encrypt(method, uri, String.valueOf(timestamp), secret).equals(ciphertext);
         }
         return false;
     }
 
+//    /**
+//     * 基于解析好的签名对象，使用传入的保密信息进行签名内容验证(测试用)
+//     *
+//     * @param secret
+//     * @return
+//     */
+//    public boolean validate(String secret) {
+//        if (secret != null && ciphertext != null) {
+//            return encrypt(secret).equals(ciphertext);
+//        }
+//        return false;
+//    }
+
     /**
      * 根据标准参数构造最终的签名字符串
      *

themis-exam/src/main/java/com/qmth/themis/exam/api/TEStudentController.java

@@ -30,14 +30,12 @@ import com.qmth.themis.business.enums.SystemOperationEnum;
 import com.qmth.themis.business.enums.WebsocketStatusEnum;
 import com.qmth.themis.business.service.*;
 import com.qmth.themis.business.util.*;
-import com.qmth.themis.common.contanst.Constants;
 import com.qmth.themis.common.enums.ExceptionResultEnum;
 import com.qmth.themis.common.enums.Platform;
 import com.qmth.themis.common.enums.Source;
 import com.qmth.themis.common.exception.BusinessException;
 import com.qmth.themis.common.signature.SignatureInfo;
 import com.qmth.themis.common.signature.SignatureType;
-import com.qmth.themis.common.util.AesUtil;
 import com.qmth.themis.common.util.Result;
 import com.qmth.themis.common.util.ResultUtil;
 import com.qmth.themis.exam.config.ExamConstant;
@@ -164,10 +162,10 @@ public class TEStudentController {
             user.setBasePhotoPath(
                     ossUtil.getAliYunOssPublicDomain().getPublicUrl() + File.separator + user.getBasePhotoPath());
         }
-        String loginPassword = AesUtil.decryptCs7(password, Constants.AES_RULE);
-        //密码错误
-        String aesPassword = AesUtil.decryptCs7(user.getPassword(), Constants.AES_RULE);
-        if (!Objects.equals(loginPassword, aesPassword)) {
+//        String loginPassword = AesUtil.decryptCs7(password, Constants.AES_RULE);
+//        密码错误
+//        String aesPassword = AesUtil.decryptCs7(user.getPassword(), Constants.AES_RULE);
+        if (!Objects.equals(password, user.getPassword())) {
             throw new BusinessException(ExceptionResultEnum.PASSWORD_ERROR);
         }
         //判断是否有正在考试的