diff --git a/pom.xml b/pom.xml
index 62bc1bc..d6fa242 100644
--- a/pom.xml
+++ b/pom.xml
@@ -179,6 +179,13 @@
spring-boot-starter-aop
+
+
+ io.jsonwebtoken
+ jjwt
+ 0.9.1
+
+
io.springfox
springfox-swagger-ui
diff --git a/src/main/java/com/bonus/boot/manager/app/controller/AppController.java b/src/main/java/com/bonus/boot/manager/app/controller/AppController.java
index e69b914..af053db 100644
--- a/src/main/java/com/bonus/boot/manager/app/controller/AppController.java
+++ b/src/main/java/com/bonus/boot/manager/app/controller/AppController.java
@@ -5,13 +5,17 @@ import com.bonus.boot.manager.app.dao.AppserviceDao;
import com.bonus.boot.manager.app.service.Appservice;
import com.bonus.boot.manager.manager.annotation.LogAnnotation;
import com.bonus.boot.manager.manager.config.AesCbcUtils;
+import com.bonus.boot.manager.manager.config.JwtUtils;
import com.bonus.boot.manager.manager.config.aes.DecryptAndVerify;
import com.bonus.boot.manager.manager.config.aes.EncryptedReq;
import com.bonus.boot.manager.manager.entity.LoginUser;
+import com.bonus.boot.manager.manager.entity.SecurityConstants;
import com.bonus.boot.manager.manager.model.SysUser;
import com.bonus.boot.manager.manager.service.TokenService;
import com.bonus.boot.manager.manager.utils.*;
+import io.jsonwebtoken.Claims;
import io.swagger.annotations.ApiOperation;
+import org.apache.commons.lang3.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
@@ -44,6 +48,7 @@ public class AppController {
public AjaxRes getStatus(SysUser user) {
AjaxRes ar = new AjaxRes();
//String passworld = UserUtil.getLoginUser().getPassword();
+ user.setTelephone(AesCbcUtils.decrypt(user.getTelephone()));
String status = appservice.getStatus(user);
String personnelType = appservice.getPersonnelType(user);
user=appservice.getcancelTime();
@@ -89,6 +94,7 @@ public class AppController {
@PostMapping("gethospital")
public AjaxRes gethospital(String idcard) {
AjaxRes ar = new AjaxRes();
+ idcard = AesCbcUtils.decrypt(idcard);
List hospList = appservice.hospList(idcard);
if (hospList.size() != 0) {
ar.setRes(1);
@@ -121,12 +127,34 @@ public class AppController {
return ar;
}
+ /**
+ * 职业医院接口获取
+ *
+ * @return 返回状态
+ */
+ @PostMapping("getOccupationHospital")
+ public AjaxRes getOccupationHospital() {
+ AjaxRes ar = new AjaxRes();
+ List hospList = appservice.getOccupationHospital();
+ if (!hospList.isEmpty()) {
+ ar.setRes(1);
+ ar.setResMsg("success");
+ ar.setSucceed(hospList);
+ } else {
+ ar.setRes(0);
+ ar.setResMsg("error");
+ ar.setSucceed("isnull");
+ }
+ return ar;
+ }
+
/**
* 医院套餐获取
*/
@PostMapping("getPhysicalExamination")
public AjaxRes getPhysicalExamination(String idcard) {
AjaxRes ar = new AjaxRes();
+ idcard = AesCbcUtils.decrypt(idcard);
List hospList = appservice.getPhysicalExamination(idcard);
if (hospList.size() != 0) {
ar.setRes(1);
@@ -283,6 +311,13 @@ public class AppController {
AjaxRes ar = new AjaxRes();
//我的预约信息查询
List list = appservice.getapplogininfo(pmbean);
+ //循环list里面的值加密
+ for (PmBasePhysicalBean bean : list) {
+ bean.setPhyName(AesCbcUtils.encrypt(bean.getPhyName()));
+ bean.setTelepNumber(AesCbcUtils.encrypt(bean.getTelepNumber()));
+ bean.setIdcard(AesCbcUtils.encrypt(bean.getIdcard()));
+ }
+
if (list.size() != 0) {
ar.setRes(1);
ar.setResMsg("success");
@@ -372,12 +407,20 @@ public class AppController {
@PostMapping("loginNoPassword")
public AjaxRes getToken(LoginUser loginUser){
AjaxRes res = new AjaxRes();
+ String jwtToken = loginUser.getJwtToken();
+ if(StringUtils.isNotEmpty(jwtToken)){
+ Claims claims = JwtUtils.parseToken(jwtToken);
+ jwtToken = (String) claims.get(SecurityConstants.DETAILS_USERNAME);
+ }
String telephone = AesCbcUtils.decrypt(loginUser.getTelephone());
loginUser.setTelephone(telephone);
LoginUser listBean= appservice.checkAccountExist(loginUser);
if(StringHelper.isEmpty(listBean.getUsername())){
res.setResMsg("fail");
res.setResMsg("noThisPhone");
+ }else if(telephone != null && !telephone.equals(jwtToken)){
+ res.setResMsg("fail");
+ res.setResMsg("noThisPhone");
}else {
loginUser.setId(listBean.getId());
loginUser.setIfJob(listBean.getIfJob());
diff --git a/src/main/java/com/bonus/boot/manager/app/dao/AppserviceDao.java b/src/main/java/com/bonus/boot/manager/app/dao/AppserviceDao.java
index 852e750..63757b1 100644
--- a/src/main/java/com/bonus/boot/manager/app/dao/AppserviceDao.java
+++ b/src/main/java/com/bonus/boot/manager/app/dao/AppserviceDao.java
@@ -80,4 +80,11 @@ public interface AppserviceDao {
List getCareerHospital();
String getPersonnelType(SysUser user);
+
+ /**
+ * 职业医院接口获取
+ *
+ * @return 返回状态
+ */
+ List getOccupationHospital();
}
diff --git a/src/main/java/com/bonus/boot/manager/app/service/Appservice.java b/src/main/java/com/bonus/boot/manager/app/service/Appservice.java
index eb684c1..93134f7 100644
--- a/src/main/java/com/bonus/boot/manager/app/service/Appservice.java
+++ b/src/main/java/com/bonus/boot/manager/app/service/Appservice.java
@@ -45,4 +45,11 @@ public interface Appservice {
List getCareerHospital();
String getPersonnelType(SysUser user);
+
+ /**
+ * 职业医院接口获取
+ *
+ * @return 返回状态
+ */
+ List getOccupationHospital();
}
diff --git a/src/main/java/com/bonus/boot/manager/app/service/impl/AppserviceImpl.java b/src/main/java/com/bonus/boot/manager/app/service/impl/AppserviceImpl.java
index aa36259..a1dc3ae 100644
--- a/src/main/java/com/bonus/boot/manager/app/service/impl/AppserviceImpl.java
+++ b/src/main/java/com/bonus/boot/manager/app/service/impl/AppserviceImpl.java
@@ -43,6 +43,16 @@ public class AppserviceImpl implements Appservice {
return appserviceDao.getPersonnelType(user);
}
+ /**
+ * 职业医院接口获取
+ *
+ * @return 返回状态
+ */
+ @Override
+ public List getOccupationHospital() {
+ return appserviceDao.getOccupationHospital();
+ }
+
@Override
public List hospList(String idcard) {
return appserviceDao.hospList(idcard);
diff --git a/src/main/java/com/bonus/boot/manager/manager/config/AesCbcUtils.java b/src/main/java/com/bonus/boot/manager/manager/config/AesCbcUtils.java
index 946469d..cec27b3 100644
--- a/src/main/java/com/bonus/boot/manager/manager/config/AesCbcUtils.java
+++ b/src/main/java/com/bonus/boot/manager/manager/config/AesCbcUtils.java
@@ -12,8 +12,8 @@ import java.lang.reflect.Field;
import java.security.Security;
/**
- *
* AES加密工具类
+ *
* @author HeiZi
*/
@Slf4j
@@ -57,8 +57,8 @@ public class AesCbcUtils {
for (Field field : bean.getClass().getDeclaredFields()) {
// 只处理String类型的字段
if (field.getType() == String.class) {
- field.setAccessible(true); // 允许访问私有字段
-
+ // 允许访问私有字段
+ field.setAccessible(true);
Object value = field.get(bean);
if (value != null) {
String decryptedValue = decrypt((String) value);
@@ -77,15 +77,16 @@ public class AesCbcUtils {
/**
* AES加密
- *(CBC模式)
+ * (CBC模式)
+ *
* @param source 源字符串
* @param
- * @throws Exception
* @return 加密后的密文
+ * @throws Exception
*/
- public static String encrypt(String source ) {
- try{
- String key=sKey;
+ public static String encrypt(String source) {
+ try {
+ String key = sKey;
byte[] sourceBytes = source.getBytes(ENCODING);
byte[] keyBytes = key.getBytes(ENCODING);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
@@ -93,39 +94,40 @@ public class AesCbcUtils {
cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
byte[] decrypted = cipher.doFinal(sourceBytes);
return Base64.encodeBase64String(decrypted);
- }catch (Exception e){
- log.error(e.toString(),e);
+ } catch (Exception e) {
+ log.error(e.toString(), e);
}
return null;
}
public static void main(String[] args) {
- // String json="";
+ // String json="";
- String json="{\"username\":\"guest\",\"password\":\"admin@123\"}";
- String data=encrypt(json);
+ String json = "{\"username\":\"guest\",\"password\":\"admin@123\"}";
+ String data = encrypt(json);
System.err.println(data);
- String jm=decrypt("2rrMRoOfoo9n17MTPSRTidwgXeatSLxWFQfPNSCUJdHvqT58extTi87f1e5LJS0DdMcjzIdtFoHvur9gP7desQ==");
- String jiemi=decrypt(data);
+ String jm = decrypt("2rrMRoOfoo9n17MTPSRTidwgXeatSLxWFQfPNSCUJdHvqT58extTi87f1e5LJS0DdMcjzIdtFoHvur9gP7desQ==");
+ String jiemi = decrypt(data);
System.err.println(jm);
System.err.println(jiemi);
}
/**
* AES解密
- *(CBC模式)
+ * (CBC模式)
+ *
* @param data 加密后的密文
* @param
- * @throws Exception
* @return 源字符串
+ * @throws Exception
*/
- public static String decrypt(String data) {
- try{
- String encryptStr="";
- if(StringHelper.isNotEmpty(data)){
- encryptStr=data.replace(" ","+");
+ public static String decrypt(String data) {
+ try {
+ String encryptStr = "";
+ if (StringHelper.isNotEmpty(data)) {
+ encryptStr = data.replace(" ", "+");
}
- String key=sKey;
+ String key = sKey;
byte[] sourceBytes = Base64.decodeBase64(encryptStr);
byte[] keyBytes = key.getBytes(ENCODING);
Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
@@ -133,9 +135,9 @@ public class AesCbcUtils {
cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
byte[] decoded = cipher.doFinal(sourceBytes);
return new String(decoded, ENCODING);
- }catch (Exception e){
+ } catch (Exception e) {
log.info("------------------->请求加密参数不正确");
- log.error(e.toString(),e);
+ log.error(e.toString(), e);
}
return null;
}
diff --git a/src/main/java/com/bonus/boot/manager/manager/config/JwtUtils.java b/src/main/java/com/bonus/boot/manager/manager/config/JwtUtils.java
new file mode 100644
index 0000000..975a410
--- /dev/null
+++ b/src/main/java/com/bonus/boot/manager/manager/config/JwtUtils.java
@@ -0,0 +1,134 @@
+package com.bonus.boot.manager.manager.config;
+
+
+import cn.hutool.core.convert.Convert;
+import com.bonus.boot.manager.manager.entity.SecurityConstants;
+import com.bonus.boot.manager.manager.entity.TokenConstants;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Jwt工具类
+ *
+ * @author zys
+ */
+public class JwtUtils
+{
+ public static String secret = TokenConstants.SECRET;
+
+ /**
+ * 从数据声明生成令牌
+ *
+ * @param claims 数据声明
+ * @return 令牌
+ */
+ public static String createToken(Map claims)
+ {
+ String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact();
+ return token;
+ }
+
+ /**
+ * 从令牌中获取数据声明
+ *
+ * @param token 令牌
+ * @return 数据声明
+ */
+ public static Claims parseToken(String token)
+ {
+ return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+ }
+
+ /**
+ * 根据令牌获取用户标识
+ *
+ * @param token 令牌
+ * @return 用户ID
+ */
+ public static String getUserKey(String token)
+ {
+ Claims claims = parseToken(token);
+ return getValue(claims, SecurityConstants.USER_KEY);
+ }
+
+ /**
+ * 根据令牌获取用户标识
+ *
+ * @param claims 身份信息
+ * @return 用户ID
+ */
+ public static String getUserKey(Claims claims)
+ {
+ return getValue(claims, SecurityConstants.USER_KEY);
+ }
+
+ /**
+ * 根据令牌获取用户ID
+ *
+ * @param token 令牌
+ * @return 用户ID
+ */
+ public static String getUserId(String token)
+ {
+ Claims claims = parseToken(token);
+ return getValue(claims, SecurityConstants.DETAILS_USER_ID);
+ }
+
+ /**
+ * 根据身份信息获取用户ID
+ *
+ * @param claims 身份信息
+ * @return 用户ID
+ */
+ public static String getUserId(Claims claims)
+ {
+ return getValue(claims, SecurityConstants.DETAILS_USER_ID);
+ }
+
+ /**
+ * 根据令牌获取用户名
+ *
+ * @param token 令牌
+ * @return 用户名
+ */
+ public static String getUserName(String token)
+ {
+ Claims claims = parseToken(token);
+ return getValue(claims, SecurityConstants.DETAILS_USERNAME);
+ }
+
+ /**
+ * 根据身份信息获取用户名
+ *
+ * @param claims 身份信息
+ * @return 用户名
+ */
+ public static String getUserName(Claims claims)
+ {
+ return getValue(claims, SecurityConstants.DETAILS_USERNAME);
+ }
+
+ /**
+ * 根据身份信息获取键值
+ *
+ * @param claims 身份信息
+ * @param key 键
+ * @return 值
+ */
+ public static String getValue(Claims claims, String key)
+ {
+ return Convert.toStr(claims.get(key), "");
+ }
+
+ public static void main(String[] args) {
+ Map claims = new HashMap<>();
+ claims.put(SecurityConstants.DETAILS_USERNAME,"ysAdmin");
+ String token = createToken(claims);
+ System.out.println(token);
+ }
+
+}
diff --git a/src/main/java/com/bonus/boot/manager/manager/entity/SecurityConstants.java b/src/main/java/com/bonus/boot/manager/manager/entity/SecurityConstants.java
new file mode 100644
index 0000000..d13fa94
--- /dev/null
+++ b/src/main/java/com/bonus/boot/manager/manager/entity/SecurityConstants.java
@@ -0,0 +1,44 @@
+package com.bonus.boot.manager.manager.entity;
+
+/**
+ * 权限相关通用常量
+ *
+ * @author zys
+ */
+public class SecurityConstants
+{
+ /**
+ * 用户ID字段
+ */
+ public static final String DETAILS_USER_ID = "user_id";
+
+ /**
+ * 用户名字段
+ */
+ public static final String DETAILS_USERNAME = "username";
+
+ /**
+ * 授权信息字段
+ */
+ public static final String AUTHORIZATION_HEADER = "authorization";
+
+ /**
+ * 请求来源
+ */
+ public static final String FROM_SOURCE = "from-source";
+
+ /**
+ * 内部请求
+ */
+ public static final String INNER = "inner";
+
+ /**
+ * 用户标识
+ */
+ public static final String USER_KEY = "user_key";
+
+ /**
+ * 登录用户
+ */
+ public static final String LOGIN_USER = "login_user";
+}
diff --git a/src/main/java/com/bonus/boot/manager/manager/entity/TokenConstants.java b/src/main/java/com/bonus/boot/manager/manager/entity/TokenConstants.java
new file mode 100644
index 0000000..aec33b4
--- /dev/null
+++ b/src/main/java/com/bonus/boot/manager/manager/entity/TokenConstants.java
@@ -0,0 +1,25 @@
+package com.bonus.boot.manager.manager.entity;
+
+/**
+ * Token的Key常量
+ *
+ * @author zys
+ */
+public class TokenConstants
+{
+ /**
+ * 令牌自定义标识
+ */
+ public static final String AUTHENTICATION = "Authorization";
+
+ /**
+ * 令牌前缀
+ */
+ public static final String PREFIX = "Bearer ";
+
+ /**
+ * 令牌秘钥
+ */
+ public final static String SECRET = "abcdefghijklmnopqrstuvwxyz";
+
+}
diff --git a/src/main/java/com/bonus/boot/manager/manager/model/SysUser.java b/src/main/java/com/bonus/boot/manager/manager/model/SysUser.java
index 4095fe0..5f1196f 100644
--- a/src/main/java/com/bonus/boot/manager/manager/model/SysUser.java
+++ b/src/main/java/com/bonus/boot/manager/manager/model/SysUser.java
@@ -24,6 +24,7 @@ public class SysUser extends BaseEntity {
private String ifHigher;//是否高职
private String specialJob;//特殊岗位id
private String cancelTime;
+ private String jwtToken;
public String getPersonnelType() {
return personnelType;
@@ -164,7 +165,15 @@ public class SysUser extends BaseEntity {
this.intro = intro;
}
- public interface Status {
+ public String getJwtToken() {
+ return jwtToken;
+ }
+
+ public void setJwtToken(String jwtToken) {
+ this.jwtToken = jwtToken;
+ }
+
+ public interface Status {
int DISABLED = 0;
int VALID = 1;
int LOCKED = 2;
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 6f457a1..546a71f 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -10,13 +10,13 @@ server.port=18089
#\u8BBF\u95EE\u8DEF\u5F84
server.servlet.context-path=/AppPeaManager
#\u6B63\u5F0F\u5E93
-spring.datasource.url=jdbc:mysql://192.168.1.8:23342/yn_tj_appoint?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true
-spring.datasource.username=root
-spring.datasource.password=Bonus@yntj123!
-#\u6D4B\u8BD5\u5E93
-#spring.datasource.url=jdbc:mysql://192.168.0.14:1115/cs_yn?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
+#spring.datasource.url=jdbc:mysql://192.168.1.8:23342/yn_tj_appoint?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true
#spring.datasource.username=root
-#spring.datasource.password=xbzadmin@szedu14!
+#spring.datasource.password=Bonus@yntj123!
+#\u6D4B\u8BD5\u5E93
+spring.datasource.url=jdbc:mysql://192.168.0.14:1115/yn_tj_appoint?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
+spring.datasource.username=root
+spring.datasource.password=xbzadmin@szedu14!
#\u672C\u5730\u5E93
#spring.datasource.url=jdbc:mysql://192.168.0.14:1115/yn_tj_appoint?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
#spring.datasource.username=root
@@ -38,13 +38,13 @@ mybatis.type-aliases-package=com.bonus.boot.manager.*.entity
#spring.redis.port=6379
#spring.redis.password=Ynsmz@186redis!
#\u6D4B\u8BD5
-spring.redis.host=192.168.1.8
-spring.redis.port=23347
-spring.redis.password=Bonus@yntj123!
+#spring.redis.host=192.168.1.8
+#spring.redis.port=23347
+#spring.redis.password=Bonus@yntj123!
#\u672C\u5730
-#spring.redis.host=127.0.0.1
-#spring.redis.port=6379
-#spring.redis.password=
+spring.redis.host=127.0.0.1
+spring.redis.port=6379
+spring.redis.password=
# \u65E5\u5FD7
logging.config=classpath:logback-boot.xml
log.level.root=info
diff --git a/src/main/resources/mappers/app/AppMapper.xml b/src/main/resources/mappers/app/AppMapper.xml
index c130ed5..77db0d3 100644
--- a/src/main/resources/mappers/app/AppMapper.xml
+++ b/src/main/resources/mappers/app/AppMapper.xml
@@ -399,7 +399,18 @@
where
is_active='1'
-
+