接口登录态验证

happy-boot-module-flexjob/src/main/java/org/jeecg/modules/api/hwuser/HwUserControllerAPI.java

@@ -7,6 +7,7 @@ import org.jeecg.common.oss.OSSConfig;
 import org.jeecg.common.util.ErrorCode;
 import org.jeecg.modules.api.sys.BaseAppController;
 import org.jeecg.modules.hwuser.service.IHwUserService;
+import org.jeecg.modules.util.TokenUtil;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.ModelAndView;
@@ -127,11 +128,17 @@ public class HwUserControllerAPI extends BaseAppController {
     public ModelAndView getOcrKey(HttpServletRequest request, HttpServletResponse response) {
         Map<String, Object> returnMap = new HashMap<String, Object>();
         Map<String, Object> obj = null;
+        String userId = request.getParameter("user_id");
+        String userToken = request.getParameter("user_token");
         try {
-            returnMap.put("secretId", secretId);
-            returnMap.put("secretKey", secretKey);
-            obj = successResult(ErrorCode.code_1000, "获取ocr秘钥成功", returnMap);
-
+            //验证用户合法性
+            if (TokenUtil.validateToken(userId, userToken)) {
+                returnMap.put("secretId", secretId);
+                returnMap.put("secretKey", secretKey);
+                obj = successResult(ErrorCode.code_1000, "获取ocr秘钥成功", returnMap);
+            } else {
+                obj = errorResult(ErrorCode.code_2008, "获取ocr秘钥失败");
+            }
         } catch (Exception e) {
             System.out.println("Exception e:" + e);
             e.printStackTrace();

happy-boot-module-flexjob/src/main/java/org/jeecg/modules/hwuser/service/impl/HwUserServiceImpl.java

@@ -879,47 +879,53 @@ public class HwUserServiceImpl extends ServiceImpl<HwUserMapper, HwUser> impleme
         String type = request.getParameter("upType");
         String userId = request.getParameter("userId");
         HwUser hwmUser = this.getById(userId);
+        String userToken = request.getParameter("user_token");
         String path = "/hwuser/index";
-        if (org.apache.commons.lang3.StringUtils.isNotBlank(type)) {
-            switch (type) {
-                case "0":
-                    //基本资料
-                    path = "/hwuser/resume";
-                    break;
-                case "1":
-                    //身份证正面
-                    path = "/hwuser/idcard/front";
-                    break;
-                case "2":
-                    //身份证反面
-                    path = "/hwuser/idcard/back";
-                    break;
-                case "3":
-                    //手持身份证
-                    path = "/hwuser/idcard/hold";
-                    break;
-                default:
-                    path = "/hwuser/index";
-                    break;
+        //验证用户合法性
+        if (TokenUtil.validateToken(userId, userToken)) {
+            if (org.apache.commons.lang3.StringUtils.isNotBlank(type)) {
+                switch (type) {
+                    case "0":
+                        //基本资料
+                        path = "/hwuser/resume";
+                        break;
+                    case "1":
+                        //身份证正面
+                        path = "/hwuser/idcard/front";
+                        break;
+                    case "2":
+                        //身份证反面
+                        path = "/hwuser/idcard/back";
+                        break;
+                    case "3":
+                        //手持身份证
+                        path = "/hwuser/idcard/hold";
+                        break;
+                    default:
+                        path = "/hwuser/index";
+                        break;
+                }
             }
-        }
-        //上传调用
-        try {
-            if (request instanceof MultipartHttpServletRequest) {
-                Result<?> result = this.webupload(request, "file", hwmUser, path);
-                if (result.isSuccess()) {
-                    resultImg.put("imgUrl", result.getResult().toString());
+            //上传调用
+            try {
+                if (request instanceof MultipartHttpServletRequest) {
+                    Result<?> result = this.webupload(request, "file", hwmUser, path);
+                    if (result.isSuccess()) {
+                        resultImg.put("imgUrl", result.getResult().toString());
+                    } else {
+                        log.info("imgUpload========{}", result.getMessage());
+                        resultImg.put("success","1004");
+                    }
                 } else {
-                    log.info("imgUpload========{}", result.getMessage());
+                    log.info("imgUpload========没有文件上传");
                     resultImg.put("success","1004");
                 }
-            } else {
-                log.info("imgUpload========没有文件上传");
+            } catch (Exception e) {
+                e.printStackTrace();
                 resultImg.put("success","1004");
             }
-        } catch (Exception e) {
-            e.printStackTrace();
-            resultImg.put("success","1004");
+        }else{
+            resultImg.put("success", "1004");
         }
         return resultImg;
     }
@@ -940,73 +946,80 @@ public class HwUserServiceImpl extends ServiceImpl<HwUserMapper, HwUser> impleme
         String name = request.getParameter("name");
         String setIdcardFront = request.getParameter("setIdcardFront");
         String setIdcardBack = request.getParameter("setIdcardBack");
-        try {
-            // 身份证号是否已存在
-            QueryWrapper<HwUser> queryWrapper = new QueryWrapper<>();
-            queryWrapper.eq("idcard_number", idcardNumber);
-            queryWrapper.ne("id", id);
-            int count =count(queryWrapper);
-            if (count > 0) {
-                resultImg.put("success","2010");
-                return resultImg;
-            }
-            // 验证实名信息
-            boolean ok = txIdentityUtils.IdCardVerification(name, idcardNumber);
-            if (!ok) {
-                resultImg.put("success","2010");
-                return resultImg;
-            }
-            HwUser hwmUser = this.getById(id);
-            hwmUser.setName(name);
-            hwmUser.setIdcardNumber(idcardNumber);
-            hwmUser.setGender(BirthUtils.getSex(idcardNumber));
-            hwmUser.setIdcardFront(setIdcardFront);
-            hwmUser.setIdcardBack(setIdcardBack);
-            hwmUser.setAuthenticationTime(new Date());
-            hwmUser.setAuthenticationStatus(1);
-            this.updateById(hwmUser);
-            // 同步慧盈
-            String requestUrl = OauthApi.USER_EDIT;
-            Map<String, Object> parameters = new HashMap<>();
-            parameters.put("name", hwmUser.getName());
-            parameters.put("idcardNumber", hwmUser.getIdcardNumber());
-            parameters.put("userCode", hwmUser.getUserCode());
-            parameters.put("updateBy", hwmUser.getName());
-            String idcardPicture = "";
-            if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardFront())) {
-                if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardBack())) {
-                    idcardPicture = hwmUser.getIdcardFront() + "," + hwmUser.getIdcardBack();
-                } else {
-                    idcardPicture = hwmUser.getIdcardFront();
+        String userId = request.getParameter("user_id");
+        String userToken = request.getParameter("user_token");
+        //验证用户合法性
+        if (TokenUtil.validateToken(userId, userToken)) {
+            try {
+                // 身份证号是否已存在
+                QueryWrapper<HwUser> queryWrapper = new QueryWrapper<>();
+                queryWrapper.eq("idcard_number", idcardNumber);
+                queryWrapper.ne("id", id);
+                int count =count(queryWrapper);
+                if (count > 0) {
+                    resultImg.put("success","2010");
+                    return resultImg;
                 }
-            } else {
-                if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardBack())) {
-                    idcardPicture = hwmUser.getIdcardBack();
+                // 验证实名信息
+                boolean ok = txIdentityUtils.IdCardVerification(name, idcardNumber);
+                if (!ok) {
+                    resultImg.put("success","2010");
+                    return resultImg;
+                }
+                HwUser hwmUser = this.getById(id);
+                hwmUser.setName(name);
+                hwmUser.setIdcardNumber(idcardNumber);
+                hwmUser.setGender(BirthUtils.getSex(idcardNumber));
+                hwmUser.setIdcardFront(setIdcardFront);
+                hwmUser.setIdcardBack(setIdcardBack);
+                hwmUser.setAuthenticationTime(new Date());
+                hwmUser.setAuthenticationStatus(1);
+                this.updateById(hwmUser);
+                // 同步慧盈
+                String requestUrl = OauthApi.USER_EDIT;
+                Map<String, Object> parameters = new HashMap<>();
+                parameters.put("name", hwmUser.getName());
+                parameters.put("idcardNumber", hwmUser.getIdcardNumber());
+                parameters.put("userCode", hwmUser.getUserCode());
+                parameters.put("updateBy", hwmUser.getName());
+                String idcardPicture = "";
+                if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardFront())) {
+                    if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardBack())) {
+                        idcardPicture = hwmUser.getIdcardFront() + "," + hwmUser.getIdcardBack();
+                    } else {
+                        idcardPicture = hwmUser.getIdcardFront();
+                    }
                 } else {
-                    idcardPicture = null;
+                    if (org.apache.commons.lang3.StringUtils.isNotBlank(hwmUser.getIdcardBack())) {
+                        idcardPicture = hwmUser.getIdcardBack();
+                    } else {
+                        idcardPicture = null;
+                    }
                 }
-            }
-            parameters.put("idcardPicture", idcardPicture);
-            log.info("param============{}", JSONObject.toJSONString(parameters));
-            //数据加密
-            String biz_content = CryptTool.encode(JSONObject.toJSONString(parameters));
-            JSONObject jsonObject = OauthTokenUtils.doRequest(requestUrl, HttpsContants.POST, biz_content, "");
-            log.info("用户-编辑===={}", jsonObject);
-            if (jsonObject != null) {
-                if (jsonObject.getBoolean("success")) {
-                    log.info("用户-编辑成功===={}", jsonObject);
+                parameters.put("idcardPicture", idcardPicture);
+                log.info("param============{}", JSONObject.toJSONString(parameters));
+                //数据加密
+                String biz_content = CryptTool.encode(JSONObject.toJSONString(parameters));
+                JSONObject jsonObject = OauthTokenUtils.doRequest(requestUrl, HttpsContants.POST, biz_content, "");
+                log.info("用户-编辑===={}", jsonObject);
+                if (jsonObject != null) {
+                    if (jsonObject.getBoolean("success")) {
+                        log.info("用户-编辑成功===={}", jsonObject);
+                    } else {
+                        log.info("用户-编辑失败===={}", jsonObject);
+                        //抛出异常，事务回滚
+                        throw new JeecgBootException("认证失败");
+                    }
                 } else {
                     log.info("用户-编辑失败===={}", jsonObject);
-                    //抛出异常，事务回滚
                     throw new JeecgBootException("认证失败");
                 }
-            } else {
-                log.info("用户-编辑失败===={}", jsonObject);
-                throw new JeecgBootException("认证失败");
+            } catch (Exception e) {
+                e.printStackTrace();
+                resultImg.put("success","1004");
             }
-        } catch (Exception e) {
-            e.printStackTrace();
-            resultImg.put("success","1004");
+        } else {
+            resultImg.put("success", "1004");
         }
         return resultImg;
     }