diff --git a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java index 9bf1c59..38e6e09 100644 --- a/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java +++ b/src/main/java/com/chinaweal/aiccs/org/controller/OAuth2Controller.java @@ -23,6 +23,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.util.DigestUtils; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; @@ -52,6 +53,8 @@ public class OAuth2Controller extends BaseController { @Autowired private IImsUserService iImsUserService; @Autowired + private IUserSupInfoService userSupInfoService; + @Autowired private OrgUM orgUM; @Autowired private IUnifiedAuthService unifiedAuthService; @@ -642,12 +645,19 @@ public class OAuth2Controller extends BaseController { } // 查询绑定的账号 String usercode = one.getUsercode(); - TUsers tuser = usersService.lambdaQuery().eq(TUsers::getImsusercode, usercode).last("limit 1").one(); - if (tuser == null) { + ImsUser imsUser = iImsUserService.getById(usercode); + if (imsUser == null) { return ResponseEntity.status(HttpStatus.FOUND) .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8"))) .build(); } + UserSupInfo userSup = userSupInfoService.lambdaQuery().eq(UserSupInfo::getIdcardAbstr, DigestUtils.md5DigestAsHex(imsUser.getIdCard().getBytes())).one(); + if (userSup == null) { + return ResponseEntity.status(HttpStatus.FOUND) + .location(java.net.URI.create("/integration/#/login?requestId=" + requestId + "&error=" + URLEncoder.encode("无匹配的综合监管用户,请联系系统管理员", "UTF-8"))) + .build(); + } + TUsers tuser = usersService.getById(userSup.getUserid()); RestResult loginResult = userBaseService.login(tuser.getUsername(), "ChinaWeal_2026"); AICUser user = loginResult.getData(); diff --git a/src/main/java/com/chinaweal/aiccs/org/controller/TUsersappController.java b/src/main/java/com/chinaweal/aiccs/org/controller/TUsersappController.java index ad28eec..76c2794 100644 --- a/src/main/java/com/chinaweal/aiccs/org/controller/TUsersappController.java +++ b/src/main/java/com/chinaweal/aiccs/org/controller/TUsersappController.java @@ -2,9 +2,10 @@ package com.chinaweal.aiccs.org.controller; import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; import com.chinaweal.aiccs.common.util.RSAUTil; +import com.chinaweal.aiccs.common.util.SM4Utils; import com.chinaweal.aiccs.common.util.StringUtils; -import com.chinaweal.aiccs.org.entity.TUsersapp; -import com.chinaweal.aiccs.org.service.TUsersappService; +import com.chinaweal.aiccs.org.entity.UserSupInfo; +import com.chinaweal.aiccs.org.service.IUserSupInfoService; import com.chinaweal.aiccs.redis.RedisService; import com.chinaweal.youfool.framework.springboot.exception.custom.BusinessException; import com.chinaweal.youfool.framework.springboot.rest.RestResult; @@ -16,12 +17,14 @@ import io.swagger.annotations.ApiParam; import lombok.extern.slf4j.Slf4j; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; +import org.springframework.util.DigestUtils; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import java.nio.charset.StandardCharsets; import java.security.KeyPair; import java.security.KeyPairGenerator; import java.security.NoSuchAlgorithmException; @@ -40,20 +43,22 @@ import java.util.Base64; public class TUsersappController { @Autowired - private TUsersappService tUsersappService; + private IUserSupInfoService userSupInfoService; @Resource private RedisService redisService; @Value("${redis-usersapp-privatekey.expire:300}") private int privateKeyExpire; + @Value("${oauth2.sm4.key}") + private String sm4Key; private static final String REDIS_PRIVATE_KEY_PREFIX = "usersapp:rsa:privatekey:"; private static final String RSA_COOKIE_KEY = "usersapprsa"; /** - * 接口1:检查用户对应的TUsersapp中有没有身份证号和手机号码的记录 + * 接口1:检查用户对应的UserSupInfo中有没有身份证号和手机号码的记录 * * @param request 请求 * @return true-有完整记录,false-没有完整记录 @@ -65,9 +70,9 @@ public class TUsersappController { if (StringUtils.isBlank(userId)) { return RestResult.error(com.chinaweal.youfool.framework.springboot.rest.ResultCode.USER_NOT_LOGGED_IN); } - TUsersapp byId = tUsersappService.getById(userId); + UserSupInfo byId = userSupInfoService.getById(userId); - return RestResult.ok(byId != null && StringUtils.isNotBlank(byId.getMobile()) && StringUtils.isNotBlank(byId.getIdentityno())); + return RestResult.ok(byId != null && StringUtils.isNotBlank(byId.getMobileEnc()) && StringUtils.isNotBlank(byId.getIdcardEnc())); } /** @@ -75,7 +80,8 @@ public class TUsersappController { * 公钥返回给前端,私钥存储在Redis中 * Redis的key后缀使用cookie中的值 * - * @param request 请求 + * @param request 请求 + * @param response response * @return 公钥 */ @GetMapping("/getPublicKey") @@ -111,9 +117,10 @@ public class TUsersappController { /** * 接口3:用户账号信息设置接口 * 用户传入身份证号(RSA密文)、手机号(RSA密文) - * 将证件号和手机号解密后,查询TUsersapp表,确保数据是唯一的 + * 使用RSA解密后得到明文,然后使用SM4加密存储到数据库,同时计算MD5摘要用于去重 + * 查询UserSupInfo表,确保数据是唯一的 * 如果不唯一,则抛出BusinessException说明信息已被占用 - * 否则创建或更新TUsersapp的记录 + * 否则创建或更新UserSupInfo的记录 * * @param identityNoEncrypted 身份证号密文 * @param mobileEncrypted 手机号密文 @@ -144,38 +151,50 @@ public class TUsersappController { } try { - // 解密身份证号和手机号 + // 使用RSA解密前端传来的数据 String identityNo = RSAUTil.decrypt(identityNoEncrypted, privateKeyString); String mobile = RSAUTil.decrypt(mobileEncrypted, privateKeyString); - // 查询是否存在相同的身份证号或手机号(排除当前用户) - LambdaQueryWrapper wrapper = new LambdaQueryWrapper<>(); - wrapper.and(w -> w - .eq(TUsersapp::getIdentityno, identityNo) - .or() - .eq(TUsersapp::getMobile, mobile) - ).ne(TUsersapp::getUserid, userId); + // 计算MD5摘要(用于去重) + String identityNoAbstr = DigestUtils.md5DigestAsHex(identityNo.getBytes(StandardCharsets.UTF_8)); + String mobileAbstr = DigestUtils.md5DigestAsHex(mobile.getBytes(StandardCharsets.UTF_8)); - long count = tUsersappService.count(wrapper); + // 查询是否存在相同的身份证号或手机号(排除当前用户) + LambdaQueryWrapper wrapper = new LambdaQueryWrapper<>(); + wrapper.and(w -> w + .eq(UserSupInfo::getIdcardAbstr, identityNoAbstr) + .or() + .eq(UserSupInfo::getMobileAbstr, mobileAbstr) + ).ne(UserSupInfo::getUserid, userId); + + long count = userSupInfoService.count(wrapper); if (count > 0) { throw new BusinessException("身份证号或手机号已被其他用户占用"); } - // 查询当前用户的TUsersapp记录 - TUsersapp existUser = tUsersappService.getById(userId); + // 使用SM4加密后存储到数据库 + String identityNoEnc = SM4Utils.encrypt(identityNo, sm4Key); + String mobileEnc = SM4Utils.encrypt(mobile, sm4Key); + + // 查询当前用户的UserSupInfo记录 + UserSupInfo existUser = userSupInfoService.getById(userId); if (existUser != null) { // 更新记录 - existUser.setIdentityno(identityNo); - existUser.setMobile(mobile); - tUsersappService.updateById(existUser); + existUser.setIdcardEnc(identityNoEnc); + existUser.setIdcardAbstr(identityNoAbstr); + existUser.setMobileEnc(mobileEnc); + existUser.setMobileAbstr(mobileAbstr); + userSupInfoService.updateById(existUser); } else { // 创建新记录 - TUsersapp newUser = new TUsersapp(); + UserSupInfo newUser = new UserSupInfo(); newUser.setUserid(userId); - newUser.setIdentityno(identityNo); - newUser.setMobile(mobile); - tUsersappService.save(newUser); + newUser.setIdcardEnc(identityNoEnc); + newUser.setIdcardAbstr(identityNoAbstr); + newUser.setMobileEnc(mobileEnc); + newUser.setMobileAbstr(mobileAbstr); + userSupInfoService.save(newUser); } // 删除Redis中的私钥 @@ -197,7 +216,6 @@ public class TUsersappController { Cookie[] cookies = request.getCookies(); if (cookies != null) { for (Cookie cookie : cookies) { - // 根据实际情况修改cookie名称 if (cookieKey.equals(cookie.getName())) { return cookie.getValue(); } diff --git a/src/main/java/com/chinaweal/aiccs/org/entity/UserSupInfo.java b/src/main/java/com/chinaweal/aiccs/org/entity/UserSupInfo.java new file mode 100644 index 0000000..2a1c8ac --- /dev/null +++ b/src/main/java/com/chinaweal/aiccs/org/entity/UserSupInfo.java @@ -0,0 +1,71 @@ +package com.chinaweal.aiccs.org.entity; + +import com.baomidou.mybatisplus.annotation.TableField; +import com.baomidou.mybatisplus.annotation.TableId; +import com.baomidou.mybatisplus.annotation.TableName; +import com.baomidou.mybatisplus.extension.activerecord.Model; +import io.swagger.annotations.ApiModel; +import io.swagger.annotations.ApiModelProperty; +import lombok.Data; +import lombok.EqualsAndHashCode; +import lombok.experimental.Accessors; + +import java.io.Serializable; + +/** + *

+ * 用户补充信息 + *

+ * + * @author system + * @since 2026-03-26 + */ +@Data +@EqualsAndHashCode(callSuper = false) +@Accessors(chain = true) +@TableName(value = "USER_SUP_INFO", schema = "CXAICORG") +@ApiModel("用户补充信息") +public class UserSupInfo extends Model { + + private static final long serialVersionUID = 1L; + + /** + * 用户id + */ + @TableId("USERID") + @ApiModelProperty("用户id") + private String userid; + + /** + * 手机号(密文) + */ + @TableField("MOBILE_ENC") + @ApiModelProperty("手机号(密文)") + private String mobileEnc; + + /** + * 手机号(MD5的摘要) + */ + @TableField("MOBILE_ABSTR") + @ApiModelProperty("手机号(MD5的摘要)") + private String mobileAbstr; + + /** + * 身份证号(密文) + */ + @TableField("IDCARD_ENC") + @ApiModelProperty("身份证号(密文)") + private String idcardEnc; + + /** + * 身份证号(MD5摘要) + */ + @TableField("IDCARD_ABSTR") + @ApiModelProperty("身份证号(MD5摘要)") + private String idcardAbstr; + + @Override + protected Serializable pkVal() { + return this.userid; + } +} diff --git a/src/main/java/com/chinaweal/aiccs/org/mapper/UserSupInfoMapper.java b/src/main/java/com/chinaweal/aiccs/org/mapper/UserSupInfoMapper.java new file mode 100644 index 0000000..5d636ad --- /dev/null +++ b/src/main/java/com/chinaweal/aiccs/org/mapper/UserSupInfoMapper.java @@ -0,0 +1,15 @@ +package com.chinaweal.aiccs.org.mapper; + +import com.baomidou.mybatisplus.core.mapper.BaseMapper; +import com.chinaweal.aiccs.org.entity.UserSupInfo; + +/** + *

+ * Mapper 接口 + *

+ * + * @author system + * @since 2026-03-26 + */ +public interface UserSupInfoMapper extends BaseMapper { +} diff --git a/src/main/java/com/chinaweal/aiccs/org/service/IUserSupInfoService.java b/src/main/java/com/chinaweal/aiccs/org/service/IUserSupInfoService.java new file mode 100644 index 0000000..2a1a0d2 --- /dev/null +++ b/src/main/java/com/chinaweal/aiccs/org/service/IUserSupInfoService.java @@ -0,0 +1,15 @@ +package com.chinaweal.aiccs.org.service; + +import com.baomidou.mybatisplus.extension.service.IService; +import com.chinaweal.aiccs.org.entity.UserSupInfo; + +/** + *

+ * 用户补充信息 服务类 + *

+ * + * @author system + * @since 2026-03-26 + */ +public interface IUserSupInfoService extends IService { +} diff --git a/src/main/java/com/chinaweal/aiccs/org/service/impl/UserSupInfoServiceImpl.java b/src/main/java/com/chinaweal/aiccs/org/service/impl/UserSupInfoServiceImpl.java new file mode 100644 index 0000000..b6bf5a8 --- /dev/null +++ b/src/main/java/com/chinaweal/aiccs/org/service/impl/UserSupInfoServiceImpl.java @@ -0,0 +1,19 @@ +package com.chinaweal.aiccs.org.service.impl; + +import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; +import com.chinaweal.aiccs.org.entity.UserSupInfo; +import com.chinaweal.aiccs.org.mapper.UserSupInfoMapper; +import com.chinaweal.aiccs.org.service.IUserSupInfoService; +import org.springframework.stereotype.Service; + +/** + *

+ * 用户补充信息 服务实现类 + *

+ * + * @author system + * @since 2026-03-26 + */ +@Service +public class UserSupInfoServiceImpl extends ServiceImpl implements IUserSupInfoService { +} diff --git a/src/main/resources/mybatis/mapper/aicorg/org/UserSupInfoMapper.xml b/src/main/resources/mybatis/mapper/aicorg/org/UserSupInfoMapper.xml new file mode 100644 index 0000000..ff0e9c0 --- /dev/null +++ b/src/main/resources/mybatis/mapper/aicorg/org/UserSupInfoMapper.xml @@ -0,0 +1,19 @@ + + + + + + + + + + + + + + + + USERID, MOBILE_ENC, MOBILE_ABSTR, IDCARD_ENC, IDCARD_ABSTR + + +