diff --git a/sql/1.8.2升级1.8.3sql.txt b/sql/1.8.2升级1.8.3sql.txt new file mode 100644 index 00000000..43304857 --- /dev/null +++ b/sql/1.8.2升级1.8.3sql.txt @@ -0,0 +1,2 @@ +ALTER TABLE `yxshop`.`yx_store_order` +ADD COLUMN `extend_order_id` varchar(32) NULL COMMENT '额外订单号' AFTER `order_id` \ No newline at end of file diff --git a/yshop-api/src/main/java/co/yixiang/modules/order/entity/YxStoreOrder.java b/yshop-api/src/main/java/co/yixiang/modules/order/entity/YxStoreOrder.java index be24bd32..f3981ee0 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/order/entity/YxStoreOrder.java +++ b/yshop-api/src/main/java/co/yixiang/modules/order/entity/YxStoreOrder.java @@ -9,6 +9,7 @@ import io.swagger.annotations.ApiModelProperty; import lombok.Data; import lombok.EqualsAndHashCode; +import javax.persistence.Column; import java.math.BigDecimal; /** @@ -33,6 +34,8 @@ public class YxStoreOrder extends BaseEntity { @ApiModelProperty(value = "订单号") private String orderId; + private String extendOrderId; + @ApiModelProperty(value = "用户id") private Integer uid; diff --git a/yshop-api/src/main/java/co/yixiang/modules/order/service/impl/YxStoreOrderServiceImpl.java b/yshop-api/src/main/java/co/yixiang/modules/order/service/impl/YxStoreOrderServiceImpl.java index 65d85c24..6f00e20e 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/order/service/impl/YxStoreOrderServiceImpl.java +++ b/yshop-api/src/main/java/co/yixiang/modules/order/service/impl/YxStoreOrderServiceImpl.java @@ -350,6 +350,15 @@ public class YxStoreOrderServiceImpl extends BaseServiceImpl wrapper = new QueryWrapper<>(); wrapper.eq("is_del",0).and( - i->i.eq("order_id",unique).or().eq("`unique`",unique)); + i->i.eq("order_id",unique).or().eq("`unique`",unique).or() + .eq("extend_order_id",unique)); if(uid > 0) wrapper.eq("uid",uid); return orderMap.toDto(yxStoreOrderMapper.selectOne(wrapper)); diff --git a/yshop-api/src/main/java/co/yixiang/modules/order/web/controller/StoreOrderController.java b/yshop-api/src/main/java/co/yixiang/modules/order/web/controller/StoreOrderController.java index aef5192d..56b4b68f 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/order/web/controller/StoreOrderController.java +++ b/yshop-api/src/main/java/co/yixiang/modules/order/web/controller/StoreOrderController.java @@ -308,8 +308,6 @@ public class StoreOrderController extends BaseController { if(storeOrder.getPaid() == 1) return ApiResult.fail("该订单已支付"); - //todo 砍价 - //todo 拼团 String orderId = storeOrder.getOrderId(); diff --git a/yshop-api/src/main/java/co/yixiang/modules/order/web/vo/YxStoreOrderQueryVo.java b/yshop-api/src/main/java/co/yixiang/modules/order/web/vo/YxStoreOrderQueryVo.java index 68ff5ba1..4185a1bf 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/order/web/vo/YxStoreOrderQueryVo.java +++ b/yshop-api/src/main/java/co/yixiang/modules/order/web/vo/YxStoreOrderQueryVo.java @@ -29,6 +29,9 @@ public class YxStoreOrderQueryVo implements Serializable { @ApiModelProperty(value = "订单号") private String orderId; + + private String extendOrderId; + @ApiModelProperty(value = "用户id") private Integer uid; diff --git a/yshop-api/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java b/yshop-api/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java index 6977d59f..6b927b04 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java +++ b/yshop-api/src/main/java/co/yixiang/modules/security/config/SecurityConfig.java @@ -18,14 +18,13 @@ import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.filter.CorsFilter; import org.springframework.web.method.HandlerMethod; import org.springframework.web.servlet.mvc.method.RequestMappingInfo; import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; -import java.util.HashSet; -import java.util.Map; -import java.util.Set; +import java.util.*; /** * @author hupeng @@ -65,15 +64,33 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity httpSecurity) throws Exception { // 搜寻匿名标记 url: @AnonymousAccess - Map handlerMethodMap = applicationContext.getBean(RequestMappingHandlerMapping.class).getHandlerMethods(); + Map handlerMethodMap = applicationContext + .getBean(RequestMappingHandlerMapping.class).getHandlerMethods(); + Set anonymousUrls = new HashSet<>(); for (Map.Entry infoEntry : handlerMethodMap.entrySet()) { HandlerMethod handlerMethod = infoEntry.getValue(); + RequestMappingInfo requestMappingInfo = infoEntry.getKey(); + AnonymousAccess anonymousAccess = handlerMethod.getMethodAnnotation(AnonymousAccess.class); if (null != anonymousAccess) { + Set strings = infoEntry.getKey() + .getPatternsCondition().getPatterns(); + if(strings.size() == 1){ + String[] arr = strings.toArray((new String[0])); + if(requestMappingInfo.getMethodsCondition().getMethods().contains(RequestMethod.GET)){ + String newUrl = arr[0]+"/**"; + List list = Arrays.asList(new String[]{newUrl}); + Set sSet = new HashSet<>(list); + anonymousUrls.addAll(sSet); + continue; + } + } + anonymousUrls.addAll(infoEntry.getKey().getPatternsCondition().getPatterns()); } } + httpSecurity // 禁用 CSRF .csrf().disable() diff --git a/yshop-api/src/main/java/co/yixiang/modules/security/rest/AuthController.java b/yshop-api/src/main/java/co/yixiang/modules/security/rest/AuthController.java index 2f6d211c..ba55e4ac 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/security/rest/AuthController.java +++ b/yshop-api/src/main/java/co/yixiang/modules/security/rest/AuthController.java @@ -13,7 +13,11 @@ import co.yixiang.aop.log.Log; import co.yixiang.common.api.ApiCode; import co.yixiang.common.api.ApiResult; import co.yixiang.exception.ErrorRequestException; +import co.yixiang.modules.notify.NotifyService; +import co.yixiang.modules.notify.NotifyType; +import co.yixiang.modules.notify.SmsResult; import co.yixiang.modules.security.config.SecurityProperties; +import co.yixiang.modules.security.rest.param.LoginParam; import co.yixiang.modules.security.rest.param.RegParam; import co.yixiang.modules.security.rest.param.VerityParam; import co.yixiang.modules.security.security.TokenProvider; @@ -29,6 +33,9 @@ import co.yixiang.utils.OrderUtil; import co.yixiang.utils.RedisUtil; import co.yixiang.utils.RedisUtils; import co.yixiang.utils.SecurityUtils; +import com.alibaba.fastjson.JSON; +import com.alibaba.fastjson.JSONObject; +import com.aliyuncs.CommonResponse; import com.vdurmont.emoji.EmojiParser; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; @@ -49,6 +56,7 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletRequest; +import javax.sound.midi.SoundbankResource; import java.math.BigDecimal; import java.util.Date; import java.util.HashMap; @@ -66,6 +74,9 @@ public class AuthController { @Value("${single.login:false}") private Boolean singleLogin; + @Value("${yshop.notify.sms.enable}") + private Boolean enableSms; + private final SecurityProperties properties; private final RedisUtils redisUtils; private final UserDetailsService userDetailsService; @@ -77,6 +88,7 @@ public class AuthController { private final WxMpService wxService; private final YxWechatUserService wechatUserService; private final WxMaService wxMaService; + private final NotifyService notifyService; public AuthController(SecurityProperties properties, RedisUtils redisUtils, UserDetailsService userDetailsService, @@ -84,7 +96,7 @@ public class AuthController { AuthenticationManagerBuilder authenticationManagerBuilder, YxUserService userService, PasswordEncoder passwordEncoder, WxMpService wxService, YxWechatUserService wechatUserService, - WxMaService wxMaService) { + WxMaService wxMaService,NotifyService notifyService) { this.properties = properties; this.redisUtils = redisUtils; this.userDetailsService = userDetailsService; @@ -96,6 +108,7 @@ public class AuthController { this.wxService = wxService; this.wechatUserService = wechatUserService; this.wxMaService = wxMaService; + this.notifyService = notifyService; } @Log("H5用户登录") @@ -265,14 +278,12 @@ public class AuthController { @AnonymousAccess @PostMapping("/wxapp/auth") @ApiOperation(value = "小程序登陆", notes = "小程序登陆") - public ApiResult login(@RequestParam(value = "code") String code, - @RequestParam(value = "spread") String spread, - @RequestParam(value = "encryptedData") String encryptedData, - @RequestParam(value = "iv") String iv, + public ApiResult login(@Validated @RequestBody LoginParam loginParam, HttpServletRequest request) { - if (StringUtils.isBlank(code)) { - return ApiResult.fail("请传code"); - } + String code = loginParam.getCode(); + String encryptedData = loginParam.getEncryptedData(); + String iv = loginParam.getIv(); + String spread = loginParam.getSpread(); try { //读取redis配置 String appId = RedisUtil.get("wxapp_appId"); @@ -401,15 +412,36 @@ public class AuthController { if (param.getType().equals("login") && ObjectUtil.isNull(yxUser)) { return ApiResult.fail("账号不存在"); } - if (ObjectUtil.isNotNull(redisUtils.get("code_" + param.getPhone()))) { - return ApiResult.fail("10分钟内有效:" + redisUtils.get("code_" + param.getPhone()).toString()); + String codeKey = "code_" + param.getPhone(); + if (ObjectUtil.isNotNull(redisUtils.get(codeKey))) { + if(!enableSms){ + return ApiResult.fail("10分钟内有效:" + redisUtils.get(codeKey).toString()); + } + return ApiResult.fail("验证码10分钟内有效,请查看手机短信" ); + } String code = RandomUtil.randomNumbers(6); - redisUtils.set("code_" + param.getPhone(), code, 600L); - if (isTest) { + + redisUtils.set(codeKey, code, 600L); + if (!enableSms) { return ApiResult.fail("测试阶段验证码:" + code); } - return ApiResult.ok("发送成功"); + //发送阿里云短信 + SmsResult smsResult = notifyService.notifySmsTemplateSync(param.getPhone(), + NotifyType.CAPTCHA,new String[]{code}); + CommonResponse commonResponse = (CommonResponse)smsResult.getResult(); + if(smsResult.isSuccessful()){ + log.info("详情:{}",commonResponse.getData()); + return ApiResult.ok("发送成功,请注意查收"); + }else{ + JSONObject jsonObject = JSON.parseObject(commonResponse.getData()); + log.info("错误详情:{}",commonResponse.getData()); + //删除redis存储 + redisUtils.del(codeKey); + return ApiResult.ok("发送失败:"+jsonObject.getString("Message")); + } + + } @AnonymousAccess diff --git a/yshop-api/src/main/java/co/yixiang/modules/security/rest/param/LoginParam.java b/yshop-api/src/main/java/co/yixiang/modules/security/rest/param/LoginParam.java new file mode 100644 index 00000000..cda7632f --- /dev/null +++ b/yshop-api/src/main/java/co/yixiang/modules/security/rest/param/LoginParam.java @@ -0,0 +1,22 @@ +package co.yixiang.modules.security.rest.param; + +import lombok.Data; + +import javax.validation.constraints.NotBlank; + +/** + * @ClassName LoginParam + * @Author hupeng <610796224@qq.com> + * @Date 2020/02/15 + **/ +@Data +public class LoginParam { + @NotBlank(message = "code参数缺失") + private String code; + + private String spread; + + private String encryptedData; + + private String iv; +} diff --git a/yshop-api/src/main/java/co/yixiang/modules/wechat/web/controller/WechatController.java b/yshop-api/src/main/java/co/yixiang/modules/wechat/web/controller/WechatController.java index 39a0daec..8be4472c 100644 --- a/yshop-api/src/main/java/co/yixiang/modules/wechat/web/controller/WechatController.java +++ b/yshop-api/src/main/java/co/yixiang/modules/wechat/web/controller/WechatController.java @@ -112,7 +112,7 @@ public class WechatController extends BaseController { return WxPayNotifyResponse.success("处理成功!"); } - orderService.paySuccess(orderId,"weixin"); + orderService.paySuccess(orderInfo.getOrderId(),"weixin"); return WxPayNotifyResponse.success("处理成功!"); } catch (WxPayException e) { diff --git a/yshop-api/src/main/resources/config/application-dev.yml b/yshop-api/src/main/resources/config/application-dev.yml index 423a9768..b6f673f2 100644 --- a/yshop-api/src/main/resources/config/application-dev.yml +++ b/yshop-api/src/main/resources/config/application-dev.yml @@ -81,38 +81,5 @@ file: maxSize: 100 avatarMaxSize: 5 localUrl: http://localhost:8009/api -yshop: - #通知相关配置 - notify: - - # 短消息模版通知配置 - # 短信息用于通知客户,例如发货短信通知,注意配置格式;template-name,template-templateId 请参考 NotifyType 枚举值 - sms: - enable: false - # 如果是腾讯云短信,则设置active的值tencent - # 如果是阿里云短信,则设置active的值aliyun - active: tencent - sign: yshop - template: - - name: paySucceed - templateId: 156349 - - name: captcha - templateId: 156433 - - name: ship - templateId: 158002 - - name: refund - templateId: 159447 - tencent: - appid: 111111111 - appkey: xxxxxxxxxxxxxx - aliyun: - regionId: xxx - accessKeyId: xxx - accessKeySecret: xxx - # 快鸟物流查询配置 - express: - enable: true - appId: - appKey: diff --git a/yshop-api/src/main/resources/config/application-prod.yml b/yshop-api/src/main/resources/config/application-prod.yml index 5fbf5270..513d25a2 100644 --- a/yshop-api/src/main/resources/config/application-prod.yml +++ b/yshop-api/src/main/resources/config/application-prod.yml @@ -81,7 +81,7 @@ swagger: enabled: true title: yshop商城移动端API serverUrl: http://localhost:8009 - version: 1.7 + version: 1.8 # 文件存储路径 file: @@ -92,37 +92,4 @@ file: avatarMaxSize: 5 localUrl: -yshop: - #通知相关配置 - notify: - # 短消息模版通知配置 - # 短信息用于通知客户,例如发货短信通知,注意配置格式;template-name,template-templateId 请参考 NotifyType 枚举值 - sms: - enable: false - # 如果是腾讯云短信,则设置active的值tencent - # 如果是阿里云短信,则设置active的值aliyun - active: tencent - sign: yshop - template: - - name: paySucceed - templateId: 156349 - - name: captcha - templateId: 156433 - - name: ship - templateId: 158002 - - name: refund - templateId: 159447 - tencent: - appid: 111111111 - appkey: xxxxxxxxxxxxxx - aliyun: - regionId: xxx - accessKeyId: xxx - accessKeySecret: xxx - - # 快鸟物流查询配置 - express: - enable: true - appId: 1607734 - appKey: 81f43a2e-f504-45c4-9b54-2637d59f8190 diff --git a/yshop-api/src/main/resources/config/application.yml b/yshop-api/src/main/resources/config/application.yml index b8a315b7..29286625 100644 --- a/yshop-api/src/main/resources/config/application.yml +++ b/yshop-api/src/main/resources/config/application.yml @@ -74,3 +74,38 @@ logging: smms: token: 1oOP3ykFDI0K6ifmtvU7c8Y1eTWZSlyl +yshop: + #通知相关配置 + notify: + # 短消息模版通知配置 + # 短信息用于通知客户,例如发货短信通知,注意配置格式;template-name,template-templateId 请参考 NotifyType 枚举值 + sms: + enable: false + # 如果是腾讯云短信,则设置active的值tencent + # 如果是阿里云短信,则设置active的值aliyun + active: aliyun + sign: yshop + template: + - name: paySucceed + templateId: 156349 + - name: captcha + templateId: SMS_182680588 + - name: ship + templateId: 158002 + - name: refund + templateId: 159447 + tencent: + appid: 111111111 + appkey: xxxxxxxxxxxxxx + aliyun: + regionId: cn-hangzhou + accessKeyId: + accessKeySecret: + + + # 快鸟物流查询配置 + express: + enable: true + appId: 1607734 + appKey: 81f43a2e-f504-45c4-9b54-2637d59f8190 + diff --git a/yshop-shop/src/main/java/co/yixiang/modules/shop/domain/YxStoreOrder.java b/yshop-shop/src/main/java/co/yixiang/modules/shop/domain/YxStoreOrder.java index 09bfafa5..6d332750 100644 --- a/yshop-shop/src/main/java/co/yixiang/modules/shop/domain/YxStoreOrder.java +++ b/yshop-shop/src/main/java/co/yixiang/modules/shop/domain/YxStoreOrder.java @@ -27,6 +27,11 @@ public class YxStoreOrder implements Serializable { @Column(name = "order_id",nullable = false) private String orderId; + // 订单号 + @Column(name = "extend_order_id",nullable = true) + private String extendOrderId; + + // 用户id @Column(name = "uid",nullable = false) private Integer uid; diff --git a/yshop-shop/src/main/java/co/yixiang/modules/shop/rest/YxStoreOrderController.java b/yshop-shop/src/main/java/co/yixiang/modules/shop/rest/YxStoreOrderController.java index ab892405..333c65f4 100644 --- a/yshop-shop/src/main/java/co/yixiang/modules/shop/rest/YxStoreOrderController.java +++ b/yshop-shop/src/main/java/co/yixiang/modules/shop/rest/YxStoreOrderController.java @@ -1,5 +1,7 @@ package co.yixiang.modules.shop.rest; +import cn.hutool.core.util.IdUtil; +import cn.hutool.core.util.NumberUtil; import cn.hutool.core.util.ObjectUtil; import cn.hutool.core.util.StrUtil; import co.yixiang.aop.log.Log; @@ -10,6 +12,7 @@ import co.yixiang.modules.shop.service.YxExpressService; import co.yixiang.modules.shop.service.YxStoreOrderService; import co.yixiang.modules.shop.service.YxStoreOrderStatusService; import co.yixiang.modules.shop.service.dto.YxExpressDTO; +import co.yixiang.modules.shop.service.dto.YxStoreOrderDTO; import co.yixiang.modules.shop.service.dto.YxStoreOrderQueryCriteria; import co.yixiang.modules.wechat.service.YxWechatUserService; import co.yixiang.modules.wechat.service.dto.YxWechatUserDTO; @@ -236,6 +239,17 @@ public class YxStoreOrderController { public ResponseEntity editOrder(@RequestBody YxStoreOrder resources){ if(ObjectUtil.isNull(resources.getPayPrice())) throw new BadRequestException("请输入支付金额"); if(resources.getPayPrice().doubleValue() < 0) throw new BadRequestException("金额不能低于0"); + + YxStoreOrderDTO storeOrder = yxStoreOrderService.findById(resources.getId()); + //判断金额是否有变动,生成一个额外订单号去支付 + + int res = NumberUtil.compare(storeOrder.getPayPrice().doubleValue(),resources.getPayPrice().doubleValue()); + if(res != 0){ + String orderSn = IdUtil.getSnowflake(0,0).nextIdStr(); + resources.setExtendOrderId(orderSn); + } + + yxStoreOrderService.update(resources); YxStoreOrderStatus storeOrderStatus = new YxStoreOrderStatus();