Xiaoe

pom.xml

@@ -80,10 +80,10 @@
             <scope>provided</scope>
         </dependency>
         <!-- Spring Security -->
-        <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
-        </dependency>
+<!--        <dependency>-->
+<!--            <groupId>org.springframework.boot</groupId>-->
+<!--            <artifactId>spring-boot-starter-security</artifactId>-->
+<!--        </dependency>-->
         <!-- FastJSON -->
         <dependency>
             <groupId>com.alibaba</groupId>

src/main/java/com/zhentao/controller/UserController.java

@@ -1,26 +1,43 @@
 package com.zhentao.controller;
 
-import com.zhentao.dto.NoteDto;
+import com.zhentao.dto.user.NoteDto;
 import com.zhentao.dto.Result;
-import com.zhentao.dto.UserDto;
+import com.zhentao.dto.user.UserDto;
+import com.zhentao.dto.user.UserDtoup;
+import com.zhentao.dto.user.UserRegister;
 import com.zhentao.service.UserLoginService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.validation.Valid;
 
 @RestController
+@RequestMapping("user")
 public class UserController {
     @Autowired
     public UserLoginService service;
+//    登录
     @PostMapping("/login")
     public Result Login(@RequestBody @Valid UserDto userDto){
         return service.login(userDto);
     }
+//    获取验证码
     @PostMapping("/code")
-    public Result Login(@RequestBody @Valid NoteDto noteDto){
+    public Result Code(@RequestBody @Valid NoteDto noteDto){
+        System.err.println(noteDto);
         return service.note(noteDto);
     }
+//    账号密码登录
+    @PostMapping("/loginup")
+    public Result Loginup(@RequestBody @Valid UserDtoup userDtoup){
+        return service.login_up(userDtoup);
+    }
+//    注册
+    @PostMapping("/register")
+    public Result Register(@RequestBody @Valid UserRegister userRegister){
+        return service.register(userRegister);
+    }
 }

src/main/java/com/zhentao/domain/UserLogin.java

@@ -1,6 +1,5 @@
 package com.zhentao.domain;
 
-import com.baomidou.mybatisplus.annotation.IdType;
 import com.baomidou.mybatisplus.annotation.TableField;
 import com.baomidou.mybatisplus.annotation.TableId;
 import com.baomidou.mybatisplus.annotation.TableName;
@@ -23,19 +22,19 @@ public class UserLogin implements Serializable {
     private Long id;
 
     /**
-     * 
+     *
      */
-    private String openId;
+    private String userUsername;
 
     /**
-     * 
+     *
      */
-    private String unionId;
+    private String userPassword;
 
     /**
-     * 
+     *
      */
-    private String sessionPwd;
+    private String salt;
 
     /**
      * 用户昵称
@@ -154,4 +153,4 @@ public class UserLogin implements Serializable {
 
     @TableField(exist = false)
     private static final long serialVersionUID = 1L;
-}
+}

src/main/java/com/zhentao/dto/NoteDto.java → src/main/java/com/zhentao/dto/user/NoteDto.java

@@ -1,4 +1,4 @@
-package com.zhentao.dto;
+package com.zhentao.dto.user;
 
 import lombok.Data;
 

src/main/java/com/zhentao/dto/UserDto.java → src/main/java/com/zhentao/dto/user/UserDto.java

@@ -1,4 +1,4 @@
-package com.zhentao.dto;
+package com.zhentao.dto.user;
 
 import lombok.Data;
 

src/main/java/com/zhentao/dto/user/UserDtoup.java

@@ -0,0 +1,13 @@
+package com.zhentao.dto.user;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+
+@Data
+public class UserDtoup {
+    @NotBlank(message = "用户名不能为空")
+    public String username;
+    @NotBlank(message = "密码不能为空")
+    public String password;
+}

src/main/java/com/zhentao/dto/user/UserRegister.java

@@ -0,0 +1,21 @@
+package com.zhentao.dto.user;
+
+import lombok.Data;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
+
+@Data
+public class UserRegister {
+    //    手机号
+    @NotBlank(message = "手机号不能为空")
+    @Pattern(regexp = "^1[3-9]\\d{9}$", message = "手机号格式不正确")
+    private String phone;
+    //    验证码
+    @NotBlank(message = "验证码不能为空")
+    private String code;
+    @NotBlank(message = "用户名不能为空")
+    public String username;
+    @NotBlank(message = "密码不能为空")
+    public String password;
+}

src/main/java/com/zhentao/filter/TokenFilter.java

@@ -2,6 +2,7 @@ package com.zhentao.filter;
 
 import com.alibaba.fastjson.JSON;
 import com.zhentao.dto.Result;
+import com.zhentao.tool.TokenUtils;
 import org.springframework.stereotype.Component;
 
 import javax.servlet.*;
@@ -18,17 +19,20 @@ public class TokenFilter implements Filter {
         HttpServletRequest request = (HttpServletRequest) servletRequest;
         String requestURI = request.getRequestURI();
         System.err.println("发送的请求路径是"+requestURI);
-        if (requestURI.equals("/user/denglu")){
-            filterChain.doFilter(servletRequest,servletResponse);
+        if (requestURI.equals("/user/loginup") || requestURI.equals("/user/login") || requestURI.contains("/user/code") || requestURI.equals("/user/register")){
+            filterChain.doFilter(request,response);
             return;
         }
         String token = request.getHeader("Authorization");
-        if (token.equals("123")){
-            Result result = Result.OK("你没有当前权限，请联系管理员", null);
+        boolean tokenExpired = TokenUtils.isTokenExpired(token);
+        if (tokenExpired){
+            Result result = Result.OK("token已过期", null);
             String string = JSON.toJSONString(result);
             response.setContentType("application/json;charset=utf-8");
             PrintWriter writer = response.getWriter();
             writer.write(string);
+        }else {
+            filterChain.doFilter(request,response);
         }
     }
 }

src/main/java/com/zhentao/service/UserLoginService.java

@@ -2,9 +2,11 @@ package com.zhentao.service;
 
 import com.zhentao.domain.UserLogin;
 import com.baomidou.mybatisplus.extension.service.IService;
-import com.zhentao.dto.NoteDto;
+import com.zhentao.dto.user.NoteDto;
 import com.zhentao.dto.Result;
-import com.zhentao.dto.UserDto;
+import com.zhentao.dto.user.UserDto;
+import com.zhentao.dto.user.UserDtoup;
+import com.zhentao.dto.user.UserRegister;
 
 /**
 * @author 86183
@@ -12,7 +14,13 @@ import com.zhentao.dto.UserDto;
 * @createDate 2025-05-04 21:01:51
 */
 public interface UserLoginService extends IService<UserLogin> {
+    //    手机号登录
     Result login(UserDto userDto);
+
     //    短信
     Result note(NoteDto noteDto);
+    //    账号密码登录
+    Result login_up(UserDtoup userDtoup);
+    //    注册
+    Result register(UserRegister userRegister);
 }

src/main/java/com/zhentao/service/impl/UserLoginServiceImpl.java

@@ -5,13 +5,15 @@ import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
 import com.sun.deploy.net.HttpResponse;
 import com.zhentao.domain.UserLogin;
-import com.zhentao.dto.NoteDto;
+import com.zhentao.dto.user.NoteDto;
 import com.zhentao.dto.Result;
-import com.zhentao.dto.UserDto;
+import com.zhentao.dto.user.UserDto;
+import com.zhentao.dto.user.UserDtoup;
+import com.zhentao.dto.user.UserRegister;
 import com.zhentao.enums.ApiServerException;
 import com.zhentao.exception.AsynException;
-import com.zhentao.service.UserLoginService;
 import com.zhentao.mapper.UserLoginMapper;
+import com.zhentao.service.UserLoginService;
 import com.zhentao.tool.HttpUtils;
 import com.zhentao.tool.TokenUtils;
 import org.redisson.api.RLock;
@@ -20,10 +22,12 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.redis.core.StringRedisTemplate;
 import org.springframework.data.redis.core.ValueOperations;
 import org.springframework.stereotype.Service;
+import org.springframework.util.DigestUtils;
 
 import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
+import java.util.UUID;
 import java.util.concurrent.TimeUnit;
 
 /**
@@ -40,13 +44,15 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginMapper, UserLogin
     private RedissonClient redissonClient;
     @Override
     public Result login(UserDto userDto) {
-        RLock lock = redissonClient.getLock(userDto.getPhone());
+        RLock lock = redissonClient.getLock(userDto.getPhone()+"phone");
         try {
             boolean b = lock.tryLock(10, 20, TimeUnit.SECONDS);
             if (b){
+                System.err.println(userDto);
                 String s = stringRedisTemplate.opsForValue().get(userDto.getPhone());
+                System.err.println(s);
 //                验证码比较
-                if (s.equals(userDto.getCode())){
+                if (!s.equals(userDto.getCode())){
                     throw new AsynException(ApiServerException.NOTE_ERROR);
                 }
                 try{
@@ -75,8 +81,6 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginMapper, UserLogin
         }
         return null;
     }
-
-
     @Override
     public Result note(NoteDto noteDto) {
         int randomSixDigit = 100000 + (int) (Math.random() * 900000); // 生成六位随机数
@@ -85,40 +89,128 @@ public class UserLoginServiceImpl extends ServiceImpl<UserLoginMapper, UserLogin
         ValueOperations<String, String> stringStringValueOperations = stringRedisTemplate.opsForValue();
         stringStringValueOperations.set(noteDto.getPhone(),randomSixDigit+"");
 
-        String host = "https://gyytz.market.alicloudapi.com";
-        String path = "/sms/smsSend";
-        String method = "POST";
-        String appcode = "03a7c868bfcb4de291d6d609a6b625d3";
-        Map<String, String> headers = new HashMap<String, String>();
-        //最后在header中的格式(中间是英文空格)为Authorization:APPCODE 83359fd73fe94948385f570e3c139105
-        headers.put("Authorization", "APPCODE " + appcode);
-        Map<String, String> querys = new HashMap<String, String>();
-        querys.put("mobile", noteDto.getPhone());
-        querys.put("param", "**code**:"+randomSixDigit+",**minute**:5");
-
-//smsSignId（短信前缀）和templateId（短信模板），可登录国阳云控制台自助申请。参考文档：http://help.guoyangyun.com/Problem/Qm.html
-
-        querys.put("smsSignId", "2e65b1bb3d054466b82f0c9d125465e2");
-        querys.put("templateId", "908e94ccf08b4476ba6c876d13f084ad");
-        Map<String, String> bodys = new HashMap<String, String>();
-
+//        String host = "https://gyytz.market.alicloudapi.com";
+//        String path = "/sms/smsSend";
+//        String method = "POST";
+//        String appcode = "03a7c868bfcb4de291d6d609a6b625d3";
+//        Map<String, String> headers = new HashMap<String, String>();
+//        //最后在header中的格式(中间是英文空格)为Authorization:APPCODE 83359fd73fe94948385f570e3c139105
+//        headers.put("Authorization", "APPCODE " + appcode);
+//        Map<String, String> querys = new HashMap<String, String>();
+//        querys.put("mobile", noteDto.getPhone());
+//        querys.put("param", "**code**:"+randomSixDigit+",**minute**:5");
+//
+////smsSignId（短信前缀）和templateId（短信模板），可登录国阳云控制台自助申请。参考文档：http://help.guoyangyun.com/Problem/Qm.html
+//
+//        querys.put("smsSignId", "2e65b1bb3d054466b82f0c9d125465e2");
+//        querys.put("templateId", "908e94ccf08b4476ba6c876d13f084ad");
+//        Map<String, String> bodys = new HashMap<String, String>();
+//
+//
+//        try {
+//            /**
+//             * 重要提示如下:
+//             * HttpUtils请从\r\n\t    \t* https://github.com/aliyun/api-gateway-demo-sign-java/blob/master/src/main/java/com/aliyun/api/gateway/demo/util/HttpUtils.java\r\n\t    \t* 下载
+//             *
+//             * 相应的依赖请参照
+//             * https://github.com/aliyun/api-gateway-demo-sign-java/blob/master/pom.xml
+//             */
+//            HttpResponse response = (HttpResponse) HttpUtils.doPost(host, path, method, headers, querys, bodys);
+//            System.out.println(response.toString());
+//            //获取response的body
+//            //System.out.println(EntityUtils.toString(response.getEntity()));
+//        } catch (Exception e) {
+//            e.printStackTrace();
+//        }
+        return Result.OK("发送成功",null);
+    }
 
+    @Override
+    public Result login_up(UserDtoup userDtoup) {
+        RLock lock = redissonClient.getLock(userDtoup.username+"username");
         try {
-            /**
-             * 重要提示如下:
-             * HttpUtils请从\r\n\t    \t* https://github.com/aliyun/api-gateway-demo-sign-java/blob/master/src/main/java/com/aliyun/api/gateway/demo/util/HttpUtils.java\r\n\t    \t* 下载
-             *
-             * 相应的依赖请参照
-             * https://github.com/aliyun/api-gateway-demo-sign-java/blob/master/pom.xml
-             */
-            HttpResponse response = (HttpResponse) HttpUtils.doPost(host, path, method, headers, querys, bodys);
-            System.out.println(response.toString());
-            //获取response的body
-            //System.out.println(EntityUtils.toString(response.getEntity()));
-        } catch (Exception e) {
-            e.printStackTrace();
+            boolean b = lock.tryLock(10, 20, TimeUnit.SECONDS);
+            if (b){
+                QueryWrapper<UserLogin> queryWrapper = new QueryWrapper<>();
+                queryWrapper.eq("user_username",userDtoup.getUsername());
+                UserLogin one = this.getOne(queryWrapper);
+                if (one==null){
+                    throw new AsynException(ApiServerException.NULL_USERNAME);
+                }
+                String salt = one.getSalt();
+                String s = DigestUtils.md5DigestAsHex((salt + userDtoup.getPassword()).getBytes());
+                if (!s.equals(one.getUserPassword())){
+                    throw new AsynException(ApiServerException.NULL_PASSWORD);
+                }
+                String jwtToken = TokenUtils.createJwtToken(one.getId()+"");
+                return Result.OK("登录成功",jwtToken);
+            }
+        }catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }finally {
+            lock.unlock();
         }
-        return Result.OK("发送成功",null);
+        return null;
+    }
+//注册
+    @Override
+    public Result register(UserRegister userRegister) {
+        System.err.println(userRegister);
+        RLock lock = redissonClient.getLock(userRegister.getPhone()+userRegister.getUsername());
+        try{
+            boolean b = lock.tryLock(10, 20, TimeUnit.SECONDS);
+            if (b){
+//                用来判断验证码是否正确
+                String s = stringRedisTemplate.opsForValue().get(userRegister.getPhone());
+                System.err.println("redis取出来的验证码："+s);
+                if (!s.equals(userRegister.getCode())){
+                    throw new AsynException(ApiServerException.NOTE_ERROR);
+                }
+//                根据手机号查询信息
+                QueryWrapper<UserLogin> queryWrapper = new QueryWrapper<>();
+                queryWrapper.eq("user_mobile",userRegister.getPhone());
+                UserLogin one = this.getOne(queryWrapper);
+                if (one==null){
+                    UserLogin userLogin = new UserLogin();
+                    userLogin.setUserMobile(userRegister.getPhone());
+                    userLogin.setUserUsername(userRegister.getUsername());
+//                    随机字符串
+                    String uuid = String.valueOf(UUID.randomUUID());
+                    userLogin.setSalt(uuid);
+//                    md5加密
+                    String s1 = DigestUtils.md5DigestAsHex((uuid + userRegister.getPassword()).getBytes());
+                    userLogin.setUserPassword(s1);
+                    long l = IdUtil.getSnowflake(1, 1).nextId();
+//                    进行注册
+                    boolean save = this.save(userLogin);
+                    if (save){
+                        return Result.OK("注册成功",save);
+                    }else {
+                        return Result.ERR("注册失败",save);
+                    }
+                }else {
+                    one.setUserUsername(userRegister.getUsername());
+                    //                    随机字符串
+                    String uuid = String.valueOf(UUID.randomUUID());
+                    one.setSalt(uuid);
+//                    md5加密
+                    String s1 = DigestUtils.md5DigestAsHex((uuid + userRegister.getPassword()).getBytes());
+                    one.setUserPassword(s1);
+//                    进行修改
+                    boolean b1 = this.updateById(one);
+                    if (b1){
+                        return Result.OK("注册成功",b1);
+                    }else {
+                        return Result.ERR("注册失败",b1);
+                    }
+                }
+            }
+        }catch (InterruptedException e){
+            Thread.currentThread().interrupt();
+        }finally {
+            lock.unlock();
+        }
+        return null;
     }
 }
 

src/main/java/com/zhentao/tool/TokenUtils.java

@@ -6,108 +6,87 @@ import io.jsonwebtoken.Claims;
 import io.jsonwebtoken.JwtBuilder;
 import io.jsonwebtoken.Jwts;
 import io.jsonwebtoken.SignatureAlgorithm;
-
 import javax.crypto.spec.SecretKeySpec;
 import javax.xml.bind.DatatypeConverter;
 import java.security.Key;
 import java.util.Date;
 
-/**
- * 生成Token工具类
- */
 public class TokenUtils {
 
-    /**
-     * 签名秘钥
-     */
     public static final String SECRET = "cjyfutu1688";
 
-    /**
-     * 生成token
-     * @param id 一般传入userName
-     * @return
-     */
-    public static String createJwtToken(String id){
+    public static String createJwtToken(String id) {
         String issuer = "www.futureading.com";
         String subject = "65532781@qq.com";
-        long ttlMillis = System.currentTimeMillis();
+        long ttlMillis = 3600000; // 例如，设置token有效期为1小时
         return createJwtToken(id, issuer, subject, ttlMillis);
     }
 
-    /**
-     * 生成Token
-     *
-     * @param id
-     *            编号
-     * @param issuer
-     *            该JWT的签发者，是否使用是可选的
-     * @param subject
-     *            该JWT所面向的用户，是否使用是可选的；
-     * @param ttlMillis
-     *            签发时间
-     * @return token String
-     */
     public static String createJwtToken(String id, String issuer, String subject, long ttlMillis) {
-
-        // 签名算法 ，将对token进行签名
         SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
-
-        // 生成签发时间
         long nowMillis = System.currentTimeMillis();
         Date now = new Date(nowMillis);
 
-        // 通过秘钥签名JWT
         byte[] apiKeySecretBytes = DatatypeConverter.parseBase64Binary(SECRET);
         Key signingKey = new SecretKeySpec(apiKeySecretBytes, signatureAlgorithm.getJcaName());
 
-        // Let's set the JWT Claims
         JwtBuilder builder = Jwts.builder().setId(id)
                 .setIssuedAt(now)
                 .setSubject(subject)
                 .setIssuer(issuer)
                 .signWith(signatureAlgorithm, signingKey);
 
-        // if it has been specified, let's add the expiration
         if (ttlMillis >= 0) {
             long expMillis = nowMillis + ttlMillis;
             Date exp = new Date(expMillis);
             builder.setExpiration(exp);
         }
 
-        // Builds the JWT and serializes it to a compact, URL-safe string
         return builder.compact();
-
     }
 
-    // Sample method to validate and read the JWT
     public static Claims parseJWT(String jwt) {
-        // This line will throw an exception if it is not a signed JWS (as expected)
         Claims claims = Jwts.parser()
                 .setSigningKey(DatatypeConverter.parseBase64Binary(SECRET))
                 .parseClaimsJws(jwt).getBody();
         return claims;
     }
 
-    public static Long getUserId(String token){
+    public static Long getUserId(String token) {
         Claims claims = null;
         try {
-            claims = TokenUtils.parseJWT(token);
+            claims = parseJWT(token);
         } catch (Exception e) {
             throw new AsynException(ApiServerException.TOKEN_ERR);
         }
 
-        if(null==claims) {
+        if (null == claims) {
             throw new AsynException(ApiServerException.TOKEN_ERR);
         }
         String id = claims.getId();
-        Long userId=Long.valueOf(id);
+        Long userId = Long.valueOf(id);
 
         return userId;
+    }
 
-
+    /**
+     * 检查token是否过期
+     * @param jwt 要检查的token
+     * @return 如果token过期返回true，否则返回false
+     */
+    public static boolean isTokenExpired(String jwt) {
+        Claims claims = parseJWT(jwt);
+        Date exp = claims.getExpiration();
+        if (exp == null) {
+            // 如果没有设置过期时间，可以认为token不过期
+            return false;
+        }
+        return exp.before(new Date()); // 比较当前时间和过期时间
     }
 
     public static void main(String[] args) {
-        System.out.println(TokenUtils.createJwtToken("admin"));
+        String token = TokenUtils.createJwtToken("admin");
+        System.out.println("Token: " + token);
+        System.out.println("Is expired: " + TokenUtils.isTokenExpired(token));
     }
 }

src/main/resources/application.yml

@@ -10,4 +10,3 @@ spring:
     host: 47.110.46.22
     port: 6379
     database: 0
-    password: Fengjiajia0610