fix sms login

zhongzheng-admin/src/main/java/com/zhongzheng/controller/common/CommonController.java

@@ -31,6 +31,7 @@ import com.zhongzheng.modules.order.service.IOrderGoodsService;
 import com.zhongzheng.modules.order.service.IOrderService;
 import com.zhongzheng.modules.system.bo.SysTenantAdminBo;
 import com.zhongzheng.modules.system.domain.SysTenant;
+import com.zhongzheng.modules.system.service.ISysConfigService;
 import com.zhongzheng.modules.system.service.ISysTenantService;
 import com.zhongzheng.modules.system.service.ISysWebService;
 import com.zhongzheng.modules.system.vo.SysTenantVo;
@@ -96,6 +97,8 @@ public class CommonController
     private  ITopSysTenantRegisterService iTopSysTenantRegisterService;
     @Autowired
     private  ISysWebService webService;
+    @Autowired
+    private ISysConfigService configService;
     /**
      * 通用下载请求
      *
@@ -298,7 +301,7 @@ public class CommonController
     public AjaxResult<Void> testGrade()
     {
      //   iClassGradeService.checkEjjjPeopleNumLimit(195L,984L);
-        iUserService.batchUpdateTelId();
+     //   iUserService.batchUpdateTelId();
         return AjaxResult.success();
     }
 
@@ -369,4 +372,11 @@ public class CommonController
         iTopSysTenantRegisterService.test(new TopSysTenantRegisterAddBo());
         return AjaxResult.success();
     }*/
+
+    @ApiOperation("登录双重验证")
+    @GetMapping("common/free/dual_auth")
+    public AjaxResult<String> dual_auth() {
+        String dualAuth = configService.selectConfigByKey("login.dual.auth");
+        return AjaxResult.success("成功",dualAuth);
+    }
 }

zhongzheng-framework/src/main/java/com/zhongzheng/framework/web/service/SysLoginService.java

@@ -8,6 +8,7 @@ import com.zhongzheng.common.core.domain.entity.SysUser;
 import com.zhongzheng.common.core.domain.model.LoginBody;
 import com.zhongzheng.common.utils.DateUtils;
 import com.zhongzheng.framework.manager.factory.AsyncFactory;
+import com.zhongzheng.modules.system.service.ISysConfigService;
 import com.zhongzheng.modules.system.service.ISysUserService;
 import com.zhongzheng.common.utils.AES;
 import com.zhongzheng.framework.manager.factory.AsyncFactory;
@@ -53,7 +54,8 @@ public class SysLoginService
     @Autowired
     private ISysUserService iSysUserService;
 
-
+    @Autowired
+    private ISysConfigService configService;
 
     /**
      * 登录验证
@@ -64,7 +66,7 @@ public class SysLoginService
      * @param uuid 唯一标识
      * @return 结果
      */
-    public String login(String username, String password, String code, String uuid)
+    public String login(String username, String password, String code, String uuid,String smsCode,String tel)
     {
         String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
         String captcha = redisCache.getCacheObject(verifyKey);
@@ -115,6 +117,23 @@ public class SysLoginService
         AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
         LoginUser loginUser = (LoginUser) authentication.getPrincipal();
         SysUser user = iSysUserService.updateLoginTimeIp(loginUser.getUser().getUserId());
+        String dualAuth = configService.selectConfigByKey("login.dual.auth");
+        if(Validator.isNotEmpty(dualAuth)&&dualAuth.equals("1")){
+            if(Validator.isEmpty(tel)){
+                throw new CustomException("手机号码不能为空");
+            }
+            String key = Constants.LOGIN_SMS + tel;
+            String localSmsCode =  redisCache.getCacheObject(key);
+            if(smsCode==null){
+                throw new CustomException("验证码不能为空");
+            }
+            if(!localSmsCode.equals(smsCode)){
+                throw new CustomException("验证码错误");
+            }
+            if(!tel.equals(user.getPhonenumber())){
+                throw new CustomException("手机号码和登录账号不匹配");
+            }
+        }
         loginUser.setUser(user);
         // 生成token
         return tokenService.createToken(loginUser);