package com.ltkj.common.utils;
|
|
import cn.hutool.core.date.DateUtil;
|
import cn.hutool.crypto.SecureUtil;
|
import cn.hutool.crypto.symmetric.SymmetricAlgorithm;
|
import cn.hutool.crypto.symmetric.SymmetricCrypto;
|
import com.ltkj.common.constant.HttpStatus;
|
import com.ltkj.common.exception.ServiceException;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
import com.ltkj.common.core.domain.model.LoginUser;
|
|
import java.util.Date;
|
|
/**
|
* 安全服务工具类
|
*
|
* @author ltkj
|
*/
|
public class SecurityUtils {
|
/**
|
* 用户ID
|
**/
|
public static Long getUserId() {
|
try {
|
return Long.valueOf(getLoginUser().getUserId());
|
} catch (Exception e) {
|
throw new ServiceException("获取用户ID异常", HttpStatus.UNAUTHORIZED);
|
}
|
}
|
|
/**
|
* 获取部门ID
|
**/
|
public static Long getDeptId() {
|
try {
|
return getLoginUser().getDeptId();
|
} catch (Exception e) {
|
throw new ServiceException("获取部门ID异常", HttpStatus.UNAUTHORIZED);
|
}
|
}
|
|
/**
|
* 获取用户账户
|
**/
|
public static String getUsername() {
|
try {
|
return getLoginUser().getUsername();
|
} catch (Exception e) {
|
throw new ServiceException("获取用户账户异常", HttpStatus.UNAUTHORIZED);
|
}
|
}
|
|
/**
|
* 获取用户
|
**/
|
public static LoginUser getLoginUser() {
|
try {
|
return (LoginUser) getAuthentication().getPrincipal();
|
} catch (Exception e) {
|
throw new ServiceException("获取用户信息异常", HttpStatus.UNAUTHORIZED);
|
}
|
}
|
|
/**
|
* 获取Authentication
|
*/
|
public static Authentication getAuthentication() {
|
return SecurityContextHolder.getContext().getAuthentication();
|
}
|
|
/**
|
* 生成BCryptPasswordEncoder密码
|
*
|
* @param password 密码
|
* @return 加密字符串
|
*/
|
public static String encryptPassword(String password) {
|
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
return passwordEncoder.encode(password);
|
}
|
|
/**
|
* 判断密码是否相同
|
*
|
* @param rawPassword 真实密码
|
* @param encodedPassword 加密后字符
|
* @return 结果
|
*/
|
public static boolean matchesPassword(String rawPassword, String encodedPassword) {
|
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
return passwordEncoder.matches(rawPassword, encodedPassword);
|
}
|
|
/**
|
* 是否为管理员
|
*
|
* @param userId 用户ID
|
* @return 结果
|
*/
|
public static boolean isAdmin(Long userId) {
|
return userId != null && 1L == userId;
|
}
|
|
public static String getMallMerchantSecretKey(String secret,String certificateNumber, String number, Date date) {
|
String secrets = SecureUtil.md5(secret);
|
String certificateNumbers = SecureUtil.md5(certificateNumber);
|
String taxNumber = SecureUtil.md5(number);
|
String expirationTime = SecureUtil.md5(DateUtil.format(DateUtil.endOfDay(date),"yyyy-MM-dd HH:mm:ss"));
|
//随机生成密钥
|
SymmetricCrypto aes = new SymmetricCrypto(SymmetricAlgorithm.AES, secret.getBytes());
|
return aes.encryptHex(secrets+certificateNumbers+taxNumber+expirationTime);
|
}
|
|
public static boolean matchesMallMerchantSecretKey(String secret,String certificateNumber, String number, Date date,String ordSecretKey) {
|
String secrets = SecureUtil.md5(secret);
|
String certificateNumbers = SecureUtil.md5(certificateNumber);
|
String taxNumber = SecureUtil.md5(number);
|
String expirationTime = SecureUtil.md5(DateUtil.format(DateUtil.endOfDay(date),"yyyy-MM-dd HH:mm:ss"));
|
SymmetricCrypto aes = new SymmetricCrypto(SymmetricAlgorithm.AES, secret.getBytes());
|
String encryptHex = aes.encryptHex(secrets+certificateNumbers+taxNumber+expirationTime);
|
|
if(encryptHex.equals(ordSecretKey)){
|
return true;
|
}
|
return false;
|
}
|
}
|
