package com.ruoyi.system.service.impl; import java.util.HashMap; import java.util.Map; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.alibaba.fastjson2.JSONObject; import com.ruoyi.common.config.WechatConfig; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.common.utils.http.HttpUtils; import com.ruoyi.system.domain.SysConfig; import com.ruoyi.system.mapper.SysConfigMapper; import com.ruoyi.system.service.ISysConfigService; import com.ruoyi.system.service.IWechatLoginService; import com.ruoyi.system.service.ISysUserService; /** * 微信登录服务实现 * * @author ruoyi */ @Service public class WechatLoginServiceImpl implements IWechatLoginService { private static final Logger log = LoggerFactory.getLogger(WechatLoginServiceImpl.class); @Autowired private WechatConfig wechatConfig; @Autowired private ISysUserService userService; @Autowired private ISysConfigService configService; @Autowired private SysConfigMapper configMapper; /** * 微信API - code2Session */ private static final String JSCODE_2_SESSION_URL = "https://api.weixin.qq.com/sns/jscode2session"; /** * 微信API - 获取手机号 */ private static final String GET_PHONE_NUMBER_URL = "https://api.weixin.qq.com/wxa/business/getuserphonenumber"; private static final String GET_ACCESS_TOKEN_URL = "https://api.weixin.qq.com/cgi-bin/token"; /** * 微信API - 获取access_token */ /** * 根据configKey写入或更新sys_config */ private void upsertConfig(String key, String value) { SysConfig exist = configMapper.checkConfigKeyUnique(key); if (exist != null && exist.getConfigId() != null) { exist.setConfigValue(value); configMapper.updateConfig(exist); } else { SysConfig cfg = new SysConfig(); cfg.setConfigKey(key); cfg.setConfigName(key); cfg.setConfigValue(value); cfg.setConfigType("Y"); configMapper.insertConfig(cfg); } } /** * 通过微信code获取openid和session_key * * @param code 微信登录code * @return 包含openid、unionid、session_key的Map */ @Override public Map getWechatSession(String code) { Map result = new HashMap<>(); try { // 构建请求参数 String params = "appid=" + wechatConfig.getAppId() + "&secret=" + wechatConfig.getAppSecret() + "&js_code=" + code + "&grant_type=authorization_code"; log.info("调用微信jscode2session接口, code: {}", code); // 发送请求 String response = HttpUtils.sendGet(JSCODE_2_SESSION_URL, params); log.info("微信jscode2session响应: {}", response); // 解析响应 JSONObject jsonResponse = JSONObject.parseObject(response); if (jsonResponse.containsKey("errcode") && jsonResponse.getInteger("errcode") != 0) { log.error("微信jscode2session失败: {}", response); result.put("success", false); result.put("message", "获取微信会话失败: " + jsonResponse.getString("errmsg")); return result; } result.put("success", true); result.put("openid", jsonResponse.getString("openid")); result.put("session_key", jsonResponse.getString("session_key")); // unionid可能为空(需要小程序绑定微信开放平台) if (jsonResponse.containsKey("unionid")) { result.put("unionid", jsonResponse.getString("unionid")); } return result; } catch (Exception e) { log.error("调用微信jscode2session接口异常", e); result.put("success", false); result.put("message", "获取微信会话异常: " + e.getMessage()); return result; } } /** * 获取微信access_token */ private String getAccessToken() { try { String params = "grant_type=client_credential" + "&appid=" + wechatConfig.getAppId() + "&secret=" + wechatConfig.getAppSecret(); String response = HttpUtils.sendGet(GET_ACCESS_TOKEN_URL, params); JSONObject jsonResponse = JSONObject.parseObject(response); if (jsonResponse.containsKey("errcode")) { log.error("获取access_token失败: {}", response); return null; } return jsonResponse.getString("access_token"); } catch (Exception e) { log.error("获取access_token异常", e); return null; } } /** * 获取微信用户手机号 * * @param code 手机号授权code * @return 包含手机号信息的Map */ @Override public Map getPhoneNumber(String code) { Map result = new HashMap<>(); try { // 获取access_token String accessToken = getAccessToken(); if (StringUtils.isEmpty(accessToken)) { result.put("success", false); result.put("message", "获取access_token失败"); return result; } // 估算过期时间(微信access_token默认7200秒有效) java.util.Date accessTokenExpiresAt = new java.util.Date(System.currentTimeMillis() + 7200L * 1000L); // 构建请求URL String url = GET_PHONE_NUMBER_URL + "?access_token=" + accessToken; // 构建请求体 JSONObject requestBody = new JSONObject(); requestBody.put("code", code); log.info("调用微信getPhoneNumber接口, code: {}", code); // 发送POST请求 String response = HttpUtils.sendPost(url, requestBody.toJSONString()); log.info("微信getPhoneNumber响应: {}", response); // 解析响应 JSONObject jsonResponse = JSONObject.parseObject(response); if (jsonResponse.getInteger("errcode") != 0) { log.error("微信getPhoneNumber失败: {}", response); result.put("success", false); result.put("message", "获取手机号失败: " + jsonResponse.getString("errmsg")); return result; } // 获取手机号信息 JSONObject phoneInfo = jsonResponse.getJSONObject("phone_info"); result.put("success", true); result.put("phoneNumber", phoneInfo.getString("phoneNumber")); result.put("purePhoneNumber", phoneInfo.getString("purePhoneNumber")); result.put("countryCode", phoneInfo.getString("countryCode")); // 返回当前使用的access_token及有效期,便于调用方存储 result.put("accessToken", accessToken); result.put("accessTokenExpiresAt", accessTokenExpiresAt); return result; } catch (Exception e) { log.error("调用微信getPhoneNumber接口异常", e); result.put("success", false); result.put("message", "获取手机号异常: " + e.getMessage()); return result; } } /** * 微信手机号登录 * * @param loginCode 微信登录code * @param phoneCode 手机号授权code * @return 登录结果 */ @Override public Map loginByWechatPhone(String loginCode, String phoneCode) { Map result = new HashMap<>(); try { // 1. 获取微信session(openid、unionid) Map sessionResult = getWechatSession(loginCode); if (!(Boolean)sessionResult.get("success")) { return sessionResult; } String openId = (String) sessionResult.get("openid"); String unionId = (String) sessionResult.get("unionid"); log.info("获取到openid: {}, unionid: {}", openId, unionId); // 2. 获取手机号 Map phoneResult = getPhoneNumber(phoneCode); if (!(Boolean)phoneResult.get("success")) { return phoneResult; } String phoneNumber = (String) phoneResult.get("purePhoneNumber"); log.info("获取到手机号: {}", phoneNumber); // 3. 根据手机号查找用户 SysUser user = userService.selectUserByPhonenumber(phoneNumber); if (user == null) { result.put("success", false); result.put("message", "该手机号尚未注册,请先注册账号"); return result; } // 4. 检查用户状态 if ("1".equals(user.getStatus())) { result.put("success", false); result.put("message", "用户已被停用,请联系管理员"); return result; } if ("1".equals(user.getDelFlag())) { result.put("success", false); result.put("message", "用户已被删除,请联系管理员"); return result; } // 5. 更新用户的微信信息(包括access_token与过期时间) SysUser updateUser = new SysUser(); updateUser.setUserId(user.getUserId()); updateUser.setOpenId(openId); if (StringUtils.isNotEmpty(unionId)) { updateUser.setUnionId(unionId); } // 保存本次调用使用的access_token及过期时间到应用级配置(便于后续复用) Object at = phoneResult.get("accessToken"); Object atExp = phoneResult.get("accessTokenExpiresAt"); if (at != null) { String appId = wechatConfig.getAppId(); String tokenKey = "weixin.access_token." + appId; String expireKey = "weixin.access_token_expires." + appId; upsertConfig(tokenKey, at.toString()); long expireTs = (atExp instanceof java.util.Date) ? ((java.util.Date) atExp).getTime() : (System.currentTimeMillis() + 7200L * 1000L); upsertConfig(expireKey, String.valueOf(expireTs)); } userService.updateUser(updateUser); log.info("用户{}微信信息更新成功", user.getUserName()); // 6. 返回成功结果 result.put("success", true); result.put("user", user); result.put("openId", openId); result.put("unionId", unionId); return result; } catch (Exception e) { log.error("微信手机号登录异常", e); result.put("success", false); result.put("message", "登录异常: " + e.getMessage()); return result; } } }