~api:藏品转赠+安全密码校验;

25b14257 · 张国柄 · 6285b7e8 · 6285b7e8 · 25b14257 · 25b14257
Commit 25b14257 authored Aug 17, 2022 by 张国柄
7 changed files
--- a/liquidnet-bus-api/liquidnet-service-goblin-api/src/main/java/com/liquidnet/service/goblin/dto/GoblinQueueBizArtworkGenDto.java
+++ b/liquidnet-bus-api/liquidnet-service-goblin-api/src/main/java/com/liquidnet/service/goblin/dto/GoblinQueueBizArtworkGenDto.java
-package com.liquidnet.service.goblin.dto;
-
-import com.liquidnet.commons.lang.util.JsonUtils;
-import lombok.Data;
-
-import java.io.Serializable;
-
-/**
- * 购买藏品、开启盲盒后，生成藏品队列消息体
- *
- * @author zhanggb
- * Created by IntelliJ IDEA at 2022/3/31
- */
-@Data
-public class GoblinQueueBizArtworkGenDto implements Serializable, Cloneable {
-    private static final long serialVersionUID = 8267639695935038399L;
-    private String uid;
-    private String skuId;
-    private String orderId;
-    private Integer source;
-    private String fromArtId;
-
-    private static final GoblinQueueBizArtworkGenDto obj = new GoblinQueueBizArtworkGenDto();
-
-    public static GoblinQueueBizArtworkGenDto getNew() {
-        try {
-            return (GoblinQueueBizArtworkGenDto) obj.clone();
-        } catch (CloneNotSupportedException e) {
-            return new GoblinQueueBizArtworkGenDto();
-        }
-    }
-
-    public String toJson() {
-        return JsonUtils.toJson(this);
-    }
-}
--- a/liquidnet-bus-api/liquidnet-service-goblin-api/src/main/java/com/liquidnet/service/goblin/dto/GoblinUserSafeConfigDto.java
+++ b/liquidnet-bus-api/liquidnet-service-goblin-api/src/main/java/com/liquidnet/service/goblin/dto/GoblinUserSafeConfigDto.java
@@ -4,8 +4,10 @@ import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
 import io.swagger.annotations.ApiModel;
 import io.swagger.annotations.ApiModelProperty;
 import lombok.Data;
+import org.springframework.util.DigestUtils;

 import java.io.Serializable;
+import java.nio.charset.StandardCharsets;

 @ApiModel(value = "GoblinUserSafeConfigDto", description = "NFT:用户安全配置")
 @Data
@@ -29,4 +31,8 @@ public class GoblinUserSafeConfigDto implements Serializable, Cloneable {
            return new GoblinUserSafeConfigDto();
        }
    }
+
+    public boolean validPasswd(String saltPasswd) {
+        return this.passwd.equals(DigestUtils.md5DigestAsHex(saltPasswd.getBytes(StandardCharsets.UTF_8)));
+    }
 }
--- a/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/docu/db_ln_goblin_initialdata.sql
+++ b/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/docu/db_ln_goblin_initialdata.sql
@@ -1164,12 +1164,12 @@ create table goblin_user_safe_config
 (
    mid        bigint auto_increment primary key,
    uid        varchar(64) not null comment 'UID',
-    pwsswd     varchar(100) comment '安全密码',
+    passwd     varchar(100) comment '安全密码',
    state      tinyint default 1 comment '0-INIT,1-NORMAL,2-INVALID',
    created_at datetime    not null,
    updated_at datetime    null,
    comment    varchar(500)
-) engine = InnoDB comment '用户资产设置';
+) engine = InnoDB comment '用户安全设置';
 create unique index idx_gusc_uid on goblin_user_safe_config (uid);
 # -- >>------------------------------------------------------------------------------------
 # -- >>------------------------------------------------------------------------------------

--- a/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/controller/GoblinUserDigitalArtworkController.java
+++ b/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/controller/GoblinUserDigitalArtworkController.java
@@ -9,6 +9,7 @@ import com.liquidnet.service.base.ResponseDto;
 import com.liquidnet.service.goblin.constant.GoblinRedisConst;
 import com.liquidnet.service.goblin.constant.GoblinStatusConst;
 import com.liquidnet.service.goblin.dto.GoblinUserNftAccInfoVo;
+import com.liquidnet.service.goblin.dto.GoblinUserSafeConfigDto;
 import com.liquidnet.service.goblin.dto.vo.*;
 import com.liquidnet.service.goblin.service.IGoblinUserDigitalArtworkService;
 import com.liquidnet.service.goblin.util.GoblinRedisUtils;
@@ -19,6 +20,7 @@ import io.swagger.annotations.ApiOperation;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -35,6 +37,8 @@ import java.time.LocalDateTime;
 @RestController
 @RequestMapping("artwork")
 public class GoblinUserDigitalArtworkController {
+    @Value("${liquidnet.secret.passwd-salt}")
+    private String passwdSalt;
    @Autowired
    GoblinRedisUtils goblinRedisUtils;
    @Autowired
@@ -146,13 +150,19 @@ public class GoblinUserDigitalArtworkController {
    @ApiOperationSupport(order = 5)
    @ApiOperation(value = "藏品转赠", notes = "<br />响应【data】值描述：转赠状态[PENDING|SUCCESS]")
    @ApiImplicitParams({
+            @ApiImplicitParam(type = "form", required = true, dataType = "String", name = "safePasswd", value = "安全密码:MD5(******)"),
            @ApiImplicitParam(type = "form", required = true, dataType = "String", name = "artworkId", value = "藏品ID"),
            @ApiImplicitParam(type = "form", required = true, dataType = "String", name = "receiver", value = "受赠人"),
    })
    @PostMapping("transfer")
-    public ResponseDto<String> transfer(@NotBlank(message = "藏品ID不能为空") @RequestParam String artworkId,
+    public ResponseDto<String> transfer(@NotBlank(message = "安全密码不能为空") @RequestParam String safePasswd,
+                                        @NotBlank(message = "藏品ID不能为空") @RequestParam String artworkId,
                                        @NotBlank(message = "受赠人不能为空") @RequestParam String receiver) {
        String currentUid = CurrentUtil.getCurrentUid();
+        GoblinUserSafeConfigDto userSafeConfigDto = goblinRedisUtils.getUserSafeConfigDto(currentUid);
+        if (null == userSafeConfigDto) return ResponseDto.failure(ErrorMapping.get("140021"));// 未设置安全密码
+        if (!userSafeConfigDto.validPasswd(safePasswd.concat(passwdSalt))) return ResponseDto.failure(ErrorMapping.get("140022"));// 安全密码不正确
+
        GoblinUserDigitalArtworkVo userDigitalArtworkVo = goblinRedisUtils.getUserDigitalArtworkVo(artworkId);
        if (null == userDigitalArtworkVo || !currentUid.equals(userDigitalArtworkVo.getUid()) || userDigitalArtworkVo.getDelFlg().equals("1")) {
            return ResponseDto.failure(ErrorMapping.get("140105"));
@@ -178,6 +188,6 @@ public class GoblinUserDigitalArtworkController {
        goblinRedisUtils.expire(lockKey, 30);
        boolean transferRstFlg = goblinUserDigitalArtworkService.transfer(userDigitalArtworkVo, goodsSkuInfoVo.getRouteType(), receiverArr);
        goblinRedisUtils.del(lockKey);
-        return transferRstFlg ? ResponseDto.success(GoblinStatusConst.TransferState.SUCCESS.name()) : ResponseDto.failure(ErrorMapping.get("140002"));
+        return transferRstFlg ? ResponseDto.success(GoblinStatusConst.TransferState.PENDING.name()) : ResponseDto.failure(ErrorMapping.get("140002"));
    }
 }
--- a/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/service/impl/GoblinUserDigitalArtworkServiceImpl.java
+++ b/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/service/impl/GoblinUserDigitalArtworkServiceImpl.java
@@ -385,6 +385,15 @@ public class GoblinUserDigitalArtworkServiceImpl implements IGoblinUserDigitalAr
            queueUtils.sendMsgByRedis(MQConst.GalaxyQueue.JSON_NFT_TRANSFER.getKey(), JsonUtils.toJson(galaxyNftTransferReqDto));
            queueUtils.sendMsgByRedis(MQConst.GoblinQueue.BIZ_ARTWORK_TRANS_QUERY.getKey(), userDigitalArtworkVo.getTransferOrderId().concat(",").concat(String.valueOf(LocalDateTime.now())));

+            // Mongo同步更新
+            GoblinQueueBizMongoDto goblinQueueBizMongoDto = GoblinQueueBizMongoDto.getNew();
+            goblinQueueBizMongoDto.setCollect(GoblinUserDigitalArtworkVo.class.getSimpleName());
+            goblinQueueBizMongoDto.setColumn("artworkId");
+            goblinQueueBizMongoDto.setBizId(userDigitalArtworkVo.getArtworkId());
+            goblinQueueBizMongoDto.setPrefix(GoblinRedisConst.USER_DIGITAL_ARTWORK);
+            goblinQueueBizMongoDto.setOpType(2);
+            queueUtils.sendMsgByRedis(MQConst.GoblinQueue.BIZ_NFT_MONGO.getKey(), goblinQueueBizMongoDto.toJson());
+
            // Mysql持久化
            LinkedList<String> toMqSqls = CollectionUtil.linkedListString();
 //            toMqSqls.add(SqlMapping.get("goblin_user_digital_artwork.insert"));

--- a/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/service/impl/GoblinUserSafeConfigServiceImpl.java
+++ b/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/java/com/liquidnet/service/goblin/service/impl/GoblinUserSafeConfigServiceImpl.java
@@ -8,13 +8,18 @@ import com.liquidnet.service.goblin.service.IGoblinUserSafeConfigService;
 import com.liquidnet.service.goblin.util.GoblinRedisUtils;
 import com.liquidnet.service.goblin.util.QueueUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
+import org.springframework.util.DigestUtils;

+import java.nio.charset.StandardCharsets;
 import java.time.LocalDateTime;
 import java.util.LinkedList;

 @Service
 public class GoblinUserSafeConfigServiceImpl implements IGoblinUserSafeConfigService {
+    @Value("${liquidnet.secret.passwd-salt}")
+    private String passwdSalt;
    @Autowired
    private QueueUtils queueUtils;
    @Autowired
@@ -23,12 +28,12 @@ public class GoblinUserSafeConfigServiceImpl implements IGoblinUserSafeConfigSer
    @Override
    public boolean initSafePasswd(String passwd, String uid) {
        GoblinUserSafeConfigDto userSafeConfigDto = GoblinUserSafeConfigDto.getNew();
-        userSafeConfigDto.setPasswd(passwd);
+        userSafeConfigDto.setPasswd(DigestUtils.md5DigestAsHex(passwd.concat(passwdSalt).getBytes(StandardCharsets.UTF_8)));
        if (goblinRedisUtils.setUserSafeConfigDto(uid, userSafeConfigDto)) {
            LinkedList<String> toMqSqls = CollectionUtil.linkedListString();
            toMqSqls.add(SqlMapping.get("goblin_user_safe_config.add_passwd"));
            LinkedList<Object[]> initUserSafeConfigObjs = CollectionUtil.linkedListObjectArr();
-            initUserSafeConfigObjs.add(new Object[]{uid, passwd, LocalDateTime.now()});
+            initUserSafeConfigObjs.add(new Object[]{uid, userSafeConfigDto.getPasswd(), LocalDateTime.now()});
            queueUtils.sendMsgByRedis(MQConst.GoblinQueue.SQL_GOODS.getKey(), SqlMapping.gets(toMqSqls, initUserSafeConfigObjs));
            return true;
        }

--- a/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/resources/errors.properties
+++ b/liquidnet-bus-service/liquidnet-service-goblin/liquidnet-service-goblin-impl/src/main/resources/errors.properties
@@ -24,6 +24,8 @@
 140018=\u9A8C\u8BC1\u7801\u5DF2\u5931\u6548
 140019=\u9A8C\u8BC1\u7801\u4E0D\u6B63\u786E
 140020=\u60A8\u5DF2\u8BBE\u7F6E\u8FC7\u5B89\u5168\u5BC6\u7801
+140021=\u8BF7\u5148\u8BBE\u7F6E\u5B89\u5168\u5BC6\u7801
+140022=\u8BF7\u8F93\u5165\u6B63\u786E\u7684\u5B89\u5168\u5BC6\u7801