修改微信授权逻辑

2025-10-20 19:49:28 +08:00
parent 418c22d78d
commit e56a8a285d
8 changed files with 66 additions and 32 deletions
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java
@@ -20,4 +20,6 @@ public interface AppUserMapper extends BaseMapper<AppUser>
    public List<AppUser> selectAppUserList(AppUser appUser);

    List<AppUser> selectByJobId(Long jobId);
+
+    AppUser selectByOpenid(String openid);
 }
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java
@@ -52,4 +52,6 @@ public interface IAppUserService
    public int deleteAppUserByUserIds(Long[] userIds);

    public AppUser getPhone(String phone);
+
+    AppUser selectByOpenid(String openid);
 }
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java
@@ -108,4 +108,9 @@ public class AppUserServiceImpl extends ServiceImpl<AppUserMapper,AppUser> imple
        return appUserMapper.selectOne(new LambdaQueryWrapper<AppUser>()
                .eq(AppUser::getPhone, phone));
    }
+
+    @Override
+    public AppUser selectByOpenid(String openid) {
+        return appUserMapper.selectByOpenid(openid);
+    }
 }
--- a/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java
+++ b/ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java
@@ -266,6 +266,15 @@ public class WechatUtil {
            byte[] sessionKeyBytes = Base64.getDecoder().decode(sessionKey);
            byte[] ivBytes = Base64.getDecoder().decode(iv);

+            // 2. 验证session_key长度（AES-128要求密钥长度为16字节）
+            if (sessionKeyBytes.length != 16) {
+                throw new RuntimeException("session_key长度错误，应为16字节");
+            }
+            // 验证iv长度（CBC模式下iv长度必须与块大小一致，AES为16字节）
+            if (ivBytes.length != 16) {
+                throw new RuntimeException("iv长度错误，应为16字节");
+            }
+
            // 2. 初始化 AES-128-CBC 解密器（使用PKCS5Padding替换PKCS7Padding，两者在AES中效果一致）
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            SecretKeySpec keySpec = new SecretKeySpec(sessionKeyBytes, "AES");
--- a/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml
+++ b/ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml
@@ -62,4 +62,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
                                                 INNER JOIN JOB_APPLY ja ON ja.USER_ID  = au.USER_ID
            WHERE au.DEL_FLAG = '0' AND ja.DEL_FLAG = '0'  AND ja.JOB_Id = #{jobId})
    </select>
+
+    <select id="selectByOpenid" resultType="com.ruoyi.common.core.domain.entity.AppUser">
+        SELECT * FROM app_user WHERE DEL_FLAG = '0' and openid=#{openid} LIMIT 1
+    </select>
 </mapper>