体检接口加密及调试

pom.xml

@@ -179,6 +179,13 @@
 			<artifactId>spring-boot-starter-aop</artifactId>
 		</dependency>
 
+		<!-- Jwt -->
+		<dependency>
+			<groupId>io.jsonwebtoken</groupId>
+			<artifactId>jjwt</artifactId>
+			<version>0.9.1</version>
+		</dependency>
+
 		<dependency>
 			<groupId>io.springfox</groupId>
 			<artifactId>springfox-swagger-ui</artifactId>

src/main/java/com/bonus/boot/manager/app/controller/AppController.java

@@ -5,13 +5,17 @@ import com.bonus.boot.manager.app.dao.AppserviceDao;
 import com.bonus.boot.manager.app.service.Appservice;
 import com.bonus.boot.manager.manager.annotation.LogAnnotation;
 import com.bonus.boot.manager.manager.config.AesCbcUtils;
+import com.bonus.boot.manager.manager.config.JwtUtils;
 import com.bonus.boot.manager.manager.config.aes.DecryptAndVerify;
 import com.bonus.boot.manager.manager.config.aes.EncryptedReq;
 import com.bonus.boot.manager.manager.entity.LoginUser;
+import com.bonus.boot.manager.manager.entity.SecurityConstants;
 import com.bonus.boot.manager.manager.model.SysUser;
 import com.bonus.boot.manager.manager.service.TokenService;
 import com.bonus.boot.manager.manager.utils.*;
+import io.jsonwebtoken.Claims;
 import io.swagger.annotations.ApiOperation;
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -44,6 +48,7 @@ public class AppController {
     public AjaxRes getStatus(SysUser user) {
         AjaxRes ar = new AjaxRes();
         //String passworld = UserUtil.getLoginUser().getPassword();
+        user.setTelephone(AesCbcUtils.decrypt(user.getTelephone()));
         String status = appservice.getStatus(user);
         String personnelType = appservice.getPersonnelType(user);
         user=appservice.getcancelTime();
@@ -89,6 +94,7 @@ public class AppController {
     @PostMapping("gethospital")
     public AjaxRes gethospital(String idcard) {
         AjaxRes ar = new AjaxRes();
+        idcard = AesCbcUtils.decrypt(idcard);
         List<HospitalBean> hospList = appservice.hospList(idcard);
         if (hospList.size() != 0) {
             ar.setRes(1);
@@ -121,12 +127,34 @@ public class AppController {
         return ar;
     }
 
+    /**
+     * 职业医院接口获取
+     *
+     * @return 返回状态
+     */
+    @PostMapping("getOccupationHospital")
+    public AjaxRes getOccupationHospital() {
+        AjaxRes ar = new AjaxRes();
+        List<HospitalBean> hospList = appservice.getOccupationHospital();
+        if (!hospList.isEmpty()) {
+            ar.setRes(1);
+            ar.setResMsg("success");
+            ar.setSucceed(hospList);
+        } else {
+            ar.setRes(0);
+            ar.setResMsg("error");
+            ar.setSucceed("isnull");
+        }
+        return ar;
+    }
+
     /**
      * 医院套餐获取
      */
     @PostMapping("getPhysicalExamination")
     public AjaxRes getPhysicalExamination(String idcard) {
         AjaxRes ar = new AjaxRes();
+        idcard = AesCbcUtils.decrypt(idcard);
         List<HospitalBean> hospList = appservice.getPhysicalExamination(idcard);
         if (hospList.size() != 0) {
             ar.setRes(1);
@@ -283,6 +311,13 @@ public class AppController {
         AjaxRes ar = new AjaxRes();
         //我的预约信息查询
         List<PmBasePhysicalBean> list = appservice.getapplogininfo(pmbean);
+        //循环list里面的值加密
+        for (PmBasePhysicalBean bean : list) {
+            bean.setPhyName(AesCbcUtils.encrypt(bean.getPhyName()));
+            bean.setTelepNumber(AesCbcUtils.encrypt(bean.getTelepNumber()));
+            bean.setIdcard(AesCbcUtils.encrypt(bean.getIdcard()));
+        }
+
         if (list.size() != 0) {
             ar.setRes(1);
             ar.setResMsg("success");
@@ -372,12 +407,20 @@ public class AppController {
     @PostMapping("loginNoPassword")
     public AjaxRes getToken(LoginUser loginUser){
         AjaxRes res = new AjaxRes();
+        String jwtToken = loginUser.getJwtToken();
+        if(StringUtils.isNotEmpty(jwtToken)){
+            Claims claims = JwtUtils.parseToken(jwtToken);
+            jwtToken = (String) claims.get(SecurityConstants.DETAILS_USERNAME);
+        }
         String telephone =  AesCbcUtils.decrypt(loginUser.getTelephone());
         loginUser.setTelephone(telephone);
         LoginUser listBean= appservice.checkAccountExist(loginUser);
         if(StringHelper.isEmpty(listBean.getUsername())){
             res.setResMsg("fail");
             res.setResMsg("noThisPhone");
+        }else if(telephone != null && !telephone.equals(jwtToken)){
+            res.setResMsg("fail");
+            res.setResMsg("noThisPhone");
         }else {
             loginUser.setId(listBean.getId());
             loginUser.setIfJob(listBean.getIfJob());

src/main/java/com/bonus/boot/manager/app/dao/AppserviceDao.java

@@ -80,4 +80,11 @@ public interface AppserviceDao {
     List<HospitalBean> getCareerHospital();
 
     String getPersonnelType(SysUser user);
+
+    /**
+     * 职业医院接口获取
+     *
+     * @return 返回状态
+     */
+    List<HospitalBean> getOccupationHospital();
 }

src/main/java/com/bonus/boot/manager/app/service/Appservice.java

@@ -45,4 +45,11 @@ public interface Appservice {
     List<HospitalBean> getCareerHospital();
 
     String getPersonnelType(SysUser user);
+
+    /**
+     * 职业医院接口获取
+     *
+     * @return 返回状态
+     */
+    List<HospitalBean> getOccupationHospital();
 }

src/main/java/com/bonus/boot/manager/app/service/impl/AppserviceImpl.java

@@ -43,6 +43,16 @@ public class AppserviceImpl implements Appservice {
         return appserviceDao.getPersonnelType(user);
     }
 
+    /**
+     * 职业医院接口获取
+     *
+     * @return 返回状态
+     */
+    @Override
+    public List<HospitalBean> getOccupationHospital() {
+        return appserviceDao.getOccupationHospital();
+    }
+
     @Override
     public List<HospitalBean> hospList(String idcard) {
         return appserviceDao.hospList(idcard);

src/main/java/com/bonus/boot/manager/manager/config/AesCbcUtils.java

@@ -12,8 +12,8 @@ import java.lang.reflect.Field;
 import java.security.Security;
 
 /**
- *
  * AES加密工具类
+ *
  * @author HeiZi
  */
 @Slf4j
@@ -57,8 +57,8 @@ public class AesCbcUtils {
             for (Field field : bean.getClass().getDeclaredFields()) {
                 // 只处理String类型的字段
                 if (field.getType() == String.class) {
-                    field.setAccessible(true); // 允许访问私有字段
+                    // 允许访问私有字段
-
+                    field.setAccessible(true);
                     Object value = field.get(bean);
                     if (value != null) {
                         String decryptedValue = decrypt((String) value);
@@ -77,15 +77,16 @@ public class AesCbcUtils {
 
     /**
      * AES加密
-     *（CBC模式）
+     * （CBC模式）
+     *
      * @param source 源字符串
      * @param
-     * @throws Exception
      * @return 加密后的密文
+     * @throws Exception
      */
-    public static String encrypt(String source )   {
+    public static String encrypt(String source) {
-        try{
+        try {
-            String key=sKey;
+            String key = sKey;
             byte[] sourceBytes = source.getBytes(ENCODING);
             byte[] keyBytes = key.getBytes(ENCODING);
             Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
@@ -93,39 +94,40 @@ public class AesCbcUtils {
             cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
             byte[] decrypted = cipher.doFinal(sourceBytes);
             return Base64.encodeBase64String(decrypted);
-        }catch (Exception e){
+        } catch (Exception e) {
-            log.error(e.toString(),e);
+            log.error(e.toString(), e);
         }
         return null;
     }
 
     public static void main(String[] args) {
-    //    String  json="";
+        //    String  json="";
 
-        String  json="{\"username\":\"guest\",\"password\":\"admin@123\"}";
+        String json = "{\"username\":\"guest\",\"password\":\"admin@123\"}";
-        String data=encrypt(json);
+        String data = encrypt(json);
         System.err.println(data);
-        String jm=decrypt("2rrMRoOfoo9n17MTPSRTidwgXeatSLxWFQfPNSCUJdHvqT58extTi87f1e5LJS0DdMcjzIdtFoHvur9gP7desQ==");
+        String jm = decrypt("2rrMRoOfoo9n17MTPSRTidwgXeatSLxWFQfPNSCUJdHvqT58extTi87f1e5LJS0DdMcjzIdtFoHvur9gP7desQ==");
-        String jiemi=decrypt(data);
+        String jiemi = decrypt(data);
         System.err.println(jm);
         System.err.println(jiemi);
     }
 
     /**
      * AES解密
-     *（CBC模式）
+     * （CBC模式）
+     *
      * @param data 加密后的密文
      * @param
-     * @throws Exception
      * @return 源字符串
+     * @throws Exception
      */
-    public static String decrypt(String data)  {
+    public static String decrypt(String data) {
-        try{
+        try {
-            String  encryptStr="";
+            String encryptStr = "";
-            if(StringHelper.isNotEmpty(data)){
+            if (StringHelper.isNotEmpty(data)) {
-                encryptStr=data.replace(" ","+");
+                encryptStr = data.replace(" ", "+");
             }
-            String key=sKey;
+            String key = sKey;
             byte[] sourceBytes = Base64.decodeBase64(encryptStr);
             byte[] keyBytes = key.getBytes(ENCODING);
             Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, "BC");
@@ -133,9 +135,9 @@ public class AesCbcUtils {
             cipher.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, KEY_ALGORITHM), iv);
             byte[] decoded = cipher.doFinal(sourceBytes);
             return new String(decoded, ENCODING);
-        }catch (Exception e){
+        } catch (Exception e) {
             log.info("------------------->请求加密参数不正确");
-            log.error(e.toString(),e);
+            log.error(e.toString(), e);
         }
         return null;
     }

src/main/java/com/bonus/boot/manager/manager/config/JwtUtils.java

@@ -0,0 +1,134 @@
+package com.bonus.boot.manager.manager.config;
+
+
+import cn.hutool.core.convert.Convert;
+import com.bonus.boot.manager.manager.entity.SecurityConstants;
+import com.bonus.boot.manager.manager.entity.TokenConstants;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Jwt工具类
+ *
+ * @author zys
+ */
+public class JwtUtils
+{
+    public static String secret = TokenConstants.SECRET;
+
+    /**
+     * 从数据声明生成令牌
+     *
+     * @param claims 数据声明
+     * @return 令牌
+     */
+    public static String createToken(Map<String, Object> claims)
+    {
+        String token = Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS512, secret).compact();
+        return token;
+    }
+
+    /**
+     * 从令牌中获取数据声明
+     *
+     * @param token 令牌
+     * @return 数据声明
+     */
+    public static Claims parseToken(String token)
+    {
+        return Jwts.parser().setSigningKey(secret).parseClaimsJws(token).getBody();
+    }
+
+    /**
+     * 根据令牌获取用户标识
+     * 
+     * @param token 令牌
+     * @return 用户ID
+     */
+    public static String getUserKey(String token)
+    {
+        Claims claims = parseToken(token);
+        return getValue(claims, SecurityConstants.USER_KEY);
+    }
+
+    /**
+     * 根据令牌获取用户标识
+     * 
+     * @param claims 身份信息
+     * @return 用户ID
+     */
+    public static String getUserKey(Claims claims)
+    {
+        return getValue(claims, SecurityConstants.USER_KEY);
+    }
+
+    /**
+     * 根据令牌获取用户ID
+     * 
+     * @param token 令牌
+     * @return 用户ID
+     */
+    public static String getUserId(String token)
+    {
+        Claims claims = parseToken(token);
+        return getValue(claims, SecurityConstants.DETAILS_USER_ID);
+    }
+
+    /**
+     * 根据身份信息获取用户ID
+     * 
+     * @param claims 身份信息
+     * @return 用户ID
+     */
+    public static String getUserId(Claims claims)
+    {
+        return getValue(claims, SecurityConstants.DETAILS_USER_ID);
+    }
+
+    /**
+     * 根据令牌获取用户名
+     * 
+     * @param token 令牌
+     * @return 用户名
+     */
+    public static String getUserName(String token)
+    {
+        Claims claims = parseToken(token);
+        return getValue(claims, SecurityConstants.DETAILS_USERNAME);
+    }
+
+    /**
+     * 根据身份信息获取用户名
+     * 
+     * @param claims 身份信息
+     * @return 用户名
+     */
+    public static String getUserName(Claims claims)
+    {
+        return getValue(claims, SecurityConstants.DETAILS_USERNAME);
+    }
+
+    /**
+     * 根据身份信息获取键值
+     * 
+     * @param claims 身份信息
+     * @param key 键
+     * @return 值
+     */
+    public static String getValue(Claims claims, String key)
+    {
+        return Convert.toStr(claims.get(key), "");
+    }
+
+    public static void main(String[] args) {
+        Map<String, Object> claims = new HashMap<>();
+        claims.put(SecurityConstants.DETAILS_USERNAME,"ysAdmin");
+        String token = createToken(claims);
+        System.out.println(token);
+    }
+
+}

src/main/java/com/bonus/boot/manager/manager/entity/SecurityConstants.java

@@ -0,0 +1,44 @@
+package com.bonus.boot.manager.manager.entity;
+
+/**
+ * 权限相关通用常量
+ * 
+ * @author zys
+ */
+public class SecurityConstants
+{
+    /**
+     * 用户ID字段
+     */
+    public static final String DETAILS_USER_ID = "user_id";
+
+    /**
+     * 用户名字段
+     */
+    public static final String DETAILS_USERNAME = "username";
+
+    /**
+     * 授权信息字段
+     */
+    public static final String AUTHORIZATION_HEADER = "authorization";
+
+    /**
+     * 请求来源
+     */
+    public static final String FROM_SOURCE = "from-source";
+
+    /**
+     * 内部请求
+     */
+    public static final String INNER = "inner";
+
+    /**
+     * 用户标识
+     */
+    public static final String USER_KEY = "user_key";
+
+    /**
+     * 登录用户
+     */
+    public static final String LOGIN_USER = "login_user";
+}

src/main/java/com/bonus/boot/manager/manager/entity/TokenConstants.java

@@ -0,0 +1,25 @@
+package com.bonus.boot.manager.manager.entity;
+
+/**
+ * Token的Key常量
+ * 
+ * @author zys
+ */
+public class TokenConstants
+{
+    /**
+     * 令牌自定义标识
+     */
+    public static final String AUTHENTICATION = "Authorization";
+
+    /**
+     * 令牌前缀
+     */
+    public static final String PREFIX = "Bearer ";
+
+    /**
+     * 令牌秘钥
+     */
+    public final static String SECRET = "abcdefghijklmnopqrstuvwxyz";
+
+}

src/main/java/com/bonus/boot/manager/manager/model/SysUser.java

@@ -24,6 +24,7 @@ public class SysUser extends BaseEntity<Long> {
 	private String ifHigher;//是否高职
 	private String specialJob;//特殊岗位id
 	private String cancelTime;
+	private String jwtToken;
 
 	public String getPersonnelType() {
 		return personnelType;
@@ -164,7 +165,15 @@ public class SysUser extends BaseEntity<Long> {
 		this.intro = intro;
 	}
 
-	public interface Status {
+    public String getJwtToken() {
+        return jwtToken;
+    }
+
+    public void setJwtToken(String jwtToken) {
+        this.jwtToken = jwtToken;
+    }
+
+    public interface Status {
 		int DISABLED = 0;
 		int VALID = 1;
 		int LOCKED = 2;

src/main/resources/application.properties

@@ -10,13 +10,13 @@ server.port=18089
 #\u8BBF\u95EE\u8DEF\u5F84
 server.servlet.context-path=/AppPeaManager
 #\u6B63\u5F0F\u5E93
-spring.datasource.url=jdbc:mysql://192.168.1.8:23342/yn_tj_appoint?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true
+#spring.datasource.url=jdbc:mysql://192.168.1.8:23342/yn_tj_appoint?useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true
-spring.datasource.username=root
-spring.datasource.password=Bonus@yntj123!
-#\u6D4B\u8BD5\u5E93
-#spring.datasource.url=jdbc:mysql://192.168.0.14:1115/cs_yn?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
 #spring.datasource.username=root
-#spring.datasource.password=xbzadmin@szedu14!
+#spring.datasource.password=Bonus@yntj123!
+#\u6D4B\u8BD5\u5E93
+spring.datasource.url=jdbc:mysql://192.168.0.14:1115/yn_tj_appoint?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
+spring.datasource.username=root
+spring.datasource.password=xbzadmin@szedu14!
 #\u672C\u5730\u5E93
 #spring.datasource.url=jdbc:mysql://192.168.0.14:1115/yn_tj_appoint?useSSL=false&allowMultiQueries=true&useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai
 #spring.datasource.username=root
@@ -38,13 +38,13 @@ mybatis.type-aliases-package=com.bonus.boot.manager.*.entity
 #spring.redis.port=6379
 #spring.redis.password=Ynsmz@186redis!
 #\u6D4B\u8BD5
-spring.redis.host=192.168.1.8
+#spring.redis.host=192.168.1.8
-spring.redis.port=23347
+#spring.redis.port=23347
-spring.redis.password=Bonus@yntj123!
+#spring.redis.password=Bonus@yntj123!
 #\u672C\u5730
-#spring.redis.host=127.0.0.1
+spring.redis.host=127.0.0.1
-#spring.redis.port=6379
+spring.redis.port=6379
-#spring.redis.password=
+spring.redis.password=
 # \u65E5\u5FD7
 logging.config=classpath:logback-boot.xml
 log.level.root=info

src/main/resources/mappers/app/AppMapper.xml

@@ -399,7 +399,18 @@
         where
             is_active='1'
     </select>
-
+    <select id="getOccupationHospital" resultType="com.bonus.boot.manager.app.beans.HospitalBean">
+        SELECT hospital       AS hospitalName,
+               id,
+               address,
+               business_start AS businessStart,
+               business_end   AS businessEnd,
+               responsible,
+               tel_phone      AS telPhone
+        FROM pm_base_hospital
+        where is_active = '1'
+          AND id = 35
+    </select>
 
 
 </mapper>