From 83a08265c37c92503b2163d6377c7ae1ce5fa55c Mon Sep 17 00:00:00 2001 From: wangw <1594593906@qq.com> Date: Tue, 16 Apr 2024 16:25:08 +0800 Subject: [PATCH] =?UTF-8?q?=E6=8E=88=E6=9D=83=E6=8F=90=E7=A4=BA=E9=97=AE?= =?UTF-8?q?=E9=A2=98?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cashierservice/config/CorsFilter.java | 2 +- .../controller/LoginContoller.java | 19 +++++++++---------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java b/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java index 7285a31..6690f7b 100644 --- a/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java +++ b/src/main/java/com/chaozhanggui/system/cashierservice/config/CorsFilter.java @@ -28,7 +28,7 @@ public class CorsFilter implements Filter { response.setHeader("Access-Control-Allow-Origin", curOrigin == null ? "true" : curOrigin); response.setHeader("Access-Control-Allow-Methods", "*"); response.setHeader("Access-Control-Max-Age", "3600"); - response.setHeader("Access-Control-Allow-Headers", "environment,type,version,token"); + response.setHeader("Access-Control-Allow-Headers", "environment,openId,type,version,token"); response.setHeader("Access-Control-Allow-Credentials", "true"); chain.doFilter(req, resp); } diff --git a/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java b/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java index c6bbeb9..1dce6f1 100644 --- a/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java +++ b/src/main/java/com/chaozhanggui/system/cashierservice/controller/LoginContoller.java @@ -15,10 +15,7 @@ import com.chaozhanggui.system.cashierservice.service.LoginService; import com.chaozhanggui.system.cashierservice.service.OnlineUserService; import com.chaozhanggui.system.cashierservice.sign.CodeEnum; import com.chaozhanggui.system.cashierservice.sign.Result; -import com.chaozhanggui.system.cashierservice.util.IpUtil; -import com.chaozhanggui.system.cashierservice.util.MD5Utils; -import com.chaozhanggui.system.cashierservice.util.StringUtil; -import com.chaozhanggui.system.cashierservice.util.TokenUtil; +import com.chaozhanggui.system.cashierservice.util.*; import com.chaozhanggui.system.cashierservice.wxUtil.WechatUtil; import lombok.extern.slf4j.Slf4j; import org.apache.commons.codec.digest.DigestUtils; @@ -158,13 +155,14 @@ public class LoginContoller { String encryptedData = map.get("encryptedData"); String ivStr = map.get("iv"); - + if (StringUtils.isBlank(encryptedData) || StringUtils.isBlank(ivStr)) { + return Result.fail("请授权后使用"); + } JSONObject SessionKeyOpenId = WechatUtil.getSessionKeyOrOpenId(code, customAppId, customSecrete); // 3.接收微信接口服务 获取返回的参数 String openid = SessionKeyOpenId.getString("openid"); String sessionKey = SessionKeyOpenId.getString("session_key"); - String data = WxMaCryptUtils.decrypt(sessionKey, encryptedData, ivStr); if (ObjectUtil.isNotEmpty(data) && JSONObject.parseObject(data).containsKey("phoneNumber")) { return Result.success(CodeEnum.SUCCESS, JSONObject.parseObject(data).get("phoneNumber")); @@ -253,15 +251,16 @@ public class LoginContoller { /** * App登录用户端的请求接口 登录即注册 * 查看 {@link com.chaozhanggui.system.cashierservice.entity.dto.AuthUserDto} - * username 手机号 - * password 密码登录时使用 - * code 验证码登录时使用 + * username 手机号 + * password 密码登录时使用 + * code 验证码登录时使用 + * * @return */ @PostMapping("/app/login") public Result applogin(@RequestBody AuthUserDto authUserDto) { if (ObjectUtil.isNull(authUserDto.getCode())) { - if(StringUtils.isBlank(authUserDto.getPassword())){ + if (StringUtils.isBlank(authUserDto.getPassword())) { return Result.fail("请输入密码,或使用验证码登录"); } //验证密码