i国网:增加sign校验

This commit is contained in:
sxu 2025-07-09 17:20:07 +08:00
parent 3aa7edc0c7
commit 8cdcbe03ac
1 changed files with 12 additions and 5 deletions

View File

@ -5,24 +5,28 @@ import com.bonus.canteen.core.account.constants.AccStatusEnum;
import com.bonus.canteen.core.account.domain.param.AccountInfoQueryParam;
import com.bonus.canteen.core.account.domain.vo.AccInfoDetailsVO;
import com.bonus.canteen.core.account.service.IAccInfoService;
import com.bonus.canteen.core.common.utils.HeaderFetchUtil;
import com.bonus.canteen.core.zhhq.domain.AccountInfoDTO;
import com.bonus.canteen.core.zhhq.domain.AccountInfoVO;
import com.bonus.canteen.core.zhhq.domain.WeekRecipeDTO;
import com.bonus.canteen.core.zhhq.service.IZhhqCookRecipeService;
import com.bonus.common.core.exception.ServiceException;
import com.bonus.common.core.utils.encryption.Sm4Utils;
import com.bonus.common.core.web.controller.BaseController;
import com.bonus.common.core.web.domain.AjaxResult;
import com.bonus.common.houqin.constant.GlobalConstants;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.bind.annotation.*;
import javax.validation.Valid;
import java.math.BigDecimal;
import java.util.List;
import java.util.Map;
import static com.bonus.canteen.core.common.utils.DateUtil.getCurrentDateStr;
/**
* 账户信息Controller
@ -40,7 +44,10 @@ public class ZhhqAccountInfoController extends BaseController {
@ApiOperation("获取员工账户信息")
@PostMapping({"/getBalance"})
public AjaxResult getBalance(@RequestBody @Valid AccountInfoDTO dto) {
public AjaxResult getBalance(@RequestHeader Map<String, String> requestHeader, @RequestBody @Valid AccountInfoDTO dto) {
if (!(GlobalConstants.JYY + getCurrentDateStr()).equals(Sm4Utils.decrypt(HeaderFetchUtil.getSign(requestHeader)))) {
throw new ServiceException("访问缺少认证信息");
}
try {
AccountInfoQueryParam param = new AccountInfoQueryParam();
param.setUserCode(dto.getEmpCode());