Merge branch 'dev-login-20200323' into 'release'

Dev login 20200323

reviewCoder by zhaopeijun

See merge request !15

server/pom.xml

@@ -58,6 +58,7 @@
             <groupId>com.pica.cloud.foundation</groupId>
             <artifactId>pica-cloud-service-starter</artifactId>
             <version>1.2.6-SNAPSHOT</version>
+            <!--<version>1.3.2.5</version>-->
             <exclusions>
                 <exclusion>
                     <artifactId>pica-cloud-redis</artifactId>
@@ -167,7 +168,7 @@
         <dependency>
             <groupId>com.pica.cloud.riskcontrol</groupId>
             <artifactId>pica-cloud-riskcontrol-client</artifactId>
-            <version>1.0.2</version>
+            <version>1.0.3.1</version>
         </dependency>
 
         <!-- apple identifyToken校验 -->
@@ -188,6 +189,18 @@
             <scope>test</scope>
         </dependency>
 
+        <dependency>
+            <groupId>com.pica.cloud.foundation</groupId>
+            <artifactId>pica-cloud-proof-client</artifactId>
+            <version>1.0.0</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>io.swagger</groupId>
+                    <artifactId>swagger-annotations</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+
 
     </dependencies>
 

server/src/main/java/com/pica/cloud/account/account/server/constants/Constants.java

@@ -66,4 +66,13 @@ public class Constants {
     /** 注册逻辑幂等处理缓存key */
     public static final String REPEAT_REGISTER_PREFIX = "repeat-register—";
 
+    /** h5拼图缓存key */
+    public static final String JIGSAW_CODE_KEY = "jigsaw-code-{mobile}";
+
+    /** h5拼图缓存时长*/
+    public static final int JIGSAW_CODE_EXPIRE_SECONDS = 60;
+
+    /** 风控记录过数据 */
+    public static final String RC_RECORDED_DATA_KEY = "risk-{mobile}-{ip}";
+
 }

server/src/main/java/com/pica/cloud/account/account/server/controller/AccountBaseController.java

@@ -131,7 +131,10 @@ public abstract class AccountBaseController extends BaseController {
 
         String postData = JSON.toJSONString(picapSendMsgModel);
         logger.info("sendMobileTo-mobile:{}, senderId-{}",mobile, senderId);
+        long start = System.currentTimeMillis();
         String jsonObj = HttpClientUtil.httpExecute(messageUrl, postData);
+        long end1 = System.currentTimeMillis();
+        logger.info("sendMobileMessage-send message used {} million seconds", end1-start);
         logger.info("sendMobileTo-{}", jsonObj);
 
         if (StringUtils.isEmpty(jsonObj)) {

server/src/main/java/com/pica/cloud/account/account/server/controller/AccountController.java

@@ -189,20 +189,23 @@ public class AccountController extends AccountBaseController {
 
     @ApiOperation("H5端一键登录功能,无需完善信息")
     @PostMapping("/login-register/v1")
+//    @RepeatForbidden(uniqueKey = "content") 当前版本存在性能问题 luo优化后上
     public PicaResponse loginRegister(@RequestBody EncryptEntity entity) throws Exception {
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
         this.checkMobilePhone(request.getMobile());
         AccountReq req = new AccountReq();
         req.setMobilePhone(request.getMobile());
-        req.setPassword(null);//登录或注册，只能使用验证码
+        //  登录或注册，只能使用验证码
+        req.setPassword(null);
         req.setAuthCode(request.getAuthCode());
         req.setFlag("0");
         req.setUnionid(request.getUnionId());
 
-        //判断账号是否已经存在
+        //  判断账号是否已经存在
         Account account = accountService.getByMobilePhone(req.getMobilePhone());
         if (account != null) {
-            PicaResponse response = this.login(req);  //登录
+            //  登录
+            PicaResponse response = this.login(req);
             if (response.getData() != null) {
                 LoginResult result = new LoginResult();
                 result.setToken(response.getData().toString());
@@ -210,7 +213,9 @@ public class AccountController extends AccountBaseController {
             }
             return response;
         } else {
-            return this.register(req);  //注册
+            //  注册
+            PicaResponse<LoginResult> result = this.register(req);
+            return result;
         }
     }
 

server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java

@@ -107,12 +107,13 @@ public class AutoCodeController extends AccountBaseController {
         //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
         //  4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
         AccountUtils.checkMobilePhone(request.getMobile());
 
         if (request.getBizType() != null && request.getBizType().equals(1)) {
             logger.info("app-rcValidate-start");
             //  调用风控接口
-            authCodeService.rcValidate(req, request, super.getDeviceInfo());
+            authCodeService.rcValidate(req, request, super.getDeviceInfo(), super.getSourceType());
             //  发送短信验证码
             processSysCode(request.getMobile(), request.getFlag());
             return PicaResponse.toResponse();
@@ -128,32 +129,24 @@ public class AutoCodeController extends AccountBaseController {
     @ApiOperation("获取短信验证码,无需图形验证码,如h5端")
     @PostMapping(value = "/H5/authCode")
     public PicaResponse getH5AuthCode(@RequestBody EncryptEntity entity, HttpServletRequest req) throws Exception {
-        //  如果该接口已关闭(缓存key存在)，则直接返回
-        if (cacheClient.exists(Constants.AUTHCODE_H5_SWITCH_KEY)) {
-            logger.info("getH5AuthCode-interface-return");
-            throw new PicaWarnException(AccountExceptionEnum.PICA_H5_AUTH_CODE_INTERFACE_OFFED.getCode(),
-                    AccountExceptionEnum.PICA_H5_AUTH_CODE_INTERFACE_OFFED.getMessage());
-        }
-
         //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
         //  4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
         AccountUtils.checkMobilePhone(request.getMobile());
 
-        if (request.getBizType() != null && request.getBizType().equals(1)) {
-            logger.info("h5-rcValidate-start");
-            //  调用风控接口
-            authCodeService.rcValidate(req, request, super.getDeviceInfo());
+        //  拼图验证
+        int recordData = authCodeService.validateJigsawCode(req, request);
+
         //  发送短信验证码
         processSysCode(request.getMobile(), request.getFlag());
-            return PicaResponse.toResponse();
-        } else {
-            //  h5(发送短信验证码)
-            processSysCode(request.getMobile(), request.getFlag());
-            //  记录风控数据
+
+        if (recordData != -1) {
+            //  记录风控数据（记录是h5端）
             authCodeService.recordRcData(req, request, super.getDeviceInfo("device_ip"));
-            return PicaResponse.toResponse();
         }
+
+        return PicaResponse.toResponse();
     }
 
     /**
@@ -169,6 +162,7 @@ public class AutoCodeController extends AccountBaseController {
     public PicaResponse<String> getAuthCodeWithCaptcha(@RequestBody EncryptEntity entity,
                                                        HttpServletRequest req) throws Exception {
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
         String mobilePhone = request.getMobile();
         String flag = request.getFlag() + "";
         String captchaToken = request.getCaptchaToken();
@@ -197,7 +191,13 @@ public class AutoCodeController extends AccountBaseController {
         return PicaResponse.toResponse(StringUtils.EMPTY);
     }
 
-
+    @ApiOperation("获取拼图码校验")
+    @PostMapping("/jigsawCode")
+    public PicaResponse getJigsawCode(@RequestBody EncryptEntity entity,
+                                      HttpServletRequest req) throws Exception {
+        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        return PicaResponse.toResponse(authCodeService.getJigsawCode(req, super.getSourceType(), request.getMobile()));
+    }
 
     @ApiOperation("微信获取验证码")
     @PostMapping(value = "/authCode/wechat")
@@ -253,6 +253,7 @@ public class AutoCodeController extends AccountBaseController {
      * @param authCodeKeySecure
      */
     private void processSendAuthCode(String mobilePhone, Integer flag, String authCodeKeySecure) {
+        long start = System.currentTimeMillis();
         String authCode = CommonUtil.createValidateCode();
         String message = "您的验证码是" + authCode + ",在10分钟内有效。如非本人操作，请忽略本短信！";
         Integer accountIdByMobilePhone = accountService.getAccountIdByMobilePhone(mobilePhone);
@@ -265,7 +266,11 @@ public class AutoCodeController extends AccountBaseController {
         cacheClient.set(authCodeKeySecure, System.currentTimeMillis(), 60);
         //处理验证码原子性的问题
         cacheClient.set(RegisterCodeKeyUtils.getRegisterKey(mobilePhone,authCode), 100, 600);
+        long end1 = System.currentTimeMillis();
+        logger.info("processSendAuthCode-1 used {} million seconds", end1-start);
         super.sendMobileMessage(mobilePhone, message, senderId);
+        long end2 = System.currentTimeMillis();
+        logger.info("processSendAuthCode-2 used {} million seconds", end2-start);
     }
 
     //获取验证码redis key

server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java

@@ -217,6 +217,7 @@ public class LoginController extends AccountBaseController {
     @PostMapping("/unifiedVerification")
     public PicaResponse unifiedVerification(@RequestBody EncryptEntity entity) throws Exception{
         BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setSourceType(super.getSourceType());
         loginService.preLoginValidate(request);
         return PicaResponse.toResponse();
     }

server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java

@@ -47,9 +47,14 @@ public enum AccountExceptionEnum {
     PICA_RC_BLACKLIST("216538", "发送成功"),
     PICA_RC_DAY_LIMIT("216539", "今日获取验证码次数已超过上限，请使用账户密码登录"),
     PICA_RC_60_SECOND_LIMIT("216540", "验证码发送频率过高，请{remainTime}秒后再试"),
-    PICA_H5_AUTH_CODE_INTERFACE_OFFED("216541", "该功能已关闭"),
     PICA_MESSAGE_SERVICE_CALL_FAIL("216542", "短信发送失败"),
     PICA_BIND_WECHAT_FAIL("216543", "绑定微信失败"),
+    PICA_CAP_CODE_ERROR("216544", "拼图验证失败"),
+    PICA_CAP_GET_INVOKE_ERROR("216545", "拼图获取失败"),
+    PICA_RC_BUSINESS_ERROR("216546", "参数格式错误"),
+    PICA_MOBILE_NOT_REGIST_H5("216547", "该手机号尚未设置密码，设置密码请前往云鹊医APP，或使用其他方式登录。"),
+    PICA_MOBILE_NOT_SETED_PASSWORD_H5("216548", "该手机号尚未设置密码，设置密码请前往云鹊医APP，或使用其他方式登录。"),
+    PICA_PWD_MISMATCH_5_H5("216549", "该账号密码错误次数已达上限请24小时后再试，或请使用其他登录方式"),
 
 
     xxx_xxx("","");

server/src/main/java/com/pica/cloud/account/account/server/enums/RcRepTypeEnum.java

@@ -11,6 +11,7 @@ package com.pica.cloud.account.account.server.enums;
 public enum RcRepTypeEnum {
 
     // 风控禁止发送
+    RC_ALLOW_SEND_MSG("1", "允许发送"),
     RC_SEND_FAIL("2", "发送失败"),
     RC_TRIGGER("3", "需要触发风控滑动验证"),
     //  账号、IP、设备在黑名单内，前端提示发送成功,后端不发送短信

server/src/main/java/com/pica/cloud/account/account/server/model/JigsawCodeModel.java

+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.model;
+
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ * @ClassName AuthCodeReq
+ * @Description h5拼图对象
+ * @Author Chongwen.jiang
+ * @Date 2020/3/23 13:29
+ * @ModifyDate 2020/3/23 13:29
+ * @Version 1.0
+ */
+@ApiModel(value = "JigsawCodeModel", description = "h5拼图对象")
+public class JigsawCodeModel {
+
+    @ApiModelProperty(value = "背景图")
+    private String backImage;
+
+    @ApiModelProperty(value = "滑动图")
+    private String slidingImage;
+
+    @ApiModelProperty(value = "y坐标")
+    private Integer yHeight;
+
+    @ApiModelProperty(value = "时间戳")
+    private String capCode;
+
+    public String getBackImage() {
+        return backImage;
+    }
+
+    public void setBackImage(String backImage) {
+        this.backImage = backImage;
+    }
+
+    public String getSlidingImage() {
+        return slidingImage;
+    }
+
+    public void setSlidingImage(String slidingImage) {
+        this.slidingImage = slidingImage;
+    }
+
+    public Integer getyHeight() {
+        return yHeight;
+    }
+
+    public void setyHeight(Integer yHeight) {
+        this.yHeight = yHeight;
+    }
+
+    public String getCapCode() {
+        return capCode;
+    }
+
+    public void setCapCode(String capCode) {
+        this.capCode = capCode;
+    }
+
+}
+

server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java

@@ -46,6 +46,10 @@ public class BaseRequest {
     private String appleId;
     @ApiModelProperty("apple用户信息(json字符串)")
     private String info;
+    @ApiModelProperty("capCode")
+    private String capCode;
+    @ApiModelProperty("滑动图片的x位置")
+    private int xPos;
 
     public String getCaptchaToken() {
         return captchaToken;
@@ -206,4 +210,20 @@ public class BaseRequest {
     public void setDevice_token(String device_token) {
         this.device_token = device_token;
     }
+
+    public String getCapCode() {
+        return capCode;
+    }
+
+    public void setCapCode(String capCode) {
+        this.capCode = capCode;
+    }
+
+    public int getxPos() {
+        return xPos;
+    }
+
+    public void setxPos(int xPos) {
+        this.xPos = xPos;
+    }
 }

server/src/main/java/com/pica/cloud/account/account/server/service/AuthCodeService.java

 // Copyright 2016-2101 Pica.
 package com.pica.cloud.account.account.server.service;
 
+import com.pica.cloud.account.account.server.model.JigsawCodeModel;
 import com.pica.cloud.account.account.server.req.BaseRequest;
 
 import javax.servlet.http.HttpServletRequest;
@@ -15,8 +16,13 @@ import javax.servlet.http.HttpServletRequest;
  */
 public interface AuthCodeService {
 
-    void rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr);
+    int rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr, Integer sourceType);
 
     void recordRcData(HttpServletRequest req, BaseRequest baseRequest, String deviceIp);
 
+    int validateJigsawCode(HttpServletRequest request, BaseRequest req);
+
+    JigsawCodeModel getJigsawCode(HttpServletRequest request, Integer sourceType, String mobile);
+
+
 }

server/src/main/java/com/pica/cloud/account/account/server/service/impl/AuthCodeServiceImpl.java

@@ -3,18 +3,25 @@ package com.pica.cloud.account.account.server.service.impl;
 
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONException;
+import com.alibaba.fastjson.JSONObject;
 import com.pica.cloud.account.account.server.constants.Constants;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.RcRepTypeEnum;
+import com.pica.cloud.account.account.server.enums.SourceTypeEnum;
 import com.pica.cloud.account.account.server.req.BaseRequest;
+import com.pica.cloud.account.account.server.model.JigsawCodeModel;
 import com.pica.cloud.account.account.server.service.AuthCodeService;
 import com.pica.cloud.account.account.server.util.AESUtil;
+import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.IPUtil;
 import com.pica.cloud.account.account.server.util.PICAPDeviceInfo;
 import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.entity.PicaResultCode;
 import com.pica.cloud.foundation.entity.PicaWarnException;
 import com.pica.cloud.foundation.redis.ICacheClient;
+import com.pica.cloud.foundation.utils.utils.StringUtil;
+import com.pica.cloud.proof.client.SliderImageService;
+import com.pica.cloud.proof.contract.request.SliderImageRequest;
 import com.pica.cloud.riskcontrol.riskcontrol.client.CheckCodeClient;
 import com.pica.cloud.riskcontrol.riskcontrol.common.req.CheckcodeRiskReq;
 import com.pica.cloud.riskcontrol.riskcontrol.common.resp.CheckcodeRiskResp;
@@ -51,6 +58,9 @@ public class AuthCodeServiceImpl implements AuthCodeService {
     @Qualifier("accountThreadPool")
     private ThreadPoolTaskExecutor threadPoolTaskExecutor;
 
+    @Autowired
+    private SliderImageService sliderImageService;
+
 
     /**
      * @Description 调用风控接口
@@ -61,7 +71,8 @@ public class AuthCodeServiceImpl implements AuthCodeService {
      * @Return com.pica.cloud.account.account.server.resp.UnifiedVerificationResp
      */
     @Override
-    public void rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr) {
+    public int rcValidate(HttpServletRequest request, BaseRequest baseRequest, String deviceInfoStr, Integer sourceType) {
+        int needCheck = 1;
         //  调用风控接口
         PicaResponse picaResponse = null;
         try {
@@ -73,9 +84,10 @@ public class AuthCodeServiceImpl implements AuthCodeService {
             rcReq.setIp(publicIp);
             rcReq.setDeviceIp(deviceInfo.getDevice_ip());
             rcReq.setDeviceId(deviceToken);
+            rcReq.setSourceType(sourceType);
             logger.info("rc-checkcodeRisk-req:{}", JSON.toJSONString(rcReq));
             picaResponse = rcClient.checkcodeRisk(rcReq);
-            logger.info("rc-checkcodeRisk-resp:{}", JSON.toJSONString(picaResponse));
+            logger.info("rc-checkcodeRisk-{}-resp:{}", baseRequest.getMobile(), JSON.toJSONString(picaResponse));
         } catch (JSONException e) {
             logger.error("rc-checkcodeRisk-JSONException", e);
         } catch (Exception e) {
@@ -96,8 +108,12 @@ public class AuthCodeServiceImpl implements AuthCodeService {
                             throw new PicaWarnException(AccountExceptionEnum.PICA_RC_SEND_FAIL.getCode(),
                                     AccountExceptionEnum.PICA_RC_SEND_FAIL.getMessage());
                         } else if (processCode.equals(RcRepTypeEnum.RC_TRIGGER.getCode())) {
+                            if(SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                                // h5端需要触发拼图验证，后台去获取拼图数据返给前端
+                            } else {
                                 throw new PicaWarnException(AccountExceptionEnum.PICA_RC_TRIGGER.getCode(),
                                         AccountExceptionEnum.PICA_RC_TRIGGER.getMessage());
+                            }
                         } else if (processCode.equals(RcRepTypeEnum.RC_BLACKLIST.getCode())) {
                             throw new PicaWarnException(AccountExceptionEnum.PICA_RC_BLACKLIST.getCode(),
                                     AccountExceptionEnum.PICA_RC_BLACKLIST.getMessage());
@@ -108,23 +124,31 @@ public class AuthCodeServiceImpl implements AuthCodeService {
                             //  获取剩余秒数
                             String authCodeKey = Constants.AUTH_CODE_PREFIX + baseRequest.getFlag() + "-" + AESUtil.encryptV0(baseRequest.getMobile()) + "-secure";
                             Long time = cacheClient.get(authCodeKey, Long.class);
-                            if(Objects.nonNull(time)) {
+                            if (Objects.nonNull(time)) {
                                 int remainTime = 59 - (int) (System.currentTimeMillis() - time) / 1000;
                                 if (remainTime > 0) {
                                     throw new PicaWarnException(AccountExceptionEnum.PICA_RC_60_SECOND_LIMIT.getCode(),
                                             AccountExceptionEnum.PICA_RC_60_SECOND_LIMIT.getMessage().replace("{remainTime}", String.valueOf(remainTime)));
+                                } else {
+                                    needCheck = 0;
                                 }
                             } else {
                                 //  刚好60秒缓存时间过去了，也允许发送短信验证码
+                                needCheck = 0;
                             }
-                        } else {
+                        } else if (RcRepTypeEnum.RC_ALLOW_SEND_MSG.getCode().equals(processCode)) {
                             //  processCode equals "1" (允许发送短信验证码)
+                            needCheck = -1;
+                        } else {
+                            throw new PicaWarnException(AccountExceptionEnum.PICA_RC_BUSINESS_ERROR.getCode(),
+                                    AccountExceptionEnum.PICA_RC_BUSINESS_ERROR.getMessage());
                         }
                     }
                 }
             }
         }
 
+        return needCheck;
     }
 
     /**
@@ -142,6 +166,7 @@ public class AuthCodeServiceImpl implements AuthCodeService {
         rec.setIp(IPUtil.getIpAdrress(request));
         rec.setDeviceIp(deviceIp);
         rec.setDeviceId(baseRequest.getDevice_token());
+        rec.setSourceType(baseRequest.getSourceType());
         try {
             threadPoolTaskExecutor.execute(() -> {
                 logger.info("recordRcData-execute-{}", JSON.toJSONString(rec));
@@ -153,5 +178,146 @@ public class AuthCodeServiceImpl implements AuthCodeService {
         }
     }
 
+    /**
+     * @Description 拼图验证
+     * @Author Chongwen.jiang
+     * @Date 2020/3/23 15:04
+     * @ModifyDate 2020/3/23 15:04
+     * @Params [capCode, xPos]
+     * @Return void
+     */
+    @Override
+    public int validateJigsawCode(HttpServletRequest request, BaseRequest paramReq) {
+        if(!SourceTypeEnum.H5.getCode().equals(paramReq.getSourceType())) {
+            logger.error("validateJigsawCode-h5 sourceType error");
+            throw new PicaWarnException(PicaResultCode.PARAM_IS_INVALID.code(), PicaResultCode.PARAM_IS_INVALID.message());
+        }
+        // 1、调用风控服务，是否需要触发拼图验证
+         /*int needCheck = this.rcValidate(request, rcReq, "{}", paramReq.getSourceType());
+        if (needCheck <= 0) {
+            //  不需要拼图验证，直接去发短信
+            return needCheck;
+        }*/
+        BaseRequest rcReq = new BaseRequest();
+        rcReq.setMobile(paramReq.getMobile());
+        String ip = IPUtil.getIpAdrress(request);
+        String rcRecordedKey = Constants.RC_RECORDED_DATA_KEY.replace("{mobile}", paramReq.getMobile())
+                .replace("{ip}", ip);
+        logger.info("validateJigsawCode-rcRecordedKey-ip:{}, mobile：{}, key:{}", ip, paramReq.getMobile(), rcRecordedKey);
+        int needCheck = 1;
+        Long num = cacheClient.decr(rcRecordedKey);
+        if (num != null && num.intValue() == 99) {
+            //  不需要拼图验证，直接去发短信, 不用记录风控数据(在调用获取拼图码时已经校验过，记录了数据)
+            return -1;
+        }
+        String capCode = paramReq.getCapCode();
+        int xPos = paramReq.getxPos();
+        if (StringUtils.isEmpty(capCode) || xPos <= 0) {
+            String key = Constants.JIGSAW_CODE_KEY.replace("{mobile}", paramReq.getMobile());
+            Long count = cacheClient.decr(key);
+            if (count != null && count.intValue() == 99) {
+                //  a、不需要拼图验证，可直接去发送短信
+                //  b、本应需要拼图验证，但是在调用获取拼图数据接口时报错了，也直接去发送短信
+                return needCheck;
+            }
+        }
+
+        //  2、调用拼图验证接口
+        PicaResponse resp = null;
+        try {
+            SliderImageRequest req = new SliderImageRequest();
+            req.setCapcode(capCode);
+            req.setXpos(xPos);
+            resp = sliderImageService.checkcapcode(req);
+            logger.info("validateJigsawCode-resp:{}", JSON.toJSONString(resp));
+        } catch (Exception e) {
+            logger.error("validateJigsawCode-sliderImageService.checkcapcode invoke exception", e.getMessage());
+        }
+
+        if (Objects.nonNull(resp)) {
+            if (!PicaResultCode.SUCCESS.code().equals(resp.getCode())) {
+                logger.info("validateJigsawCode-code exception");
+            }
+            JSONObject respData = JSON.parseObject(JSON.toJSONString(resp.getData()), JSONObject.class);
+            if (Objects.nonNull(respData)) {
+                Object codeObj = respData.get("code");
+                if (Objects.nonNull(codeObj)) {
+                    String code = String.valueOf(codeObj);
+                    if (StringUtil.equals(code, "2") ||
+                            StringUtil.equals(code, "3")) {
+                        // 3超期 2验证失败 1成功
+                        throw new PicaWarnException(AccountExceptionEnum.PICA_CAP_CODE_ERROR.getCode(),
+                                AccountExceptionEnum.PICA_CAP_CODE_ERROR.getMessage());
+                    }
+                }
+            }
+        }
+
+        return needCheck;
+    }
+
+    /**
+     * @Description 获取拼图码校验
+     * @Author Chongwen.jiang
+     * @Date 2020/3/23 15:29
+     * @ModifyDate 2020/3/23 15:29
+     * @Params [mobile]
+     * @Return com.pica.cloud.account.account.server.model.JigsawCodeModel
+     */
+    @Override
+    public JigsawCodeModel getJigsawCode(HttpServletRequest request, Integer sourceType, String mobile) {
+        if(!SourceTypeEnum.H5.getCode().equals(sourceType)) {
+            logger.error("getJigsawCode-h5 sourceType error");
+            throw new PicaWarnException(PicaResultCode.PARAM_IS_INVALID.code(), PicaResultCode.PARAM_IS_INVALID.message());
+        }
+        AccountUtils.checkMobilePhone(mobile);
+        // 调用风控服务，是否需要触发拼图验证
+        BaseRequest req = new BaseRequest();
+        req.setMobile(mobile);
+        int needCheck = this.rcValidate(request, req, "{}", sourceType);
+
+        //  调用proof服务获取拼图数据
+        JigsawCodeModel data = new JigsawCodeModel();
+        PicaResponse picResp = null;
+        String key = Constants.JIGSAW_CODE_KEY.replace("{mobile}", mobile);
+        if (needCheck > 0) {
+            try {
+                picResp = sliderImageService.getPic();
+                logger.info("getJigsawCode-getPic-code:{}", picResp.getCode());
+            } catch (Exception e) {
+                logger.error("getJigsawCode-sliderImageService.getPic invoke exception", e.getMessage());
+                //  记录该手机号调用接口获取拼图时接口报错
+                cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            }
+            if (Objects.nonNull(picResp)) {
+                if (!PicaResultCode.SUCCESS.code().equals(picResp.getCode())) {
+                    logger.info("getJigsawCode-getPic-code exception");
+                    cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+                }
+                JSONObject respData = JSON.parseObject(JSON.toJSONString(picResp.getData()), JSONObject.class);
+                if (Objects.nonNull(respData)) {
+                    logger.info("getJigsawCode-capcode:{}", respData.getString("capcode"));
+                    data.setCapCode(respData.getString("capcode"));
+                    data.setBackImage(respData.getString("backImage"));
+                    data.setSlidingImage(respData.getString("slidingImage"));
+                    data.setyHeight(respData.getInteger("yHeight"));
+                }
+            }
+        } else {
+            logger.info("getJigsawCode-don't need jigsaw code");
+            cacheClient.set(key, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            if (needCheck == -1) {
+                //  不需要拼图验证, 风控允许直接发送验证码记录缓存
+                String ip = IPUtil.getIpAdrress(request);
+                String key2 = Constants.RC_RECORDED_DATA_KEY.replace("{mobile}", mobile)
+                        .replace("{ip}", ip);
+                logger.info("getJigsawCode-rcRecordedKey- rc recorded data-ip：{}，mobile：{}, rcRecordedKey:{}", ip, mobile, key2);
+                cacheClient.set(key2, 100, Constants.JIGSAW_CODE_EXPIRE_SECONDS);
+            }
+        }
+
+        return data;
+    }
+
 
 }

server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java

@@ -9,6 +9,7 @@ import com.pica.cloud.account.account.server.constants.Constants;
 import com.pica.cloud.account.account.server.entity.*;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.AccountTypeEnum;
+import com.pica.cloud.account.account.server.enums.SourceTypeEnum;
 import com.pica.cloud.account.account.server.log.AccountLogEntityUtils;
 import com.pica.cloud.account.account.server.log.AccountLogUtils;
 import com.pica.cloud.account.account.server.mapper.*;
@@ -122,6 +123,7 @@ public class LoginServiceImpl implements LoginService {
     @Override
     public LoginResult login(BaseRequest request) {
         String mobile = request.getMobile();
+        Integer sourceType = request.getSourceType();
         String encrypt = AESUtil.encryptV0(mobile);
         AccountInfoEntity accountInfoEntity = accountInfoDetailMapper.selectByMobile(encrypt);
         logger.info("bizType:{}, account not null：{}", request.getBizType(), accountInfoEntity != null);
@@ -132,17 +134,27 @@ public class LoginServiceImpl implements LoginService {
                     request.getBizType().equals(1)) {
                 // 新版-未设置密码
                 if (StringUtils.isEmpty(oldPwd)) {
+                    if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                        throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getCode(),
+                                AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                    } else {
                         throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
                                 AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
                                         .replace("{mobile}", mobile));
+                    }
                 } else {
                     //  判断账号是否已锁
                     logger.info("new login failure：" + mobile);
                     String lockKey = Constants.ACCOUNT_LOCK_KEY.replace("{mobile}", mobile);
                     if (redisClient.exists(lockKey)) {
+                        if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                            throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                                    AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                        } else {
                             throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
                                     AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
                         }
+                    }
 
                     if (password.equals(oldPwd)) {
                         return pwdLoginCorrect(request, mobile, encrypt, accountInfoEntity);
@@ -158,9 +170,14 @@ public class LoginServiceImpl implements LoginService {
                             } else {
                                 //  设置账号锁定24h
                                 redisClient.set(lockKey, mobile, Constants.PWD_ERROR_NUM_SECONDS);
+                                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                                    throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                                            AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                                } else {
                                     throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
                                             AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
                                 }
+                            }
                         } else {
                             redisClient.set(errorKey, 1, Constants.PWD_ERROR_NUM_SECONDS);
                             throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_4.getCode(),
@@ -181,10 +198,15 @@ public class LoginServiceImpl implements LoginService {
         } else {
             if (null != request.getBizType() &&
                     request.getBizType().equals(1)) {
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getMessage());
+                } else {
                     //  新版-未注册
                     throw new PicaException(AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getCode(),
                             AccountExceptionEnum.PICA_PASSWORD_RULE_ERROR.getMessage()
                                     .replace("{mobile}", mobile));
+                }
             } else {
                 throw new PicaException(AccountExceptionEnum.PICA_NOT_REGISTER.getCode(), AccountExceptionEnum.PICA_NOT_REGISTER.getMessage());
             }
@@ -568,6 +590,7 @@ public class LoginServiceImpl implements LoginService {
     public void preLoginValidate(BaseRequest request) {
         Integer bizType = request.getBizType();
         String mobile = request.getMobile();
+        Integer sourceType = request.getSourceType();
 
         if (null == bizType) {
             logger.info("bizType is null");
@@ -592,15 +615,25 @@ public class LoginServiceImpl implements LoginService {
             //  手机号是否注册
             AccountInfoEntity accountInfo = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(mobile));
             if (accountInfo == null) {
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_REGIST_H5.getMessage());
+                } else {
                     throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getCode(),
                             AccountExceptionEnum.PICA_MOBILE_NOT_REGIST.getMessage().replace("{mobile}", mobile));
                 }
+            }
             //  手机号是否设置了密码
             if (StringUtils.isEmpty(accountInfo.getPassword())) {
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                } else {
                     throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getCode(),
                             AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getMessage().replace("{mobile}", mobile));
                 }
             }
+        }
 
 
     }