授权提示问题

2024-04-16 16:25:08 +08:00 · 2024-04-16 16:25:08 +08:00 · 83a08265c3
parent 8458da333f
commit 83a08265c3
2 changed files with 10 additions and 11 deletions
--- a/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java
+++ b/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java
@ -28,7 +28,7 @@ public class CorsFilter implements Filter {
        response.setHeader("Access-Control-Allow-Origin", curOrigin == null ? "true" : curOrigin);
        response.setHeader("Access-Control-Allow-Methods", "*");
        response.setHeader("Access-Control-Max-Age", "3600");
-        response.setHeader("Access-Control-Allow-Headers", "environment,type,version,token");
+        response.setHeader("Access-Control-Allow-Headers", "environment,openId,type,version,token");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        chain.doFilter(req, resp);
    }
--- a/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java
+++ b/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java
@ -15,10 +15,7 @@ import com.chaozhanggui.system.cashierservice.service.LoginService;
 import com.chaozhanggui.system.cashierservice.service.OnlineUserService;
 import com.chaozhanggui.system.cashierservice.sign.CodeEnum;
 import com.chaozhanggui.system.cashierservice.sign.Result;
-import com.chaozhanggui.system.cashierservice.util.IpUtil;
-import com.chaozhanggui.system.cashierservice.util.MD5Utils;
-import com.chaozhanggui.system.cashierservice.util.StringUtil;
-import com.chaozhanggui.system.cashierservice.util.TokenUtil;
+import com.chaozhanggui.system.cashierservice.util.*;
 import com.chaozhanggui.system.cashierservice.wxUtil.WechatUtil;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.digest.DigestUtils;
@ -158,13 +155,14 @@ public class LoginContoller {
        String encryptedData = map.get("encryptedData");

        String ivStr = map.get("iv");
-
+        if (StringUtils.isBlank(encryptedData) || StringUtils.isBlank(ivStr)) {
+            return Result.fail("请授权后使用");
+        }

        JSONObject SessionKeyOpenId = WechatUtil.getSessionKeyOrOpenId(code, customAppId, customSecrete);
        // 3.接收微信接口服务 获取返回的参数
        String openid = SessionKeyOpenId.getString("openid");
        String sessionKey = SessionKeyOpenId.getString("session_key");
-
        String data = WxMaCryptUtils.decrypt(sessionKey, encryptedData, ivStr);
        if (ObjectUtil.isNotEmpty(data) && JSONObject.parseObject(data).containsKey("phoneNumber")) {
            return Result.success(CodeEnum.SUCCESS, JSONObject.parseObject(data).get("phoneNumber"));
@ -253,15 +251,16 @@ public class LoginContoller {
    /**
     * App登录用户端的请求接口 登录即注册
     * 查看 {@link com.chaozhanggui.system.cashierservice.entity.dto.AuthUserDto}
-     *  username 手机号
-     *  password 密码登录时使用
-     *  code 验证码登录时使用
+     * username 手机号
+     * password 密码登录时使用
+     * code 验证码登录时使用
+     *
     * @return
     */
    @PostMapping("/app/login")
    public Result applogin(@RequestBody AuthUserDto authUserDto) {
        if (ObjectUtil.isNull(authUserDto.getCode())) {
-            if(StringUtils.isBlank(authUserDto.getPassword())){
+            if (StringUtils.isBlank(authUserDto.getPassword())) {
                return Result.fail("请输入密码，或使用验证码登录");
            }
            //验证密码