v1 账户密码登录 step2

e9dd327d · Peijun.zhao · e2494cfc · e9dd327d · e9dd327d · e9dd327d
--- a/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginV1Controller.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/controller/LoginV1Controller.java
@@ -5,10 +5,12 @@ import com.pica.cloud.account.account.server.entity.AesBean.AesAuthCodeReq;
 import com.pica.cloud.account.account.server.entity.EncryptEntity;
 import com.pica.cloud.account.account.server.entity.LogLoginAes;
 import com.pica.cloud.account.account.server.entity.LoginResult;
+import com.pica.cloud.account.account.server.enums.SourceTypeEnum;
 import com.pica.cloud.account.account.server.req.BaseRequest;
 import com.pica.cloud.account.account.server.req.OneClickLoginReq;
 import com.pica.cloud.account.account.server.service.LoginService;
 import com.pica.cloud.account.account.server.service.LoginV1Service;
+import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.CryptoUtil;
 import com.pica.cloud.account.account.server.util.RSAUtil;
 import com.pica.cloud.foundation.entity.PicaResponse;
@@ -23,7 +25,7 @@ import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
-@Api(description = "登录v1.0")
+@Api(description = "登录注册相关接口 v1.0")
 @RestController
 @RequestMapping("v1/login")
 public class LoginV1Controller extends AccountBaseController {
@@ -40,7 +42,7 @@ public class LoginV1Controller extends AccountBaseController {
    public PicaResponse<LoginResult> oneClickLogin(@RequestBody AesAuthCodeReq aesReq) throws Exception {
        //added by joy begin
        EncryptEntity entity = new EncryptEntity();
-        if(StringUtils.isEmpty(aesReq.getKey()) && StringUtils.isEmpty(aesReq.getContent())){
+        if (StringUtils.isEmpty(aesReq.getKey()) && StringUtils.isEmpty(aesReq.getContent())) {
            //明文时处理
            entity = RSAUtil.getOneClickEncrypt(aesReq);
            logger.info("AesAuthCodeReq oneClickLogin:" + JSONObject.toJSONString(aesReq));
@@ -54,7 +56,7 @@ public class LoginV1Controller extends AccountBaseController {
            loginAes.setMobile(aesReq.getMobile());
            loginAes.setDeviceInfo(super.getDeviceInfoLow("deviceinfo"));
            loginService.insertLoginAesLog(loginAes);
-        }else {
+        } else {
            //执行原逻辑
            entity.setKey(aesReq.getKey());
            entity.setContent(aesReq.getContent());
@@ -66,7 +68,7 @@ public class LoginV1Controller extends AccountBaseController {
        req.setSourceType(super.getSourceType());
        req.setLoginIp(super.getIpAddr());
        req.setUserTokenTourist(super.getUserTokenTourist());
-        logger.info("one-click req:{}",JSONObject.toJSONString(req));
+        logger.info("one-click req:{}", JSONObject.toJSONString(req));
        LoginResult oneClickLoginResultVo = loginV1Service.oneClickLogin(req);
        return PicaResponse.toResponse(oneClickLoginResultVo);
    }
@@ -85,4 +87,36 @@ public class LoginV1Controller extends AccountBaseController {
        return PicaResponse.toResponse();
    }
+    /**
+     * 密码登录接口（app、H5、web --> v1）
+     *
+     * @param authCodeReq
+     * @return
+     * @throws Exception
+     */
+    @ApiOperation("密码登录接口")
+    @PostMapping("/password")
+    public PicaResponse<LoginResult> v1LoginPassword(@RequestBody AesAuthCodeReq authCodeReq) throws Exception {
+        EncryptEntity entity = new EncryptEntity();
+        entity.setKey(authCodeReq.getKey());
+        entity.setContent(authCodeReq.getContent());
+        BaseRequest request = CryptoUtil.decrypt(entity, BaseRequest.class);
+        request.setProductType(super.getProductType());
+        Integer sourceType = super.getSourceType();
+        request.setSourceType(sourceType == null ? 0 : sourceType);
+        request.setLoginIp(super.getIpAddr());
+        request.setUserTokenTourist(super.getUserTokenTourist());
+        AccountUtils.checkMobilePhone(request.getMobile());
+        AccountUtils.checkPassword(request.getPassword());
+        LoginResult login = loginV1Service.v1LoginPassword(request);
+        if (SourceTypeEnum.SAAS.getCode().equals(sourceType)) {
+            login.setDoctorId("");
+        } else {
+            login.setUserId(null);
+        }
+        return PicaResponse.toResponse(login);
+    }
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/LoginService.java
@@ -100,4 +100,5 @@ public interface LoginService {
    int insertLoginAesLog(LogLoginAes aes);
    LoginResult loginQRCode(BaseRequest request);
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/LoginV1Service.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/LoginV1Service.java
@@ -11,4 +11,6 @@ public interface LoginV1Service {
    void mobileValidate(BaseRequest request);
+    LoginResult v1LoginPassword(BaseRequest request);
 }
--- a/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginV1ServiceImpl.java
+++ b/server/src/main/java/com/pica/cloud/account/account/server/service/impl/LoginV1ServiceImpl.java
@@ -3,6 +3,7 @@ package com.pica.cloud.account.account.server.service.impl;
 import com.alibaba.fastjson.JSON;
 import com.alibaba.fastjson.JSONObject;
+import com.pica.cloud.account.account.server.constants.Constants;
 import com.pica.cloud.account.account.server.entity.*;
 import com.pica.cloud.account.account.server.enums.AccountExceptionEnum;
 import com.pica.cloud.account.account.server.enums.AccountTypeEnum;
@@ -21,11 +22,13 @@ import com.pica.cloud.account.account.server.util.AccountUtils;
 import com.pica.cloud.account.account.server.util.IntactUtil;
 import com.pica.cloud.account.account.server.util.TokenUtils;
 import com.pica.cloud.foundation.completeness.client.utils.IntactUtils;
+import com.pica.cloud.foundation.completeness.contract.constants.CommonConstants;
 import com.pica.cloud.foundation.encryption.common.constants.EncryptConstants;
 import com.pica.cloud.foundation.encryption.util.EncryptUtils;
 import com.pica.cloud.foundation.entity.PicaException;
 import com.pica.cloud.foundation.entity.PicaResultCode;
 import com.pica.cloud.foundation.entity.PicaWarnException;
+import com.pica.cloud.foundation.redis.ICacheClient;
 import com.pica.cloud.foundation.utils.utils.ValidateUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@@ -46,9 +49,6 @@ public class LoginV1ServiceImpl implements LoginV1Service {
    @Autowired
    private OneClickProcessor oneClickProcessor;
-    @Autowired
-    private AccountInfoDetailMapper accountInfoDetailMapper;
    @Autowired
    private IntactUtil intactUtil;
@@ -67,9 +67,12 @@ public class LoginV1ServiceImpl implements LoginV1Service {
    @Autowired
    private AccountInfoDetailMapper accountInfoMapper;
+    @Autowired
+    private ICacheClient cacheClient;
    /**
     * 新版一键登录
+     *
     * @param req
     * @return
     */
@@ -81,7 +84,7 @@ public class LoginV1ServiceImpl implements LoginV1Service {
            throw new PicaException(PicaResultCode.INTERFACE_INVOKE_EXCEPTION.code(), "获取手机号失败！");
        }
        queryMobileEntity.setSourceType(req.getSourceType());
-        AccountInfoEntity accountInfoEntity = accountInfoDetailMapper.selectByMobile(AESUtil.encryptV0(queryMobileEntity.getMobile()));
+        AccountInfoEntity accountInfoEntity = accountInfoMapper.selectByMobile(AESUtil.encryptV0(queryMobileEntity.getMobile()));
        BaseRequest baseRequest = new BaseRequest();
        baseRequest.setMobile(queryMobileEntity.getMobile());
        baseRequest.setSourceType(req.getSourceType());
@@ -108,6 +111,7 @@ public class LoginV1ServiceImpl implements LoginV1Service {
    /**
     * 手机号 统一check
+     *
     * @param request
     */
    @Override
@@ -129,9 +133,7 @@ public class LoginV1ServiceImpl implements LoginV1Service {
                    AccountExceptionEnum.PICA_MOBILE_REG_FALSE.getMessage());
        }
-        if (bizType.equals(2)) {
+        if (bizType.equals(3)) {
-        } else if (bizType.equals(3)) {
            // 账户密码登录-step1-check mobile
            //  手机号是否注册
            AccountInfoEntity accountInfo = accountInfoMapper.selectByMobile(AESUtil.encryptV0(mobile));
@@ -153,7 +155,172 @@ public class LoginV1ServiceImpl implements LoginV1Service {
        }
    }
-    /**------------------- private -------------------*/
+    /**
+     * v1 账户密码登录
+     *
+     * @param request
+     * @return
+     */
+    @Override
+    public LoginResult v1LoginPassword(BaseRequest request) {
+        String batchNo = IntactUtils.getUUID();
+        intactUtil.sendIntact(batchNo, "v1LoginPassword", CommonConstants.INTACT_CONTENT_LOG_STATUS_1, "request:" + JSON.toJSONString(request));
+        String mobile = request.getMobile();
+        Integer sourceType = request.getSourceType();
+        String encrypt = AESUtil.encryptV0(mobile);
+        AccountInfoEntity accountInfoEntity = accountInfoMapper.selectByMobile(encrypt);
+        Doctor doctorInfo = doctorInfoMapper.getDoctorInfoByMobile(encrypt);
+        if (null == accountInfoEntity || null == doctorInfo) {
+            intactUtil.sendIntact(batchNo, "v1LoginPassword", CommonConstants.INTACT_CONTENT_LOG_STATUS_3, "手机号" + mobile + "尚未注册");
+            throw new PicaWarnException(AccountExceptionEnum.MOBILE_NOT_REGISTER.getCode(),
+                    AccountExceptionEnum.MOBILE_NOT_REGISTER.getMessage().replace("{mobile}", mobile));
+        } else {
+            String oldPwd = accountInfoEntity.getPassword();
+            String password = request.getPassword();
+            // db中账户 未设置密码
+            if (StringUtils.isEmpty(oldPwd)) {
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    intactUtil.sendIntact(batchNo, "v1LoginPassword", CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                    throw new PicaWarnException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD_H5.getMessage());
+                } else {
+                    intactUtil.sendIntact(batchNo, "v1LoginPassword", com.pica.cloud.foundation.completeness.contract.constants.CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getMessage().replace("{mobile}", mobile));
+                    throw new PicaException(AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getCode(),
+                            AccountExceptionEnum.PICA_MOBILE_NOT_SETED_PASSWORD.getMessage()
+                                    .replace("{mobile}", mobile));
+                }
+            }
+            //  判断账号是否已锁
+            checkMobileIsLocked(mobile, sourceType, batchNo, "v1LoginPassword");
+            if (!password.equals(oldPwd)) {
+                //登录密码错误，次数计数、存cache
+                checkMobileErrorPasswordLogin(mobile, sourceType, batchNo, "v1LoginPassword");
+            } else {
+                intactUtil.sendIntact(batchNo, "v1LoginPassword", CommonConstants.INTACT_CONTENT_LOG_STATUS_3, "接下来调用pwdLoginCorrect");
+                //密码登录-密码正确逻辑
+                return v1PwdLoginCorrect(request,mobile,doctorInfo);
+            }
+        }
+        return null;
+    }
+    /**
+     * ------------------- private -------------------
+     */
+    /**
+     * 判断账号是否已锁
+     *
+     * @param mobile
+     */
+    private void checkMobileIsLocked(String mobile, Integer sourceType, String batchNo, String batchMethod) {
+        String lockKey = Constants.ACCOUNT_LOCK_KEY.replace("{mobile}", mobile);
+        if (cacheClient.exists(lockKey)) {
+            if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+            } else {
+                intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+            }
+        }
+    }
+    /**
+     * @param mobile
+     * @param sourceType
+     * @param batchNo
+     * @param batchMethod
+     */
+    private void checkMobileErrorPasswordLogin(String mobile, Integer sourceType, String batchNo, String batchMethod) {
+        String lockKey = Constants.ACCOUNT_LOCK_KEY.replace("{mobile}", mobile);
+        String errorKey = Constants.PWD_ERROR_NUM_KEY.replace("{mobile}", mobile);
+        if (cacheClient.exists(errorKey)) {
+            int errorCount = Integer.parseInt(cacheClient.get(errorKey));
+            errorCount = errorCount + 1;
+            cacheClient.set(errorKey, errorCount, Constants.PWD_ERROR_NUM_SECONDS);
+            if (errorCount <= 4) {
+                intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_4.getMessage());
+                throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_4.getCode(),
+                        AccountExceptionEnum.PICA_PWD_MISMATCH_4.getMessage());
+            } else {
+                //  设置账号锁定24h
+                cacheClient.set(lockKey, mobile, Constants.PWD_ERROR_NUM_SECONDS);
+                if (sourceType != null && SourceTypeEnum.H5.getCode().equals(sourceType)) {
+                    intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                            AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                    throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getCode(),
+                            AccountExceptionEnum.PICA_PWD_MISMATCH_5_H5.getMessage());
+                } else {
+                    intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                            AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                    throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_5.getCode(),
+                            AccountExceptionEnum.PICA_PWD_MISMATCH_5.getMessage().replace("{mobile}", mobile));
+                }
+            }
+        } else {
+            cacheClient.set(errorKey, 1, Constants.PWD_ERROR_NUM_SECONDS);
+            intactUtil.sendIntact(batchNo, batchMethod, CommonConstants.INTACT_CONTENT_LOG_STATUS_3,
+                    AccountExceptionEnum.PICA_PWD_MISMATCH_4.getMessage());
+            throw new PicaException(AccountExceptionEnum.PICA_PWD_MISMATCH_4.getCode(),
+                    AccountExceptionEnum.PICA_PWD_MISMATCH_4.getMessage());
+        }
+    }
+    /**
+     * @Description 密码登录-密码正确逻辑
+     */
+    private LoginResult v1PwdLoginCorrect(BaseRequest request, String mobile, Doctor doctor) {
+        //接入新旭事务一致性
+        String batchNo = IntactUtils.getUUID();
+        intactUtil.sendIntact(batchNo, "v1PwdLoginCorrect", CommonConstants.INTACT_CONTENT_LOG_STATUS_1, "baseRequest:" + JSON.toJSONString(request));
+        Date currentTime = new Date();
+        Integer acctId = doctor.getAcctId();
+        int productType = request.getProductType();
+        int sourceType = request.getSourceType();
+        Integer userId = doctor.getId();
+        Account account = new Account();
+        account.setId(userId.longValue());
+        account.setAcctId(acctId);
+        account.setCreatTime(currentTime);
+        account.setMobilePhone(mobile);
+        account.setRegisterSource(sourceType);
+        String newToken = tokenUtils.generateToken(account);
+        LoginResult result = new LoginResult();
+        result.setToken(newToken);
+        result.setUserId(userId.longValue());
+        result.setMobile(mobile);
+        result.setDoctorId(EncryptUtils.encryptContent(userId + "", EncryptConstants.ENCRYPT_TYPE_ID));
+        result.setEntireFlag(doctor.getEntireFlag());
+        LogLoginEntity entity = AccountLogEntityUtils.getLogLoginEntity(acctId, productType, sourceType,
+                AccountTypeEnum.LOGIN_PWD.getCode(), request.getLoginIp(), AccountTypeEnum.LOGIN_STATUS_SUCCESS.getCode(),
+                AccountTypeEnum.LOG_TYPE_LOGIN.getCode(), newToken, 1, request.getUserTokenTourist());
+        picaLogUtils.info(entity);
+        //  密码登录成功以后，清除错误次数记录
+        String pwdErrorNum = Constants.PWD_ERROR_NUM_KEY.replace("{mobile}", mobile);
+        if (cacheClient.exists(pwdErrorNum)) {
+            cacheClient.del(pwdErrorNum);
+        }
+        intactUtil.sendIntact(batchNo, "v1PwdLoginCorrect", CommonConstants.INTACT_CONTENT_LOG_STATUS_3, "baseRequest:" + JSON.toJSONString(request));
+        return result;
+    }
    private LoginResult processLogin(BaseRequest baseRequest, Integer acctId, Integer loginType, QueryMobileEntity queryMobileEntity) {
        //接入新旭事务一致性