From 8cdcbe03ac18b16ca1161d7f90e86229249e0910 Mon Sep 17 00:00:00 2001 From: sxu <602087911@qq.com> Date: Wed, 9 Jul 2025 17:20:07 +0800 Subject: [PATCH] =?UTF-8?q?i=E5=9B=BD=E7=BD=91=EF=BC=9A=E5=A2=9E=E5=8A=A0s?= =?UTF-8?q?ign=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/ZhhqAccountInfoController.java | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/zhhq/controller/ZhhqAccountInfoController.java b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/zhhq/controller/ZhhqAccountInfoController.java index ebf0a3c..8ff6991 100644 --- a/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/zhhq/controller/ZhhqAccountInfoController.java +++ b/bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/zhhq/controller/ZhhqAccountInfoController.java @@ -5,24 +5,28 @@ import com.bonus.canteen.core.account.constants.AccStatusEnum; import com.bonus.canteen.core.account.domain.param.AccountInfoQueryParam; import com.bonus.canteen.core.account.domain.vo.AccInfoDetailsVO; import com.bonus.canteen.core.account.service.IAccInfoService; +import com.bonus.canteen.core.common.utils.HeaderFetchUtil; import com.bonus.canteen.core.zhhq.domain.AccountInfoDTO; import com.bonus.canteen.core.zhhq.domain.AccountInfoVO; import com.bonus.canteen.core.zhhq.domain.WeekRecipeDTO; import com.bonus.canteen.core.zhhq.service.IZhhqCookRecipeService; +import com.bonus.common.core.exception.ServiceException; +import com.bonus.common.core.utils.encryption.Sm4Utils; import com.bonus.common.core.web.controller.BaseController; import com.bonus.common.core.web.domain.AjaxResult; +import com.bonus.common.houqin.constant.GlobalConstants; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.web.bind.annotation.PostMapping; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.*; import javax.validation.Valid; import java.math.BigDecimal; import java.util.List; +import java.util.Map; + +import static com.bonus.canteen.core.common.utils.DateUtil.getCurrentDateStr; /** * 账户信息Controller @@ -40,7 +44,10 @@ public class ZhhqAccountInfoController extends BaseController { @ApiOperation("获取员工账户信息") @PostMapping({"/getBalance"}) - public AjaxResult getBalance(@RequestBody @Valid AccountInfoDTO dto) { + public AjaxResult getBalance(@RequestHeader Map requestHeader, @RequestBody @Valid AccountInfoDTO dto) { + if (!(GlobalConstants.JYY + getCurrentDateStr()).equals(Sm4Utils.decrypt(HeaderFetchUtil.getSign(requestHeader)))) { + throw new ServiceException("访问缺少认证信息"); + } try { AccountInfoQueryParam param = new AccountInfoQueryParam(); param.setUserCode(dto.getEmpCode());