漏洞

77e94949 · 周海峰 · 7bb638b8 · 77e94949 · 77e94949
Commit 77e94949 authored Jun 10, 2026 by 周海峰
--- a/src/main/java/com/metro/auth/platform/controller/AuthController.java
+++ b/src/main/java/com/metro/auth/platform/controller/AuthController.java
@@ -2,15 +2,13 @@ package com.metro.auth.platform.controller;
 import com.metro.auth.platform.domain.ResultCode;
 import com.metro.auth.platform.domain.ResultJson;
-import com.metro.auth.platform.domain.auth.PlatformPersonnel;
+import com.metro.auth.platform.domain.auth.*;
-import com.metro.auth.platform.domain.auth.User;
-import com.metro.auth.platform.domain.auth.ResponseUserToken;
-import com.metro.auth.platform.domain.auth.UserDetail;
 import com.metro.auth.platform.generallog.LogAnnotation;
+import com.metro.auth.platform.http.HttpAPIService;
 import com.metro.auth.platform.outlineapi.PlatformUrlManager;
 import com.metro.auth.platform.service.AuthService;
-import com.metro.auth.platform.utils.DateUtil;
+import com.metro.auth.platform.utils.*;
-import com.metro.auth.platform.utils.MailUtil;
+import com.metro.auth.platform.wxmessage.ApiConfig;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
@@ -20,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.web.bind.annotation.*;
+import javax.annotation.Resource;
 import javax.mail.MessagingException;
 import javax.servlet.http.HttpServletRequest;
 import javax.validation.Valid;
@@ -38,16 +37,23 @@ public class AuthController {
    private final AuthService authService;
+    @Value("${weixin-params.wx_getuserinfo}")
+    private String WX_GETUSERINFO;
+    @Resource
+    public HttpAPIService httpAPIService;
    @Autowired
    public AuthController(AuthService authService) {
        this.authService = authService;
    }
-    @LogAnnotation(operateContent="用户登录",operateType="登录")
+    @LogAnnotation(operateContent = "用户登录", operateType = "登录")
    @PostMapping(value = "/login")
    @ApiOperation(value = "登录", notes = "验证成功返回token,测试管理员账号:admin123,12345678")
    public ResultJson<ResponseUserToken> login(
-            @Valid @RequestBody User user){
+            @Valid @RequestBody User user) {
        final ResponseUserToken response = authService.login(user.getAccount(), user.getPassword());
        return ResultJson.ok(response);
    }
@@ -55,7 +61,7 @@ public class AuthController {
    @PostMapping(value = "/logout")
    @ApiOperation(value = "登出", notes = "退出登录")
    @ApiImplicitParams({@ApiImplicitParam(name = "Authorization", value = "Authorization token", required = true, dataType = "string", paramType = "header")})
-    public ResultJson logout(HttpServletRequest request){
+    public ResultJson logout(HttpServletRequest request) {
        String token = request.getHeader(tokenHeader);
        if (token == null) {
            return ResultJson.failure(ResultCode.UNAUTHORIZED);
@@ -67,16 +73,16 @@ public class AuthController {
    @GetMapping(value = "/user")
    @ApiOperation(value = "根据token获取用户信息", notes = "根据token获取用户信息")
    @ApiImplicitParams({@ApiImplicitParam(name = "Authorization", value = "参数格式 token", required = true, dataType = "string", paramType = "header")})
-    public ResultJson getUser(HttpServletRequest request){
+    public ResultJson getUser(HttpServletRequest request) {
        String token = request.getHeader(tokenHeader);
        if (token == null) {
-            log.info(DateUtil.getCurTime()+ "token 为null 导致退出登录=============================================" );
+            log.info(DateUtil.getCurTime() + "token 为null 导致退出登录=============================================");
            return ResultJson.failure(ResultCode.UNAUTHORIZED);
-        }else{
+        } else {
-            log.info("当前===============================================================token"+token);
+            log.info("当前===============================================================token" + token);
        }
        UserDetail userDetail = authService.getUserByToken(token);
-        if (userDetail==null){
+        if (userDetail == null) {
            log.info("查询用户信息失败");
        }
        return ResultJson.ok(userDetail);
@@ -86,10 +92,10 @@ public class AuthController {
    @GetMapping(value = "/refresh")
    @ApiImplicitParams({@ApiImplicitParam(name = "Authorization", value = "参数格式 token", required = true, dataType = "string", paramType = "header")})
    public ResultJson refreshAndGetAuthenticationToken(
-            HttpServletRequest request){
+            HttpServletRequest request) {
        String token = request.getHeader(tokenHeader);
        ResponseUserToken response = authService.refresh(token);
-        if(response == null) {
+        if (response == null) {
            return ResultJson.failure(ResultCode.BAD_REQUEST, "token无效");
        } else {
            return ResultJson.ok(response);
@@ -99,6 +105,7 @@ public class AuthController {
    /**
     * 功能描述: <br>扫码登录
     * 〈〉
+     *
     * @Param: [userId]
     * @Return: [userId]
     * @Author: zhouy
@@ -106,9 +113,9 @@ public class AuthController {
     */
    @GetMapping(value = "/qrcodelogin/{userId}")
-    public ResultJson<ResponseUserToken> qrcodelogin(@PathVariable String userId){
+    public ResultJson<ResponseUserToken> qrcodelogin(@PathVariable String userId) {
        final PlatformPersonnel platformPersonnel = authService.findUserInfoByaccount(userId);
-        if(platformPersonnel==null){
+        if (platformPersonnel == null) {
            return ResultJson.failure(ResultCode.FORBIDDEN);
        }
        final ResponseUserToken response = authService.login(platformPersonnel.getAccount(), platformPersonnel.getPassword());
@@ -116,72 +123,103 @@ public class AuthController {
    }
    /**
-     *
     * @param user
     * @return
     */
-    @LogAnnotation(operateContent="用户内网扫码登录",operateType="登录")
+    @LogAnnotation(operateContent = "用户内网扫码登录", operateType = "登录")
    @PostMapping(value = "/logincode")
 //    @ApiOperation(value = "登录", notes = "根据随机码登录")
-    public ResultJson<ResponseUserToken> logincode(@Valid @RequestBody User user){
+    public ResultJson<ResponseUserToken> logincode(@Valid @RequestBody User user) {
        //根据code查用户账户和密码
        PlatformPersonnel platformPersonnel = authService.findUserInfoByCode(user.getCode());
-        if (platformPersonnel!=null){
+        if (platformPersonnel != null) {
-            final ResponseUserToken response= authService.login(platformPersonnel.getAccount(), platformPersonnel.getPassword());
+            final ResponseUserToken response = authService.login(platformPersonnel.getAccount(), platformPersonnel.getPassword());
            return ResultJson.ok(response);
-         }else{
+        } else {
            return ResultJson.ok(false);
        }
    }
-    @PostMapping(value = "/savecode")
-    public ResultJson savecode(@Valid @RequestBody User user){
+    // 弃用20260606
-       int flag= authService.updateCodeByUserid(user.getAccount() ,user.getCode());
+//    @PostMapping(value = "/savecode")
-        if (flag>0){
+//    public ResultJson savecode(@Valid @RequestBody User user) {
+//        int flag = authService.updateCodeByUserid(user.getAccount(), user.getCode());
+//        if (flag > 0) {
+//            return ResultJson.ok(ResultCode.SUCCESS);
+//        } else {
+//            return ResultJson.failure(ResultCode.RESPONSE_ERROR);
+//        }
+//    }
+    /**
+     * 功能描述: 手机扫码登录
+     * zhf 20260606
+     *
+     * @param saveSqCodeReq 参数对象，包含企业微信用户code和登录验证码
+     * @return 验证结果
+     */
+    @PostMapping("/saveSqCode")
+    public ResultJson saveSqCode(@Valid @RequestBody SaveSqCodeReq saveSqCodeReq) {
+        log.info("参数为=={}", JSONUtil.toJson(saveSqCodeReq));
+        String url = WX_GETUSERINFO + SpringUtil.getBean(ApiConfig.class).getAccessToken() + "&code=" + saveSqCodeReq.getCode();
+        log.info("构建URL为=={}", url);
+        String wxuserinfo = httpAPIService.doGet(url);
+        String errmsg = (String) JSONUtil.getStringFromJSONObject(wxuserinfo, "errmsg");
+        if (!"ok".equals(errmsg)) {
+            log.info("获取微信用户信息失败，错误信息为=={}", wxuserinfo);
+            return ResultJson.failure(ResultCode.UNAUTHORIZED);
+        }
+        String userId = (String) JSONUtil.getStringFromJSONObject(wxuserinfo, "UserId");
+        int flag = authService.updateCodeByUserid(userId, saveSqCodeReq.getLoginCode());
+        if (flag > 0) {
            return ResultJson.ok(ResultCode.SUCCESS);
-        }else{
+        } else {
            return ResultJson.failure(ResultCode.RESPONSE_ERROR);
        }
    }
    /**
     * 根据邮箱保存code
+     *
     * @param user
     * @return
     */
    @PostMapping(value = "/savecodeByemail")
-    public ResultJson savecodeByemail(@Valid @RequestBody User user){
+    public ResultJson savecodeByemail(@Valid @RequestBody User user) {
-        int flag= authService.updateCodeByUserid(user.getAccount() ,user.getCode());
+        int flag = authService.updateCodeByUserid(user.getAccount(), user.getCode());
-        if (flag>0){
+        if (flag > 0) {
            return ResultJson.ok(ResultCode.SUCCESS);
-        }else{
+        } else {
            return ResultJson.failure(ResultCode.RESPONSE_ERROR);
        }
    }
    /**
     * 检验邮箱，如果存在发送邮件验证码
+     *
     * @param user
     * @return
     */
    @PostMapping(value = "/sendcodeToEmail")
-    public ResultJson sendcodeToEmail(@Valid @RequestBody User user){
+    public ResultJson sendcodeToEmail(@Valid @RequestBody User user) {
        //查询email是否存在，存在则把验证码发送到邮箱
-        String email=user.getAccount();
+        String email = user.getAccount();
-        boolean sendstatus=false;
+        boolean sendstatus = false;
-        PlatformPersonnel platformPersonnel= authService.findUserInfoByemail(email);
+        PlatformPersonnel platformPersonnel = authService.findUserInfoByemail(email);
-        if (platformPersonnel !=null){
+        if (platformPersonnel != null) {
            //发送邮件
-            String url = PlatformUrlManager.EMAIL_URL +"?account="+platformPersonnel.getAccount()+"&code=" + user.getCode();
+            String url = PlatformUrlManager.EMAIL_URL + "?account=" + platformPersonnel.getAccount() + "&code=" + user.getCode();
            String emailMsg = "<h3>授权请点击下面的超链接</h3><a href='" + url + "'> 点击授权 </a>";
-            MailUtil.sendMail(email,"内网平台登录授权",emailMsg,new String[]{""});
+            MailUtil.sendMail(email, "内网平台登录授权", emailMsg, new String[]{""});
-            sendstatus=true;
+            sendstatus = true;
-             if (sendstatus){
+            if (sendstatus) {
                return ResultJson.ok(ResultCode.SEND_SUCCESS);
-             }else{
+            } else {
                return ResultJson.ok(ResultCode.SEND_ERROR);
            }
-        }else{
+        } else {
            return ResultJson.failure(ResultCode.RESPONSE_ERROR);
        }
    }

--- a/src/main/java/com/metro/auth/platform/domain/auth/SaveSqCodeReq.java
+++ b/src/main/java/com/metro/auth/platform/domain/auth/SaveSqCodeReq.java
+package com.metro.auth.platform.domain.auth;
+import lombok.Data;
+import javax.validation.constraints.NotEmpty;
+@Data
+public class SaveSqCodeReq {
+    /**
+     * 企业微信用户code，必填项，企业微信登录时会返回code，通过code可以获取用户信息
+     */
+    @NotEmpty(message = "code不能为空")
+    private String code;
+    /**
+     * 登录验证码，必填项，登录时会返回登录验证码，通过登录验证码可以获取用户信息
+     */
+    @NotEmpty(message = "loginCode不能为空")
+    private String loginCode;
+}