Merge branch 'master' of http://git.izouma.com/xiongzhu/9th

src/main/java/com/izouma/nineth/domain/CollectionNumber.java

@@ -0,0 +1,35 @@
+package com.izouma.nineth.domain;
+
+import io.swagger.annotations.ApiModel;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.math.BigDecimal;
+
+
+@Data
+@AllArgsConstructor
+@NoArgsConstructor
+@Builder
+@ApiModel("藏品编号")
+public class CollectionNumber {
+    private Long collectionId;
+
+    private String number;
+
+    private int sort;
+
+    private BigDecimal price;
+
+    private Long owner;
+
+    private Long assetId;
+
+    private boolean onShelf;
+
+    private boolean salable;
+
+
+}

src/main/java/com/izouma/nineth/domain/User.java

@@ -98,4 +98,6 @@ public class User extends BaseEntity implements Serializable {
     @JsonIgnore
     private String publicKey;
 
+    @JsonIgnore
+    private String tradeCode;
 }

src/main/java/com/izouma/nineth/security/WebSecurityConfig.java

@@ -85,6 +85,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .antMatchers("/collection/get/**").permitAll()
                 .antMatchers("/user/all").permitAll()
                 .antMatchers("/user/get/*").permitAll()
+                .antMatchers("/user/forgotPassword").permitAll()
                 // all other requests need to be authenticated
                 .anyRequest().authenticated().and()
                 // make sure we use stateless session; session won't be used to

src/main/java/com/izouma/nineth/service/UserService.java

@@ -243,6 +243,12 @@ public class UserService {
         return setPassword(userId, password);
     }
 
+    public String forgotPassword(String phone, String password, String code) {
+        User user = userRepo.findByPhoneAndDelFalse(phone).orElseThrow(new BusinessException("手机号未注册"));
+        smsService.verify(user.getPhone(), code);
+        return setPassword(user.getId(), password);
+    }
+
     public void bindPhone(Long userId, String phone) {
         User user = userRepo.findByIdAndDelFalse(userId).orElseThrow(new BusinessException("用户不存在"));
         if (StringUtils.isNoneEmpty(user.getPhone())) {
@@ -291,4 +297,18 @@ public class UserService {
         List<UserDTO> userDTOS = toDTO(users.getContent());
         return new PageImpl<>(userDTOS, users.getPageable(), users.getTotalElements());
     }
+
+    public void setTradeCode(Long userId, String code, String tradeCode) {
+        User user = userRepo.findById(userId).orElseThrow(new BusinessException("用户不存在"));
+        smsService.verify(user.getPhone(), code);
+        user.setTradeCode(new BCryptPasswordEncoder().encode(tradeCode));
+        userRepo.save(user);
+    }
+
+    public void verifyTradeCode(Long userId, String tradeCode) {
+        User user = userRepo.findById(userId).orElseThrow(new BusinessException("用户不存在"));
+        if (!new BCryptPasswordEncoder().matches(tradeCode, user.getTradeCode())) {
+            throw new BusinessException("校验失败");
+        }
+    }
 }

src/main/java/com/izouma/nineth/web/UserController.java

@@ -127,6 +127,12 @@ public class UserController extends BaseController {
         return userService.setPassword(SecurityUtils.getAuthenticatedUser().getId(), code, password);
     }
 
+    @PostMapping("/forgotPassword")
+    @ApiOperation("忘记密码")
+    public String forgotPassword(@RequestParam String phone, @RequestParam String password, @RequestParam String code) {
+        return userService.forgotPassword(phone, password, code);
+    }
+
     @PreAuthorize("hasRole('ADMIN')")
     @GetMapping("/getToken/{userId}")
     public String getToken(@PathVariable Long userId) {
@@ -160,6 +166,16 @@ public class UserController extends BaseController {
     public List<UserDTO> myFollowers() {
         return userService.toDTO(userRepo.userFollowers(SecurityUtils.getAuthenticatedUser().getId()));
     }
+
+    @PostMapping("/setTradeCode")
+    public void setTradeCode(@RequestParam String code, @RequestParam String tradeCode) {
+        userService.setTradeCode(SecurityUtils.getAuthenticatedUser().getId(), code, tradeCode);
+    }
+
+    @PostMapping("/verifyTradeCode")
+    public void verifyTradeCode(@RequestParam String tradeCode) {
+        userService.verifyTradeCode(SecurityUtils.getAuthenticatedUser().getId(), tradeCode);
+    }
 }