Merge branch 'dev-login-20200323' into 'release'

Dev login 20200323 reviewCoder by zhaopeijun See merge request !15

Merge branch 'dev-login-20200323' into 'release'
Dev login 20200323 reviewCoder by zhaopeijun See merge request !15
6f58dc27 · Peijun.zhao · 74b22cbe · e7a47d18 · 6f58dc27 · 6f58dc27
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -58,6 +58,7 @@
            <groupId>com.pica.cloud.foundation</groupId>
            <artifactId>pica-cloud-service-starter</artifactId>
            <version>1.2.6-SNAPSHOT</version>
+            <!--<version>1.3.2.5</version>-->
            <exclusions>
                <exclusion>
                    <artifactId>pica-cloud-redis</artifactId>
@@ -167,7 +168,7 @@
        <dependency>
            <groupId>com.pica.cloud.riskcontrol</groupId>
            <artifactId>pica-cloud-riskcontrol-client</artifactId>
-            <version>1.0.2</version>
+            <version>1.0.3.1</version>
        </dependency>

        <!-- apple identifyToken校验 -->
@@ -188,6 +189,18 @@
            <scope>test</scope>
        </dependency>

+        <dependency>
+            <groupId>com.pica.cloud.foundation</groupId>
+            <artifactId>pica-cloud-proof-client</artifactId>
+            <version>1.0.0</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>io.swagger</groupId>
+                    <artifactId>swagger-annotations</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+

    </dependencies>


--- a/server/src/main/java/com/pica/cloud/account/account/server/constants/Constants.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/constants/Constants.java
@@ -66,4 +66,13 @@ public class Constants {
    /** 注册逻辑幂等处理缓存key */
    public static final String REPEAT_REGISTER_PREFIX = "repeat-register—";

+    /** h5拼图缓存key */
+    public static final String JIGSAW_CODE_KEY = "jigsaw-code-{mobile}";
+
+    /** h5拼图缓存时长*/
+    public static final int JIGSAW_CODE_EXPIRE_SECONDS = 60;
+
+    /** 风控记录过数据 */
+    public static final String RC_RECORDED_DATA_KEY = "risk-{mobile}-{ip}";
+
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/AccountBaseController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/AccountBaseController.java
@@ -131,7 +131,10 @@ public abstract class AccountBaseController extends BaseController {

        String postData = JSON.toJSONString(picapSendMsgModel);
        logger.info("sendMobileTo-mobile:{}, senderId-{}",mobile, senderId);
+        long start = System.currentTimeMillis();
        String jsonObj = HttpClientUtil.httpExecute(messageUrl, postData);
+        long end1 = System.currentTimeMillis();
+        logger.info("sendMobileMessage-send message used {} million seconds", end1-start);
        logger.info("sendMobileTo-{}", jsonObj);

        if (StringUtils.isEmpty(jsonObj)) {

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/AccountController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/AccountController.java
@@ -189,20 +189,23 @@ public class AccountController extends AccountBaseController {

    @ApiOperation("H5端一键登录功能,无需完善信息")
    @PostMapping("/login-register/v1")
+//    @RepeatForbidden(uniqueKey = "content") 当前版本存在性能问题 luo优化后上
    public PicaResponse loginRegister(@RequestBody EncryptEntity entity) throws Exception {
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
        this.checkMobilePhone(request.getMobile());
        AccountReq req = new AccountReq();
        req.setMobilePhone(request.getMobile());
-        req.setPassword(null);//登录或注册，只能使用验证码
+        //  登录或注册，只能使用验证码
+        req.setPassword(null);
        req.setAuthCode(request.getAuthCode());
        req.setFlag("0");
        req.setUnionid(request.getUnionId());

-        //判断账号是否已经存在
+        //  判断账号是否已经存在
        Account account = accountService.getByMobilePhone(req.getMobilePhone());
        if (account != null) {
-            PicaResponse response = this.login(req);  //登录
+            //  登录
+            PicaResponse response = this.login(req);
            if (response.getData() != null) {
                LoginResult result = new LoginResult();
                result.setToken(response.getData().toString());
@@ -210,7 +213,9 @@ public class AccountController extends AccountBaseController {
            }
            return response;
        } else {
-            return this.register(req);  //注册
+            //  注册
+            PicaResponse<LoginResult> result = this.register(req);
+            return result;
        }
    }


--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
@@ -107,12 +107,13 @@ public class AutoCodeController extends AccountBaseController {
        //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
        //  4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
        AccountUtils.checkMobilePhone(request.getMobile());

        if (request.getBizType() != null && request.getBizType().equals(1)) {
            logger.info("app-rcValidate-start");
            //  调用风控接口
-            authCodeService.rcValidate(req, request, super.getDeviceInfo());
+            authCodeService.rcValidate(req, request, super.getDeviceInfo(), super.getSourceType());
            //  发送短信验证码
            processSysCode(request.getMobile(), request.getFlag());
            return PicaResponse.toResponse();
@@ -128,32 +129,24 @@ public class AutoCodeController extends AccountBaseController {
    @ApiOperation("获取短信验证码,无需图形验证码,如h5端")
    @PostMapping(value = "/H5/authCode")
    public PicaResponse getH5AuthCode(@RequestBody EncryptEntity entity, HttpServletRequest req) throws Exception {
-        //  如果该接口已关闭(缓存key存在)，则直接返回
-        if (cacheClient.exists(Constants.AUTHCODE_H5_SWITCH_KEY)) {
-            logger.info("getH5AuthCode-interface-return");
-            throw new PicaWarnException(AccountExceptionEnum.PICA_H5_AUTH_CODE_INTERFACE_OFFED.getCode(),
-                    AccountExceptionEnum.PICA_H5_AUTH_CODE_INTERFACE_OFFED.getMessage());
-        }
-
        //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
        //  4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
        AccountUtils.checkMobilePhone(request.getMobile());

-        if (request.getBizType() != null && request.getBizType().equals(1)) {
-            logger.info("h5-rcValidate-start");
-            //  调用风控接口
-            authCodeService.rcValidate(req, request, super.getDeviceInfo());
-            //  发送短信验证码
-            processSysCode(request.getMobile(), request.getFlag());
-            return PicaResponse.toResponse();
-        } else {
-            //  h5(发送短信验证码)
-            processSysCode(request.getMobile(), request.getFlag());
-            //  记录风控数据
+        //  拼图验证
+        int recordData = authCodeService.validateJigsawCode(req, request);
+
+        //  发送短信验证码
+        processSysCode(request.getMobile(), request.getFlag());
+
+        if (recordData != -1) {
+            //  记录风控数据（记录是h5端）
            authCodeService.recordRcData(req, request, super.getDeviceInfo("device_ip"));
-            return PicaResponse.toResponse();
        }
+
+        return PicaResponse.toResponse();
    }

    /**
@@ -169,6 +162,7 @@ public class AutoCodeController extends AccountBaseController {
    public PicaResponse<String> getAuthCodeWithCaptcha(@RequestBody EncryptEntity entity,
                                                       HttpServletRequest req) throws Exception {
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
        String mobilePhone = request.getMobile();
        String flag = request.getFlag() + "";
        String captchaToken = request.getCaptchaToken();
@@ -197,7 +191,13 @@ public class AutoCodeController extends AccountBaseController {
        return PicaResponse.toResponse(StringUtils.EMPTY);
    }

-
+    @ApiOperation("获取拼图码校验")
+    @PostMapping("/jigsawCode")
+    public PicaResponse getJigsawCode(@RequestBody EncryptEntity entity,
+                                      HttpServletRequest req) throws Exception {
+        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        return PicaResponse.toResponse(authCodeService.getJigsawCode(req, super.getSourceType(), request.getMobile()));
+    }

    @ApiOperation("微信获取验证码")
    @PostMapping(value = "/authCode/wechat")
@@ -253,6 +253,7 @@ public class AutoCodeController extends AccountBaseController {
     * @param authCodeKeySecure
     */
    private void processSendAuthCode(String mobilePhone, Integer flag, String authCodeKeySecure) {
+        long start = System.currentTimeMillis();
        String authCode = CommonUtil.createValidateCode();
        String message = "您的验证码是" + authCode + ",在10分钟内有效。如非本人操作，请忽略本短信！";
        Integer accountIdByMobilePhone = accountService.getAccountIdByMobilePhone(mobilePhone);
@@ -265,7 +266,11 @@ public class AutoCodeController extends AccountBaseController {
        cacheClient.set(authCodeKeySecure, System.currentTimeMillis(), 60);
        //处理验证码原子性的问题
        cacheClient.set(RegisterCodeKeyUtils.getRegisterKey(mobilePhone,authCode), 100, 600);
+        long end1 = System.currentTimeMillis();
+        logger.info("processSendAuthCode-1 used {} million seconds", end1-start);
        super.sendMobileMessage(mobilePhone, message, senderId);
+        long end2 = System.currentTimeMillis();
+        logger.info("processSendAuthCode-2 used {} million seconds", end2-start);
    }

    //获取验证码redis key

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
@@ -217,6 +217,7 @@ public class LoginController extends AccountBaseController {
    @PostMapping("/unifiedVerification")
    public PicaResponse unifiedVerification(@RequestBody EncryptEntity entity) throws Exception{
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
        loginService.preLoginValidate(request);
        return PicaResponse.toResponse();
    }

--- a/server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java
@@ -47,9 +47,14 @@ public enum AccountExceptionEnum {
    PICA_RC_BLACKLIST("216538", "发送成功"),
    PICA_RC_DAY_LIMIT("216539", "今日获取验证码次数已超过上限，请使用账户密码登录"),
    PICA_RC_60_SECOND_LIMIT("216540", "验证码发送频率过高，请{remainTime}秒后再试"),
-    PICA_H5_AUTH_CODE_INTERFACE_OFFED("216541", "该功能已关闭"),
    PICA_MESSAGE_SERVICE_CALL_FAIL("216542", "短信发送失败"),
    PICA_BIND_WECHAT_FAIL("216543", "绑定微信失败"),
+    PICA_CAP_CODE_ERROR("216544", "拼图验证失败"),
+    PICA_CAP_GET_INVOKE_ERROR("216545", "拼图获取失败"),
+    PICA_RC_BUSINESS_ERROR("216546", "参数格式错误"),
+    PICA_MOBILE_NOT_REGIST_H5("216547", "该手机号尚未设置密码，设置密码请前往云鹊医APP，或使用其他方式登录。"),
+    PICA_MOBILE_NOT_SETED_PASSWORD_H5("216548", "该手机号尚未设置密码，设置密码请前往云鹊医APP，或使用其他方式登录。"),
+    PICA_PWD_MISMATCH_5_H5("216549", "该账号密码错误次数已达上限请24小时后再试，或请使用其他登录方式"),


    xxx_xxx("","");

--- a/server/src/main/java/com/pica/cloud/account/account/server/enums/RcRepTypeEnum.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/enums/RcRepTypeEnum.java
@@ -11,6 +11,7 @@ package com.pica.cloud.account.account.server.enums;
 public enum RcRepTypeEnum {

    // 风控禁止发送
+    RC_ALLOW_SEND_MSG("1", "允许发送"),
    RC_SEND_FAIL("2", "发送失败"),
    RC_TRIGGER("3", "需要触发风控滑动验证"),
    //  账号、IP、设备在黑名单内，前端提示发送成功,后端不发送短信

--- a/server/src/main/java/com/pica/cloud/account/account/server/model/JigsawCodeModel.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/model/JigsawCodeModel.java
+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.model;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * @ClassName AuthCodeReq
+ * @Description h5拼图对象
+ * @Author Chongwen.jiang
+ * @Date 2020/3/23 13:29
+ * @ModifyDate 2020/3/23 13:29
+ * @Version 1.0
+ */
+@ApiModel(value = "JigsawCodeModel", description = "h5拼图对象")
+public class JigsawCodeModel {
+
+    @ApiModelProperty(value = "背景图")
+    private String backImage;
+
+    @ApiModelProperty(value = "滑动图")
+    private String slidingImage;
+
+    @ApiModelProperty(value = "y坐标")
+    private Integer yHeight;
+
+    @ApiModelProperty(value = "时间戳")
+    private String capCode;
+
+    public String getBackImage() {
+        return backImage;
+    }
+
+    public void setBackImage(String backImage) {
+        this.backImage = backImage;
+    }
+
+    public String getSlidingImage() {
+        return slidingImage;
+    }
+
+    public void setSlidingImage(String slidingImage) {
+        this.slidingImage = slidingImage;
+    }
+
+    public Integer getyHeight() {
+        return yHeight;
+    }
+
+    public void setyHeight(Integer yHeight) {
+        this.yHeight = yHeight;
+    }
+
+    public String getCapCode() {
+        return capCode;
+    }
+
+    public void setCapCode(String capCode) {
+        this.capCode = capCode;
+    }
+
+}
+
--- a/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
@@ -46,6 +46,10 @@ public class BaseRequest {
    private String appleId;
    @ApiModelProperty("apple用户信息(json字符串)")
    private String info;
+    @ApiModelProperty("capCode")
+    private String capCode;
+    @ApiModelProperty("滑动图片的x位置")
+    private int xPos;

    public String getCaptchaToken() {
        return captchaToken;
@@ -206,4 +210,20 @@ public class BaseRequest {
    public void setDevice_token(String device_token) {
        this.device_token = device_token;
    }
+
+    public String getCapCode() {
+        return capCode;
+    }
+
+    public void setCapCode(String capCode) {
+        this.capCode = capCode;
+    }
+
+    public int getxPos() {
+        return xPos;
+    }
+
+    public void setxPos(int xPos) {
+        this.xPos = xPos;
+    }
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/AuthCodeService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/AuthCodeService.java
 // Copyright 2016-2101 Pica.
 package com.pica.cloud.account.account.server.service;

+import com.pica.cloud.account.account.server.model.JigsawCodeModel;
 import com.pica.cloud.account.account.server.req.BaseRequest;

 import javax.servlet.http.HttpServletRequest;
@@ -15,8 +16,13 @@ import javax.servlet.http.HttpServletRequest;
 */
 public interface AuthCodeService {

-    void rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr);
+    int rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr, Integer sourceType);

    void recordRcData(HttpServletRequest req, BaseRequest baseRequest, String deviceIp);

+    int validateJigsawCode(HttpServletRequest request, BaseRequest req);
+
+    JigsawCodeModel getJigsawCode(HttpServletRequest request, Integer sourceType, String mobile);
+
+
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/AuthCodeServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/AuthCodeServiceImpl.java
@@ -3,18 +3,25 @@ package com.pica.cloud.account.account.server.service.impl;

 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONException;
+import com.alibaba.fastjson.JSONObject;
 import com.pica.cloud.account.account.server.constants.Constants;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.RcRepTypeEnum;
+import com.pica.cloud.account.account.server.enums.SourceTypeEnum;
 import com.pica.cloud.account.account.server.req.BaseRequest;
+import com.pica.cloud.account.account.server.model.JigsawCodeModel;
 import com.pica.cloud.account.account.server.service.AuthCodeService;
 import com.pica.cloud.account.account.server.util.AESUtil;
+import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.IPUtil;
 import com.pica.cloud.account.account.server.util.PICAPDeviceInfo;
 import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.entity.PicaResultCode;
 import com.pica.cloud.foundation.entity.PicaWarnException;
 import com.pica.cloud.foundation.redis.ICacheClient;
+import com.pica.cloud.foundation.utils.utils.StringUtil;
+import com.pica.cloud.proof.client.SliderImageService;
+import com.pica.cloud.proof.contract.request.SliderImageRequest;
 import com.pica.cloud.riskcontrol.riskcontrol.client.CheckCodeClient;
 import com.pica.cloud.riskcontrol.riskcontrol.common.req.CheckcodeRiskReq;
 import com.pica.cloud.riskcontrol.riskcontrol.common.resp.CheckcodeRiskResp;
@@ -51,6 +58,9 @@ public class AuthCodeServiceImpl implements AuthCodeService {
    @Qualifier("accountThreadPool")
    private ThreadPoolTaskExecutor threadPoolTaskExecutor;

+    @Autowired
+    private SliderImageService sliderImageService;
+

    /**
     * @Description 调用风控接口
@@ -61,7 +71,8 @@ public class AuthCodeServiceImpl implements AuthCodeService {
     * @Return com.pica.cloud.account.account.server.resp.UnifiedVerificationResp
     */
    @Override
-    public void rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr) {
+    public int rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr, Integer sourceType) {
+        int needCheck = 1;
        //  调用风控接口
        PicaResponse picaResponse = null;
        try {
@@ -73,9 +84,10 @@ public class AuthCodeServiceImpl implements AuthCodeService {
            rcReq.setIp(publicIp);
            rcReq.setDeviceIp(deviceInfo.getDevice_ip());
            rcReq.setDeviceId(deviceToken);
+            rcReq.setSourceType(sourceType);
            logger.info("rc-checkcodeRisk-req:{}", JSON.toJSONString(rcReq));
            picaResponse = rcClient.checkcodeRisk(rcReq);
-            logger.info("rc-checkcodeRisk-resp:{}", JSON.toJSONString(picaResponse));
+            logger.info("rc-checkcodeRisk-{}-resp:{}", baseRequest.getMobile(), JSON.toJSONString(picaResponse));
        } catch (JSONException e) {
            logger.error("rc-checkcodeRisk-JSONException", e);
        } catch (Exception e) {
@@ -96,8 +108,12 @@ public class AuthCodeServiceImpl implements AuthCodeService {
                            throw new PicaWarnException(AccountExceptionEnum.PICA_RC_SEND_FAIL.getCode(),
                                    AccountExceptionEnum.PICA_RC_SEND_FAIL.getMessage());
                        } else if (processCode.equals(RcRepTypeEnum.RC_TRIGGER.getCode())) {
-                            throw new PicaWarnException(AccountExceptionEnum.PICA_RC_TRIGGER.getCode(),
-                                    AccountExceptionEnum.PICA_RC_TRIGGER.getMessage());
+                            if(SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                                // h5端需要触发拼图验证，后台去获取拼图数据返给前端
+                            } else {
+                                throw new PicaWarnException(AccountExceptionEnum.PICA_RC_TRIGGER.getCode(),
+                                        AccountExceptionEnum.PICA_RC_TRIGGER.getMessage());
+                            }
                        } else if (processCode.equals(RcRepTypeEnum.RC_BLACKLIST.getCode())) {
                            throw new PicaWarnException(AccountExceptionEnum.PICA_RC_BLACKLIST.getCode(),
                                    AccountExceptionEnum.PICA_RC_BLACKLIST.getMessage());
@@ -108,23 +124,31 @@ public class AuthCodeServiceImpl implements AuthCodeService {
                            //  获取剩余秒数
                            String authCodeKey = Constants.AUTH_CODE_PREFIX + baseRequest.getFlag() + "-" + AESUtil.encryptV0(baseRequest.getMobile()) + "-secure";
                            Long time = cacheClient.get(authCodeKey, Long.class);
-                            if(Objects.nonNull(time)) {
+                            if (Objects.nonNull(time)) {
                                int remainTime = 59 - (int) (System.currentTimeMillis() - time) / 1000;
                                if (remainTime > 0) {
                                    throw new PicaWarnException(AccountExceptionEnum.PICA_RC_60_SECOND_LIMIT.getCode(),
                                            AccountExceptionEnum.PICA_RC_60_SECOND_LIMIT.getMessage().replace("{remainTime}", String.valueOf(remainTime)));
+                                } else {
+                                    needCheck = 0;
                                }
                            } else {
                                //  刚好60秒缓存时间过去了，也允许发送短信验证码
+                                needCheck = 0;
                            }
-                        } else {
+                        } else if (RcRepTypeEnum.RC_ALLOW_SEND_MSG.getCode().equals(processCode)) {
                            //  processCode equals "1" (允许发送短信验证码)
+                            needCheck = -1;
+                        } else {
+                            throw new PicaWarnException(AccountExceptionEnum.PICA_RC_BUSINESS_ERROR.getCode(),
+                                    AccountExceptionEnum.PICA_RC_BUSINESS_ERROR.getMessage());
                        }
                    }
                }
            }
        }

+        return needCheck;
    }

    /**
@@ -142,6 +166,7 @@ public class AuthCodeServiceImpl implements AuthCodeService {
        rec.setIp(IPUtil.getIpAdrress(request));
        rec.setDeviceIp(deviceIp);
        rec.setDeviceId(baseRequest.getDevice_token());
+        rec.setSourceType(baseRequest.getSourceType());
        try {
            threadPoolTaskExecutor.execute(() -> {
                logger.info("recordRcData-execute-{}", JSON.toJSONString(rec));
@@ -153,5 +178,146 @@ public class AuthCodeServiceImpl implements AuthCodeService {
        }
    }

+    /**
+     * @Description 拼图验证
+     * @Author Chongwen.jiang
+     * @Date 2020/3/23 15:04
+     * @ModifyDate 2020/3/23 15:04
+     * @Params [capCode, xPos]
+     * @Return void
+     */
+    @Override
+    public int validateJigsawCode(HttpServletRequest request, BaseRequest paramReq) {
+        if(!SourceTypeEnum.H5.getCode().equals(paramReq.getSourceType())) {
+            logger.error("validateJigsawCode-h5 sourceType error");
+            throw new PicaWarnException(PicaResultCode.PARAM_IS_INVALID.code(), PicaResultCode.PARAM_IS_INVALID.message());
+        }
+        // 1、调用风控服务，是否需要触发拼图验证
+         /*int needCheck = this.rcValidate(request, rcReq, "{}", paramReq.getSourceType());
+        if (needCheck <= 0) {
+            //  不需要拼图验证，直接去发短信
+            return needCheck;
+        }*/
+        BaseRequest rcReq = new BaseRequest();
+        rcReq.setMobile(paramReq.getMobile());
+        String ip = IPUtil.getIpAdrress(request);
+        String rcRecordedKey = Constants.RC_RECORDED_DATA_KEY.replace("{mobile}", paramReq.getMobile())
+                .replace("{ip}", ip);
+        logger.info("validateJigsawCode-rcRecordedKey-ip:{}, mobile：{}, key:{}", ip, paramReq.getMobile(), rcRecordedKey);
+        int needCheck = 1;
+        Long num = cacheClient.decr(rcRecordedKey);
+        if (num != null && num.intValue() == 99) {
+            //  不需要拼图验证，直接去发短信, 不用记录风控数据(在调用获取拼图码时已经校验过，记录了数据)
+            return -1;
+        }
+        String capCode = paramReq.getCapCode();
+        int xPos = paramReq.getxPos();
+        if (StringUtils.isEmpty(capCode) || xPos <= 0) {
+            String key = Constants.JIGSAW_CODE_KEY.replace("{mobile}", paramReq.getMobile());
+            Long count = cacheClient.decr(key);
+            if (count != null && count.intValue() == 99) {
+                //  a、不需要拼图验证，可直接去发送短信
+                //  b、本应需要拼图验证，但是在调用获取拼图数据接口时报错了，也直接去发送短信
+                return needCheck;
+            }
+        }
+
+        //  2、调用拼图验证接口
+        PicaResponse resp = null;
+        try {
+            SliderImageRequest req = new SliderImageRequest();
+            req.setCapcode(capCode);
+            req.setXpos(xPos);
+            resp = sliderImageService.checkcapcode(req);
+            logger.info("validateJigsawCode-resp:{}", JSON.toJSONString(resp));
+        } catch (Exception e) {
+            logger.error("validateJigsawCode-sliderImageService.checkcapcode invoke exception", e.getMessage());
+        }
+
+        if (Objects.nonNull(resp)) {
+            if (!PicaResultCode.SUCCESS.code().equals(resp.getCode())) {
+                logger.info("validateJigsawCode-code exception");
+            }
+            JSONObject respData = JSON.parseObject(JSON.toJSONString(resp.getData()), JSONObject.class);
+            if (Objects.nonNull(respData)) {
+                Object codeObj = respData.get("code");
+                if (Objects.nonNull(codeObj)) {
+                    String code = String.valueOf(codeObj);
+                    if (StringUtil.equals(code, "2") ||
+                            StringUtil.equals(code, "3")) {
+                        // 3超期 2验证失败 1成功
+                        throw new PicaWarnException(AccountExceptionEnum.PICA_CAP_CODE_ERROR.getCode(),
+                                AccountExceptionEnum.PICA_CAP_CODE_ERROR.getMessage());
+                    }
+                }
+            }
+        }
+
+        return needCheck;
+    }
+
+    /**
+     * @Description 获取拼图码校验
+     * @Author Chongwen.jiang
+     * @Date 2020/3/23 15:29
+     * @ModifyDate 2020/3/23 15:29
+     * @Params [mobile]
+     * @Return com.pica.cloud.account.account.server.model.JigsawCodeModel
+     */
+    @Override
+    public JigsawCodeModel getJigsawCode(HttpServletRequest request, Integer sourceType, String mobile) {
+        if(!SourceTypeEnum.H5.getCode().equals(sourceType)) {
+            logger.error("getJigsawCode-h5 sourceType error");
+            throw new PicaWarnException(PicaResultCode.PARAM_IS_INVALID.code(), PicaResultCode.PARAM_IS_INVALID.message());
+        }
+        AccountUtils.checkMobilePhone(mobile);
+        // 调用风控服务，是否需要触发拼图验证
+        BaseRequest req = new BaseRequest();
+        req.setMobile(mobile);
+        int needCheck = this.rcValidate(request, req, "{}", sourceType);
+
+        //  调用proof服务获取拼图数据
+        JigsawCodeModel data = new JigsawCodeModel();
+        PicaResponse picResp = null;
+        String key = Constants.JIGSAW_CODE_KEY.replace("{mobile}", mobile);
+        if (needCheck > 0) {
+            try {
+                picResp = sliderImageService.getPic();
+                logger.info("getJigsawCode-getPic-code:{}", picResp.getCode());
+            } catch (Exception e) {
+                logger.error("getJigsawCode-sliderImageService.getPic invoke exception", e.getMessage());
+                //  记录该手机号调用接口获取拼图时接口报错
+                cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            }
+            if (Objects.nonNull(picResp)) {
+                if (!PicaResultCode.SUCCESS.code().equals(picResp.getCode())) {
+                    logger.info("getJigsawCode-getPic-code exception");
+                    cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+                }
+                JSONObject respData = JSON.parseObject(JSON.toJSONString(picResp.getData()), JSONObject.class);
+                if (Objects.nonNull(respData)) {
+                    logger.info("getJigsawCode-capcode:{}", respData.getString("capcode"));
+                    data.setCapCode(respData.getString("capcode"));
+                    data.setBackImage(respData.getString("backImage"));
+                    data.setSlidingImage(respData.getString("slidingImage"));
+                    data.setyHeight(respData.getInteger("yHeight"));
+                }
+            }
+        } else {
+            logger.info("getJigsawCode-don't need jigsaw code");
+            cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            if (needCheck == -1) {
+                //  不需要拼图验证, 风控允许直接发送验证码记录缓存
+                String ip = IPUtil.getIpAdrress(request);
+                String key2 = Constants.RC_RECORDED_DATA_KEY.replace("{mobile}", mobile)
+                        .replace("{ip}", ip);
+                logger.info("getJigsawCode-rcRecordedKey- rc recorded data-ip：{}，mobile：{}, rcRecordedKey:{}", ip, mobile, key2);
+                cacheClient.set(key2, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            }
+        }
+
+        return data;
+    }
+

 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
@@ -9,6 +9,7 @@ import com.pica.cloud.account.account.server.constants.Constants;
 import com.pica.cloud.account.account.server.entity.*;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.AccountTypeEnum;
+import com.pica.cloud.account.account.server.enums.SourceTypeEnum;
 import com.pica.cloud.account.account.server.log.AccountLogEntityUtils;
 import com.pica.cloud.account.account.server.log.AccountLogUtils;
 import com.pica.cloud.account.account.server.mapper.*;
@@ -122,6 +123,7 @@ public class LoginServiceImpl implements LoginService {
    @Override
    public LoginResult login(BaseRequest request) {
        String mobile = request.getMobile();
+        Integer sourceType = request.getSourceType();
        String encrypt = AESUtil.encryptV0(mobile);
        AccountInfoEntity accountInfoEntity = accountInfoDetailMapper.selectByMobile(encrypt);
        logger.info("bizType:{}, account not null：{}", request.getBizType(), accountInfoEntity != null);
@@ -132,16 +134,26 @@ public class LoginServiceImpl implements LoginService {
                    request.getBizType().equals(1)) {
                // 新版-未设置密码
                if (StringUtils.isEmpty(oldPwd)) {
-                    throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
-                            AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
-                                    .replace("{mobile}", mobile));
+                    if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                        throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getCode(),
+                                AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                    } else {
+                        throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
+                                AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
+                                        .replace("{mobile}", mobile));
+                    }
                } else {
                    //  判断账号是否已锁
                    logger.info("new login failure：" + mobile);
                    String lockKey = Constants.ACCOUNT_LOCK_KEY.replace("{mobile}", mobile);
                    if (redisClient.exists(lockKey)) {
-                        throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
-                                AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                        if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                            throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                                    AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                        } else {
+                            throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
+                                    AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                        }
                    }

                    if (password.equals(oldPwd)) {
@@ -158,8 +170,13 @@ public class LoginServiceImpl implements LoginService {
                            } else {
                                //  设置账号锁定24h
                                redisClient.set(lockKey, mobile, Constants.PWD_ERROR_NUM_SECONDS);
-                                throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
-                                        AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                                    throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                                            AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                                } else {
+                                    throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
+                                            AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                                }
                            }
                        } else {
                            redisClient.set(errorKey, 1, Constants.PWD_ERROR_NUM_SECONDS);
@@ -181,10 +198,15 @@ public class LoginServiceImpl implements LoginService {
        } else {
            if (null != request.getBizType() &&
                    request.getBizType().equals(1)) {
-                //  新版-未注册
-                throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
-                        AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
-                                .replace("{mobile}", mobile));
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getMessage());
+                } else {
+                    //  新版-未注册
+                    throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
+                            AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
+                                    .replace("{mobile}", mobile));
+                }
            } else {
                throw new PicaException(AccountExceptionEnum.PICA_NOT_REGISTER.getCode(), AccountExceptionEnum.PICA_NOT_REGISTER.getMessage());
            }
@@ -568,6 +590,7 @@ public class LoginServiceImpl implements LoginService {
    public void preLoginValidate(BaseRequest request) {
        Integer bizType = request.getBizType();
        String mobile = request.getMobile();
+        Integer sourceType = request.getSourceType();

        if (null == bizType) {
            logger.info("bizType is null");
@@ -592,13 +615,23 @@ public class LoginServiceImpl implements LoginService {
            //  手机号是否注册
            AccountInfoEntity accountInfo = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(mobile));
            if (accountInfo == null) {
-                throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getCode(),
-                        AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getMessage().replace("{mobile}", mobile));
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getMessage());
+                } else {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getMessage().replace("{mobile}", mobile));
+                }
            }
            //  手机号是否设置了密码
            if (StringUtils.isEmpty(accountInfo.getPassword())) {
-                throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getCode(),
-                        AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getMessage().replace("{mobile}", mobile));
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                } else {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getMessage().replace("{mobile}", mobile));
+                }
            }
        }