package com.xmomen.module.wb.controller; import java.util.ArrayList; import java.util.Date; import java.util.HashMap; import java.util.Map; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.DisabledAccountException; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; import com.xmomen.framework.exception.BusinessException; import com.xmomen.framework.web.rest.RestError; import com.xmomen.module.base.entity.CdMember; import com.xmomen.module.base.model.CreateMember; import com.xmomen.module.base.service.MemberService; import com.xmomen.module.core.web.filter.FormAuthenticationFilterExt; import com.xmomen.module.member.model.MemberAddressCreate; import com.xmomen.module.sms.api.SmsMessageService; import com.xmomen.module.sms.api.SmsResponse; import com.xmomen.module.sms.model.IdentifyCodeModel; import com.xmomen.module.sms.util.GlobalIdentifyCodeManager; import com.xmomen.module.wb.model.PcMember; import com.xmomen.module.wb.model.PcUpdatePasswordModel; import com.xmomen.module.wx.pay.common.RandomStringGenerator; @RestController public class CommonMemberController extends PcBaseController{ @Autowired MemberService memberService; @Autowired SmsMessageService smsMessageService; /** * 普通用户注册 */ @RequestMapping(value = "/member/register", method = RequestMethod.POST) public CdMember register(@RequestBody @Valid PcMember createPcMember) throws BusinessException { CreateMember createMember = new CreateMember(); createMember.setPhoneNumber(createPcMember.getPhoneNumber()); createMember.setPassword(createPcMember.getPassword()); createMember.setMemberAddressList(new ArrayList<MemberAddressCreate>()); createMember.setEmail(createPcMember.getEmail()); String phoneNumber = createPcMember.getPhoneNumber(); if(!StringUtils.isNumeric(phoneNumber) || phoneNumber.length() != 11) { throw new BusinessException("不合法的手机号码"); } String identifyCodeKey = createPcMember.getPhoneNumber(); IdentifyCodeModel identifyCodeModel = GlobalIdentifyCodeManager.getIdentifyCode(identifyCodeKey); if(identifyCodeModel == null || identifyCodeModel.isExpired()) { throw new BusinessException("验证码未生成或者已过期"); } if(!createPcMember.getPhoneIdentifyCode().equals(identifyCodeModel.getIdentifyCode())) { throw new BusinessException("验证码不正确"); } CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember == null) { cdMember = memberService.createMember(createMember); } else if(StringUtils.isEmpty(cdMember.getPassword())) { memberService.updatePassword(cdMember.getId(), createPcMember.getPassword(), ""); } else { throw new BusinessException("用户已被注册"); } cdMember.setPassword(""); return cdMember; } @RequestMapping(value = "/member/login", method = RequestMethod.POST) public ResponseEntity login(HttpServletRequest request, Model model){ Map<String, Object> result = new HashMap<>(); if(SecurityUtils.getSubject().isAuthenticated()){ String username = (String) SecurityUtils.getSubject().getPrincipal(); result.put("status", 200); result.put("username", username); return new ResponseEntity(result, HttpStatus.OK); } String exceptionClassName = (String) request.getAttribute(FormAuthenticationFilterExt.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME); String error = null; RestError restError = new RestError(); restError.setTimestamp(new Date()); if(DisabledAccountException.class.getName().equals(exceptionClassName)){ restError.setMessage("该账号已被锁定,请联系客服。"); }else if(UnknownAccountException.class.getName().equals(exceptionClassName)) { restError.setMessage("用户名不存在"); } else if(IncorrectCredentialsException.class.getName().equals(exceptionClassName)) { restError.setMessage("用户名或密码错误"); } else if(exceptionClassName != null) { restError.setMessage( "登录失败:" + exceptionClassName); } restError.setStatus(401); return new ResponseEntity(restError, HttpStatus.UNAUTHORIZED); } /** * 会员账号 * @return */ @RequestMapping(value = "/member/account", method = RequestMethod.GET) public CdMember accountSetting(){ Integer memberId = getCurrentMemberId(); CdMember memberModel = memberService.getOneMemberModel(String.valueOf(memberId)); return memberModel; } @RequestMapping(value = "/member/logout") public ResponseEntity logout(HttpServletRequest request){ String message = "登出成功"; try { SecurityUtils.getSubject().logout(); } catch (Exception e) { message = "登出失败"; } return new ResponseEntity(message, HttpStatus.UNAUTHORIZED); } @RequestMapping(value = "/member/phonecode") public SmsResponse sendSms(@RequestParam(value="phone") String phoneNumber) throws Exception { if(!StringUtils.isNumeric(phoneNumber) || phoneNumber.length() != 11) { throw new BusinessException("不合法的手机号码"); } CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember != null){ throw new BusinessException("该手机号码已注册"); } SmsResponse smsResponse = smsMessageService.sendSingleRequest(phoneNumber); if(smsResponse == null) { throw new Exception("调用SMS接口失败"); } return smsResponse; } /** * 发送验证码到用户手机,用户找回密码(密码重置)操作 * @param phoneNumber * @return * @throws Exception */ @RequestMapping(value = "/member/operationcode") public SmsResponse getOperationCode(@RequestParam(value="phone") String phoneNumber) throws Exception { if(!StringUtils.isNumeric(phoneNumber) || phoneNumber.length() != 11) { throw new BusinessException("不合法的手机号码"); } CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember == null){ throw new BusinessException("该用户不存在"); } /*String operationCode = RandomStringGenerator.getRandomNumberStrByLength(6); SmsResponse smsResponse = smsMessageService.sendPasswordInfo(phoneNumber, operationCode); if(smsResponse == null) { throw new Exception("调用SMS接口失败"); } else { GlobalIdentifyCodeManager.updateOperationCode(phoneNumber, operationCode); } return smsResponse;*/ SmsResponse smsResponse = smsMessageService.sendSingleRequest(phoneNumber); if(smsResponse == null) { throw new Exception("调用SMS接口失败"); } return smsResponse; } /** * 根据发送到手机的验证码,手动输入密码达到重置密码的目的 * @param pcMember * @return * @throws Exception */ @RequestMapping(value = "/member/resetpassword", method = RequestMethod.POST) public CdMember resetPassword(@RequestBody @Valid PcMember pcMember) throws Exception { String phoneNumber = pcMember.getPhoneNumber(); if(!StringUtils.isNumeric(phoneNumber) || phoneNumber.length() != 11) { throw new BusinessException("不合法的手机号码"); } String identifyCodeKey = pcMember.getPhoneNumber(); //IdentifyCodeModel identifyCodeModel = GlobalIdentifyCodeManager.getOperationCode(identifyCodeKey); IdentifyCodeModel identifyCodeModel = GlobalIdentifyCodeManager.getIdentifyCode(identifyCodeKey); if(identifyCodeModel == null || identifyCodeModel.isExpired()) { throw new BusinessException("验证码未生成或者已过期"); } if(!pcMember.getPhoneIdentifyCode().equals(identifyCodeModel.getIdentifyCode())) { throw new BusinessException("验证码不正确"); } CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember == null) { throw new BusinessException("该用户不存在"); } boolean success = memberService.resetPassword(cdMember.getId(), pcMember.getPassword()); if(!success) { throw new BusinessException("密码重置失败"); } cdMember.setPassword(""); return cdMember; } /** * 直接发送随机生成的6位数密码到手机,达到重置密码的目的 * @param phoneNumber * @return * @throws Exception */ @RequestMapping(value = "/member/resetpassword", method = RequestMethod.GET) public SmsResponse resetPassword(@RequestParam(value="phone") String phoneNumber) throws Exception { if(!StringUtils.isNumeric(phoneNumber) || phoneNumber.length() != 11) { throw new BusinessException("不合法的手机号码"); } CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember == null) { throw new BusinessException("该用户不存在"); } String newPassword = RandomStringGenerator.getRandomNumberStrByLength(6); String oldPassword = cdMember.getPassword(); if(oldPassword == null) { oldPassword = ""; } boolean success = memberService.updatePassword(cdMember.getId(), newPassword, oldPassword); if(success) { SmsResponse smsResponse = smsMessageService.sendPasswordInfo(phoneNumber, newPassword); if(smsResponse == null) { //如果未成功发送短信,密码回滚 cdMember.setPassword(oldPassword); memberService.updateMember(cdMember); throw new Exception("调用SMS接口失败"); } return smsResponse; } else { throw new BusinessException("密码重置失败"); } } /** * 更新密码 * @param updatePasswordModel * @return * @throws BusinessException */ @RequestMapping(value = "/member/changepassword", method = RequestMethod.POST) public CdMember changePassword(@RequestBody @Valid PcUpdatePasswordModel updatePasswordModel) throws BusinessException { String phoneNumber = updatePasswordModel.getPhoneNumber(); CdMember memberQuery = new CdMember(); memberQuery.setPhoneNumber(phoneNumber); CdMember cdMember = memberService.findMember(memberQuery); if(cdMember == null) { throw new BusinessException("当前用户不存在"); } else { boolean success = memberService.updatePassword(cdMember.getId(), updatePasswordModel.getPassword(), updatePasswordModel.getOldPassword()); if(!success) { throw new BusinessException("密码不正确"); } } cdMember.setPassword(""); return cdMember; } }