zjh20250530

zjh

2025-05-30 b7d7d80a8a9e9ac145a05b5e1d545b6b61fc0cc4

 ltkj-framework/src/main/java/com/ltkj/framework/web/service/SysLoginService.java

@@ -19,9 +19,7 @@
import com.ltkj.hosp.domain.TjCustomer;
import com.ltkj.hosp.service.IDictHospService;
import com.ltkj.hosp.service.ITjCustomerService;
import com.ltkj.system.service.ISysDeptService;
import com.ltkj.system.service.ISysMenuService;
import com.ltkj.system.service.SysParametersDisposeService;
import com.ltkj.system.service.*;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
@@ -39,7 +37,7 @@
import com.ltkj.framework.manager.AsyncManager;
import com.ltkj.framework.manager.factory.AsyncFactory;
import com.ltkj.framework.security.context.AuthenticationContextHolder;
import com.ltkj.system.service.ISysUserService;
import org.springframework.util.DigestUtils;

import java.util.Date;
import java.util.HashMap;
@@ -75,6 +73,8 @@
    private ISysDeptService deptService;
    @Autowired
    private SysParametersDisposeService parametersDisposeService;
    @Autowired
    private ISysConfigService configService;

    // 是否允许账户多终端同时登录（true允许 false不允许）
    @Value("${token.soloLogin}")
@@ -96,26 +96,33 @@
     */
    public String login(String username, String password, Boolean type,String code,String uuid) {

        String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
        String captcha = redisCache.getCacheObject(verifyKey);
        redisCache.deleteObject(verifyKey);
        if (captcha == null)
        {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
            throw new CaptchaExpireException();
        }
        if (!code.equalsIgnoreCase(captcha))
        {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
            throw new CaptchaException();
        String aSwitch = configService.selectConfigByKey("captcha_switch");
        if(null !=aSwitch && aSwitch.equalsIgnoreCase("Y")){
            String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
            String captcha = redisCache.getCacheObject(verifyKey);
            redisCache.deleteObject(verifyKey);
            if (captcha == null)
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
                throw new CaptchaExpireException();
            }
            if (!code.equalsIgnoreCase(captcha))
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
                throw new CaptchaException();
            }
        }

        // 用户验证
        Authentication authentication = null;
        try {
            //登录密码解密
            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, RsaUtils.decryptByPrivateKey(password));
            //UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
            String s = RsaUtils.decryptByPrivateKey(password);
//            String s = password;
            if(username.equals("10001")){
                s=username+s;
            }
            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username,s);
            AuthenticationContextHolder.setContext(authenticationToken);
            // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
            authentication = authenticationManager.authenticate(authenticationToken);
@@ -140,25 +147,26 @@
            Long userId =loginUser.getUser().getUserId();
            SysUser user = userService.getById(userId);
            if(null !=user && null !=user.getDeptId()){
//                loginUser.getUser().setOrgId(user.getOrgId());
                if(!SecurityUtils.isAdmin(user.getUserId())){
                    SysDept sysDept = deptService.getById(user.getDeptId());
                    if (null != sysDept) {
                        DictHosp dictHosp = hospService.getById(sysDept.getHospId());
                        if(null !=dictHosp && dictHosp.getSecretKey() !=null && dictHosp.getExpirationTime() !=null){
                            if (!SecurityUtils.matchesMallMerchantSecretKey(secret,dictHosp.getHospAreaId(),dictHosp.getAreaid(),
                                    dictHosp.getExpirationTime(),dictHosp.getSecretKey())) {
                                throw new SecretKeyException("商家已过期请续费使用");
                            }
                            long between = DateUtil.between(new Date(), DateUtil.endOfDay(dictHosp.getExpirationTime()), DateUnit.DAY);
                            if(between<=30){
                                loginUser.setMessage("还有 "+between+" 天到期 请注意续费! 以免影响正常使用!");
                            }else {
                                loginUser.setMessage(null);
                            }

                        }else {
                            throw new SecretKeyException("请缴费使用");
                        if(null !=dictHosp){
                            loginUser.setHospName(dictHosp.getHospAreaName());
                            if(!SecurityUtils.isAdmin(user.getUserId())){
                                if(dictHosp.getSecretKey() != null && dictHosp.getExpirationTime() != null){
                                    if (!SecurityUtils.matchesMallMerchantSecretKey(secret,dictHosp.getHospAreaId(),dictHosp.getHospAreaName(),
                                            dictHosp.getExpirationTime(),dictHosp.getSecretKey()) || new Date().after(DateUtil.endOfDay(dictHosp.getExpirationTime()))) {
                                        throw new SecretKeyException("商家已过期请续费使用");
                                    }
                                    long between = DateUtil.between(new Date(), DateUtil.endOfDay(dictHosp.getExpirationTime()), DateUnit.DAY);
                                    if(between<=30){
                                        loginUser.setMessage("还有 "+between+" 天到期 请注意续费! 以免影响正常使用!");
                                    }else {
                                        loginUser.setMessage(null);
                                    }
                                }else {
                                    throw new SecretKeyException("请缴费使用");
                                }
                        }
                    }
                }
@@ -209,24 +217,29 @@
     * @param password 密码
     * @return 结果
     */
    public String Cuslogin(String username, String password, Boolean type,String code,String uuid) {
    public String Cuslogin(String username,String sfzh, String password, Boolean type,String code,String uuid) {

        String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
        String captcha = redisCache.getCacheObject(verifyKey);
        redisCache.deleteObject(verifyKey);
        if (captcha == null)
        {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
            throw new CaptchaExpireException();
        String aSwitch = configService.selectConfigByKey("captcha_switch");
        if(null !=aSwitch && aSwitch.equalsIgnoreCase("Y")){
            String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
            String captcha = redisCache.getCacheObject(verifyKey);
            redisCache.deleteObject(verifyKey);
            if (captcha == null)
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
                throw new CaptchaExpireException();
            }
            if (!code.equalsIgnoreCase(captcha))
            {
                AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
                throw new CaptchaException();
            }
        }
        if (!code.equalsIgnoreCase(captcha))
        {
            AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
            throw new CaptchaException();
        }
        LoginUser loginUser = loadCusByCusname(username, password);


        LoginUser loginUser = loadCusByCusname(username,sfzh, password);
        if (loginUser == null) {
            return "用户名或密码错误";
            return null;
        }
//       限制账户不允许多终端登录
        if (!soloLogin) {
@@ -246,19 +259,24 @@
        return tokenService.createToken(loginUser);
    }

    public LoginUser loadCusByCusname(String username, String password) {
    public LoginUser loadCusByCusname(String username,String sfzh, String password) {
        LambdaQueryWrapper<TjCustomer> wq = new LambdaQueryWrapper<>();
        wq.eq(TjCustomer::getCusPhone, username);
        wq.eq(TjCustomer::getCusIdcard, sfzh);
        List<TjCustomer> customerList = customerService.list(wq);
        if (null == customerList || customerList.size() == 0) {
        if (null == customerList || customerList.isEmpty()) {
            //throw new ServiceException("登录用户：" + username + " 不存在");
            throw new ServiceException("账户或密码错误，请检查！");
            throw new ServiceException("账号或密码错误，请检查！");
        }
        for (TjCustomer tjCustomer : customerList) {
            try {
                password = RsaUtils.decryptByPrivateKey(password);
                boolean b = SecurityUtils.matchesPassword(password, tjCustomer.getCusPassword());
                if (b) {
//                password = RsaUtils.decryptByPrivateKey(password);
//                boolean b = SecurityUtils.matchesPassword(password, tjCustomer.getCusPassword());
//                if (b) {
//                    return createLoginCus(tjCustomer);
//                }
                password = DigestUtils.md5DigestAsHex(password.getBytes());
                if (password.equals(tjCustomer.getCusPassword())){
                    return createLoginCus(tjCustomer);
                }
            } catch (Exception e) {