/**
|
* BladeX Commercial License Agreement
|
* Copyright (c) 2018-2099, https://bladex.cn. All rights reserved.
|
* <p>
|
* Use of this software is governed by the Commercial License Agreement
|
* obtained after purchasing a license from BladeX.
|
* <p>
|
* 1. This software is for development use only under a valid license
|
* from BladeX.
|
* <p>
|
* 2. Redistribution of this software's source code to any third party
|
* without a commercial license is strictly prohibited.
|
* <p>
|
* 3. Licensees may copyright their own code but cannot use segments
|
* from this software for such purposes. Copyright of this software
|
* remains with BladeX.
|
* <p>
|
* Using this software signifies agreement to this License, and the software
|
* must not be used for illegal purposes.
|
* <p>
|
* THIS SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY. The author is
|
* not liable for any claims arising from secondary or illegal development.
|
* <p>
|
* Author: Chill Zhuang (bladejava@qq.com)
|
*/
|
package org.springblade.auth.endpoint;
|
|
import io.swagger.v3.oas.annotations.tags.Tag;
|
import lombok.AllArgsConstructor;
|
import lombok.SneakyThrows;
|
import org.springblade.core.oauth2.props.OAuth2Properties;
|
import org.springblade.core.oauth2.provider.OAuth2Request;
|
import org.springblade.core.oauth2.service.OAuth2User;
|
import org.springblade.core.oauth2.service.OAuth2UserService;
|
import org.springblade.core.tool.api.R;
|
import org.springblade.core.tool.utils.SM2Util;
|
import org.springblade.core.tool.utils.StringPool;
|
import org.springblade.core.tool.utils.StringUtil;
|
import org.springblade.resource.feign.ISmsClient;
|
import org.springblade.resource.utils.SmsUtil;
|
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.RequestParam;
|
import org.springframework.web.bind.annotation.RestController;
|
|
import static org.springblade.core.oauth2.constant.OAuth2TokenConstant.USER_PHONE_NOT_FOUND;
|
|
/**
|
* Oauth2SmsEndpoint
|
*
|
* @author Chill
|
*/
|
@RestController
|
@AllArgsConstructor
|
@Tag(name = "用户短信认证", description = "4 - OAuth2短信认证端点")
|
public class Oauth2SmsEndpoint {
|
|
/**
|
* 短信服务构建类
|
*/
|
private final ISmsClient smsClient;
|
|
/**
|
* 用户服务类
|
*/
|
private final OAuth2UserService userService;
|
|
/**
|
* OAuth2配置类
|
*/
|
private final OAuth2Properties properties;
|
|
/**
|
* 短信验证码发送
|
*
|
* @param tenantId 租户ID
|
* @param phone 手机号
|
*/
|
@SneakyThrows
|
@PostMapping("/oauth/sms/send-validate")
|
public R sendValidate(@RequestParam String tenantId, @RequestParam String phone) {
|
// 校验手机加密认证,防止恶意发送验证码
|
String decryptedPhone = SM2Util.decrypt(phone, properties.getPublicKey(), properties.getPrivateKey());
|
if (StringUtil.isBlank(decryptedPhone)) {
|
return R.fail(USER_PHONE_NOT_FOUND);
|
}
|
// 校验手机是否已注册,防止恶意发送验证码
|
OAuth2Request request = OAuth2Request.create();
|
request.setTenantId(tenantId);
|
OAuth2User oAuth2User = userService.loadByPhone(decryptedPhone, request);
|
if (oAuth2User == null) {
|
return R.fail(USER_PHONE_NOT_FOUND);
|
}
|
// 用户存在则发送验证码
|
R result = smsClient.sendValidate(tenantId, StringPool.EMPTY, decryptedPhone);
|
return result.isSuccess() ? R.data(result.getData(), SmsUtil.SEND_SUCCESS) : R.fail(SmsUtil.SEND_FAIL);
|
}
|
|
}
|
