diff --git a/app/Controller/IndexController.php b/app/Controller/IndexController.php index b2e8b2f..c1e7e6b 100644 --- a/app/Controller/IndexController.php +++ b/app/Controller/IndexController.php @@ -46,7 +46,7 @@ class IndexController extends AbstractController } /** - * 医师端-首页 + * 药师端-首页 * @return ResponseInterface */ public function pharmacistIndex(): ResponseInterface diff --git a/app/Controller/LoginController.php b/app/Controller/LoginController.php index 204d408..308066b 100644 --- a/app/Controller/LoginController.php +++ b/app/Controller/LoginController.php @@ -41,4 +41,16 @@ class LoginController extends AbstractController $data = $LoginService->mobileLogin(); return $this->response->json($data); } + + // 微信授权接口 + public function wxAuthorize(): ResponseInterface + { + // 验证参数 + $request = $this->container->get(LoginRequest::class); + $request->scene('wxAuthorize')->validateResolved(); + + $LoginService = new LoginService(); + $data = $LoginService->wxAuthorize(); + return $this->response->json($data); + } } \ No newline at end of file diff --git a/app/Controller/UserController.php b/app/Controller/UserController.php index ca5f2ea..95cf6cd 100644 --- a/app/Controller/UserController.php +++ b/app/Controller/UserController.php @@ -346,6 +346,9 @@ class UserController extends AbstractController ]; $result = $ca->getCertSign("491925054435950592","491925054435950592",$data); - dump($result); + + // 验证PKCS7签名 + + $result = $ca->verifyPkcs7($result['signP7'],$data); } } \ No newline at end of file diff --git a/app/Request/LoginRequest.php b/app/Request/LoginRequest.php index ef5efce..c51fa7e 100644 --- a/app/Request/LoginRequest.php +++ b/app/Request/LoginRequest.php @@ -12,6 +12,7 @@ class LoginRequest extends FormRequest protected array $scenes = [ 'wechatMobileLogin' => ['phone_code','wx_code','user_type'], 'mobileLogin' => ['code','phone','user_type'], + 'mobileLogin' => ['wx_code'], ]; /** diff --git a/app/Services/DoctorAuthService.php b/app/Services/DoctorAuthService.php index 1f82a5e..97dbd03 100644 --- a/app/Services/DoctorAuthService.php +++ b/app/Services/DoctorAuthService.php @@ -739,6 +739,11 @@ class DoctorAuthService extends BaseService $result['department_custom_mobile_reason'] = $doctor_iden_fail['fail_reason']; } + // 科室名称 + if ($doctor_iden_fail['field_name'] == "department_custom_name") { + $result['department_custom_name_reason'] = $doctor_iden_fail['fail_reason']; + } + // 医生简介 if ($doctor_iden_fail['field_name'] == "brief_introduction") { $result['brief_introduction_reason'] = $doctor_iden_fail['fail_reason']; diff --git a/app/Services/LoginService.php b/app/Services/LoginService.php index e7f071f..03d5c72 100644 --- a/app/Services/LoginService.php +++ b/app/Services/LoginService.php @@ -9,6 +9,7 @@ use App\Model\UserPatient as UserPatientModel; use App\Model\UserPharmacist as UserPharmacistModel; use App\Utils\Http; use App\Utils\Jwt; +use App\Utils\Log; use Extend\TencentIm\Account; use Extend\Wechat\Wechat; use Hyperf\DbConnection\Db; @@ -232,17 +233,31 @@ class LoginService extends BaseService $code = $this->request->input('code'); $phone = $this->request->input('phone'); $user_type = $this->request->input('user_type'); + $wx_code = $this->request->input('wx_code'); $redis = $this->container->get(Redis::class); // 验证验证码 -// $sms_code = $redis->get("login_code" . $phone); -// if (empty($sms_code)){ -// return fail(HttpEnumCode::CODE_EXPIRED); -// } -// -// if ($sms_code != $code){ -// return fail(HttpEnumCode::CODE_ERROR); -// } + $sms_code = $redis->get("login_code" . $phone); + if (empty($sms_code)){ + return fail(HttpEnumCode::CODE_EXPIRED); + } + + if ($sms_code != $code){ + return fail(HttpEnumCode::CODE_ERROR); + } + + try { + $weChat = new Wechat($user_type); + + // 获取用户openid + $wx_info_data = $weChat->codeToSession($wx_code); + $session_key = $wx_info_data['session_key'] ?? ""; + $open_id = $wx_info_data['openid'] ?? ""; + } catch (\Exception $e) { + // 此处不进行处理 + Log::getInstance()->info($e->getMessage()); + } + Db::beginTransaction(); @@ -277,6 +292,8 @@ class LoginService extends BaseService $data['user_id'] = $user->user_id; $data['user_name'] = $user['user_name']; $data['status'] = 1; + $data['open_id'] = $open_id; + $data['wx_session_key'] = $session_key; if ($user['user_type'] == 1) { // 患者 @@ -303,6 +320,12 @@ class LoginService extends BaseService return fail(HttpEnumCode::SERVER_ERROR); } $client_user_id = $user_doctor['doctor_id']; + }elseif($user['user_type'] == 3){ + Db::rollBack(); + return fail(HttpEnumCode::SERVER_ERROR); + }else{ + Db::rollBack(); + return fail(HttpEnumCode::SERVER_ERROR); } } else { // 已注册用户 @@ -329,6 +352,9 @@ class LoginService extends BaseService if (!empty($result)){ $client_user_id = $result['pharmacist_id']; } + }else{ + Db::rollBack(); + return fail(HttpEnumCode::SERVER_ERROR); } if (empty($result)) { @@ -362,7 +388,7 @@ class LoginService extends BaseService $token_user_data = array(); $token_user_data['user_id'] = $user['user_id']; // 用户id $token_user_data['user_type'] = $user['user_type'];// 用户类型 - $token_user_data['open_id'] = "";// open_id + $token_user_data['open_id'] = $open_id;// open_id $token_user_data['client_user_id'] = $client_user_id;// 对应客户端id // 发放token diff --git a/config/routes.php b/config/routes.php index 942c299..81688ca 100644 --- a/config/routes.php +++ b/config/routes.php @@ -358,6 +358,9 @@ Router::addGroup('/login', function () { // 手机号登陆 Router::post('/mobile_login', [LoginController::class, 'mobileLogin']); + + // 微信授权接口 + Router::post('/authorize', [LoginController::class, 'wxAuthorize']); }); // 验证码api diff --git a/extend/Ca/Ca.php b/extend/Ca/Ca.php index b191354..ef8c910 100644 --- a/extend/Ca/Ca.php +++ b/extend/Ca/Ca.php @@ -7,6 +7,7 @@ use App\Exception\BusinessException; use GuzzleHttp\Client; use GuzzleHttp\Exception\GuzzleException; use Hyperf\Di\Annotation\Inject; +use Hyperf\Snowflake\IdGeneratorInterface; use Hyperf\Utils\ApplicationContext; use Psr\Container\ContainerInterface; @@ -66,7 +67,7 @@ class Ca $option = [ 'form_params' => [ 'entityId' => $user_id, // 用户唯一标识,由业务系统定义 - 'toSign' => json_encode($data,JSON_UNESCAPED_UNICODE), + 'toSign' => hash_hmac("sha1",json_encode($data,JSON_UNESCAPED_UNICODE),config("ca.secret")), // 签名原文 'pin' => $pin, // 证书PIN码 ] ]; @@ -86,6 +87,34 @@ class Ca } } + // PKCS7签名验证接口 + // 对客户端签名信息进行验证,返回证书信息,同时可以配置回调服务,在验证成功后回调业务系统 + public function verifyPkcs7(string $sign_p7,array $data){ + $generator = $this->container->get(IdGeneratorInterface::class); + + $option = [ + 'form_params' => [ + 'opType' => "签名验证", + 'requestId' => $generator->generate(),// 业务流水号,唯一 + 'signedData' => $sign_p7, // 签名值:签名接口返回的signP7 + 'toSign' => hash_hmac("sha1",json_encode($data,JSON_UNESCAPED_UNICODE),config("ca.secret")), // 签名原文 + ] + ]; + + try { + $response = $this->httpRequest( + config("ca.api_url") . '/signgw-service/api/signature/verifyPkcs7', + $option + ); + if (empty($response)){ + // 返回值为空 + throw new BusinessException(HttpEnumCode::getMessage(HttpEnumCode::SERVER_ERROR)); + } + return $response; + } catch (GuzzleException $e) { + throw new BusinessException($e->getMessage()); + } + } /** * 获取请求签名 * @param array $data @@ -117,6 +146,9 @@ class Ca ]; $arg = array_merge($arg,$option); + + // dump(json_encode($arg,JSON_UNESCAPED_UNICODE)); + $response = $this->client->post($path, $arg); if ($response->getStatusCode() != '200'){ // 请求失败