AjaxResult ajax = AjaxResult.success(); // 生成令牌 log.info("ecryptPassword:" + loginBody.getPassword()); String password = DESUtils.decrypt(loginBody.getPassword(), desKey, "DES/ECB/PKCS7Padding"); log.info("decryptPassword:" + password); // TODO 取出第一个用户进行登录,---已修改 SysUser sysUser = sysUserMapper.selectUserByUserName(loginBody.getUsername()); if(Objects.isNull(sysUser)){ throw new ServiceException("账号不存在"); } Boolean flag; if (InitData.accountList.contains(loginBody.getUsername())) { flag = true; } else { if(!StrUtil.equals(sysUser.getPhonenumber(),loginBody.getPhone())){ throw new ServiceException("手机号码与账号不匹配"); } flag = smsRecordService.verifyMsg(loginBody.getPhone(), loginBody.getSmsCode()).toString().equals(SmsConstants.AUTH_CODE_SUCCESS); } if (flag) { String token = loginService.login(loginBody.getUsername(), password, loginBody.getCode(), loginBody.getUuid(), true); ajax.put(Constants.TOKEN, token); return ajax; } else { throw new ServiceException(smsRecordService.verifyMsg(loginBody.getPhone(), loginBody.getSmsCode()).toString()); }
时间: 2024-04-26 18:21:10 浏览: 7
这段代码是一个 Java 后端程序,主要实现用户登录的逻辑。程序首先通过传入的用户名从数据库中查询用户信息,如果用户不存在,则抛出 ServiceException 异常提示“账号不存在”;如果用户存在,则进行短信验证码验证。如果该用户是系统初始化的账号,直接通过验证;否则需要验证传入的手机号码和短信验证码是否匹配。如果验证通过,则调用 loginService.login 方法进行登录并生成一个令牌 token 返回给客户端;否则抛出 ServiceException 异常提示“短信验证码不正确”。该程序还使用了 DESUtils 工具类对传入的密码进行了解密处理。
相关问题
如何优化 AjaxResult ajax = AjaxResult.success(); // 生成令牌 log.info("ecryptPassword:" + loginBody.getPassword()); String password = DESUtils.decrypt(loginBody.getPassword(), desKey, "DES/ECB/PKCS7Padding"); log.info("decryptPassword:" + password); // TODO 取出第一个用户进行登录,---已修改 SysUser sysUser = sysUserMapper.selectUserByUserName(loginBody.getUsername()); if(Objects.isNull(sysUser)){ throw new ServiceException("账号不存在"); } Boolean flag; if (InitData.accountList.contains(loginBody.getUsername())) { flag = true; } else { if(!StrUtil.equals(sysUser.getPhonenumber(),loginBody.getPhone())){ throw new ServiceException("手机号码与账号不匹配"); } flag = smsRecordService.verifyMsg(loginBody.getPhone(), loginBody.getSmsCode()).toString().equals(SmsConstants.AUTH_CODE_SUCCESS); } if (flag) { String token = loginService.login(loginBody.getUsername(), password, loginBody.getCode(), loginBody.getUuid(), true); ajax.put(Constants.TOKEN, token); return ajax; } else { throw new ServiceException(smsRecordService.verifyMsg(loginBody.getPhone(), loginBody.getSmsCode()).toString()); }
这段代码中可以考虑以下优化:
1. 尽量避免使用多个 if-else 语句,可以将条件逆向思考,将多个条件合并为一个条件判断语句,从而简化代码逻辑。
2. 可以将 SysUser 对象和 flag 变量的定义合并为一个语句,避免重复定义变量。
3. 在进行短信验证码验证时,可以先判断手机号码和短信验证码是否为空,避免出现空指针异常。
示例代码如下:
```
AjaxResult ajax = AjaxResult.success();
log.info("ecryptPassword:" + loginBody.getPassword());
String password = DESUtils.decrypt(loginBody.getPassword(), desKey, "DES/ECB/PKCS7Padding");
log.info("decryptPassword:" + password);
SysUser sysUser = sysUserMapper.selectUserByUserName(loginBody.getUsername());
if (sysUser == null) {
throw new ServiceException("账号不存在");
}
boolean flag = InitData.accountList.contains(loginBody.getUsername()) ||
(loginBody.getPhone() != null && loginBody.getSmsCode() != null &&
sysUser.getPhonenumber().equals(loginBody.getPhone()) &&
smsRecordService.verifyMsg(loginBody.getPhone(), loginBody.getSmsCode()).toString().equals(SmsConstants.AUTH_CODE_SUCCESS));
if (flag) {
String token = loginService.login(loginBody.getUsername(), password, loginBody.getCode(), loginBody.getUuid(), true);
ajax.put(Constants.TOKEN, token);
return ajax;
} else {
throw new ServiceException("短信验证码不正确");
}
```
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { if (handler instanceof HandlerMethod) { HandlerMethod handlerMethod = (HandlerMethod) handler; Method method = handlerMethod.getMethod(); RepeatSubmit annotation = method.getAnnotation(RepeatSubmit.class); if (annotation != null && this.isRepeatSubmit(request, annotation)) { AjaxResult ajaxResult = AjaxResult.error(annotation.message()); ServletUtils.renderString(response, JSON.toJSONString(ajaxResult)); return false; } // if (annotation != null) { // if (this.isRepeatSubmit(request, annotation)) { // AjaxResult ajaxResult = AjaxResult.error(annotation.message()); // ServletUtils.renderString(response, JSON.toJSONString(ajaxResult)); // return false; // } // } } boolean flag = false; TokenService tokenService = SpringUtils.getBean(TokenService.class); LoginAppUser loginUser = tokenService.getLoginUser(request); if (loginUser != null && loginUser.getGuest() != null && loginUser.getGuest().getGuestNum() != null) { tokenService.verifyToken(loginUser); String guestNum = loginUser.getGuest().getGuestNum(); HttpSession httpSession = request.getSession(); RedisCache redisUtil = SpringUtils.getBean(RedisCache.class); Guest guest = redisUtil.getCacheMapValue(RedisConstants.GUEST_MAP, guestNum); SysGuest sysGuest = JSON.parseObject(JSON.toJSONString(guest), SysGuest.class); if (sysGuest == null) { flag = false; httpSession.removeAttribute(Constants.SERVER_TYPE_APP); } else { if (httpSession.getAttribute(Constants.SERVER_TYPE_APP) == null) { httpSession.setAttribute(Constants.SERVER_TYPE_APP , sysGuest); } return true; } } //获取网名 也就是/login String servletPath = request.getServletPath(); if(servletPath.contains("/app/card/isCard") || servletPath.contains("/app/bank/signingBankCard") || servletPath.contains("/app/bank/sendMessage") || servletPath.contains("/app/bank/sendSysMessage") || servletPath.contains("/app/bank/login") || servletPath.contains("/app/card/guestIdAndPhone") || servletPath.contains("/app/family/isDevice") || servletPath.contains("/websocket/") || servletPath.contains("/upload/") || servletPath.contains("/app/deviceSocket/toSocket")) { flag = true; } if (!flag) { noLogin(response); } return flag; } 重构这段代码
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
if (!(handler instanceof HandlerMethod)) {
return true;
}
HandlerMethod handlerMethod = (HandlerMethod) handler;
Method method = handlerMethod.getMethod();
RepeatSubmit annotation = method.getAnnotation(RepeatSubmit.class);
if (annotation != null && isRepeatSubmit(request, annotation)) {
AjaxResult ajaxResult = AjaxResult.error(annotation.message());
ServletUtils.renderString(response, JSON.toJSONString(ajaxResult));
return false;
}
TokenService tokenService = SpringUtils.getBean(TokenService.class);
LoginAppUser loginUser = tokenService.getLoginUser(request);
if (loginUser != null && loginUser.getGuest() != null && loginUser.getGuest().getGuestNum() != null) {
tokenService.verifyToken(loginUser);
String guestNum = loginUser.getGuest().getGuestNum();
HttpSession httpSession = request.getSession();
RedisCache redisUtil = SpringUtils.getBean(RedisCache.class);
Guest guest = redisUtil.getCacheMapValue(RedisConstants.GUEST_MAP, guestNum);
SysGuest sysGuest = JSON.parseObject(JSON.toJSONString(guest), SysGuest.class);
if (sysGuest == null) {
httpSession.removeAttribute(Constants.SERVER_TYPE_APP);
noLogin(response);
return false;
} else {
if (httpSession.getAttribute(Constants.SERVER_TYPE_APP) == null) {
httpSession.setAttribute(Constants.SERVER_TYPE_APP, sysGuest);
}
return true;
}
}
List<String> allowedPaths = Arrays.asList("/app/card/isCard", "/app/bank/signingBankCard", "/app/bank/sendMessage", "/app/bank/sendSysMessage", "/app/bank/login", "/app/card/guestIdAndPhone", "/app/family/isDevice", "/websocket/", "/upload/", "/app/deviceSocket/toSocket");
String servletPath = request.getServletPath();
if (allowedPaths.stream().anyMatch(servletPath::contains)) {
return true;
} else {
noLogin(response);
return false;
}
}
private boolean isRepeatSubmit(HttpServletRequest request, RepeatSubmit annotation) {
if (annotation == null) {
return false;
}
String key = getCacheKey(request, annotation);
Object cacheObj = redisUtil.getCacheObject(key);
if (cacheObj != null) {
return true;
}
redisUtil.setCacheObject(key, key, annotation.time());
return false;
}
private String getCacheKey(HttpServletRequest request, RepeatSubmit annotation) {
String token = tokenService.getToken(request);
if (StringUtils.isNotEmpty(token)) {
return "repeatSubmit:" + token + ":" + request.getServletPath();
}
return "repeatSubmit:" + request.getSession().getId() + ":" + request.getServletPath();
}
private void noLogin(HttpServletResponse response) throws IOException {
AjaxResult ajaxResult = AjaxResult.error(HttpStatus.UNAUTHORIZED.value(), "用户未登录");
ServletUtils.renderString(response, JSON.toJSONString(ajaxResult));
}