- 后端:User 模块,接入统一的 OAuth2 服务

This commit is contained in:
YunaiV 2019-05-17 00:35:42 +08:00
parent be94f29791
commit 68027b9f16
28 changed files with 229 additions and 178 deletions

View File

@ -14,11 +14,11 @@
- [x] 发布商品
- [x] 商品列表
- [x] 展示类目
- [ ] 品牌管理【待认领
- [ ] 品牌管理【开发中 @黑子
- [ ] 订单管理
- [ ] 销售单 开发中
- [ ] 售后单 开发中
- [ ] 订单评价【开发中】
- [ ] 订单评价【开发中 @wang171776704
- [ ] 会员管理
- [ ] 会员资料 20%【待认领】
- TODO 需要补充
@ -33,8 +33,10 @@
- [ ] 系统管理
- [x] 员工管理
- [x] 角色管理 <!--【前端页面需要细化下】-->
- [ ] 权限管理
- [ ] 短信管理
- [x] 权限管理 <!--【前端页面需要细化下】-->
- [ ] 部门管理【待认领】
- [x] 数据字典
- [ ] 短信管理【开发中 @小范
- [ ] 短信模板
- [ ] 发送日志
- [ ] 员工操作日志

View File

@ -69,7 +69,7 @@ export default {
let that = this;
let response = doPassportMobileRegister(this.mobile, this.code);
response.then(data => {
setLoginToken(data.accessToken, data.refreshToken);
setLoginToken(data.token.accessToken, data.token.refreshToken);
Dialog.alert({
title: '系统提示',
message: '登陆成功',

View File

@ -17,7 +17,7 @@ import java.util.Map;
public interface AdminService {
/**
* 用户认证认证成功后返回认证信息
* 管理员认证认证成功后返回认证信息
*
* 实际上就是用户名 + 密码登陆
*

View File

@ -20,6 +20,8 @@ public interface OAuth2Service {
// TODO @see 刷新 token
void removeToken(Integer userId); // TODO 需要优化
/**
* 通过 accessToken 获得身份信息
*

View File

@ -5,10 +5,12 @@ import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import lombok.experimental.Accessors;
import java.io.Serializable;
@ApiModel("OAUTH2 认证 BO")
@Data
@Accessors(chain = true)
public class OAuth2AuthenticationBO {
public class OAuth2AuthenticationBO implements Serializable {
@ApiModelProperty(value = "用户编号", required = true, example = "1")
private Integer userId;

View File

@ -8,11 +8,12 @@ import lombok.Data;
import lombok.experimental.Accessors;
import javax.validation.constraints.NotNull;
import java.io.Serializable;
@ApiModel("OAuth2 创建 Token DTO")
@Data
@Accessors(chain = true)
public class OAuth2CreateTokenDTO {
public class OAuth2CreateTokenDTO implements Serializable {
@ApiModelProperty(value = "用户编号", required = true, example = "1")
@NotNull(message = "用户编号不能为空")

View File

@ -9,11 +9,12 @@ import lombok.experimental.Accessors;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.io.Serializable;
@ApiModel("OAuth2 身份验证 DTO")
@Data
@Accessors(chain = true)
public class OAuth2GetTokenDTO {
public class OAuth2GetTokenDTO implements Serializable {
@ApiModelProperty(value = "accessToken", required = true, example = "001e8f49b20e47f7b3a2de774497cd50")
@NotEmpty(message = "accessToken 不能为空")

View File

@ -64,6 +64,7 @@ public class OAuth2ServiceImpl implements OAuth2Service {
*
* @param adminId 管理员编号
*/
@Override
@Transactional
public void removeToken(Integer adminId) {
// 设置 access token 失效

View File

@ -1,9 +1,9 @@
package cn.iocoder.mall.admin.service;
import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.mall.admin.api.SmsPlatform;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import cn.iocoder.mall.admin.api.constant.SmsApplyStatusEnum;
import cn.iocoder.mall.admin.api.exception.SmsFailException;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
@ -104,7 +104,7 @@ public class SmsYunPianPlatform implements SmsPlatform {
String result = post(URL_SIGN_ADD, params);
JSONObject jsonObject = JSON.parseObject(result);
if (!(jsonObject.getInteger("code") == SUCCESS_CODE)) {
throw new SmsFailException(AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getCode(),
throw new ServiceException(AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getCode(),
AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getMessage());
}
@ -124,13 +124,13 @@ public class SmsYunPianPlatform implements SmsPlatform {
JSONObject jsonObject = JSON.parseObject(result);
if (!(jsonObject.getInteger("code") == SUCCESS_CODE)) {
throw new SmsFailException(AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getCode(),
throw new ServiceException(AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getCode(),
AdminErrorCodeEnum.SMS_SIGN_ADD_FAIL.getMessage());
}
JSONArray jsonArray = jsonObject.getJSONArray("sign");
if (jsonArray.size() <= 0) {
throw new SmsFailException(AdminErrorCodeEnum.SMS_SIGN_NOT_EXISTENT.getCode(),
throw new ServiceException(AdminErrorCodeEnum.SMS_SIGN_NOT_EXISTENT.getCode(),
AdminErrorCodeEnum.SMS_SIGN_NOT_EXISTENT.getMessage());
}
@ -151,7 +151,7 @@ public class SmsYunPianPlatform implements SmsPlatform {
JSONObject jsonObject = JSON.parseObject(result);
if (!(jsonObject.getInteger("code") == SUCCESS_CODE)) {
throw new SmsFailException(AdminErrorCodeEnum.SMS_SIGN_UPDATE_FAIL.getCode(),
throw new ServiceException(AdminErrorCodeEnum.SMS_SIGN_UPDATE_FAIL.getCode(),
AdminErrorCodeEnum.SMS_SIGN_UPDATE_FAIL.getMessage());
}

View File

@ -5,13 +5,13 @@ import cn.iocoder.mall.user.api.MobileCodeService;
import cn.iocoder.mall.user.api.OAuth2Service;
import cn.iocoder.mall.user.api.UserService;
import cn.iocoder.mall.user.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.user.api.bo.user.UserAuthenticationBO;
import cn.iocoder.mall.user.api.dto.user.UserAuthenticationByMobileCodeDTO;
import cn.iocoder.mall.user.application.convert.PassportConvert;
import cn.iocoder.mall.user.application.vo.users.UsersAccessTokenVO;
import cn.iocoder.mall.user.application.vo.users.UsersMobileRegisterVO;
import cn.iocoder.mall.user.sdk.annotation.PermitAll;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiImplicitParam;
import io.swagger.annotations.ApiImplicitParams;
import io.swagger.annotations.ApiOperation;
import org.apache.dubbo.config.annotation.Reference;
import org.springframework.web.bind.annotation.PostMapping;
@ -43,14 +43,8 @@ public class PassportController {
@PermitAll
@PostMapping("/mobile/register")
@ApiOperation(value = "手机号 + 验证码登陆(注册)", notes = "如果手机对应的账号不存在,则会自动创建")
@ApiImplicitParams({
@ApiImplicitParam(name = "mobile", value = "手机号", required = true, example = "15601691300"),
@ApiImplicitParam(name = "code", value = "验证码", required = true, example = "9999")
})
public CommonResult<UsersMobileRegisterVO> mobileRegister(@RequestParam("mobile") String mobile,
@RequestParam("code") String code) {
OAuth2AccessTokenBO result = oauth2Service.getAccessToken(mobile, code);
return success(PassportConvert.INSTANCE.convert(result));
public CommonResult<UserAuthenticationBO> mobileRegister(UserAuthenticationByMobileCodeDTO userAuthenticationByMobileCodeDTO) {
return success(userService.authenticationByMobileCode(userAuthenticationByMobileCodeDTO));
}
@PermitAll

View File

@ -1,18 +1,18 @@
package cn.iocoder.mall.user.sdk.context;
import lombok.Data;
import lombok.experimental.Accessors;
/**
* User Security 上下文
*/
@Data
@Accessors(chain = true)
public class UserSecurityContext {
private final Integer userId;
/**
* 用户编号
*/
private Integer userId;
public UserSecurityContext(Integer userId) {
this.userId = userId;
}
public Integer getUserId() {
return userId;
}
}
}

View File

@ -17,7 +17,7 @@ public class UserSecurityContextHolder {
UserSecurityContext ctx = SECURITY_CONTEXT.get();
// 为空时设置一个空的进去
if (ctx == null) {
ctx = new UserSecurityContext(null);
ctx = new UserSecurityContext();
SECURITY_CONTEXT.set(ctx);
}
return ctx;

View File

@ -1,11 +1,14 @@
package cn.iocoder.mall.user.sdk.interceptor;
import cn.iocoder.common.framework.constant.MallConstants;
import cn.iocoder.common.framework.constant.UserTypeEnum;
import cn.iocoder.common.framework.exception.ServiceException;
import cn.iocoder.common.framework.util.HttpUtil;
import cn.iocoder.common.framework.util.MallUtil;
import cn.iocoder.mall.user.api.OAuth2Service;
import cn.iocoder.mall.user.api.bo.OAuth2AuthenticationBO;
import cn.iocoder.common.framework.util.StringUtil;
import cn.iocoder.mall.admin.api.OAuth2Service;
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AuthenticationBO;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2GetTokenDTO;
import cn.iocoder.mall.user.sdk.annotation.PermitAll;
import cn.iocoder.mall.user.sdk.context.UserSecurityContext;
import cn.iocoder.mall.user.sdk.context.UserSecurityContextHolder;
@ -18,40 +21,55 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
/**
* 安全拦截器
* User 安全拦截器
*/
@Component
public class UserSecurityInterceptor extends HandlerInterceptorAdapter {
@Reference(validation = "true", version = "${dubbo.provider.OAuth2Service.version:1.0.0}")
@Reference(validation = "true", version = "${dubbo.consumer.OAuth2Service.version:1.0.0}")
private OAuth2Service oauth2Service;
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
// 设置当前访问的用户类型注意即使未登陆我们也认为是用户
MallUtil.setUserType(request, MallConstants.USER_TYPE_USER);
// 校验访问令牌是否正确若正确返回授权信息
MallUtil.setUserType(request, UserTypeEnum.USER.getValue());
// 根据 accessToken 获得认证信息判断是谁
String accessToken = HttpUtil.obtainAuthorization(request);
OAuth2AuthenticationBO authentication = null;
if (accessToken != null) {
authentication = oauth2Service.checkToken(accessToken); // TODO 芋艿如果访问的地址无需登录这里也不用抛异常
// 添加到 SecurityContext
UserSecurityContext context = new UserSecurityContext(authentication.getUserId());
UserSecurityContextHolder.setContext(context);
// 同时也记录管理员编号到 AdminAccessLogInterceptor 因为
// AdminAccessLogInterceptor 需要在 AdminSecurityInterceptor 之前执行这样记录的访问日志才健全
// AdminSecurityInterceptor 执行后会移除 AdminSecurityContext 信息这就导致 AdminAccessLogInterceptor 无法获得管理员编号
// 因此这里需要进行记录
if (authentication.getUserId() != null) {
MallUtil.setUserId(request, authentication.getUserId());
ServiceException serviceException = null;
if (StringUtil.hasText(accessToken)) {
try {
authentication = oauth2Service.getAuthentication(new OAuth2GetTokenDTO().setAccessToken(accessToken)
.setUserType(UserTypeEnum.USER.getValue()));
} catch (ServiceException e) {
serviceException = e;
}
}
// 校验是否需要已授权
// 进行鉴权
HandlerMethod method = (HandlerMethod) handler;
boolean isPermitAll = method.hasMethodAnnotation(PermitAll.class);
if (!isPermitAll && authentication == null) {
throw new ServiceException(-1, "未授权"); // TODO 这里要改下
if (!isPermitAll) { // 如果需要鉴权
if (serviceException != null) { // 认证失败抛出上面认证失败的 ServiceException 异常
throw serviceException;
}
if (authentication == null) { // 无认证信息抛出未登陆 ServiceException 异常
throw new ServiceException(AdminErrorCodeEnum.OAUTH2_NOT_LOGIN.getCode(), AdminErrorCodeEnum.OAUTH2_NOT_LOGIN.getMessage());
}
// TODO 芋艿后续拓展读取用户信息
}
// 鉴权完成初始化 AdminSecurityContext 上下文
UserSecurityContext context = new UserSecurityContext();
UserSecurityContextHolder.setContext(context);
if (authentication != null) {
context.setUserId(authentication.getUserId());
MallUtil.setUserId(request, authentication.getUserId()); // 记录到 request 避免 AdminSecurityContext 后续清理掉后其它地方需要用到 userId
// TODO 芋艿后续拓展读取用户信息
}
// 返回成功
return super.preHandle(request, response, handler);
}

View File

@ -17,6 +17,11 @@
<artifactId>common-framework</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>cn.iocoder.mall</groupId>
<artifactId>system-service-api</artifactId>
<version>1.0-SNAPSHOT</version>
</dependency>
<!-- 工具类相关 -->
<dependency>

View File

@ -4,10 +4,9 @@ package cn.iocoder.mall.user.api;
import cn.iocoder.mall.user.api.bo.OAuth2AccessTokenBO;
import cn.iocoder.mall.user.api.bo.OAuth2AuthenticationBO;
@Deprecated
public interface OAuth2Service {
OAuth2AccessTokenBO getAccessToken(String mobile, String code);
/**
* 校验访问令牌获取身份信息( 不包括 accessToken 等等 )
*

View File

@ -2,6 +2,7 @@ package cn.iocoder.mall.user.api;
import cn.iocoder.mall.user.api.dto.UserAccessLogAddDTO;
@Deprecated
public interface UserAccessLogService {
void addUserAccessLog(UserAccessLogAddDTO userAccessLogAddDTO);

View File

@ -2,13 +2,17 @@ package cn.iocoder.mall.user.api;
import cn.iocoder.common.framework.constant.CommonStatusEnum;
import cn.iocoder.common.framework.validator.InEnum;
import cn.iocoder.mall.user.api.bo.user.UserAuthenticationBO;
import cn.iocoder.mall.user.api.bo.UserBO;
import cn.iocoder.mall.user.api.bo.UserPageBO;
import cn.iocoder.mall.user.api.dto.UserPageDTO;
import cn.iocoder.mall.user.api.dto.UserUpdateDTO;
import cn.iocoder.mall.user.api.dto.user.UserAuthenticationByMobileCodeDTO;
public interface UserService {
UserAuthenticationBO authenticationByMobileCode(UserAuthenticationByMobileCodeDTO userAuthenticationByMobileCodeDTO);
UserPageBO getUserPage(UserPageDTO userPageDTO);
UserBO getUser(Integer userId);

View File

@ -0,0 +1,22 @@
package cn.iocoder.mall.user.api.bo.user;
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AccessTokenBO;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import lombok.experimental.Accessors;
@ApiModel("用户认证 BO")
@Data
@Accessors(chain = true)
public class UserAuthenticationBO {
@ApiModelProperty(value = "用户编号", required = true, example = "1")
private Integer id;
@ApiModelProperty(value = "昵称", required = true, example = "小王")
private String nickname;
private OAuth2AccessTokenBO token;
}

View File

@ -0,0 +1,29 @@
package cn.iocoder.mall.user.api.dto.user;
import io.swagger.annotations.ApiModel;
import io.swagger.annotations.ApiModelProperty;
import lombok.Data;
import lombok.experimental.Accessors;
import org.hibernate.validator.constraints.Length;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.Pattern;
@ApiModel("用户认证 DTO")
@Data
@Accessors(chain = true)
public class UserAuthenticationByMobileCodeDTO {
@ApiModelProperty(value = "手机号", required = true, example = "15601691300")
@NotEmpty(message = "手机号不能为空")
@Length(min = 11, max = 11, message = "账号长度为 11 位")
@Pattern(regexp = "^[0-9]+$", message = "手机号必须都是数字")
private String mobile;
@ApiModelProperty(value = "手机验证码", required = true, example = "1024")
@NotEmpty(message = "手机验证码不能为空")
@Length(min = 4, max = 6, message = "手机验证码长度为 4-6 位")
@Pattern(regexp = "^[0-9]+$", message = "手机验证码必须都是数字")
private String code;
}

View File

@ -1,8 +1,9 @@
package cn.iocoder.mall.user.biz.convert;
import cn.iocoder.mall.user.biz.dataobject.UserDO;
import cn.iocoder.mall.user.api.bo.user.UserAuthenticationBO;
import cn.iocoder.mall.user.api.bo.UserBO;
import cn.iocoder.mall.user.api.dto.UserUpdateDTO;
import cn.iocoder.mall.user.biz.dataobject.UserDO;
import org.mapstruct.Mapper;
import org.mapstruct.Mappings;
import org.mapstruct.factory.Mappers;
@ -17,10 +18,13 @@ public interface UserConvert {
@Mappings({})
UserBO convert(UserDO userDO);
@Mappings({})
UserAuthenticationBO convert2(UserDO userDO);
@Mappings({})
UserDO convert(UserUpdateDTO userUpdateDTO);
@Mappings({})
List<UserBO> convert(List<UserDO> userDOs);
}
}

View File

@ -1,19 +1,12 @@
package cn.iocoder.mall.user.biz.dao;
import cn.iocoder.mall.user.biz.dataobject.MobileCodeDO;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import org.springframework.stereotype.Repository;
@Repository // 实际不加也没问entity就是不想 IDEA 那看到有个报错
public interface MobileCodeMapper {
void insert(MobileCodeDO entity);
/**
* 更新手机验证码
*
* @param entity 更新信息
*/
void update(MobileCodeDO entity);
public interface MobileCodeMapper extends BaseMapper<MobileCodeDO> {
/**
* 获得手机号的最后一个手机验证码
@ -21,6 +14,12 @@ public interface MobileCodeMapper {
* @param mobile 手机号
* @return 手机验证码
*/
MobileCodeDO selectLast1ByMobile(String mobile);
default MobileCodeDO selectLast1ByMobile(String mobile) {
QueryWrapper<MobileCodeDO> query = new QueryWrapper<MobileCodeDO>()
.eq("mobile", mobile)
.orderByDesc("id")
.last("limit 1");
return selectOne(query);
}
}
}

View File

@ -1,14 +1,17 @@
package cn.iocoder.mall.user.biz.dataobject;
import cn.iocoder.common.framework.dataobject.BaseDO;
import com.baomidou.mybatisplus.annotation.TableName;
import lombok.Data;
import lombok.experimental.Accessors;
import java.util.Date;
// TODO 优化IP
@TableName("mobile_code")
@Data
@Accessors(chain = true)
public class MobileCodeDO {
public class MobileCodeDO extends BaseDO {
/**
* 编号
@ -34,10 +37,6 @@ public class MobileCodeDO {
* 注册的用户编号
*/
private Integer usedUserId;
/**
* 创建时间
*/
private Date createTime;
/**
* 使用时间
*/

View File

@ -50,21 +50,21 @@ public class MobileCodeServiceImpl implements MobileCodeService {
*/
public MobileCodeDO validLastMobileCode(String mobile, String code) {
// TODO: 2019-04-09 Sin 暂时先忽略掉验证码校验
return new MobileCodeDO().setCode(code).setCreateTime(new Date()).setId(1);
// MobileCodeDO mobileCodePO = mobileCodeMapper.selectLast1ByMobile(mobile);
// if (mobileCodePO == null) { // 若验证码不存在抛出异常
// throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_FOUND.getCode());
// }
// if (System.currentTimeMillis() - mobileCodePO.getCreateTime().getTime() >= codeExpireTimes) { // 验证码已过期
// throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_EXPIRED.getCode());
// }
// if (mobileCodePO.getUsed()) { // 验证码已使用
// throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_USED.getCode());
// }
// if (!mobileCodePO.getCode().equals(code)) {
// throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_CORRECT.getCode());
// }
// return mobileCodePO;
// return new MobileCodeDO().setCode(code).setCreateTime(new Date()).setId(1);
MobileCodeDO mobileCodePO = mobileCodeMapper.selectLast1ByMobile(mobile);
if (mobileCodePO == null) { // 若验证码不存在抛出异常
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_FOUND.getCode());
}
if (System.currentTimeMillis() - mobileCodePO.getCreateTime().getTime() >= codeExpireTimes) { // 验证码已过期
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_EXPIRED.getCode());
}
if (mobileCodePO.getUsed()) { // 验证码已使用
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_USED.getCode());
}
if (!mobileCodePO.getCode().equals(code)) {
throw ServiceExceptionUtil.exception(UserErrorCodeEnum.MOBILE_CODE_NOT_CORRECT.getCode());
}
return mobileCodePO;
}
/**
@ -75,7 +75,7 @@ public class MobileCodeServiceImpl implements MobileCodeService {
*/
public void useMobileCode(Integer id, Integer userId) {
MobileCodeDO update = new MobileCodeDO().setId(id).setUsed(true).setUsedUserId(userId).setUsedTime(new Date());
mobileCodeMapper.update(update);
mobileCodeMapper.updateById(update);
}
// TODO 芋艿后面要返回有效时间
@ -99,7 +99,8 @@ public class MobileCodeServiceImpl implements MobileCodeService {
MobileCodeDO newMobileCodePO = new MobileCodeDO().setMobile(mobile)
.setCode("9999") // TODO 芋艿随机 4 位验证码 or 6 位验证码
.setTodayIndex(lastMobileCodePO != null ? lastMobileCodePO.getTodayIndex() : 1)
.setUsed(false).setCreateTime(new Date());
.setUsed(false);
newMobileCodePO.setCreateTime(new Date());
mobileCodeMapper.insert(newMobileCodePO);
// TODO 发送验证码短信
}

View File

@ -49,27 +49,6 @@ public class OAuth2ServiceImpl implements OAuth2Service {
@Autowired
private OAuth2RefreshTokenMapper oauth2RefreshTokenMapper;
@Override
@Transactional
public OAuth2AccessTokenBO getAccessToken(String mobile, String code) {
// 校验传入的 mobile code 是否合法
MobileCodeDO mobileCodeDO = mobileCodeService.validLastMobileCode(mobile, code);
// 获取用户
UserDO userDO = userService.getUser(mobile);
if (userDO == null) { // 用户不存在则进行创建用户
userDO = userService.createUser(mobile);
Assert.notNull(userDO, "创建用户必然成功");
}
// 创建刷新令牌
OAuth2RefreshTokenDO oauth2RefreshTokenDO = createOAuth2RefreshToken(userDO.getId());
// 创建访问令牌
OAuth2AccessTokenDO oauth2AccessTokenDO = createOAuth2AccessToken(userDO.getId(), oauth2RefreshTokenDO.getId());
// 标记已使用
mobileCodeService.useMobileCode(mobileCodeDO.getId(), userDO.getId());
// 转换返回
return OAuth2Convert.INSTANCE.convertToAccessTokenWithExpiresIn(oauth2AccessTokenDO);
}
@Override
public OAuth2AuthenticationBO checkToken(String accessToken) throws ServiceException {
OAuth2AccessTokenDO accessTokenDO = oauth2AccessTokenMapper.selectByTokenId(accessToken);

View File

@ -3,20 +3,28 @@ package cn.iocoder.mall.user.biz.service;
import cn.iocoder.common.framework.constant.CommonStatusEnum;
import cn.iocoder.common.framework.constant.DeletedStatusEnum;
import cn.iocoder.common.framework.constant.SysErrorCodeEnum;
import cn.iocoder.common.framework.constant.UserTypeEnum;
import cn.iocoder.common.framework.util.ServiceExceptionUtil;
import cn.iocoder.common.framework.util.ValidationUtil;
import cn.iocoder.mall.admin.api.OAuth2Service;
import cn.iocoder.mall.admin.api.bo.oauth2.OAuth2AccessTokenBO;
import cn.iocoder.mall.admin.api.dto.oauth2.OAuth2CreateTokenDTO;
import cn.iocoder.mall.user.api.UserService;
import cn.iocoder.mall.user.api.bo.user.UserAuthenticationBO;
import cn.iocoder.mall.user.api.bo.UserBO;
import cn.iocoder.mall.user.api.bo.UserPageBO;
import cn.iocoder.mall.user.api.constant.UserConstants;
import cn.iocoder.mall.user.api.constant.UserErrorCodeEnum;
import cn.iocoder.mall.user.api.dto.UserPageDTO;
import cn.iocoder.mall.user.api.dto.UserUpdateDTO;
import cn.iocoder.mall.user.api.dto.user.UserAuthenticationByMobileCodeDTO;
import cn.iocoder.mall.user.biz.convert.UserConvert;
import cn.iocoder.mall.user.biz.dao.UserMapper;
import cn.iocoder.mall.user.biz.dao.UserRegisterMapper;
import cn.iocoder.mall.user.biz.dataobject.MobileCodeDO;
import cn.iocoder.mall.user.biz.dataobject.UserDO;
import cn.iocoder.mall.user.biz.dataobject.UserRegisterDO;
import org.apache.dubbo.config.annotation.Reference;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
@ -35,7 +43,10 @@ public class UserServiceImpl implements UserService {
@Autowired
private UserRegisterMapper userRegisterMapper;
@Autowired
private OAuth2ServiceImpl oAuth2Service;
private MobileCodeServiceImpl mobileCodeService;
@Reference(validation = "true", version = "${dubbo.consumer.OAuth2Service.version}")
private OAuth2Service oAuth2Service;
public UserDO getUser(String mobile) {
return userMapper.selectByMobile(mobile);
@ -67,6 +78,36 @@ public class UserServiceImpl implements UserService {
userRegisterMapper.insert(userRegisterDO);
}
@Override
@Transactional
public UserAuthenticationBO authenticationByMobileCode(UserAuthenticationByMobileCodeDTO userAuthenticationByMobileCodeDTO) {
String mobile = userAuthenticationByMobileCodeDTO.getMobile();
String code = userAuthenticationByMobileCodeDTO.getCode();
// 校验手机格式
if (!ValidationUtil.isMobile(mobile)) {
throw ServiceExceptionUtil.exception(SysErrorCodeEnum.VALIDATION_REQUEST_PARAM_ERROR.getCode(), "手机格式不正确"); // TODO 有点搓
}
// 校验验证码是否正确
MobileCodeDO mobileCodeDO = mobileCodeService.validLastMobileCode(mobile, code);
// 获得用户
UserDO user = userMapper.selectByMobile(mobile);
if (user == null) { // 用户不存在则进行创建
user = new UserDO().setMobile(mobile).setStatus(UserConstants.STATUS_ENABLE);
user.setCreateTime(new Date());
user.setDeleted(DeletedStatusEnum.DELETED_NO.getValue());
userMapper.insert(user);
// 插入注册信息 TODO 芋艿 后续完善记录 ipua 等等
createUserRegister(user);
}
// 更新验证码已使用
mobileCodeService.useMobileCode(mobileCodeDO.getId(), user.getId());
// 创建 accessToken
OAuth2AccessTokenBO accessTokenBO = oAuth2Service.createToken(new OAuth2CreateTokenDTO().setUserId(user.getId())
.setUserType(UserTypeEnum.USER.getValue()));
// 转换返回
return UserConvert.INSTANCE.convert2(user).setToken(accessTokenBO);
}
@Override
public UserPageBO getUserPage(UserPageDTO userPageDTO) {
UserPageBO userPageBO = new UserPageBO();

View File

@ -6,19 +6,17 @@ spring:
username: root
password: ${MALL_MYSQL_PASSWORD}
# mybatis
#mybatis:
# config-location: classpath:mybatis-config.xml
# mapper-locations: classpath:mapper/*.xml
# type-aliases-package: cn.iocoder.mall.user.biz.dataobject
# mybatis-plus
mybatis-plus:
configuration:
mapUnderscoreToCamelCase: true # 虽然默认为 true ,但是还是显示去指定下。
map-underscore-to-camel-case: true # 虽然默认为 true ,但是还是显示去指定下。
global-config:
db-config:
id-type: auto
logic-delete-value: 1 # 逻辑已删除值(默认为 1)
logic-not-delete-value: 0 # 逻辑未删除值(默认为 0)
mapperLocations: classpath*:mapper/*.xml
typeAliasesPackage: cn.iocoder.mall.user.biz.dataobject
config-location: classpath:mybatis-config.xml
# dubbo
dubbo:
@ -43,3 +41,6 @@ dubbo:
version: 1.0.0
UserService:
version: 1.0.0
consumer:
OAuth2Service:
version: 1.0.0

View File

@ -1,35 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.iocoder.mall.user.biz.dao.MobileCodeMapper">
<insert id="insert" parameterType="MobileCodeDO">
INSERT INTO mobile_code (
id, mobile, code, today_index, used,
userd_user_id, used_time, create_time
) VALUES (
#{id}, #{mobile}, #{code}, #{todayIndex}, #{used},
#{usedUserId}, #{usedTime}, #{createTime}
)
</insert>
<update id="update" parameterType="MobileCodeDO">
UPDATE mobile_code
<set>
<if test="used != null"> used = #{used}, </if>
<if test="usedUserId != null"> userd_user_id = #{usedUserId}, </if>
<if test="usedTime != null"> used_time = #{usedTime}, </if>
</set>
WHERE id = #{id}
</update>
<select id="selectLast1ByMobile" parameterType="String" resultType="MobileCodeDO">
SELECT
id, mobile, code, today_index, used,
userd_user_id, used_time, create_time
FROM mobile_code
WHERE mobile = #{mobile}
ORDER BY id DESC
LIMIT 1
</select>
</mapper>

View File

@ -1,19 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE configuration PUBLIC "-//mybatis.org//DTD Config 3.0//EN" "http://mybatis.org/dtd/mybatis-3-config.dtd">
<configuration>
<settings>
<!-- 使用驼峰命名法转换字段。 -->
<setting name="mapUnderscoreToCamelCase" value="true"/>
</settings>
<typeAliases>
<typeAlias alias="Integer" type="java.lang.Integer"/>
<typeAlias alias="Long" type="java.lang.Long"/>
<typeAlias alias="HashMap" type="java.util.HashMap"/>
<typeAlias alias="LinkedHashMap" type="java.util.LinkedHashMap"/>
<typeAlias alias="ArrayList" type="java.util.ArrayList"/>
<typeAlias alias="LinkedList" type="java.util.LinkedList"/>
</typeAliases>
</configuration>