package com.alatus.mall.auth.app; import com.alatus.common.constant.AuthServerConstant; import com.alatus.common.exception.BizCodeEnum; import com.alatus.common.utils.R; import com.alatus.common.vo.MemberRespVo; import com.alatus.mall.auth.feign.MemberFeignService; import com.alatus.mall.auth.feign.ThirdPartFeignService; import com.alatus.mall.auth.vo.UserLoginVo; import com.alatus.mall.auth.vo.UserRegisterVo; import com.alibaba.fastjson.TypeReference; import org.apache.commons.lang.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Controller; import org.springframework.validation.BindingResult; import org.springframework.validation.FieldError; import org.springframework.web.bind.annotation.*; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import javax.servlet.http.HttpSession; import javax.validation.Valid; import java.util.HashMap; import java.util.Map; import java.util.UUID; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; @Controller public class LoginController { @Autowired private ThirdPartFeignService thirdPartFeignService; @Autowired private StringRedisTemplate redisTemplate; @Autowired private MemberFeignService memberFeignService; @GetMapping("/sms/sendCode") @ResponseBody public R sendCode(@RequestParam("phone") String phone){ R checkPhone = memberFeignService.checkPhone(phone); if(checkPhone.getCode()==0){ // TODO 接口防刷 // 防止反复刷验证码 String value = redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + phone); if(value!=null&&!StringUtils.isEmpty(value)){ long time = Long.parseLong(value.split("_")[1]); if(System.currentTimeMillis() - time < 60000){ // 60秒内不能再发 return R.error(BizCodeEnum.SMS_CODE_EXCEPTION.getCode(),BizCodeEnum.SMS_CODE_EXCEPTION.getMsg()); } } String code = UUID.randomUUID().toString().substring(0, 5); R sendCode = thirdPartFeignService.sendCode(phone, code); // 缓存验证码 redisTemplate.opsForValue().set(AuthServerConstant.SMS_CODE_CACHE_PREFIX+phone,code+"_"+System.currentTimeMillis(),10, TimeUnit.MINUTES); if(sendCode.getCode()==0){ return R.ok(); } else{ return R.error(); } } else{ return checkPhone; } } //RedirectAttributes redirectAttributes模拟重定向携带数据 // TODO 重定向携带数据,利用session原理,将数据放在session中 // 只要跳到下一个页面取出这个数据后,session的数据就被删掉了 // TODO 分布式Session问题解决!!! @PostMapping("/register") public String register(@Valid UserRegisterVo vo, BindingResult result, RedirectAttributes redirectAttributes){ if(result.hasErrors()){ // 收集错误信息返回 Map<String, String> collect = result.getFieldErrors().stream().collect(Collectors.toMap(FieldError::getField,FieldError::getDefaultMessage)); redirectAttributes.addFlashAttribute("errors",collect); // 原请求是post请求,当我们失败以后,在这里转发,转发是会保持请求方式不变的,但是路径访问默认是get // 就会出现错误 // 原理是使用了HttpSession的底层实现 return "redirect:http://auth.alatusmall.com/reg.html"; } else{ // 校验验证码 String code = vo.getCode(); String codeValue = redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + vo.getPhone()); if(codeValue!=null&&!StringUtils.isEmpty(codeValue)){ // 截串获取验证码信息 String redisCode = codeValue.split("_")[0]; if(redisCode.equals(code)){ // 验证码通过以后,删除验证码,令牌机制,验证码用过就不再可用了 redisTemplate.delete(AuthServerConstant.SMS_CODE_CACHE_PREFIX + vo.getPhone()); // 调用远程服务进行注册 R register = memberFeignService.register(vo); if(register.getCode()==0){ return "redirect:http://auth.alatusmall.com/login.html"; } else{ Map<String,String> errors = new HashMap<>(); errors.put("msg",register.get("msg",new TypeReference<String>(){})); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } else{ // 验证码错误 Map<String,String> errors = new HashMap<>(); errors.put("code","验证码错误"); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } else{ // 没有验证码 Map<String,String> errors = new HashMap<>(); errors.put("code","验证码错误"); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } } @PostMapping("/login") public String login(UserLoginVo userLoginVo, RedirectAttributes redirectAttributes, HttpSession session){ R login = memberFeignService.login(userLoginVo); if (login.getCode()==0) { // 登陆成功 MemberRespVo data = login.getData(new TypeReference<MemberRespVo>() {}); session.setAttribute(AuthServerConstant.LOGIN_USER,data); return "redirect:http://alatusmall.com"; } else{ // 登陆失败 Map<String,String> errors = new HashMap<>(); errors.put("msg",login.get("msg",new TypeReference<String>(){})); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/login.html"; } } }package com.alatus.mall.auth.app; import com.alatus.common.constant.AuthServerConstant; import com.alatus.common.exception.BizCodeEnum; import com.alatus.common.utils.R; import com.alatus.common.vo.MemberRespVo; import com.alatus.mall.auth.feign.MemberFeignService; import com.alatus.mall.auth.feign.ThirdPartFeignService; import com.alatus.mall.auth.vo.UserLoginVo; import com.alatus.mall.auth.vo.UserRegisterVo; import com.alibaba.fastjson.TypeReference; import org.apache.commons.lang.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.data.redis.core.StringRedisTemplate; import org.springframework.stereotype.Controller; import org.springframework.validation.BindingResult; import org.springframework.validation.FieldError; import org.springframework.web.bind.annotation.*; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import javax.servlet.http.HttpSession; import javax.validation.Valid; import java.util.HashMap; import java.util.Map; import java.util.UUID; import java.util.concurrent.TimeUnit; import java.util.stream.Collectors; @Controller public class LoginController { @Autowired private ThirdPartFeignService thirdPartFeignService; @Autowired private StringRedisTemplate redisTemplate; @Autowired private MemberFeignService memberFeignService; @GetMapping("/sms/sendCode") @ResponseBody public R sendCode(@RequestParam("phone") String phone){ R checkPhone = memberFeignService.checkPhone(phone); if(checkPhone.getCode()==0){ // TODO 接口防刷 // 防止反复刷验证码 String value = redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + phone); if(value!=null&&!StringUtils.isEmpty(value)){ long time = Long.parseLong(value.split("_")[1]); if(System.currentTimeMillis() - time < 60000){ // 60秒内不能再发 return R.error(BizCodeEnum.SMS_CODE_EXCEPTION.getCode(),BizCodeEnum.SMS_CODE_EXCEPTION.getMsg()); } } String code = UUID.randomUUID().toString().substring(0, 5); R sendCode = thirdPartFeignService.sendCode(phone, code); // 缓存验证码 redisTemplate.opsForValue().set(AuthServerConstant.SMS_CODE_CACHE_PREFIX+phone,code+"_"+System.currentTimeMillis(),10, TimeUnit.MINUTES); if(sendCode.getCode()==0){ return R.ok(); } else{ return R.error(); } } else{ return checkPhone; } } //RedirectAttributes redirectAttributes模拟重定向携带数据 // TODO 重定向携带数据,利用session原理,将数据放在session中 // 只要跳到下一个页面取出这个数据后,session的数据就被删掉了 // TODO 分布式Session问题解决!!! @PostMapping("/register") public String register(@Valid UserRegisterVo vo, BindingResult result, RedirectAttributes redirectAttributes){ if(result.hasErrors()){ // 收集错误信息返回 Map<String, String> collect = result.getFieldErrors().stream().collect(Collectors.toMap(FieldError::getField,FieldError::getDefaultMessage)); redirectAttributes.addFlashAttribute("errors",collect); // 原请求是post请求,当我们失败以后,在这里转发,转发是会保持请求方式不变的,但是路径访问默认是get // 就会出现错误 // 原理是使用了HttpSession的底层实现 return "redirect:http://auth.alatusmall.com/reg.html"; } else{ // 校验验证码 String code = vo.getCode(); String codeValue = redisTemplate.opsForValue().get(AuthServerConstant.SMS_CODE_CACHE_PREFIX + vo.getPhone()); if(codeValue!=null&&!StringUtils.isEmpty(codeValue)){ // 截串获取验证码信息 String redisCode = codeValue.split("_")[0]; if(redisCode.equals(code)){ // 验证码通过以后,删除验证码,令牌机制,验证码用过就不再可用了 redisTemplate.delete(AuthServerConstant.SMS_CODE_CACHE_PREFIX + vo.getPhone()); // 调用远程服务进行注册 R register = memberFeignService.register(vo); if(register.getCode()==0){ return "redirect:http://auth.alatusmall.com/login.html"; } else{ Map<String,String> errors = new HashMap<>(); errors.put("msg",register.get("msg",new TypeReference<String>(){})); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } else{ // 验证码错误 Map<String,String> errors = new HashMap<>(); errors.put("code","验证码错误"); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } else{ // 没有验证码 Map<String,String> errors = new HashMap<>(); errors.put("code","验证码错误"); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/reg.html"; } } } @PostMapping("/login") public String login(UserLoginVo userLoginVo, RedirectAttributes redirectAttributes, HttpSession session){ R login = memberFeignService.login(userLoginVo); if (login.getCode()==0) { // 登陆成功 MemberRespVo data = login.getData(new TypeReference<MemberRespVo>() {}); session.setAttribute(AuthServerConstant.LOGIN_USER,data); return "redirect:http://alatusmall.com"; } else{ // 登陆失败 Map<String,String> errors = new HashMap<>(); errors.put("msg",login.get("msg",new TypeReference<String>(){})); redirectAttributes.addFlashAttribute("errors",errors); return "redirect:http://auth.alatusmall.com/login.html"; } } }
package com.alatus.mall.auth.app; import com.alatus.common.constant.AuthServerConstant; import com.alatus.common.utils.HttpUtils; import com.alatus.common.utils.R; import com.alatus.common.vo.GiteeSocialUser; import com.alatus.common.vo.MemberRespVo; import com.alatus.common.vo.WeiboSocialUser; import com.alatus.mall.auth.feign.MemberFeignService; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.TypeReference; import lombok.extern.slf4j.Slf4j; import org.apache.http.HttpResponse; import org.apache.http.util.EntityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestParam; import javax.servlet.http.HttpSession; import java.util.HashMap; @Controller @Slf4j public class OAuthController { @Value("${spring.oauth.properties.weibo.client_id}") private String weibo_client_id; @Value("${spring.oauth.properties.weibo.client_secret}") private String weibo_client_secret; @Value("${spring.oauth.properties.grant_type}") private String grant_type; @Value("${spring.oauth.properties.weibo.redirect_uri}") private String weibo_redirect_uri; @Value("${spring.oauth.properties.gitee.client_id}") private String gitee_client_id; @Value("${spring.oauth.properties.gitee.redirect_uri}") private String gitee_redirect_uri; @Value("${spring.oauth.properties.gitee.client_secret}") private String gitee_client_secret; @Autowired private MemberFeignService memberFeignService; @GetMapping("/oauth2.0/weibo/success") public String weiboLogin(@RequestParam("code") String code, HttpSession session) throws Exception { // 根据这个code获取当前登录用户的第三方令牌 HashMap<String, String> queryBody = new HashMap<>(); queryBody.put("client_id",weibo_client_id); queryBody.put("client_secret",weibo_client_secret); queryBody.put("grant_type",grant_type); queryBody.put("redirect_uri",weibo_redirect_uri); queryBody.put("code",code); HttpResponse oauth = HttpUtils.doPost("https://api.weibo.com", "/oauth2/access_token", "post", new HashMap<>(), new HashMap<>(), queryBody); if(oauth.getStatusLine().getStatusCode()==200){ // 获取到了accessEntity String userJson = EntityUtils.toString(oauth.getEntity()); WeiboSocialUser weiboSocialUser = JSON.parseObject(userJson, WeiboSocialUser.class); R r = memberFeignService.weiboOauthLogin(weiboSocialUser); if(r.getCode() == 0){ MemberRespVo memberRespVo = r.getData(new TypeReference<MemberRespVo>() {}); log.info("第三方用户登陆成功:,用户信息"+memberRespVo); session.setAttribute(AuthServerConstant.LOGIN_USER,memberRespVo); return "redirect:http://alatusmall.com"; } else { return "redirect:http://auth.alatusmall.com/login.html"; } } else{ return "redirect:http://auth.alatusmall.com/login.html"; } } @GetMapping("/oauth2.0/gitee/success") public String gitLogin(@RequestParam("code") String code, HttpSession session) throws Exception { // 根据这个code获取当前登录用户的第三方令牌 HashMap<String, String> queryBody = new HashMap<>(); queryBody.put("grant_type",grant_type); queryBody.put("code",code); queryBody.put("client_id",gitee_client_id); queryBody.put("redirect_uri",gitee_redirect_uri); queryBody.put("client_secret",gitee_client_secret); HttpResponse oauth = HttpUtils.doPost("https://gitee.com", "/oauth/token", "post", new HashMap<>(), new HashMap<>(), queryBody); if(oauth.getStatusLine().getStatusCode()==200){ // 获取到了accessEntity String userJson = EntityUtils.toString(oauth.getEntity()); GiteeSocialUser giteeSocialUser = JSON.parseObject(userJson, GiteeSocialUser.class); R r = memberFeignService.giteeOauthLogin(giteeSocialUser); if(r.getCode() == 0){ MemberRespVo memberRespVo = r.getData(new TypeReference<MemberRespVo>() {}); log.info("第三方用户登陆成功:,用户信息"+memberRespVo); // 第一次使用session,浏览器会保存我们的cookie,浏览器访问指定网站或域名就会带上这个cookie // 让cookie在子域下也可以取出对应的cookie,需要我们指定域名 // 这样就是我们自己原生将cookie指定作用域和内容并回传,然后,session我们就存在redis里面 session.setAttribute(AuthServerConstant.LOGIN_USER,memberRespVo); return "redirect:http://alatusmall.com"; } else { return "redirect:http://auth.alatusmall.com/login.html"; } } else{ return "redirect:http://auth.alatusmall.com/login.html"; } } }package com.alatus.mall.auth.app; import com.alatus.common.constant.AuthServerConstant; import com.alatus.common.utils.HttpUtils; import com.alatus.common.utils.R; import com.alatus.common.vo.GiteeSocialUser; import com.alatus.common.vo.MemberRespVo; import com.alatus.common.vo.WeiboSocialUser; import com.alatus.mall.auth.feign.MemberFeignService; import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.TypeReference; import lombok.extern.slf4j.Slf4j; import org.apache.http.HttpResponse; import org.apache.http.util.EntityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestParam; import javax.servlet.http.HttpSession; import java.util.HashMap; @Controller @Slf4j public class OAuthController { @Value("${spring.oauth.properties.weibo.client_id}") private String weibo_client_id; @Value("${spring.oauth.properties.weibo.client_secret}") private String weibo_client_secret; @Value("${spring.oauth.properties.grant_type}") private String grant_type; @Value("${spring.oauth.properties.weibo.redirect_uri}") private String weibo_redirect_uri; @Value("${spring.oauth.properties.gitee.client_id}") private String gitee_client_id; @Value("${spring.oauth.properties.gitee.redirect_uri}") private String gitee_redirect_uri; @Value("${spring.oauth.properties.gitee.client_secret}") private String gitee_client_secret; @Autowired private MemberFeignService memberFeignService; @GetMapping("/oauth2.0/weibo/success") public String weiboLogin(@RequestParam("code") String code, HttpSession session) throws Exception { // 根据这个code获取当前登录用户的第三方令牌 HashMap<String, String> queryBody = new HashMap<>(); queryBody.put("client_id",weibo_client_id); queryBody.put("client_secret",weibo_client_secret); queryBody.put("grant_type",grant_type); queryBody.put("redirect_uri",weibo_redirect_uri); queryBody.put("code",code); HttpResponse oauth = HttpUtils.doPost("https://api.weibo.com", "/oauth2/access_token", "post", new HashMap<>(), new HashMap<>(), queryBody); if(oauth.getStatusLine().getStatusCode()==200){ // 获取到了accessEntity String userJson = EntityUtils.toString(oauth.getEntity()); WeiboSocialUser weiboSocialUser = JSON.parseObject(userJson, WeiboSocialUser.class); R r = memberFeignService.weiboOauthLogin(weiboSocialUser); if(r.getCode() == 0){ MemberRespVo memberRespVo = r.getData(new TypeReference<MemberRespVo>() {}); log.info("第三方用户登陆成功:,用户信息"+memberRespVo); session.setAttribute(AuthServerConstant.LOGIN_USER,memberRespVo); return "redirect:http://alatusmall.com"; } else { return "redirect:http://auth.alatusmall.com/login.html"; } } else{ return "redirect:http://auth.alatusmall.com/login.html"; } } @GetMapping("/oauth2.0/gitee/success") public String gitLogin(@RequestParam("code") String code, HttpSession session) throws Exception { // 根据这个code获取当前登录用户的第三方令牌 HashMap<String, String> queryBody = new HashMap<>(); queryBody.put("grant_type",grant_type); queryBody.put("code",code); queryBody.put("client_id",gitee_client_id); queryBody.put("redirect_uri",gitee_redirect_uri); queryBody.put("client_secret",gitee_client_secret); HttpResponse oauth = HttpUtils.doPost("https://gitee.com", "/oauth/token", "post", new HashMap<>(), new HashMap<>(), queryBody); if(oauth.getStatusLine().getStatusCode()==200){ // 获取到了accessEntity String userJson = EntityUtils.toString(oauth.getEntity()); GiteeSocialUser giteeSocialUser = JSON.parseObject(userJson, GiteeSocialUser.class); R r = memberFeignService.giteeOauthLogin(giteeSocialUser); if(r.getCode() == 0){ MemberRespVo memberRespVo = r.getData(new TypeReference<MemberRespVo>() {}); log.info("第三方用户登陆成功:,用户信息"+memberRespVo); // 第一次使用session,浏览器会保存我们的cookie,浏览器访问指定网站或域名就会带上这个cookie // 让cookie在子域下也可以取出对应的cookie,需要我们指定域名 // 这样就是我们自己原生将cookie指定作用域和内容并回传,然后,session我们就存在redis里面 session.setAttribute(AuthServerConstant.LOGIN_USER,memberRespVo); return "redirect:http://alatusmall.com"; } else { return "redirect:http://auth.alatusmall.com/login.html"; } } else{ return "redirect:http://auth.alatusmall.com/login.html"; } } }
package com.alatus.common.constant; public class AuthServerConstant { public static final String SMS_CODE_CACHE_PREFIX = "sms:code:"; public static final String LOGIN_USER = "loginUser"; }package com.alatus.common.constant; public class AuthServerConstant { public static final String SMS_CODE_CACHE_PREFIX = "sms:code:"; public static final String LOGIN_USER = "loginUser"; }
扫一扫
28万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
