diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java index e6cb963..7a87f87 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java @@ -3,8 +3,6 @@ package com.ruoyi.web.controller.system; import java.util.List; import java.util.Set; -import com.ruoyi.common.core.domain.model.LoginSiteUser; -import com.ruoyi.common.utils.SiteSecurityUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.*; import com.ruoyi.common.constant.Constants; @@ -64,13 +62,7 @@ public class SysLoginController public AjaxResult appLogin(@RequestBody LoginBody loginBody) { AjaxResult ajax = AjaxResult.success(); - // 若携带令牌且有效,直接返回 - if (SiteSecurityUtils.isLogin()) { - LoginSiteUser loginSiteUser = SiteSecurityUtils.getLoginUser(); - ajax.put(Constants.TOKEN, loginSiteUser.getToken()); - }else{ - ajax=loginService.appLogin(loginBody); - } + ajax=loginService.appLogin(loginBody); return ajax; } diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java index 350ed83..213bf58 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java @@ -20,4 +20,6 @@ public interface AppUserMapper extends BaseMapper public List selectAppUserList(AppUser appUser); List selectByJobId(Long jobId); + + AppUser selectByOpenid(String openid); } diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java index a6b0018..86a208d 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java @@ -52,4 +52,6 @@ public interface IAppUserService public int deleteAppUserByUserIds(Long[] userIds); public AppUser getPhone(String phone); + + AppUser selectByOpenid(String openid); } diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java index d8257c8..a3f006e 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java @@ -108,4 +108,9 @@ public class AppUserServiceImpl extends ServiceImpl imple return appUserMapper.selectOne(new LambdaQueryWrapper() .eq(AppUser::getPhone, phone)); } + + @Override + public AppUser selectByOpenid(String openid) { + return appUserMapper.selectByOpenid(openid); + } } diff --git a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java index 02b1308..02d0352 100644 --- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java +++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java @@ -266,6 +266,15 @@ public class WechatUtil { byte[] sessionKeyBytes = Base64.getDecoder().decode(sessionKey); byte[] ivBytes = Base64.getDecoder().decode(iv); + // 2. 验证session_key长度(AES-128要求密钥长度为16字节) + if (sessionKeyBytes.length != 16) { + throw new RuntimeException("session_key长度错误,应为16字节"); + } + // 验证iv长度(CBC模式下iv长度必须与块大小一致,AES为16字节) + if (ivBytes.length != 16) { + throw new RuntimeException("iv长度错误,应为16字节"); + } + // 2. 初始化 AES-128-CBC 解密器(使用PKCS5Padding替换PKCS7Padding,两者在AES中效果一致) Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding"); SecretKeySpec keySpec = new SecretKeySpec(sessionKeyBytes, "AES"); diff --git a/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml b/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml index 113c900..31d6f58 100644 --- a/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml +++ b/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml @@ -62,4 +62,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" INNER JOIN JOB_APPLY ja ON ja.USER_ID = au.USER_ID WHERE au.DEL_FLAG = '0' AND ja.DEL_FLAG = '0' AND ja.JOB_Id = #{jobId}) + + \ No newline at end of file diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java index 6913a49..8315942 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java @@ -34,6 +34,10 @@ public class LoginBody * 加密向量 */ private String iv; + /** + * 0企业,1求职者 + */ + private String userType; public String getUsername() { @@ -90,4 +94,12 @@ public class LoginBody public void setIv(String iv) { this.iv = iv; } + + public String getUserType() { + return userType; + } + + public void setUserType(String userType) { + this.userType = userType; + } } diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java index 9fd25c9..fbbed68 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java @@ -244,6 +244,7 @@ public class SysLoginService * @return */ public AjaxResult appLogin(LoginBody dto){ + AjaxResult ajax = AjaxResult.success(); System.out.println("小程序微信授权登录---------参数列表========dto========"+ JSON.toJSONString(dto)); JSONObject sessionInfo = wechatUtil.code2Session(dto.getCode()); String openid = sessionInfo.getString("openid"); @@ -252,30 +253,37 @@ public class SysLoginService if (openid == null) { return AjaxResult.error("微信授权失败"); } + //验证是否登录过 + AppUser existingUser=appUserService.selectByOpenid(openid); + if(existingUser!=null){ + String token = loginUserIdApp(existingUser); + ajax.put(Constants.TOKEN, token); + return ajax; + }else { + JSONObject phoneInfo = wechatUtil.decryptPhoneNumber(dto.getEncryptedData(), sessionKey, dto.getIv()); + String phone = phoneInfo.getString("phoneNumber"); + if (phone == null) { + return AjaxResult.error("获取手机号失败"); + } - JSONObject phoneInfo = wechatUtil.decryptPhoneNumber(dto.getEncryptedData(), sessionKey, dto.getIv()); - String phone = phoneInfo.getString("phoneNumber"); - if (phone == null) { - return AjaxResult.error("获取手机号失败"); + // 3. 检查手机号是否已被绑定 + AppUser existUser = appUserService.getPhone(phone); + if (existUser != null) { + return AjaxResult.error("该手机号已注册"); + } + + // 4. 创建用户并存储所有信息 + AppUser appUser = new AppUser(); + appUser.setOpenid(openid); + appUser.setUnionid(unionid); + appUser.setPhone(phone); + appUser.setIsCompanyUser(dto.getUserType());//保存角色 + appUserService.insertAppUser(appUser); + + // 5. 生成系统令牌 + String token = loginUserIdApp(appUser); + ajax.put(Constants.TOKEN, token); + return ajax; } - - // 3. 检查手机号是否已被绑定 - AppUser existUser = appUserService.getPhone(phone); - if (existUser != null) { - return AjaxResult.error("该手机号已注册"); - } - - // 4. 创建用户并存储所有信息 - AppUser appUser = new AppUser(); - appUser.setOpenid(openid); - appUser.setUnionid(unionid); - appUser.setPhone(phone); - appUserService.insertAppUser(appUser); - - // 5. 生成系统令牌 - AjaxResult ajax = AjaxResult.success(); - String token = loginUserIdApp(appUser); - ajax.put(Constants.TOKEN, token); - return ajax; } }