Merge branch 'dev-login0218' of...

Merge branch 'dev-login0218' of http://192.168.110.53/com.pica.cloud.account/pica-cloud-account into dev-login0218 # Conflicts: # server/pom.xml # server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java # server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java # server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java

Merge branch 'dev-login0218' of...
Merge branch 'dev-login0218' of http://192.168.110.53/com.pica.cloud.account/pica-cloud-account into dev-login0218 # Conflicts: # server/pom.xml # server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java # server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java # server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
aaef9dba · wfy · 0d1550ab · e7386bc4 · aaef9dba · aaef9dba
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -157,6 +157,12 @@
            <artifactId>okhttp</artifactId>
            <version>3.8.1</version>
        </dependency>
+
+        <dependency>
+            <groupId>com.pica.cloud.patient</groupId>
+            <artifactId>pica-cloud-smartcontract-client</artifactId>
+            <version>1.1.0</version>
+        </dependency>
    </dependencies>

    <dependencyManagement>

--- a/server/src/main/java/com/pica/cloud/account/account/server/constants/Constants.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/constants/Constants.java
@@ -45,4 +45,9 @@ public class Constants {
     */
    public static final String TIME_FORMAT = "yyyy-MM-dd HH:mm:ss";

+    /** 密码登录错误次数缓存key */
+    public static final String PWD_ERROR_NUM_KEY = "pwd-error-{mobile}";
+    /** 密码登录错误次数缓存时长*/
+    public static final int PWD_ERROR_NUM_SECONDS = 24 * 60 * 60;
+
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/AutoCodeController.java
 package com.pica.cloud.account.account.server.controller;

-import com.pica.cloud.account.account.server.entity.Account;
-import com.pica.cloud.account.account.server.entity.AccountInfoEntity;
+import com.alibaba.fastjson.JSON;
+import com.alibaba.fastjson.JSONObject;
 import com.pica.cloud.account.account.server.entity.AccountUnionEntity;
 import com.pica.cloud.account.account.server.entity.EncryptEntity;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.AccountTypeEnum;
+import com.pica.cloud.account.account.server.enums.BizTypeRespEnum;
 import com.pica.cloud.account.account.server.exception.AccountException;
 import com.pica.cloud.account.account.server.mapper.AccountInfoDetailMapper;
 import com.pica.cloud.account.account.server.req.BaseRequest;
+import com.pica.cloud.account.account.server.resp.UnifiedVerificationResp;
 import com.pica.cloud.account.account.server.service.AccountService;
 import com.pica.cloud.account.account.server.service.AccountUnionService;
 import com.pica.cloud.account.account.server.service.CaptchaService;
@@ -25,16 +27,15 @@ import com.pica.cloud.foundation.utils.utils.ValidateUtils;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
-import org.apache.ibatis.logging.Log;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;

+import java.util.Objects;
+
 @Api(description = "短信验证码资源")
 @RestController
 public class AutoCodeController extends AccountBaseController {
@@ -61,10 +62,32 @@ public class AutoCodeController extends AccountBaseController {
    @ApiOperation("获取短信验证码,无需图形验证码,如app端")
    @PostMapping(value = "/authCode")
    public PicaResponse getAuthCode(@RequestBody EncryptEntity entity) throws Exception {
+        //  验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机
+        // 4重置密码 5忘记密码 7患者招募提交问卷(效验) 8Appe登录绑定手机
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
        AccountUtils.checkMobilePhone(request.getMobile());
-        processSysCode(request.getMobile(), request.getFlag());
-        return PicaResponse.toResponse();
+        if(request.getBizType() != null && request.getBizType().equals(1)){
+            //  TODO 调用风控接口
+            UnifiedVerificationResp rcResp = rcValidate(request.getMobile(), request.getFlag());
+            if(rcResp == null){
+                //  风控接口调用异常也继续后面的逻辑
+                processSysCode(request.getMobile(), request.getFlag());
+                return PicaResponse.toResponse();
+            } else {
+                if(null == rcResp.getBizCode()){
+                    //  风控校验后允许发送短信验证码
+                    processSysCode(request.getMobile(), request.getFlag());
+                    return PicaResponse.toResponse();
+                } else {
+                    //  风控接口调用正常，并返回业务提示给前端
+                    return PicaResponse.toResponse(rcResp);
+                }
+            }
+        } else {
+            //  老版本业务
+            processSysCode(request.getMobile(), request.getFlag());
+            return PicaResponse.toResponse();
+        }
    }

    @ApiOperation("获取短信验证码，需要图形验证码,如H5端和PC端；验证码类型 0默认 1注册 2微信登录绑定手机 3修改手机 4重置密码 5忘记密码 7患者招募提交问卷(效验)")
@@ -183,4 +206,66 @@ public class AutoCodeController extends AccountBaseController {
        return PicaResponse.toResponse(cacheCode);
    }

+    /**
+     * @Description 调用风控接口
+     * @Author Chongwen.jiang
+     * @Date 2020/2/21 17:12
+     * @ModifyDate 2020/2/21 17:12
+     * @Params [mobile]
+     * @Return com.pica.cloud.account.account.server.resp.UnifiedVerificationResp
+     */
+    private UnifiedVerificationResp rcValidate(String mobile, Integer flag) {
+        //  调用风控接口
+        PicaResponse picaResponse = null;
+        if (picaResponse != null &&
+                PicaResultCode.SUCCESS.code().equals(picaResponse.getCode())) {
+            Object data = picaResponse.getData();
+            if (Objects.nonNull(data)) {
+                JSONObject respData = JSON.parseObject(
+                        JSON.toJSONString(data), JSONObject.class);
+                if (StringUtils.isNotEmpty(respData.getString("processCode"))) {
+                    Integer processCode = Integer.valueOf(respData.getString("processCode"));
+                    if (null != processCode) {
+                        if (processCode.equals(BizTypeRespEnum.RC_SEND_FAIL.getCode())) {
+                            UnifiedVerificationResp resp = new UnifiedVerificationResp();
+                            resp.setBizCode(BizTypeRespEnum.RC_SEND_FAIL.getCode());
+                            resp.setBizMsg(BizTypeRespEnum.RC_SEND_FAIL.getMsg());
+                            return resp;
+                        } else if (processCode.equals(BizTypeRespEnum.RC_TRIGGER.getCode())) {
+                            UnifiedVerificationResp resp = new UnifiedVerificationResp();
+                            resp.setBizCode(BizTypeRespEnum.RC_TRIGGER.getCode());
+                            resp.setBizMsg(BizTypeRespEnum.RC_TRIGGER.getMsg());
+                            return resp;
+                        } else if (processCode.equals(BizTypeRespEnum.RC_BLACKLIST.getCode())) {
+                            UnifiedVerificationResp resp = new UnifiedVerificationResp();
+                            resp.setBizCode(BizTypeRespEnum.RC_BLACKLIST.getCode());
+                            resp.setBizMsg(BizTypeRespEnum.RC_BLACKLIST.getMsg());
+                            return resp;
+                        } else if (processCode.equals(BizTypeRespEnum.RC_DAY_LIMIT.getCode())) {
+                            UnifiedVerificationResp resp = new UnifiedVerificationResp();
+                            resp.setBizCode(BizTypeRespEnum.RC_DAY_LIMIT.getCode());
+                            resp.setBizMsg(BizTypeRespEnum.RC_DAY_LIMIT.getMsg());
+                            return resp;
+                        } else if (processCode.equals(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode())) {
+                            UnifiedVerificationResp resp = new UnifiedVerificationResp();
+                            resp.setBizCode(BizTypeRespEnum.RC_60_SECOND_LIMIT.getCode());
+                            //  获取剩余秒数
+                            Long time = cacheClient.get(this.getAuthCodeKey(mobile, flag.toString()) + "-secure", Long.class);
+                            int remainTime = 59 - (int) (System.currentTimeMillis() - time) / 1000;
+                            if (remainTime > 0) {
+                                resp.setBizMsg(BizTypeRespEnum.RC_60_SECOND_LIMIT.getMsg()
+                                        .replace("{remainTime}", String.valueOf(remainTime)));
+                            }
+                            return resp;
+                        }
+                    }
+                }
+            }
+            //  processCode=1(允许发送短信验证码)
+            return new UnifiedVerificationResp();
+        } else {
+            return null;
+        }
+    }
+
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginController.java
@@ -17,12 +17,10 @@ import com.pica.cloud.account.account.server.vo.OneClickLoginResultVo;
 import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.redis.CacheClient;
 import com.pica.cloud.foundation.redis.ICacheClient;
-import com.pica.cloud.foundation.utils.utils.CommonUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.web.bind.annotation.*;

 import java.util.HashMap;
@@ -209,6 +207,14 @@ public class LoginController extends AccountBaseController {
        return PicaResponse.toResponse(resultWeb);
    }

+    @ApiOperation(value = "统一校验(传空则不会校验)")
+    @PostMapping("/unifiedVerification")
+    public PicaResponse unifiedVerification(@RequestBody EncryptEntity entity) throws Exception{
+        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        return PicaResponse.toResponse(loginService.preLoginValidate(request));
+    }
+
+
    @ApiOperation(value = "app端手机号码一键登录")
    @PostMapping("/login/one-click")
    public PicaResponse<OneClickLoginResultVo> oneClickLogin(@RequestBody EncryptEntity entity) throws Exception {

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/PasswordController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/PasswordController.java
@@ -3,18 +3,18 @@ package com.pica.cloud.account.account.server.controller;
 import com.pica.cloud.account.account.server.entity.AccountInfoEntity;
 import com.pica.cloud.account.account.server.entity.Doctor;
 import com.pica.cloud.account.account.server.entity.EncryptEntity;
-import com.pica.cloud.account.account.server.enums.AccountTypeEnum;
+import com.pica.cloud.account.account.server.entity.LoginResult;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.exception.AccountException;
 import com.pica.cloud.account.account.server.mapper.AccountInfoDetailMapper;
 import com.pica.cloud.account.account.server.req.BaseRequest;
 import com.pica.cloud.account.account.server.service.DoctorService;
 import com.pica.cloud.account.account.server.service.PasswordService;
+import com.pica.cloud.account.account.server.service.RegisterService;
 import com.pica.cloud.account.account.server.util.AESUtil;
 import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.CryptoUtil;
 import com.pica.cloud.foundation.entity.PicaResponse;
-import com.pica.cloud.foundation.utils.entity.PicaUser;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.lang3.StringUtils;
@@ -38,6 +38,8 @@ public class PasswordController extends AccountBaseController {

    @Autowired
    private DoctorService doctorService;
+    @Autowired
+    private RegisterService registerService;

    /**
     * 重置密码
@@ -78,19 +80,57 @@ public class PasswordController extends AccountBaseController {
    @PostMapping(value = "/reset")
    public PicaResponse forgetPassword(@RequestBody EncryptEntity entity) throws Exception {
        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
-        if (super.getSourceType()==2){
+        if(request.getBizType() != null &&
+                request.getBizType().equals(1)) {
+            AccountInfoEntity account = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(request.getMobile()));
+            if(account == null) {
+                if (super.getSourceType()==2){
+                    accountUtils.checkMobilePhoneAndAuthCode(request.getMobile(),  "5", request.getAuthCode());
+                }else{
+                    accountUtils.checkMobilePhoneAndAuthCode(request.getMobile(),  "4", request.getAuthCode());
+                }
+                if (StringUtils.isEmpty(request.getPassword())) {
+                    throw new AccountException(AccountExceptionEnum.PICA_PASSWORD_ERROR);
+                }
+                // 新版-未注册-则默认注册
+                LoginResult result = registerService.register(request);
+                //  已补全密码
+                result.setEntireFlag(3);
+                return PicaResponse.toResponse(result);
+            } else {
+                //  新版-已注册了的则找回密码
+                return reSetPwd(request, account);
+            }
+        } else {
+            //  老版
+            return reSetPwd(request, null);
+        }
+    }
+
+    /**
+     * @Description 找回密码
+     * @Author Chongwen.jiang
+     * @Date 2020/2/21 20:07
+     * @ModifyDate 2020/2/21 20:07
+     * @Params [request, entity]
+     * @Return com.pica.cloud.foundation.entity.PicaResponse
+     */
+    private PicaResponse reSetPwd(BaseRequest request, AccountInfoEntity entity) {
+        // 4重置密码 5忘记密码
+        if (super.getSourceType() == 2){
+            //  ios
            accountUtils.checkMobilePhoneAndAuthCode(request.getMobile(),  "5", request.getAuthCode());
            if (StringUtils.isEmpty(request.getPassword())) {
                throw new AccountException(AccountExceptionEnum.PICA_PASSWORD_ERROR);
            }
-            passwordService.forgetPassword(request);
+            passwordService.forgetPassword(request, entity);
            return PicaResponse.toResponse();
        }else{
            accountUtils.checkMobilePhoneAndAuthCode(request.getMobile(),  "4", request.getAuthCode());
            if (StringUtils.isEmpty(request.getPassword())) {
                throw new AccountException(AccountExceptionEnum.PICA_PASSWORD_ERROR);
            }
-            passwordService.forgetPassword(request);
+            passwordService.forgetPassword(request, entity);
            return PicaResponse.toResponse();
        }
    }

--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/ProtocolController.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/ProtocolController.java
+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.controller;
+
+import com.pica.cloud.account.account.server.service.ProtocolService;
+import com.pica.cloud.foundation.entity.PicaResponse;
+import com.pica.cloud.patient.smartcontract.common.req.BatchSignReq;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiOperation;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.*;
+
+/**
+ * @ClassName ProtocolController
+ * @Description 协议相关
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 10:48
+ * @ModifyDate 2020/2/20 10:48
+ * @Version 1.0
+ */
+@Api(description = "协议相关")
+@RequestMapping("/protocol")
+@RestController
+public class ProtocolController extends AccountBaseController {
+
+    @Autowired
+    private ProtocolService protocolService;
+
+    @ApiOperation(value = "批量查询指定类型协议")
+    @GetMapping("/names")
+    public PicaResponse get(){
+        return PicaResponse.toResponse(
+                protocolService.getProtocolNames());
+    }
+
+    @ApiOperation(value = "首次唤起App签订协议")
+    @PostMapping("/firstCallApp")
+    public PicaResponse firstCallApp(@RequestBody BatchSignReq req){
+        String appVersion = super.getDeviceInfo("appVersion");
+        protocolService.firstCallAppSignProtocol(req, appVersion);
+        return PicaResponse.toResponse();
+    }
+
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/enums/AccountExceptionEnum.java
@@ -29,7 +29,12 @@ public enum AccountExceptionEnum {
    PICA_WECHAT_CODE_ERROR("216521", "微信登录授权code不正确"),
    PICA_WECHAT_UNBIND("216522", "该微信号已绑定其他云鹊医账户，你可以使用微信登录云鹊医，在「设置」页解除绑定"),
    PICA_WECHAT_BIND_OTHER("216524", "该手机号已绑定其他微信号，你可以在「设置」页解除绑定"),
-    PICA_WECHAT_UNBIND_CURRENT("216523", "正在绑定中,请稍等");
+    PICA_WECHAT_UNBIND_CURRENT("216523", "正在绑定中,请稍等"),
+    PICA_PASSWORD_RULE_ERROR("216525","该手机号{mobile}尚未设置密码，请先设置密码。"),
+    PICA_PWD_MISMATCH_4("216526", "密码错误,请重试"),
+    PICA_PWD_MISMATCH_5("216527", "密码错误次数过多，请前往找回密码"),
+
+    xxx_xxx("","");


    private String code;

--- a/server/src/main/java/com/pica/cloud/account/account/server/enums/BizTypeEnum.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/enums/BizTypeEnum.java
+package com.pica.cloud.account.account.server.enums;
+
+/**
+ * @Description 统一校验业务类型枚举类
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 18:19
+ * @ModifyDate 2020/2/20 18:19
+ * @Params
+ * @Return
+ */
+public enum BizTypeEnum {
+
+    LOGIN_AUTH_CODE(1, "验证码登录"),
+    LOGIN_PWD(2, "密码登录"),
+    FIND_PASSWORD(3, "找回密码"),
+    LOGIN_WE_CHAT(4, "微信登录"),
+    LOGIN_APPLE(5, "苹果登录"),
+
+    XXX(10, "xxxxxx");
+
+    private Integer code;
+    private String type;
+
+    BizTypeEnum(Integer code, String type) {
+        this.code = code;
+        this.type = type;
+    }
+
+    public Integer getCode() {
+        return code;
+    }
+
+    public void setCode(Integer code) {
+        this.code = code;
+    }
+
+    public String getType() {
+        return type;
+    }
+
+    public void setType(String type) {
+        this.type = type;
+    }
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/enums/BizTypeRespEnum.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/enums/BizTypeRespEnum.java
+package com.pica.cloud.account.account.server.enums;
+
+/**
+ * @Description 统一校验响应枚举类
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 18:19
+ * @ModifyDate 2020/2/20 18:19
+ * @Params
+ * @Return
+ */
+public enum BizTypeRespEnum {
+
+    // 风控禁止发送
+    RC_SEND_FAIL(2, "发送失败"),
+    RC_TRIGGER(3, "需要触发风控滑动验证"),
+    //  账号、IP、设备在黑名单内，前端提示发送成功,后端不发送短信
+    RC_BLACKLIST(4, "发送成功"),
+    RC_DAY_LIMIT(5, "今日获取验证码次数以超过上限，请使用账户密码登录"),
+    RC_60_SECOND_LIMIT(6, "验证码发送频率过高，请{remainTime}秒后再试"),
+
+    MOBILE_REG_FALSE(7, "请输入正确的手机号"),
+    MOBILE_REG_TRUE(8, "手机号符合规则"),
+    MOBILE_NOT_REGIST(9, "该手机号{mobile}尚未设置密码，请先设置密码。"),
+    MOBILE_NOT_SETED_PASSWORD(10, "该手机号{mobile}尚未设置密码，请先设置密码。"),
+    MOBILE_SETED_PASSWORD(11, "手机号已设置密码"),
+
+
+    XXX(0, "xxxxxx");
+
+    private Integer code;
+    private String msg;
+
+    BizTypeRespEnum(Integer code, String msg) {
+        this.code = code;
+        this.msg = msg;
+    }
+
+    public Integer getCode() {
+        return code;
+    }
+
+    public void setCode(Integer code) {
+        this.code = code;
+    }
+
+    public String getMsg() {
+        return msg;
+    }
+
+    public void setType(String msg) {
+        this.msg = msg;
+    }
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/model/OneClickProcessor.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/model/OneClickProcessor.java
+package com.pica.cloud.account.account.server.model;
+
+import com.pica.cloud.account.account.server.entity.MobileDataEntity;
+import com.pica.cloud.account.account.server.entity.QueryMobileEntity;
+import com.pica.cloud.account.account.server.util.AESUtil;
+import com.pica.cloud.account.account.server.util.HttpUtil;
+import com.pica.cloud.account.account.server.util.MD5;
+import com.pica.cloud.account.account.server.util.RSAUtil;
+import com.pica.cloud.account.account.server.util.SignUtils;
+import com.pica.cloud.foundation.entity.PicaException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @program: pica-cloud-account
+ * @description:
+ * @author: wfy
+ * @create: 2020-02-24 13:57
+ */
+@Component
+public class OneClickProcessor {
+    private static final String DEFAULT_ENCRYPT_TYPE = "0";
+
+    private Logger logger = LoggerFactory.getLogger(this.getClass());
+    //手机号加解密方式 0 AES 1 RSA , 可以不传，不传则手机号解密直接使用AES解密
+    private String aesEncryptType = DEFAULT_ENCRYPT_TYPE;
+    private String rsaEncryptType = "1";
+    private String encryptType = DEFAULT_ENCRYPT_TYPE;
+    //创建应用时填入的rsa公钥对应的私钥字符串
+    public static final String privateKey = "";
+    @Value("${shanyan.url.mobilequery}")
+    private String mobileQueryUrl;
+    @Value("${shanyan.android.appId}")
+    private String androidAppId;
+    @Value("${shanyan.android.appKey}")
+    private String androidAppKey;
+    @Value("${shanyan.ios.appId}")
+    private String iosAppId;
+    @Value("${shanyan.ios.appKey}")
+    private String iosAppKey;
+
+    @Autowired
+
+
+    public String tokenExchangeMobile(String token, Integer type) {
+        if (type == null) {
+            return null;
+        }
+        String appId;
+        String appKey;
+        if (type.equals(1)) {
+            appId = androidAppId;
+            appKey = androidAppKey;
+        } else if (type.equals(2)) {
+            appId = iosAppId;
+            appKey = iosAppKey;
+        } else {
+            return null;
+        }
+        String returnMobile = null;
+        //从SDK获取的token参数
+        try {
+            Map<String, String> params = new HashMap<String, String>();
+            params.put("token", token);
+            params.put("appId", appId);
+            params.put("encryptType", encryptType);//可以不传，不传则解密直接使用AES解密
+            params.put("sign", SignUtils.getSign(params, appKey));
+            QueryMobileEntity queryMobileEntity = (QueryMobileEntity) HttpUtil.postForm(mobileQueryUrl, params, QueryMobileEntity.class);
+            if (null != queryMobileEntity) {
+                String code = queryMobileEntity.getCode();     //返回码 200000为成功
+                if ("200000".equals(code)) {
+                    MobileDataEntity mobileDataEntity = queryMobileEntity.getData();
+                    String mobile = mobileDataEntity.getMobileName();
+                    if (aesEncryptType.equals(encryptType)) {
+                        String key = MD5.getMD5Code(appKey);
+                        mobile = AESUtil.decrypt(mobile, key.substring(0, 16), key.substring(16));
+                    } else if (rsaEncryptType.equals(encryptType)) {
+                        mobile = RSAUtil.decryptByPrivateKeyForLongStr(mobile, privateKey);
+                    }
+                    mobileDataEntity.setMobileName(mobile);
+                    returnMobile = mobileDataEntity.getMobileName();
+                } else {
+                    throw new RuntimeException();
+                }
+            }
+        } catch (Exception e) {
+            logger.error(e.getMessage());
+            throw new PicaException("token换取手机号调用失败！");
+        }
+        return returnMobile;
+    }
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/req/BaseRequest.java
@@ -34,6 +34,10 @@ public class BaseRequest {
    private String captchaToken;
    @ApiModelProperty("图片验证码答案")
    private String captchaAnswer;
+    @ApiModelProperty("苹果用户id")
+    private String appleUserId;
+    @ApiModelProperty("业务类型，1-新老业务区分标识，2-手机号格式校验业务，3-密码登录校验业务")
+    private Integer bizType;

    public String getCaptchaToken() {
        return captchaToken;
@@ -146,4 +150,20 @@ public class BaseRequest {
    public void setWeChatLoginType(Integer weChatLoginType) {
        this.weChatLoginType = weChatLoginType;
    }
+
+    public String getAppleUserId() {
+        return appleUserId;
+    }
+
+    public void setAppleUserId(String appleUserId) {
+        this.appleUserId = appleUserId;
+    }
+
+    public Integer getBizType() {
+        return bizType;
+    }
+
+    public void setBizType(Integer bizType) {
+        this.bizType = bizType;
+    }
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/resp/UnifiedVerificationResp.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/resp/UnifiedVerificationResp.java
+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.resp;
+
+import io.swagger.annotations.ApiModel;
+
+/**
+ * @ClassName UnifiedVerificationResp
+ * @Description 统一验证响应类
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 20:48
+ * @ModifyDate 2020/2/20 20:48
+ * @Version 1.0
+ */
+@ApiModel(value = "UnifiedVerificationResp", description = "统一验证响应类")
+public class UnifiedVerificationResp {
+
+    private Integer bizCode;
+    private String bizMsg;
+
+    public Integer getBizCode() {
+        return bizCode;
+    }
+
+    public void setBizCode(Integer bizCode) {
+        this.bizCode = bizCode;
+    }
+
+    public String getBizMsg() {
+        return bizMsg;
+    }
+
+    public void setBizMsg(String bizMsg) {
+        this.bizMsg = bizMsg;
+    }
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
@@ -3,6 +3,10 @@ package com.pica.cloud.account.account.server.service;
 import com.pica.cloud.account.account.server.entity.LoginResult;
 import com.pica.cloud.account.account.server.entity.PICAPDoctor;
 import com.pica.cloud.account.account.server.req.BaseRequest;
+import com.pica.cloud.account.account.server.resp.UnifiedVerificationResp;
+import com.pica.cloud.foundation.entity.PicaResponse;
+
+import java.util.Map;
 import com.pica.cloud.account.account.server.req.OneClickLoginReq;
 import com.pica.cloud.account.account.server.vo.OneClickLoginResultVo;

@@ -55,5 +59,15 @@ public interface LoginService {

    PICAPDoctor queryDoctor(long doctorId);

+    /**
+     * @Description 统一校验(传空则不会校验)
+     * @Author Chongwen.jiang
+     * @Date 2020/2/20 16:55
+     * @ModifyDate 2020/2/20 16:55
+     * @Params [request]
+     * @Return com.pica.cloud.foundation.entity.PicaResponse
+     */
+    UnifiedVerificationResp preLoginValidate(BaseRequest request);
+
    OneClickLoginResultVo oneClickLogin(OneClickLoginReq req);
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/PasswordService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/PasswordService.java
 package com.pica.cloud.account.account.server.service;

+import com.pica.cloud.account.account.server.entity.AccountInfoEntity;
 import com.pica.cloud.account.account.server.req.BaseRequest;

 public interface PasswordService {
@@ -18,5 +19,5 @@ public interface PasswordService {
     *
     * @param request 参数模型
     */
-    void forgetPassword(BaseRequest request);
+    void forgetPassword(BaseRequest request, AccountInfoEntity entity);
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/ProtocolService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/ProtocolService.java
+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.service;
+
+import com.pica.cloud.patient.smartcontract.common.req.BatchSignReq;
+import com.pica.cloud.patient.smartcontract.common.resp.ProtocolResp;
+import org.springframework.web.bind.annotation.RequestBody;
+
+import java.util.List;
+
+/**
+ * @ClassName ProtocolService
+ * @Description 协议相关接口
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 11:00
+ * @ModifyDate 2020/2/20 11:00
+ * @Version 1.0
+ */
+public interface ProtocolService {
+
+    /**
+     * @Description 批量查询指定类型协议
+     * @Author Chongwen.jiang
+     * @Date 2020/2/20 11:27
+     * @ModifyDate 2020/2/20 11:27
+     * @Params [protocolTypes, appVersion]
+     * @Return java.util.List<com.pica.cloud.patient.smartcontract.common.resp.ProtocolResp>
+     */
+    List<ProtocolResp> getProtocolNames();
+
+    /**
+     * @Description 首次唤起app签订协议
+     * @Author Chongwen.jiang
+     * @Date 2020/2/20 11:31
+     * @ModifyDate 2020/2/20 11:31
+     * @Params [req]
+     * @Return void
+     */
+    void firstCallAppSignProtocol(@RequestBody BatchSignReq req, String appVersion);
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginServiceImpl.java
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/PasswordServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/PasswordServiceImpl.java
@@ -65,8 +65,10 @@ public class PasswordServiceImpl implements PasswordService {

    @Override
    @Transactional
-    public void forgetPassword(BaseRequest request) {
-        AccountInfoEntity entity = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(request.getMobile()));
+    public void forgetPassword(BaseRequest request, AccountInfoEntity entity) {
+        if (entity == null) {
+            entity = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(request.getMobile()));
+        }
        if (entity != null) {
            String password = request.getPassword();
            Integer accId = entity.getId();

--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/ProtocolServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/ProtocolServiceImpl.java
+// Copyright 2016-2101 Pica.
+package com.pica.cloud.account.account.server.service.impl;
+
+import com.alibaba.fastjson.JSON;
+import com.pica.cloud.account.account.server.service.ProtocolService;
+import com.pica.cloud.foundation.entity.PicaResponse;
+import com.pica.cloud.foundation.entity.PicaResultCode;
+import com.pica.cloud.foundation.entity.PicaWarnException;
+import com.pica.cloud.patient.smartcontract.client.SmartContractClient;
+import com.pica.cloud.patient.smartcontract.common.req.BatchSignReq;
+import com.pica.cloud.patient.smartcontract.common.resp.ProtocolResp;
+import com.pica.cloud.patient.smartcontract.common.utils.ReturnUtil;
+import groovy.util.logging.Slf4j;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+
+/**
+ * @ClassName ProtocolServiceImpl
+ * @Description 协议相关业务层
+ * @Author Chongwen.jiang
+ * @Date 2020/2/20 11:01
+ * @ModifyDate 2020/2/20 11:01
+ * @Version 1.0
+ */
+@Service
+public class ProtocolServiceImpl implements ProtocolService {
+    private Logger logger = LoggerFactory.getLogger(this.getClass());
+    @Autowired
+    private SmartContractClient smartContractClient;
+
+    /**
+     * @Description 批量查询指定类型协议
+     * @Author Chongwen.jiang
+     * @Date 2020/2/20 11:26
+     * @ModifyDate 2020/2/20 11:26
+     * @Params [protocolTypes, appVersion]
+     * @Return java.util.List<com.pica.cloud.patient.smartcontract.common.resp.ProtocolResp>
+     */
+    @Override
+    public List<ProtocolResp> getProtocolNames() {
+        List<Integer> protocolTypes = new ArrayList<>();
+        //  用户协议
+        protocolTypes.add(2);
+        //  隐私协议
+        protocolTypes.add(3);
+        BatchSignReq req = new BatchSignReq();
+        req.setTypes(protocolTypes);
+        PicaResponse picaResponse = smartContractClient.queryProtocol(req);
+        if(Objects.isNull(picaResponse)){
+            throw new PicaWarnException(
+                    PicaResultCode.INTERFACE_INVOKE_EXCEPTION.code(),
+                    PicaResultCode.INTERFACE_INVOKE_EXCEPTION.message());
+        }
+        if(!PicaResultCode.SUCCESS.code().equals(picaResponse.getCode())){
+            throw new PicaWarnException(
+                    picaResponse.getCode(),
+                    picaResponse.getMessage());
+        }
+        List<ProtocolResp> resp = JSON.parseArray(
+                JSON.toJSONString(picaResponse.getData()),
+                ProtocolResp.class);
+        return resp;
+    }
+
+    /**
+     * @Description 首次唤起app签订协议
+     * @Author Chongwen.jiang
+     * @Date 2020/2/20 11:31
+     * @ModifyDate 2020/2/20 11:31
+     * @Params [req]
+     * @Return void
+     */
+    @Override
+    public void firstCallAppSignProtocol(BatchSignReq req, String appVersion) {
+        if(StringUtils.isEmpty(appVersion)) {
+            logger.info("firstCallAppSignProtocol-appVersion is null ");
+            return;
+        }
+
+        PicaResponse resp = smartContractClient.firstCallAppSignProtocol(req);
+        logger.info("firstCallAppSignProtocol-resp:{}", JSON.toJSONString(resp));
+        if(Objects.isNull(resp)){
+            throw new PicaWarnException(
+                    PicaResultCode.INTERFACE_INVOKE_EXCEPTION.code(),
+                    PicaResultCode.INTERFACE_INVOKE_EXCEPTION.message());
+        }
+        if(!PicaResultCode.SUCCESS.code().equals(resp.getCode())){
+            throw new PicaWarnException(
+                    resp.getCode(),
+                    resp.getMessage());
+        }
+    }
+
+
+}
--- a/server/src/main/java/com/pica/cloud/account/account/server/util/AccountUtils.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/util/AccountUtils.java
 package com.pica.cloud.account.account.server.util;

+import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
 import com.pica.cloud.account.account.server.controller.AccountController;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
+import com.pica.cloud.account.account.server.enums.BizTypeRespEnum;
 import com.pica.cloud.account.account.server.mapper.AccountPatientInfoMapper;
 import com.pica.cloud.account.account.server.mapper.DoctorMapper;
+import com.pica.cloud.account.account.server.resp.UnifiedVerificationResp;
 import com.pica.cloud.foundation.entity.PicaException;
+import com.pica.cloud.foundation.entity.PicaResponse;
 import com.pica.cloud.foundation.entity.PicaResultCode;
 import com.pica.cloud.foundation.redis.ICacheClient;
 import com.pica.cloud.foundation.utils.utils.ValidateUtils;
@@ -15,6 +19,9 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;

+import java.util.Objects;
+import java.util.regex.Pattern;
+
 /**
 * 账户工具类
 */
@@ -22,7 +29,6 @@ import org.springframework.stereotype.Component;
 public class AccountUtils {

    @Autowired
-
    private ICacheClient cacheClient;

    private Logger logger = LoggerFactory.getLogger(AccountController.class);
@@ -36,20 +42,29 @@ public class AccountUtils {
    private static final String AUTH_CODE_PREFIX = "authCode-";
    private static final String AUTH_CODE_COUNT_PREFIX = "authCode-count-";

-    //手机格式校验
+    //手机非空和格式校验
    public static void checkMobilePhone(String mobilePhone) {
        if (StringUtils.isBlank(mobilePhone) || !ValidateUtils.isMobile(mobilePhone)) {
            throw new PicaException(PicaResultCode.PARAM_IS_INVALID.code(), "请输入正确的手机号");
        }
    }

-    //手机格式校验
+    //密码非空判断
    public static void checkPassword(String password) {
        if (StringUtils.isBlank(password)) {
            throw new PicaException(AccountExceptionEnum.PICA_NOT_EMPTY.getCode(), AccountExceptionEnum.PICA_NOT_EMPTY.getMessage());
        }
    }

+    public static boolean checkPasswordRule(String password){
+        String regex = "^(?=.*[0-9])(?=.*[a-zA-Z])(.{6,16})$";
+        boolean pass = password.matches(regex);
+        if(password.length() < 6 || password.length() > 16 || !pass){
+            return false;
+        }
+        return true;
+    }
+
    //获取验证码redis key
    public static String getAuthCodeKey(String mobilePhone, String flag) {
        return AUTH_CODE_PREFIX + flag + "-" + AESUtil.encryptV0(mobilePhone);
@@ -130,4 +145,5 @@ public class AccountUtils {
    public Long getUserIdByAcctId(Integer productType, Integer AcctId) {
        return doctorInfoMapper.selectUserIdByAcctId(AcctId);
    }
+
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/util/TokenUtils.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/util/TokenUtils.java
@@ -26,7 +26,6 @@ public class TokenUtils {
    private Logger logger = LoggerFactory.getLogger(this.getClass());

    @Autowired
-
    private ICacheClient cacheClient;

    @Autowired

--- a/server/src/main/resources/bootstrap-dev.properties
+++ b/server/src/main/resources/bootstrap-dev.properties
@@ -36,6 +36,9 @@ memcached.url=192.168.130.230:11211
 #微信登陆
 weChatAppID=wx5103ed453ef2dbe8
 weChatAppSecret=6faa9bef3302786c08b2baf278613f38
+#h5使用的云鹊医公众号
+weChatAppIDH5=wx08b383d002c73f26
+weChatAppSecretH5=b3a6be25c9f62423b88a3d0611f060d1
 weChatURL=https://api.weixin.qq.com/sns/userinfo?

 #是否开启双写模式，是否需要向p_doctor表写数据

--- a/server/src/main/resources/bootstrap-prod.properties
+++ b/server/src/main/resources/bootstrap-prod.properties
@@ -40,6 +40,8 @@ memcached.url=172.19.121.31:11211
 #微信登陆
 weChatAppID=wx5103ed453ef2dbe8
 weChatAppSecret=6faa9bef3302786c08b2baf278613f38
+weChatAppIDH5=wx2c577552a2d28550
+weChatAppSecretH5=397a92bda46180efa2c2a235b74a409a
 weChatURL=https://api.weixin.qq.com/sns/userinfo?

 #是否开启双写模式，是否需要向p_doctor表写数据

--- a/server/src/main/resources/bootstrap-test1.properties
+++ b/server/src/main/resources/bootstrap-test1.properties
@@ -39,6 +39,8 @@ memcached.url=192.168.130.230:11211
 #微信登陆
 weChatAppID=wx5103ed453ef2dbe8
 weChatAppSecret=6faa9bef3302786c08b2baf278613f38
+weChatAppIDH5=wxcaad75b7fff5659c
+weChatAppSecretH5=3d6eea715bc34489b49925b3dbde9c8b
 weChatURL=https://api.weixin.qq.com/sns/userinfo?

 #是否开启双写模式，是否需要向p_doctor表写数据

--- a/server/src/main/resources/bootstrap-uat.properties
+++ b/server/src/main/resources/bootstrap-uat.properties
@@ -39,6 +39,8 @@ memcached.url=192.168.130.230:11211
 #微信登陆
 weChatAppID=wx5103ed453ef2dbe8
 weChatAppSecret=6faa9bef3302786c08b2baf278613f38
+weChatAppIDH5=wx342ef0e5afee54a7
+weChatAppSecretH5=3859052f07d3f87cda644bf073927ef1
 weChatURL=https://api.weixin.qq.com/sns/userinfo?

 #是否开启双写模式，是否需要向p_doctor表写数据