Kaptcha
我在使用了这个验证码插件之后,发现部署上线的时候,会在生成验证码的图片流上有些乱码,就像下面图片所示。
再三研究,发现大致是由于阿里云的服务器上的字体库的原因。(我是在2018年双十一买的服务器ECS,买了一年)
首先你得登陆你的服务器,然后去到这个目录:/usr/share/fonts
然后你通过ll(列出当前目录下所有文件和文件夹),会发现有一个lyx的文件夹,这是阿里云的字体库。
至于你问我为什么我还有第二个字体库(dejavu),而你们没有,这当然是因为我比较帅......咳咳......因为这就是解决这个乱码问题的关键了!
“yum -y install fontconfig“
在服务器的命令窗口执行这一句指令,如果你没有安装fontconfig它将会帮你安装。如果你已经安装了,它就会更新。我的dejavu就是这么来的。
当你发现这个字体库存在以后,你就重启服务器,然后乱码问题迎刃而解。
Zxing
我们都知道,微信请求网页授权的链接是非常长的。我们希望通过扫描二维码来进行这种授权,就要把这条长长的链接生成二维码。
对于url生成二维码,翔哥说过过长的链接会导致生成失败。多长我不知道因为我没有去尝试。翔哥一开始是用百度短网址的API,对长链接进行变短,再将这个短网址生成二维码。
但在实际操作时我发现,我每次扫这个短网址生成的二维码时,微信服务器都会给我返回code been used,而且19年开始百度短网址的API更新了。我百度了一下,发现有别的老铁也会在请求网页授权时遇到了这种code been used的情况,大致说法是其实这一下请求是向微信服务器请求了两次。其中有个老哥建议长的链接拼接后,直接进行重定向跳转,不要放出来分几次操作,就能够避免这种情况。
我试了一下,可行的。原理不清楚,大致是因为浏览器、中间件、Nginx等等等等外部因素没有机会发出多一次请求。权衡利弊下我弃用了原来的短网址方案,而是写多了一个方法(wechat2AddAuth)来拼接网址。通过访问这个方法,拼接网址后重定向微信服务器,生成二维码就用这个方法,就避免了url过长。
下面是我的实际解决方案。第一个是application.properties(项目基于springboot1.5)
# 微信相关 ======================================
wechat.api.appid=APPID
wechat.api.secret=APPSECRET
# 页面开放授权
wechat.api.authorize.a-uri=https://open.weixin.qq.com/connect/oauth2/authorize?appid=${wechat.api.appid}&redirect_uri=
wechat.api.authorize.b-state=&response_type=code&scope=snsapi_userinfo&state=
wechat.api.authorize.suffix=#wechat_redirect
# 用户网页授权接口
wechat.api.sns.oauth2.code=https://api.weixin.qq.com/sns/oauth2/access_token?appid=${wechat.api.appid}&secret=${wechat.api.secret}&code=
wechat.api.sns.oauth2.suffix=&grant_type=authorization_code
wechat.api.sns.user-info.a-access-token=https://api.weixin.qq.com/sns/userinfo?access_token=
wechat.api.sns.user-info.b-openid=&openid=
wechat.api.sns.user-info.suffix=&lang=zh_CN
wechat.o2o.wechat-login=http://你的域名/o2o/wechatlogin/logincheck
wechat.o2o.auth-url=http://你的域名/o2o/shopadmin/addshopauthmappackage com.imooc.springbooto2o.web.shopadmin;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.zxing.client.j2se.MatrixToImageWriter;
import com.google.zxing.common.BitMatrix;
import com.imooc.springbooto2o.config.property.WechatProperties;
import com.imooc.springbooto2o.dto.ShopAuthMapExecution;
import com.imooc.springbooto2o.dto.UserAccessToken;
import com.imooc.springbooto2o.dto.WechatInfo;
import com.imooc.springbooto2o.entity.PersonInfo;
import com.imooc.springbooto2o.entity.Shop;
import com.imooc.springbooto2o.entity.ShopAuthMap;
import com.imooc.springbooto2o.entity.WechatAuth;
import com.imooc.springbooto2o.enums.ShopAuthMapStateEnum;
import com.imooc.springbooto2o.service.PersonInfoService;
import com.imooc.springbooto2o.service.ShopAuthMapService;
import com.imooc.springbooto2o.service.WechatAuthService;
import com.imooc.springbooto2o.util.CodeUtil;
import com.imooc.springbooto2o.util.HttpServletRequestUtil;
import com.imooc.springbooto2o.util.ShortNetAddressUtil;
import com.imooc.springbooto2o.util.wechat.WechatUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.context.properties.EnableConfigurationProperties;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.net.URLEncoder;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Controller
@EnableConfigurationProperties(WechatProperties.class)
@RequestMapping("/shopadmin")
public class ShopAuthManagementController {
@Autowired
private ShopAuthMapService shopAuthMapService;
@Autowired
private PersonInfoService personInfoService;
@Autowired
private WechatAuthService wechatAuthService;
@Autowired
private static WechatProperties wechatProperties;
@Autowired
public void setWechatProperties(WechatProperties wechatProperties) {
ShopAuthManagementController.wechatProperties = wechatProperties;
}
/**
* 生成带有URL的二维码,微信扫一扫就能链接到对应的URL里面
* @param request
* @param response
*/
@RequestMapping(value = "/generateqrcode4shopauth")
@ResponseBody
private void generateQRCode4ShopAuth(HttpServletRequest request, HttpServletResponse response) {
//从session获取当前shop信息
Shop shop = (Shop) request.getSession().getAttribute("currentShop");
if(shop != null && shop.getShopId() != null) {
//获取当前时间戳,以保证二维码的时间有效性,精确到毫秒
long timeStamp = System.currentTimeMillis();
try {
//将content的信息先进行base64编码以避免特殊字符造成的干扰,之后拼接目标URL
String longUrl = "http://你的域名/o2o/shopadmin/wechat2addauth" +
"?shopId=" + shop.getShopId() + "&createTime=" + timeStamp;
//调用二维码生成的工具类方法,传入短的URL,生成二维码
BitMatrix qRcodeImg = CodeUtil.generateQRCodeStream(longUrl, response);
//将二维码以图片流形式输出到前端
MatrixToImageWriter.writeToStream(qRcodeImg, "png", response.getOutputStream());
} catch (IOException e) {
e.printStackTrace();
}
}
}
@RequestMapping(value = "/wechat2addauth", method = { RequestMethod.GET })
private String wechat2AddAuth(HttpServletRequest request){
String createTime = HttpServletRequestUtil.getString(request,"createTime");
String shopId = HttpServletRequestUtil.getString(request,"shopId");
//将店铺id和timestamp传入content,赋值到state中,这样微信获取到的这些信息后会回传到授权信息的添加方法里
//加上aaa是为了在一会儿的添加信息的主方法里替换这些信息使用
String content = "{aaashopIdaaa:" + shopId + ", aaacreateTimeaaa:" + createTime + "}";
WechatProperties.Api.Authorize authorize = wechatProperties.getApi().getAuthorize();
String url = null;
try {
url = authorize.getAUri() + wechatProperties.getO2o().getAuthUrl() + authorize.getBState() +
URLEncoder.encode(content, "UTF-8") + authorize.getSuffix();
return "redirect:" + url;
} catch (UnsupportedEncodingException e) {
e.printStackTrace();
return "shop/operationfail";
}
}
/**
* 根据微信回传回来的参数添加店铺的授权信息
* @param request
* @param response
* @return
* @throws IOException
*/
@RequestMapping(value = "/addshopauthmap", method = RequestMethod.GET)
private String addShopAuthMap(HttpServletRequest request, HttpServletResponse response) throws IOException {
//从request里面获取微信用户的信息
WechatAuth auth = getEmployeeInfo(request);
if(auth != null) {
//根据userId里面获取微信用户的信息
PersonInfo user = personInfoService.getPersonInfoById(auth.getPersonInfo().getUserId());
//将用户信息添加的user里
request.getSession().setAttribute("user", user);
//解析微信回传过来的自定义参数state,由于之前进行了编码,这里需要解码一下
String qrCodeInfo = new String(
URLDecoder.decode(HttpServletRequestUtil.getString(request, "state"), "UTF-8"));
ObjectMapper mapper = new ObjectMapper();
WechatInfo wechatInfo = null;
try {
//将解码后的内容用aaa去替换掉之前生成二维码的时候加入了aaa前缀,转换成WechatInfo实体类
wechatInfo = mapper.readValue(qrCodeInfo.replace("aaa", "\""), WechatInfo.class);
} catch (Exception e) {
return "shop/operationfail";
}
//校验二维码是否已经过期
if(!checkQRCodeInfo(wechatInfo)) {
return "shop/operationfail";
}
//去重校验
//获取该店铺下的所有授权信息
ShopAuthMapExecution allMapList = shopAuthMapService.listShopAuthMapByShopId(wechatInfo.getShopId(), 1, 999);
List<ShopAuthMap> shopAuthMapList = allMapList.getShopAuthMapList();
for( ShopAuthMap sm : shopAuthMapList ) {
if(sm.getEmployee().getUserId() == user.getUserId()) {
return "shop/operationfail";
}
}
try {
// 根据获取到的内容,添加微信授权信息
ShopAuthMap shopAuthMap = new ShopAuthMap();
Shop shop = new Shop();
shop.setShopId(wechatInfo.getShopId());
shopAuthMap.setShop(shop);
shopAuthMap.setEmployee(user);
shopAuthMap.setTitle("员工");
shopAuthMap.setTitleFlag(1);
ShopAuthMapExecution se = shopAuthMapService.addShopAuthMap(shopAuthMap);
if(se.getState() == ShopAuthMapStateEnum.SUCCESS.getState()){
return "shop/operationsuccess";
} else {
return "shop/operationfail";
}
} catch (RuntimeException e) {
return "shop/operationfail";
}
}
return "shop/operationfail";
}
/**
* 根据微信回传的code获取用户信息
* @param request
* @return
*/
private WechatAuth getEmployeeInfo(HttpServletRequest request) {
String code = request.getParameter("code");
WechatAuth auth = null;
if(null != code){
UserAccessToken token;
try {
token = WechatUtil.getUserAccessToken(code);
String openId = token.getOpenId();
request.getSession().setAttribute("openId", openId);
auth = wechatAuthService.getWechatAuthByOpenId(openId);
} catch (IOException e) {
e.printStackTrace();
}
}
return auth;
}
/**
* 根据二维码携带的createTime判断其是否超过了10分钟,超过十分钟则认为过期
* @param wechatInfo
* @return
*/
private boolean checkQRCodeInfo(WechatInfo wechatInfo) {
if(wechatInfo != null && wechatInfo.getShopId() != null && wechatInfo.getCreateTime() != null) {
long nowTime = System.currentTimeMillis();
if(nowTime - wechatInfo.getCreateTime() <= 600000) {
return true;
} else {
return false;
}
} else {
return false;
}
}
}