修改机密性和完整性校验

2026-04-07 18:26:41 +08:00
parent 5cfa574f0b
commit a1b880f817
5 changed files with 62 additions and 31 deletions
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -8,6 +8,7 @@ import com.ruoyi.cms.domain.vo.WechatAuthVO;
 import com.ruoyi.cms.service.IAppUserService;
 import com.ruoyi.cms.util.StringUtil;
 import com.ruoyi.cms.util.WechatUtil;
+import com.ruoyi.cms.util.encrypt.QuickValidUtils;
 import com.ruoyi.common.core.domain.AjaxResult;
 import com.ruoyi.common.core.domain.entity.AppUser;
 import com.ruoyi.common.core.domain.model.LoginBody;
@@ -557,7 +558,14 @@ public class SysLoginService
            System.out.printf("特殊角色用户登录成功，openid:%s, phone:%s, 角色:%s%n",
                    specialUser.getOpenid(), StringUtil.desensitizePhone(specialUser.getPhone()), specialUser.getIsCompanyUser());
            System.out.println(ParamErrorConstants.LOG_AJAX_RETURN + JSON.toJSONString(ajax));
+            //验证完整性
+            QuickValidUtils.phoneValid(specialUser);
+            if(!StringUtil.IS_COMPANY_USER.equals(specialUser.getIsCompanyUser())){
+                QuickValidUtils.idCardValid(specialUser);
+            }
            return ajax;
+        }catch (Exception e){
+            return AjaxResult.error("解密失败，完整性校验失败");
        }
    }

@@ -566,16 +574,25 @@ public class SysLoginService
     */
    @Transactional(rollbackFor = Exception.class)
    public AjaxResult handleExistingUser(AppUser existingUser, String userType,String orgType) {
-        AjaxResult ajax = AjaxResult.success();
-        updateAppUserCommon(existingUser, null, null, userType,orgType);
-        String token = loginUserIdApp(existingUser);
-        ajax.put(Constants.TOKEN, token);
-        ajax.put("isNewUser", false);
-        ajax.put("idCard", existingUser.getIdCard());
-        ajax.put("isCompanyUser", existingUser.getIsCompanyUser());
-        System.out.println("老用户登录成功，openid:" + existingUser.getOpenid() + "===========");
-        System.out.println(ParamErrorConstants.LOG_AJAX_RETURN + JSON.toJSONString(ajax));
-        return ajax;
+        try {
+            AjaxResult ajax = AjaxResult.success();
+            updateAppUserCommon(existingUser, null, null, userType,orgType);
+            String token = loginUserIdApp(existingUser);
+            ajax.put(Constants.TOKEN, token);
+            ajax.put("isNewUser", false);
+            ajax.put("idCard", existingUser.getIdCard());
+            ajax.put("isCompanyUser", existingUser.getIsCompanyUser());
+            System.out.println("老用户登录成功，openid:" + existingUser.getOpenid() + "===========");
+            System.out.println(ParamErrorConstants.LOG_AJAX_RETURN + JSON.toJSONString(ajax));
+            //验证完整性和机密性
+            QuickValidUtils.phoneValid(existingUser);
+            if(!StringUtil.IS_COMPANY_USER.equals(userType)){
+                QuickValidUtils.idCardValid(existingUser);
+            }
+            return ajax;
+        }catch (Exception e){
+            return AjaxResult.error("解密失败，完整性校验失败");
+        }
    }