OCT

REM:
1. 增加登录接口

src/main/java/com/dispose/common/ConstValue.java

@@ -29,6 +29,17 @@ public class ConstValue {
          * The constant TOKEN_EXPIRED_TIME_MS.
          */
         public static final long TOKEN_EXPIRED_TIME_MS = TOKEN_TIMEOUT_MS;
+
+        /**
+         * The constant MYSQL_REGEX.
+         */
+        public static final String MYSQL_REGEX = "^((?!(and|exec|insert|select|drop|grant|alter" +
+                "|delete|update|count|chr|mid|master|truncate|char|declare|or|--|\\s|\\*|%|\\+|'|;])).)*$";
+
+        /**
+         * The constant MYSQL_REGEX_CHARS.
+         */
+        public static final String MYSQL_REGEX_CHARS = "^((?!(--|\\s|\\*|%|\\+|'|;])).)*$";
     }
 
     /**

src/main/java/com/dispose/config/DisposeConfigure.java

@@ -27,4 +27,9 @@ public class DisposeConfigure {
      * The Split char.
      */
     private String splitChar;
+
+    /**
+     * The Token timout value.
+     */
+    private String tokenTimoutValue;
 }

src/main/java/com/dispose/controller/AuthController.java

@@ -1,12 +1,15 @@
 package com.dispose.controller;
 
+import com.dispose.common.ConstValue;
 import com.dispose.common.ErrorCode;
+import com.dispose.config.DisposeConfigure;
 import com.dispose.pojo.dto.protocol.auth.LoginReq;
 import com.dispose.pojo.dto.protocol.auth.LoginRsp;
+import com.dispose.pojo.dto.protocol.base.BaseRespStatus;
 import com.dispose.pojo.dto.protocol.base.ProtocolReqDTO;
 import com.dispose.pojo.dto.protocol.base.ProtocolRespDTO;
+import com.dispose.pojo.po.MulReturnType;
 import com.dispose.service.UserAccountService;
-import com.fasterxml.jackson.core.JsonProcessingException;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
@@ -20,6 +23,7 @@ import org.springframework.web.bind.annotation.ResponseBody;
 
 import javax.annotation.Resource;
 import javax.validation.Valid;
+import java.security.NoSuchAlgorithmException;
 
 /**
  * The type Auth controller.
@@ -36,13 +40,35 @@ public class AuthController {
     @Resource
     private UserAccountService userAccountService;
 
+    @Resource
+    private DisposeConfigure disposeConfigure;
+
     @PostMapping("/login")
     @ResponseBody
     @ApiOperation("登录")
-    public ProtocolRespDTO<LoginRsp> userLogin(@RequestBody @Valid ProtocolReqDTO<LoginReq> mr) throws JsonProcessingException {
+    public ProtocolRespDTO<? extends BaseRespStatus> userLogin(@RequestBody @Valid ProtocolReqDTO<LoginReq> mr)
+            throws NoSuchAlgorithmException {
+
+        MulReturnType<ErrorCode, String> ret = userAccountService.loginService(mr.getMsgContent().getUserName(),
+                mr.getMsgContent().getPassword());
+
+        if(ret.getFirstParam() != ErrorCode.ERR_OK) {
+            log.error("User login failed, error:{}", ret.getFirstParam().getMsg());
+            return ProtocolRespDTO.result(ret.getFirstParam());
+        }
+
+        long expTime = ConstValue.GlobalConfigure.TOKEN_EXPIRED_TIME_MS;
+
+        if(disposeConfigure.getTokenTimoutValue() != null ){
+            expTime = Long.parseLong(disposeConfigure.getTokenTimoutValue());
+        }
+
         return ProtocolRespDTO.result(ErrorCode.ERR_OK,
                 LoginRsp.builder()
-                .token("1234576")
+                        .userName(mr.getMsgContent().getUserName())
-                .build());
+                        .token(ret.getSecondParam())
+                        .logTime(System.currentTimeMillis())
+                        .expireTime(System.currentTimeMillis() + expTime)
+                        .build());
     }
 }

src/main/java/com/dispose/exception/GlobalExceptionHandler.java

@@ -32,7 +32,7 @@ public class GlobalExceptionHandler {
     @ExceptionHandler(MethodArgumentNotValidException.class)
     @ResponseBody
     public ProtocolRespDTO<BaseRespStatus> handleException(MethodArgumentNotValidException ex) {
-        log.error("Exception: {}", ex.getMessage());
+        log.error("Argument Exception: {}", ex.getMessage());
         List<String> exMsg = new ArrayList<>();
 
         AtomicInteger idx = new AtomicInteger();

src/main/java/com/dispose/pojo/dto/protocol/auth/LoginReq.java

@@ -1,5 +1,6 @@
 package com.dispose.pojo.dto.protocol.auth;
 
+import com.dispose.common.ConstValue;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
@@ -8,9 +9,10 @@ import lombok.NoArgsConstructor;
 import org.hibernate.validator.constraints.Length;
 
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Pattern;
 
 /**
- * The type Login info.
+ * The type Login req.
  *
  * @author <huangxin@cmhi.chinamoblie.com>
  */
@@ -24,11 +26,18 @@ public class LoginReq {
      * The User name.
      */
     @NotBlank(message = "userName 用户名不能为空")
+    @Pattern(regexp = ConstValue.GlobalConfigure.MYSQL_REGEX_CHARS,
+            flags = Pattern.Flag.CASE_INSENSITIVE,
+            message = "userName 用户名存在非法字符串")
     private String userName;
+
     /**
      * The Password.
      */
     @NotBlank(message = "password 密码不能为空")
     @Length(min = 64, max = 64, message = "password 密码长度必须为SHA256编码后的长度")
+    @Pattern(regexp = ConstValue.GlobalConfigure.MYSQL_REGEX_CHARS,
+            flags = Pattern.Flag.CASE_INSENSITIVE,
+            message = "password 密码存在非法字符串")
     private String password;
 }

src/test/java/com/dispose/test/debug/demo.java

@@ -6,6 +6,7 @@ import org.junit.Test;
 import java.text.SimpleDateFormat;
 import java.time.LocalDateTime;
 import java.time.format.DateTimeFormatter;
+import java.util.Optional;
 
 /**
  * The type Demo.
@@ -55,7 +56,13 @@ public class demo {
 
     @Test
     public void dateTimeDebug() {
+        Integer v1 = null;
+        Integer v2 = 1;
+
         log.info("Current Datetime: {}", LocalDateTime.now().format(DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss")));
         //log.info("Current Datetime: {}", new SimpleDateFormat("yyyy-MM-dd :hh:mm:ss").format(LocalDateTime.now()));
+
+        log.info("v1: {}", Optional.ofNullable(v1).orElse(0));
+        log.info("v2: {}", Optional.ofNullable(v2).orElse(0));
     }
 }