Example 1 with Webfunc
use of cn.cerc.jbean.core.Webfunc in project summer-mis by cn-cerc.
the class SvrUserLogin method sendVerifyCode.
@Webfunc
public boolean sendVerifyCode() throws DataValidateException {
try (MemoryBuffer buff = new MemoryBuffer(BufferType.getObject, getUserCode(), SvrUserLogin.class.getName(), "sendVerifyCode")) {
if (!buff.isNull()) {
log.info(String.format("verifyCode %s", buff.getString("VerifyCode_")));
throw new RuntimeException(String.format("请勿在 %d 分钟内重复点击获取认证码!", TimeOut));
}
Record headIn = getDataIn().getHead();
DataValidateException.stopRun("用户帐号不允许为空", "".equals(getUserCode()));
String deviceId = headIn.getString("deviceId");
if ("".equals(deviceId)) {
throw new RuntimeException("认证码不允许为空");
}
SqlQuery cdsUser = new SqlQuery(this);
cdsUser.add("select Mobile_ from %s ", SystemTable.get(SystemTable.getUserInfo));
cdsUser.add("where Code_='%s' ", getUserCode());
cdsUser.open();
DataValidateException.stopRun("系统检测到该帐号还未登记过手机号,无法发送认证码到该手机上,请您联系管理员,让其开一个认证码给您登录系统!", cdsUser.eof());
String mobile = cdsUser.getString("Mobile_");
SqlQuery cdsVer = new SqlQuery(this);
cdsVer.add("select * from %s", SystemTable.get(SystemTable.getDeviceVerify));
cdsVer.add("where UserCode_='%s' and MachineCode_='%s'", getUserCode(), deviceId);
cdsVer.open();
DataValidateException.stopRun("系统出错,请您重新进入系统!", cdsVer.size() != 1);
String verifyCode = "888888";
if (ServerConfig.getAppLevel() != ServerConfig.appTest) {
verifyCode = intToStr(random(900000) + 100000);
}
cdsVer.edit();
cdsVer.setField("VerifyCode_", verifyCode);
cdsVer.setField("DeadLine_", TDateTime.Now().incDay(1));
cdsVer.post();
// 发送认证码到手机上
Record record = getDataOut().getHead();
LocalService svr = new LocalService(this, "SvrNotifyMachineVerify");
if (svr.exec("verifyCode", verifyCode, "mobile", mobile)) {
record.setField("Msg_", String.format("系统已将认证码发送到您尾号为 %s 的手机上,并且该认证码 %d 分钟内有效,请注意查收!", mobile.substring(mobile.length() - 4, mobile.length()), TimeOut));
buff.setExpires(TimeOut * 60);
buff.setField("VerifyCode", verifyCode);
} else {
record.setField("Msg_", String.format("验证码发送失败,失败原因:%s", svr.getMessage()));
}
record.setField("VerifyCode_", verifyCode);
return true;
}
}
Also used :
MemoryBuffer(cn.cerc.jbean.other.MemoryBuffer)
SqlQuery(cn.cerc.jdb.mysql.SqlQuery)
Record(cn.cerc.jdb.core.Record)
LocalService(cn.cerc.jbean.client.LocalService)
Webfunc(cn.cerc.jbean.core.Webfunc)
Example 2 with Webfunc
use of cn.cerc.jbean.core.Webfunc in project summer-mis by cn-cerc.
the class SvrUserLogin method autoLogin.
@Webfunc
public boolean autoLogin() throws SecurityCheckException {
Record headIn = getDataIn().getHead();
String token1 = headIn.getString("token");
// 加入ABCD是为了仅允许内部调用
ServerConfig config = ServerConfig.getInstance();
String token2 = config.getProperty(OssSession.oss_accessKeySecret, "") + "ABCD";
// 如果不是内部调用,则返回false
if (!token2.equals(token1)) {
return false;
}
String clientId = headIn.getString("openid");
SqlQuery ds = new SqlQuery(this);
ds.add("SELECT A.Code_,A.Password_ FROM %s A", SystemTable.get(SystemTable.getDeviceVerify));
ds.add("inner JOIN %s B", SystemTable.get(SystemTable.getUserInfo));
ds.add("ON A.UserCode_=B.Code_");
ds.add("WHERE A.MachineCode_='%s' AND A.AutoLogin_=1", clientId);
ds.open();
if (ds.eof()) {
return false;
}
headIn.setField("Account_", ds.getString("Code_"));
headIn.setField("Password_", ds.getString("Password_"));
headIn.setField("MachineID_", clientId);
headIn.setField("ClientName_", "Web浏览器");
headIn.setField("ClientIP_", "127.0.0.1");
headIn.setField("wx", true);
return this.Check();
}
Also used :
ServerConfig(cn.cerc.jbean.core.ServerConfig)
SqlQuery(cn.cerc.jdb.mysql.SqlQuery)
Record(cn.cerc.jdb.core.Record)
Webfunc(cn.cerc.jbean.core.Webfunc)
Example 3 with Webfunc
use of cn.cerc.jbean.core.Webfunc in project summer-mis by cn-cerc.
the class SvrUserLogin method Check.
/*
* 用户登录入口
*/
@Webfunc
public boolean Check() throws SecurityCheckException {
Record headIn = getDataIn().getHead();
getDataOut().getHead().setField("errorNo", 0);
String deviceId = headIn.getString("MachineID_");
// 判断是否为浏览器登陆
if (Application.webclient.equals(deviceId)) {
throw new SecurityCheckException("系统不支持使用web浏览器登录,请使用客户端登录系统!");
}
String device_name = "";
if (headIn.hasValue("ClientName_")) {
device_name = headIn.getString("ClientName_");
} else {
device_name = "unknow";
}
CustomHandle sess = (CustomHandle) this.getProperty(null);
if (headIn.exists("ClientIP_")) {
sess.setProperty(Application.clientIP, headIn.getString("ClientIP_"));
} else {
sess.setProperty(Application.clientIP, "0.0.0.0");
}
// 开始进行用户验证
String userCode = headIn.getString("Account_");
if (userCode.equals("")) {
throw new SecurityCheckException("用户帐号不允许为空!");
}
SqlQuery dsUser = new SqlQuery(this);
dsUser.add("select UID_,CorpNo_,ID_,Code_,Name_,Mobile_,DeptCode_,Enabled_,Password_,BelongAccount_,");
dsUser.add("VerifyTimes_,Encrypt_,SecurityLevel_,SecurityMachine_,PCMachine1_,PCMachine2_,");
dsUser.add("PCMachine3_,RoleCode_,DiyRole_ from %s where Code_='%s'", SystemTable.get(SystemTable.getUserInfo), userCode);
dsUser.open();
if (dsUser.eof()) {
throw new SecurityCheckException(String.format("该帐号(%s)并不存在,禁止登录!", userCode));
}
String corpNo = dsUser.getString("CorpNo_");
BookInfoRecord buff = MemoryBookInfo.get(this, corpNo);
if (buff == null) {
throw new SecurityCheckException(String.format("没有找到注册的帐套 %s ", corpNo));
}
boolean YGLogin = buff.getCorpType() == BookVersion.ctFree.ordinal();
if (buff.getStatus() == 3) {
throw new SecurityCheckException("对不起,您的账套处于暂停录入状态,禁止登录!若需启用,请您联系客服处理!");
}
if (buff.getStatus() == 4) {
throw new SecurityCheckException("对不起,您的帐套已过期,请联系客服续费!");
}
if (dsUser.getInt("Enabled_") < 1 && dsUser.getInt("VerifyTimes_") == 6) {
throw new SecurityCheckException(String.format("该帐号(%s)因输入错误密码或验证码次数达到6次,已被自动停用,禁止登录!若需启用,请您联系客服处理!", userCode));
}
if (dsUser.getInt("Enabled_") < 1) {
throw new SecurityCheckException(String.format("该帐号(%s)被暂停使用,禁止登录!若需启用,请您联系客服处理!", userCode));
}
// 判断此帐号是否为附属帐号
if (dsUser.getString("BelongAccount_") != null && !"".equals(dsUser.getString("BelongAccount_"))) {
throw new SecurityCheckException(String.format("该帐号已被设置为附属帐号,不允许登录,请使用主帐号 %s 登录系统!", dsUser.getString("BelongAccount_")));
}
// 取得认证密码,若是微信入口进入,则免密码录入
String password = headIn.getString("Password_");
if (password == null || "".equals(password)) {
if ("".equals(dsUser.getString("Mobile_"))) {
throw new RuntimeException("您没有登记手机号,请您输入密码进行登陆!");
} else {
getDataOut().getHead().setField("Mobile_", dsUser.getString("Mobile_"));
throw new RuntimeException("用户密码不允许为空!");
}
}
// 检查设备码
enrollMachineInfo(dsUser.getString("CorpNo_"), userCode, deviceId, device_name);
if (dsUser.getBoolean("Encrypt_")) {
if (!headIn.exists("wx") && !"000000".equals(password)) {
password = MD5.get(dsUser.getString("Code_") + password);
}
}
if (!isAutoLogin(userCode, deviceId) && !"000000".equals(password)) {
if (!dsUser.getString("Password_").equals(password)) {
dsUser.edit();
if (dsUser.getInt("VerifyTimes_") == 6) {
// 该账号设置停用
dsUser.setField("Enabled_", 0);
dsUser.post();
throw new RuntimeException("您输入密码的错误次数已超出规定次数,现账号已被自动停用,若需启用,请您联系客服处理!");
} else {
dsUser.setField("VerifyTimes_", dsUser.getInt("VerifyTimes_") + 1);
dsUser.post();
if (dsUser.getInt("VerifyTimes_") > 3) {
throw new SecurityCheckException(String.format("您输入密码的错误次数已达 %d 次,输错超过6次时,您的账号将被自动停用!", dsUser.getInt("VerifyTimes_")));
} else {
throw new SecurityCheckException("您的登录密码错误,禁止登录!");
}
}
}
}
// 当前设备是否已被停用
if (!isStopUsed(userCode, deviceId)) {
throw new SecurityCheckException("您的当前设备已被停用,禁止登录,请联系管理员恢复启用!");
}
try (Transaction tx = new Transaction(this)) {
String sql = String.format("update %s set LastTime_=now() where UserCode_='%s' and MachineCode_='%s' and Used_=1", SystemTable.get(SystemTable.getDeviceVerify), userCode, deviceId);
getConnection().execute(sql);
// 若该账套是待安装,则改为已启用
SqlQuery dsCorp = new SqlQuery(this);
dsCorp.add("select * from %s ", SystemTable.get(SystemTable.getBookInfo));
dsCorp.add("where CorpNo_='%s' and Status_=1 ", corpNo);
dsCorp.open();
if (!dsCorp.eof()) {
dsCorp.edit();
dsCorp.setField("Status_", 2);
dsCorp.post();
MemoryBookInfo.clear(corpNo);
}
sess.setProperty(Application.token, GuidFixStr(newGuid()));
sess.setProperty(Application.userId, dsUser.getString("ID_"));
sess.setProperty(Application.bookNo, dsUser.getString("CorpNo_"));
sess.setProperty(Application.userCode, dsUser.getString("Code_"));
if (dsUser.getBoolean("DiyRole_")) {
sess.setProperty(Application.roleCode, dsUser.getString("Code_"));
} else {
sess.setProperty(Application.roleCode, dsUser.getString("RoleCode_"));
}
// 更新当前用户总数
updateCurrentUser(device_name, headIn.getString("Screen_"), headIn.getString("Language_"));
try (MemoryBuffer Buff = new MemoryBuffer(BufferType.getSessionInfo, (String) getProperty(Application.userId), deviceId)) {
Buff.setField("UserID_", getProperty(Application.userId));
Buff.setField("UserCode_", getUserCode());
Buff.setField("UserName_", getUserName());
Buff.setField("LoginTime_", sess.getProperty(Application.loginTime));
Buff.setField("YGUser", YGLogin);
Buff.setField("VerifyMachine", false);
}
// 返回值于前台
getDataOut().getHead().setField("SessionID_", getProperty(Application.token));
getDataOut().getHead().setField("UserID_", getProperty(Application.userId));
getDataOut().getHead().setField("UserCode_", getUserCode());
getDataOut().getHead().setField("CorpNo_", handle.getCorpNo());
getDataOut().getHead().setField("YGUser", YGLogin);
// 验证成功,将验证次数赋值为0
dsUser.edit();
dsUser.setField("VerifyTimes_", 0);
dsUser.post();
tx.commit();
return true;
}
}
Also used :
MemoryBuffer(cn.cerc.jbean.other.MemoryBuffer)
SqlQuery(cn.cerc.jdb.mysql.SqlQuery)
Transaction(cn.cerc.jdb.mysql.Transaction)
Record(cn.cerc.jdb.core.Record)
CustomHandle(cn.cerc.jbean.core.CustomHandle)
Webfunc(cn.cerc.jbean.core.Webfunc)
Example 4 with Webfunc
use of cn.cerc.jbean.core.Webfunc in project summer-mis by cn-cerc.
the class SvrUserLogin method getTelToUserCode.
// 判断手机号码且账号类型为5是否已存在账号
@Webfunc
public boolean getTelToUserCode() {
Record headIn = getDataIn().getHead();
String userCode = headIn.getString("UserCode_");
Record headOut = getDataOut().getHead();
if ("".equals(userCode)) {
headOut.setField("Msg_", "手机号不允许为空!");
return false;
}
SqlQuery ds = new SqlQuery(this);
ds.add("select a.Code_ from %s oi ", SystemTable.get(SystemTable.getBookInfo));
ds.add("inner join %s a on oi.CorpNo_=a.CorpNo_ and oi.Status_ in(1,2)", SystemTable.get(SystemTable.getUserInfo));
ds.add("where a.Mobile_='%s' and ((a.BelongAccount_ is null) or (a.BelongAccount_=''))", userCode);
ds.open();
if (ds.size() == 0) {
headOut.setField("Msg_", "您的手机号码不存在于系统中,如果您需要注册帐号,请 <a href='TFrmContact'>联系客服</a> 进行咨询");
return false;
}
if (ds.size() != 1) {
headOut.setField("Msg_", String.format("您的手机绑定了多个帐号,无法登录,建议您使用主账号登陆后,在【我的账号--更改我的资料】菜单中设置主附帐号关系后再使用手机号登录!", userCode));
return false;
}
headOut.setField("UserCode_", ds.getString("Code_"));
return true;
}Aggregations
Webfunc (cn.cerc.jbean.core.Webfunc)4
Record (cn.cerc.jdb.core.Record)4
SqlQuery (cn.cerc.jdb.mysql.SqlQuery)4
MemoryBuffer (cn.cerc.jbean.other.MemoryBuffer)2
LocalService (cn.cerc.jbean.client.LocalService)1
CustomHandle (cn.cerc.jbean.core.CustomHandle)1
ServerConfig (cn.cerc.jbean.core.ServerConfig)1
Transaction (cn.cerc.jdb.mysql.Transaction)1
