update m2pool 新增注销账号功能
This commit is contained in:
@@ -12,7 +12,6 @@
|
||||
<artifactId>m2pool-auth</artifactId>
|
||||
|
||||
<description>认证模块:登录认证、权限鉴定等</description>
|
||||
|
||||
<dependencies>
|
||||
|
||||
<!-- SpringCloud Alibaba Nacos -->
|
||||
@@ -71,6 +70,19 @@
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
|
||||
|
||||
<dependency>
|
||||
<groupId>com.m2pool</groupId>
|
||||
<artifactId>common-swagger</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- Swagger UI -->
|
||||
<dependency>
|
||||
<groupId>io.springfox</groupId>
|
||||
<artifactId>springfox-swagger-ui</artifactId>
|
||||
<version>${swagger.fox.version}</version>
|
||||
</dependency>
|
||||
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
||||
@@ -1,10 +1,14 @@
|
||||
package com.m2pool.auth;
|
||||
|
||||
import com.m2pool.common.security.annotation.EnableCustomConfig;
|
||||
import com.m2pool.common.security.annotation.EnableM2PoolFeignClients;
|
||||
import com.m2pool.common.swagger.annotation.EnableCustomSwagger2;
|
||||
import org.springframework.boot.SpringApplication;
|
||||
import org.springframework.boot.autoconfigure.SpringBootApplication;
|
||||
import org.springframework.boot.autoconfigure.jdbc.DataSourceAutoConfiguration;
|
||||
|
||||
@EnableCustomConfig
|
||||
@EnableCustomSwagger2
|
||||
@EnableM2PoolFeignClients
|
||||
@SpringBootApplication(exclude = {DataSourceAutoConfiguration.class})
|
||||
public class M2PoolAuthApplication{
|
||||
|
||||
@@ -10,6 +10,7 @@ import com.m2pool.common.security.annotation.RequiresLogin;
|
||||
import com.m2pool.common.security.auth.AuthUtil;
|
||||
import com.m2pool.common.security.service.TokenService;
|
||||
import com.m2pool.common.security.utils.SecurityUtils;
|
||||
import com.m2pool.system.api.entity.CloseAccountVo;
|
||||
import com.m2pool.system.api.entity.EmailTemplateEntity;
|
||||
import com.m2pool.system.api.model.LoginUser;
|
||||
import io.swagger.annotations.Api;
|
||||
@@ -86,6 +87,10 @@ public class TokenController {
|
||||
return maliService.resetPwdCode(entity);
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@PostMapping("updatePwdCode")
|
||||
public R<?> updatePwdCode()
|
||||
{
|
||||
@@ -93,6 +98,30 @@ public class TokenController {
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* 关闭注销账户
|
||||
* @param closeAccountVo
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/closeAccount")
|
||||
@RequiresLogin
|
||||
@ApiOperation(value = "用户注销")
|
||||
public R<?> closeAccount(@RequestBody @Valid CloseAccountVo closeAccountVo){
|
||||
return sysLoginService.closeAccount(closeAccountVo);
|
||||
}
|
||||
|
||||
/**
|
||||
* 发送注销账户邮件
|
||||
* @param emailCodeVo
|
||||
* @return
|
||||
*/
|
||||
@PostMapping("/sendCloseAccount")
|
||||
@ApiOperation(value = "发送注销用户邮箱验证码")
|
||||
public R<?> sendCloseAccount(@RequestBody @Valid GetLoginEmailCodeEntity emailCodeVo){
|
||||
return maliService.sendCloseAccount(emailCodeVo);
|
||||
}
|
||||
|
||||
|
||||
@GetMapping("hello")
|
||||
public R<?> hello()
|
||||
{
|
||||
|
||||
@@ -4,6 +4,9 @@ import com.m2pool.auth.entity.GetEmailCodeEntity;
|
||||
import com.m2pool.auth.entity.GetLoginEmailCodeEntity;
|
||||
import com.m2pool.common.core.Result.R;
|
||||
import com.m2pool.system.api.entity.EmailTemplateEntity;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
||||
import javax.validation.Valid;
|
||||
|
||||
/**
|
||||
* @Description TODO
|
||||
@@ -73,4 +76,19 @@ public interface MailService {
|
||||
|
||||
public R<?> updatePwdCode();
|
||||
|
||||
|
||||
/**
|
||||
* 账号注销验证码
|
||||
* @param emailCodeVo
|
||||
* @return
|
||||
*/
|
||||
R<?> sendCloseAccount(GetLoginEmailCodeEntity emailCodeVo);
|
||||
|
||||
|
||||
/**
|
||||
* 账号注销邮箱验证码 消息格式设置
|
||||
* @param to
|
||||
* @param code
|
||||
*/
|
||||
void sendCloseAccountMailMessage(String to, String code);
|
||||
}
|
||||
|
||||
@@ -1,7 +1,6 @@
|
||||
package com.m2pool.auth.service;
|
||||
|
||||
import com.alibaba.fastjson.JSON;
|
||||
import com.alibaba.nacos.shaded.org.checkerframework.checker.units.qual.A;
|
||||
import com.m2pool.auth.entity.*;
|
||||
import com.m2pool.common.core.RedisTransKey;
|
||||
import com.m2pool.common.core.Result.R;
|
||||
@@ -12,6 +11,7 @@ import com.m2pool.common.core.enums.UserStatus;
|
||||
import com.m2pool.common.core.exception.ServiceException;
|
||||
import com.m2pool.common.core.text.Convert;
|
||||
import com.m2pool.common.core.utils.DateUtils;
|
||||
import com.m2pool.common.core.utils.GoogleAuthenticator;
|
||||
import com.m2pool.common.core.utils.ServletUtils;
|
||||
import com.m2pool.common.core.utils.StringUtils;
|
||||
import com.m2pool.common.core.utils.ip.IpUtils;
|
||||
@@ -22,16 +22,14 @@ import com.m2pool.common.security.service.TokenService;
|
||||
import com.m2pool.common.security.utils.SecurityUtils;
|
||||
import com.m2pool.system.api.RemoteLogService;
|
||||
import com.m2pool.system.api.RemoteUserService;
|
||||
import com.m2pool.system.api.entity.CloseAccountVo;
|
||||
import com.m2pool.system.api.entity.SysLogininfor;
|
||||
import com.m2pool.system.api.entity.SysUser;
|
||||
import com.m2pool.system.api.model.LoginUser;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.ibatis.annotations.Update;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
|
||||
import javax.validation.Valid;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
@@ -563,4 +561,53 @@ public class SysLoginService {
|
||||
}
|
||||
|
||||
|
||||
public R<?> closeAccount(CloseAccountVo closeAccountVo){
|
||||
String email = closeAccountVo.getUserEmail();
|
||||
String emailCode = closeAccountVo.getECode();
|
||||
// 用户名或密码为空 错误
|
||||
if (StringUtils.isBlank(email))
|
||||
{
|
||||
recordLogininfor(email, Constants.LOGIN_FAIL, "邮箱必须填写");
|
||||
throw new ServiceException("邮箱必须填写");
|
||||
}
|
||||
if(!StringUtils.isBlank(email)){
|
||||
if(!email.matches(EMAIL_REGEX)){
|
||||
throw new ServiceException("邮箱格式错误");
|
||||
}
|
||||
}else {
|
||||
throw new ServiceException("邮箱为必填项");
|
||||
}
|
||||
String closeAccountKey = RedisTransKey.getCloseAccountKey(email);
|
||||
//校验谷歌验证码和邮箱验证码
|
||||
if(redisService.hasKey(closeAccountKey)){
|
||||
Object o = redisService.getCacheObject(closeAccountKey);//user:emailCode:email
|
||||
EmailCodeEntity emailCodeEntity = JSON.parseObject(JSON.toJSONString(o), EmailCodeEntity.class);
|
||||
//验证验证码
|
||||
if(emailCode.equals(emailCodeEntity.getEmailCode())){
|
||||
//不做处理 进入后续登录流程
|
||||
}else {
|
||||
throw new ServiceException("验证码错误");
|
||||
}
|
||||
}else {
|
||||
throw new ServiceException("验证码未获取或已过期,请重新获取验证码");
|
||||
}
|
||||
R<Boolean> booleanR1 = remoteUserService.checkGoogleCode(closeAccountVo.getGCode(), SecurityConstants.INNER);
|
||||
if(!booleanR1.getData()){
|
||||
throw new ServiceException("谷歌验证码错误");
|
||||
}
|
||||
|
||||
R<LoginUser> userInfo = remoteUserService.getUserInfo(SecurityUtils.getUsername(), SecurityConstants.INNER);
|
||||
if (R.FAIL == userInfo.getCode()) {
|
||||
throw new ServiceException("服务器请求失败请稍后再试");
|
||||
}
|
||||
SysUser sysUser = userInfo.getData().getSysUser();
|
||||
sysUser.setDelFlag("2");
|
||||
|
||||
R<Boolean> booleanR = remoteUserService.closeAccount(sysUser);
|
||||
if (R.FAIL == booleanR.getCode()) {
|
||||
throw new ServiceException("服务器请求失败请稍后再试");
|
||||
}
|
||||
return booleanR;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -556,4 +556,61 @@ public class MaliServiceImpl implements MailService {
|
||||
|
||||
}
|
||||
|
||||
|
||||
@Override
|
||||
public R<?> sendCloseAccount(GetLoginEmailCodeEntity emailCodeVo) {
|
||||
String email = SecurityUtils.getUsername();
|
||||
if(StringUtils.isBlank(email)){
|
||||
return R.fail("token解析失败");
|
||||
}
|
||||
//通过邮箱获取用户
|
||||
R<LoginUser> userByEmail = remoteUserService.getUserInfo(email, SecurityConstants.INNER);
|
||||
|
||||
if(StringUtils.isNull(userByEmail.getData())){
|
||||
return R.fail("token解析异常");
|
||||
}
|
||||
|
||||
//判断用户是不是恶意刷邮箱,在规定时间内进行的
|
||||
String closeAccountKey = RedisTransKey.getCloseAccountKey(email);
|
||||
if (redisService.hasKey(closeAccountKey)) {
|
||||
|
||||
Object o = redisService.getCacheObject(closeAccountKey);//user:updatePwdCode:email
|
||||
|
||||
EmailCodeEntity emailCodeEntity = JSON.parseObject(JSON.toJSONString(o), EmailCodeEntity.class);
|
||||
if (emailCodeEntity.getTimes() >= 5) {
|
||||
return R.fail("请求次数过多,请10分钟后再试");
|
||||
} else {
|
||||
//这里就不去判断两次绑定的邮箱是不是一样的了,不排除第一次输入错了邮箱的情况
|
||||
String emailCode = CodeUtils.creatCode(6);
|
||||
emailCodeEntity.setEmailCode(emailCode);
|
||||
emailCodeEntity.setTimes(emailCodeEntity.getTimes() + 1);
|
||||
long overTime = redisService.getExpire(closeAccountKey);
|
||||
redisService.setCacheObject(closeAccountKey, emailCodeEntity, overTime, TimeUnit.SECONDS
|
||||
);
|
||||
sendCloseAccountMailMessage(email, emailCodeEntity.getEmailCode());
|
||||
}
|
||||
} else {
|
||||
String emailCode = CodeUtils.creatCode(6);
|
||||
// 最多允许用户在10分钟内发送2次的邮箱验证
|
||||
// 0s倒计时后用户可以再发送验证码,但是间隔在10分钟内只能再发送1次
|
||||
EmailCodeEntity emailCodeEntity = new EmailCodeEntity(
|
||||
email, emailCode,1
|
||||
);
|
||||
//设置失效时间10分钟
|
||||
redisService.setCacheObject(closeAccountKey, emailCodeEntity,
|
||||
10L, TimeUnit.MINUTES
|
||||
);
|
||||
sendCloseAccountMailMessage(email, emailCodeEntity.getEmailCode());
|
||||
}
|
||||
return R.success("请求成功,修改密码验证码已经发送至用户邮箱");
|
||||
}
|
||||
|
||||
@Override
|
||||
public void sendCloseAccountMailMessage(String to, String code) {
|
||||
Map<String, Object> content = new HashMap<>();
|
||||
content.put("code",code);
|
||||
content.put("text","You are logging out of the user account. If this is not done by you, please ignore it. The verification code is valid for 10 minutes.");
|
||||
EmailTemplateEntity entity = new EmailTemplateEntity(to,"Change password, email verification code","emailCode-en",content);
|
||||
sendHtmlMailMessage(entity);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -3,6 +3,9 @@ server:
|
||||
|
||||
# Spring
|
||||
spring:
|
||||
mvc:
|
||||
pathmatch:
|
||||
matching-strategy: ant-path-matcher
|
||||
#邮箱基本配置
|
||||
mail:
|
||||
# 配置在limit_time内,用户可以发送limit次验证码
|
||||
|
||||
Reference in New Issue
Block a user