修改微信授权逻辑

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java

@@ -3,8 +3,6 @@ package com.ruoyi.web.controller.system;
 import java.util.List;
 import java.util.Set;
 
-import com.ruoyi.common.core.domain.model.LoginSiteUser;
-import com.ruoyi.common.utils.SiteSecurityUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 import com.ruoyi.common.constant.Constants;
@@ -64,13 +62,7 @@ public class SysLoginController
     public AjaxResult appLogin(@RequestBody LoginBody loginBody)
     {
         AjaxResult ajax = AjaxResult.success();
-        // 若携带令牌且有效，直接返回
+        ajax=loginService.appLogin(loginBody);
-        if (SiteSecurityUtils.isLogin()) {
-            LoginSiteUser loginSiteUser = SiteSecurityUtils.getLoginUser();
-            ajax.put(Constants.TOKEN, loginSiteUser.getToken());
-        }else{
-            ajax=loginService.appLogin(loginBody);
-        }
         return ajax;
     }
 

ruoyi-bussiness/src/main/java/com/ruoyi/cms/mapper/AppUserMapper.java

@@ -20,4 +20,6 @@ public interface AppUserMapper extends BaseMapper<AppUser>
     public List<AppUser> selectAppUserList(AppUser appUser);
 
     List<AppUser> selectByJobId(Long jobId);
+
+    AppUser selectByOpenid(String openid);
 }

ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/IAppUserService.java

@@ -52,4 +52,6 @@ public interface IAppUserService
     public int deleteAppUserByUserIds(Long[] userIds);
 
     public AppUser getPhone(String phone);
+
+    AppUser selectByOpenid(String openid);
 }

ruoyi-bussiness/src/main/java/com/ruoyi/cms/service/impl/AppUserServiceImpl.java

@@ -108,4 +108,9 @@ public class AppUserServiceImpl extends ServiceImpl<AppUserMapper,AppUser> imple
         return appUserMapper.selectOne(new LambdaQueryWrapper<AppUser>()
                 .eq(AppUser::getPhone, phone));
     }
+
+    @Override
+    public AppUser selectByOpenid(String openid) {
+        return appUserMapper.selectByOpenid(openid);
+    }
 }

ruoyi-bussiness/src/main/java/com/ruoyi/cms/util/WechatUtil.java

@@ -266,6 +266,15 @@ public class WechatUtil {
             byte[] sessionKeyBytes = Base64.getDecoder().decode(sessionKey);
             byte[] ivBytes = Base64.getDecoder().decode(iv);
 
+            // 2. 验证session_key长度（AES-128要求密钥长度为16字节）
+            if (sessionKeyBytes.length != 16) {
+                throw new RuntimeException("session_key长度错误，应为16字节");
+            }
+            // 验证iv长度（CBC模式下iv长度必须与块大小一致，AES为16字节）
+            if (ivBytes.length != 16) {
+                throw new RuntimeException("iv长度错误，应为16字节");
+            }
+
             // 2. 初始化 AES-128-CBC 解密器（使用PKCS5Padding替换PKCS7Padding，两者在AES中效果一致）
             Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
             SecretKeySpec keySpec = new SecretKeySpec(sessionKeyBytes, "AES");

ruoyi-bussiness/src/main/resources/mapper/app/AppUserMapper.xml

@@ -62,4 +62,8 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
                                                  INNER JOIN JOB_APPLY ja ON ja.USER_ID  = au.USER_ID
             WHERE au.DEL_FLAG = '0' AND ja.DEL_FLAG = '0'  AND ja.JOB_Id = #{jobId})
     </select>
+
+    <select id="selectByOpenid" resultType="com.ruoyi.common.core.domain.entity.AppUser">
+        SELECT * FROM app_user WHERE DEL_FLAG = '0' and openid=#{openid} LIMIT 1
+    </select>
 </mapper>

ruoyi-common/src/main/java/com/ruoyi/common/core/domain/model/LoginBody.java

@@ -34,6 +34,10 @@ public class LoginBody
      * 加密向量
      */
     private String iv;
+    /**
+     * 0企业，1求职者
+     */
+    private String userType;
 
     public String getUsername()
     {
@@ -90,4 +94,12 @@ public class LoginBody
     public void setIv(String iv) {
         this.iv = iv;
     }
+
+    public String getUserType() {
+        return userType;
+    }
+
+    public void setUserType(String userType) {
+        this.userType = userType;
+    }
 }

ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java

@@ -244,6 +244,7 @@ public class SysLoginService
      * @return
      */
     public AjaxResult appLogin(LoginBody dto){
+        AjaxResult ajax = AjaxResult.success();
         System.out.println("小程序微信授权登录---------参数列表========dto========"+ JSON.toJSONString(dto));
         JSONObject sessionInfo = wechatUtil.code2Session(dto.getCode());
         String openid = sessionInfo.getString("openid");
@@ -252,30 +253,37 @@ public class SysLoginService
         if (openid == null) {
             return AjaxResult.error("微信授权失败");
         }
+        //验证是否登录过
+        AppUser existingUser=appUserService.selectByOpenid(openid);
+        if(existingUser!=null){
+            String token = loginUserIdApp(existingUser);
+            ajax.put(Constants.TOKEN, token);
+            return ajax;
+        }else {
+            JSONObject phoneInfo = wechatUtil.decryptPhoneNumber(dto.getEncryptedData(), sessionKey, dto.getIv());
+            String phone = phoneInfo.getString("phoneNumber");
+            if (phone == null) {
+                return AjaxResult.error("获取手机号失败");
+            }
 
-        JSONObject phoneInfo = wechatUtil.decryptPhoneNumber(dto.getEncryptedData(), sessionKey, dto.getIv());
+            // 3. 检查手机号是否已被绑定
-        String phone = phoneInfo.getString("phoneNumber");
+            AppUser existUser = appUserService.getPhone(phone);
-        if (phone == null) {
+            if (existUser != null) {
-            return AjaxResult.error("获取手机号失败");
+                return AjaxResult.error("该手机号已注册");
+            }
+
+            // 4. 创建用户并存储所有信息
+            AppUser appUser = new AppUser();
+            appUser.setOpenid(openid);
+            appUser.setUnionid(unionid);
+            appUser.setPhone(phone);
+            appUser.setIsCompanyUser(dto.getUserType());//保存角色
+            appUserService.insertAppUser(appUser);
+
+            // 5. 生成系统令牌
+            String token = loginUserIdApp(appUser);
+            ajax.put(Constants.TOKEN, token);
+            return ajax;
         }
-
-        // 3. 检查手机号是否已被绑定
-        AppUser existUser = appUserService.getPhone(phone);
-        if (existUser != null) {
-            return AjaxResult.error("该手机号已注册");
-        }
-
-        // 4. 创建用户并存储所有信息
-        AppUser appUser = new AppUser();
-        appUser.setOpenid(openid);
-        appUser.setUnionid(unionid);
-        appUser.setPhone(phone);
-        appUserService.insertAppUser(appUser);
-
-        // 5. 生成系统令牌
-        AjaxResult ajax = AjaxResult.success();
-        String token = loginUserIdApp(appUser);
-        ajax.put(Constants.TOKEN, token);
-        return ajax;
     }
 }