论坛信息审核

csf-common/csf-common-util/src/main/java/com/mmc/csf/common/util/web/ResultEnum.java

@@ -297,7 +297,7 @@ public enum ResultEnum implements BaseErrorInfoInterface {
     VERIFY_COUNT_ERROR("30416", "认证次数上限，请联系管理员"),
     NOT_ENT_VERIFY_ERROR("30417", "机构未认证或认证未通过，请先进行机构认证"),
     NOT__VERIFY_ERROR("30418", "机构未认证或飞手认证未通过，请先进行认证"),
-   COMPANY_NOT_VERIFY_ERROR("30419", "未进行企业认证"),
+    COMPANY_NOT_VERIFY_ERROR("30419", "未进行企业认证"),
 
     //渠道认证
     NOT_ENT_USER("30501", "感谢您有意向成为我们的渠道商，请先完成企业认证。"),
@@ -382,14 +382,14 @@ public enum ResultEnum implements BaseErrorInfoInterface {
     SCORE_ERROR("40177", "您输入的积分数量有误，请重新输入！"),
     PLEASE_FILL_IN_THE_CONTRACT_TEMPLATE_FIRST("40178", "请先填充合同模板！"),
 
-    SCORE_NOT_GIVE_MYSELF("40179","积分不能转赠给本人,请重新操作"),
+    SCORE_NOT_GIVE_MYSELF("40179", "积分不能转赠给本人,请重新操作"),
 
     ALREADY_FINISH_ENT_AUTH_ERROR("2000", "助力已完成！"),
-    SYSTEM_ERROR ("2001","系统错误,请稍后重试") ,
-    RULE_ERROR ("2002","当前兑换比例已失效，请刷新后重试"),
+    SYSTEM_ERROR("2001", "系统错误,请稍后重试"),
+    RULE_ERROR("2002", "当前兑换比例已失效，请刷新后重试"),
     COUNT_LIMIT_ERROR("2003", "参与次数已达上线"),
-    ALREADY_ENT_AUTH_ERROR("2004","助力失败，您已完成企业认证！"),
-    ALREADY_REAL_NAME_AUTH_ERROR("2005","助力失败，您已完成实名认证！"),
+    ALREADY_ENT_AUTH_ERROR("2004", "助力失败，您已完成企业认证！"),
+    ALREADY_REAL_NAME_AUTH_ERROR("2005", "助力失败，您已完成实名认证！"),
     PARTICIPATE_BUT_NOT_AUTH_ERROR("2006", "待完成授权或认证"),
     ALREADY_HELP_ERROR("2007", "已助力"),
     ALREADY_STOP_ERROR("2008", "活动已下线"),
@@ -399,7 +399,10 @@ public enum ResultEnum implements BaseErrorInfoInterface {
     DIVIDE_OBJ_NOT_EXIST("2012", "先点击确认添加分成对象"),
 
     // 新闻行业
-    INDUSTRY_NEWS_TITLE_EXISTS("40200","文章标题存在");
+    INDUSTRY_NEWS_TITLE_EXISTS("40200", "文章标题存在"),
+
+    // 论坛
+    DYNAMIC_SENSITIVE_INFO("50100", "发布信息涉及敏感信息！");
     /**
      * 错误码
      *

release-service/src/main/java/com/mmc/csf/release/constant/UserSystemConstant.java

+package com.mmc.csf.release.constant;
+
+import lombok.Data;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author: zj
+ * @Date: 2023/5/16 13:34
+ */
+@Data
+@Component
+public class UserSystemConstant {
+    @Value("${wx.app.id}")
+    private String wxAppId;
+
+    @Value("${wx.app.secret}")
+    private String wxAppSecret;
+
+    @Value("${wx.app.miniprogram-state}")
+    private String miniProgramState;
+
+    @Value("${wx.app.env-version}")
+    private String envVersion;
+
+    @Value("${wx.sub.appid}")
+    private String wxSubAppId;
+
+    @Value("${wx.sub.secret}")
+    private String wxSubSecret;
+
+//    @Value("${third-party.ali.app-code}")
+//    private String aliAppCode;
+//
+//    @Value("${third-party.qcc.app-key}")
+//    private String qccAppKey;
+//
+//    @Value("${third-party.qcc.secret-key}")
+//    private String qccSecretKey;
+}

release-service/src/main/java/com/mmc/csf/release/constant/WxConstant.java

+package com.mmc.csf.release.constant;
+
+/**
+ * @author: zj
+ * @Date: 2023/5/16 16:02
+ */
+public class WxConstant {
+    public static final Integer APP = 0;
+    public static final Integer WEB = 1;
+    public static final Integer LABEL_DATA = 100;
+    public static final String CODE2_SESSION_URL = "https://api.weixin.qq.com/sns/jscode2session";
+    public static final String GRANT_TYPE = "authorization_code";
+    public static final String ACCESS_TOKEN_URL = "https://api.weixin.qq.com/sns/oauth2/access_token";
+    public static final String OPEN_ID = "openid";
+    public static final String UNION_ID = "unionid";
+    public static final String SESSION_KEY = "session_key";
+    public final static String subscribe = "subscribe";
+    public final static String unsubscribe = "unsubscribe";
+    public static final String IUAV_MINI_PROGRAM_ACCESS_TOKEN = "IUAV_MINI_PROGRAM_ACCESS_TOKEN";
+    public static final String SHARE_FLY_SUB_ACCESS_TOKEN = "SHARE_FLY_SUB_ACCESS_TOKEN";
+    public static final String IUAV_MINI_PROGRAM_STABLE_ACCESS_TOKEN = "IUAV_MINI_PROGRAM_STABLE_ACCESS_TOKEN";
+    public static final String RESULT = "result";
+    public static final String LABEL = "label";
+
+
+}

release-service/src/main/java/com/mmc/csf/release/controller/DynamicController.java

@@ -4,6 +4,7 @@ import com.mmc.csf.common.util.web.ResultBody;
 import com.mmc.csf.release.forum.vo.CommentVO;
 import com.mmc.csf.release.forum.vo.DynamicVO;
 import com.mmc.csf.release.service.DynamicService;
+import com.mmc.csf.release.service.WxApiService;
 import io.swagger.annotations.*;
 import org.springframework.web.bind.annotation.*;
 
@@ -12,7 +13,6 @@ import javax.servlet.http.HttpServletRequest;
 
 /**
  * @Author LW
- *
  * @date 2023/5/15 10:29 概要：动态信息控制层
  */
 @Api(tags = {"web-小程序-论坛社区-模块"})
@@ -20,55 +20,73 @@ import javax.servlet.http.HttpServletRequest;
 @RequestMapping("/dynamic")
 public class DynamicController extends BaseController {
 
-  @Resource private DynamicService dynamicService;
+    @Resource
+    private DynamicService dynamicService;
+    @Resource
+    private WxApiService wxApiService;
 
-  @ApiOperation(value = "动态发布")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
-  @PostMapping("/publish")
-  public ResultBody publishDynamic(@RequestBody DynamicVO dynamicVO, HttpServletRequest request) {
-    return dynamicService.insertDynamic(
-        dynamicVO, this.getUserLoginInfoFromRedis(request).getUserAccountId());
-  }
+    @ApiOperation(value = "动态发布")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+    @PostMapping("/publish")
+    public ResultBody publishDynamic(@RequestBody DynamicVO dynamicVO, HttpServletRequest request) {
+        return dynamicService.insertDynamic(
+                dynamicVO, this.getUserLoginInfoFromRedis(request).getUserAccountId());
+    }
 
-  @ApiOperation(value = "点赞或取消点赞")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
-  @GetMapping("/likeOrCancel")
-  public ResultBody likeOrCancel(
-      HttpServletRequest request, @ApiParam(value = "动态id") @RequestParam Integer dynamicId) {
-    return dynamicService.likeDynamic(
-        this.getUserLoginInfoFromRedis(request).getUserAccountId(), dynamicId);
-  }
+//    @ApiOperation(value = "内容test")
+//    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+//    @GetMapping("/test")
+//    public ResultBody publishDynamic(@RequestParam String content, HttpServletRequest request) {
+//        return wxApiService.msgSecCheck("ohQPS5Ca4K6mY4Eju6Vsev096SxM", content);
+//    }
 
-  @ApiOperation(value = "评论动态或回复评论")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
-  @PostMapping("/comment")
-  public ResultBody commentDynamic(@RequestBody CommentVO commentVO, HttpServletRequest request) {
-    return dynamicService.commentDynamic(
-        commentVO, this.getUserLoginInfoFromRedis(request).getUserAccountId());
-  }
+    @ApiOperation(value = "test")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+    @GetMapping("/test/te")
+    public String publishDynamic(String content) {
+        System.out.println(content);
+        return "success";
+    }
 
-  @ApiOperation(value = "删除评论")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
-  @DeleteMapping("/removeComment")
-  public ResultBody removeComment(@RequestParam Integer id) {
-    return dynamicService.deleteComment(id);
-  }
+    @ApiOperation(value = "点赞或取消点赞")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+    @GetMapping("/likeOrCancel")
+    public ResultBody likeOrCancel(
+            HttpServletRequest request, @ApiParam(value = "动态id") @RequestParam Integer dynamicId) {
+        return dynamicService.likeDynamic(
+                this.getUserLoginInfoFromRedis(request).getUserAccountId(), dynamicId);
+    }
 
-  @ApiOperation(value = "动态详情")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = DynamicVO.class)})
-  @GetMapping("/dynamicDetails")
-  public ResultBody dynamicDetails(@RequestParam Integer dynamicId, HttpServletRequest request) {
-    return dynamicService.dynamicDetails(
-        dynamicId, this.getUserLoginInfoFromRedis(request).getUserAccountId(), request);
-  }
+    @ApiOperation(value = "评论动态或回复评论")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+    @PostMapping("/comment")
+    public ResultBody commentDynamic(@RequestBody CommentVO commentVO, HttpServletRequest request) {
+        return dynamicService.commentDynamic(
+                commentVO, this.getUserLoginInfoFromRedis(request).getUserAccountId());
+    }
 
-  @ApiOperation(value = "动态列表")
-  @ApiResponses({@ApiResponse(code = 200, message = "OK", response = DynamicVO.class)})
-  @GetMapping("/dynamicList")
-  public ResultBody dynamicList(
-      @RequestParam Integer pageNo, @RequestParam Integer pageSize, HttpServletRequest request) {
-    return ResultBody.success(
-        dynamicService.dynamicList(
-            pageNo, pageSize, this.getUserLoginInfoFromRedis(request).getUserAccountId(), request));
-  }
+    @ApiOperation(value = "删除评论")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = ResultBody.class)})
+    @DeleteMapping("/removeComment")
+    public ResultBody removeComment(@RequestParam Integer id) {
+        return dynamicService.deleteComment(id);
+    }
+
+    @ApiOperation(value = "动态详情")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = DynamicVO.class)})
+    @GetMapping("/dynamicDetails")
+    public ResultBody dynamicDetails(@RequestParam Integer dynamicId, HttpServletRequest request) {
+        return dynamicService.dynamicDetails(
+                dynamicId, this.getUserLoginInfoFromRedis(request).getUserAccountId(), request);
+    }
+
+    @ApiOperation(value = "动态列表")
+    @ApiResponses({@ApiResponse(code = 200, message = "OK", response = DynamicVO.class)})
+    @GetMapping("/dynamicList")
+    public ResultBody dynamicList(
+            @RequestParam Integer pageNo, @RequestParam Integer pageSize, HttpServletRequest request) {
+        return ResultBody.success(
+                dynamicService.dynamicList(
+                        pageNo, pageSize, this.getUserLoginInfoFromRedis(request).getUserAccountId(), request));
+    }
 }

release-service/src/main/java/com/mmc/csf/release/service/WxApiService.java

+package com.mmc.csf.release.service;
+
+import com.mmc.csf.common.util.web.ResultBody;
+
+/**
+ * @Author LW
+ * @date 2023/7/12 13:44
+ * 概要：
+ */
+public interface WxApiService {
+    ResultBody msgSecCheck(String openid,String content);
+    /**
+     * 获取稳定AccessToken
+     * @return
+     */
+    String getStableAccessToken() throws Exception;
+
+}

release-service/src/main/java/com/mmc/csf/release/service/impl/WxApiServiceImpl.java

+package com.mmc.csf.release.service.impl;
+
+import com.alibaba.fastjson.JSONObject;
+import com.mmc.csf.common.util.web.HttpHelper;
+import com.mmc.csf.common.util.web.HttpsRequestUtil;
+import com.mmc.csf.common.util.web.ResultBody;
+import com.mmc.csf.common.util.web.ResultEnum;
+import com.mmc.csf.release.constant.UserSystemConstant;
+import com.mmc.csf.release.constant.WxConstant;
+import com.mmc.csf.release.service.WxApiService;
+import org.apache.commons.lang.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
+import org.springframework.stereotype.Service;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.concurrent.TimeUnit;
+
+/**
+ * @Author LW
+ * @date 2023/7/12 14:05
+ * 概要：
+ */
+@Service
+public class WxApiServiceImpl implements WxApiService {
+    @Autowired
+    private UserSystemConstant userSystemConstant;
+
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
+    @Override
+    public ResultBody msgSecCheck(String openid, String content) {
+        try {
+            String accessToken = this.getStableAccessToken();
+            JSONObject param = new JSONObject();
+            param.put("content", content);
+            param.put("version", 2);
+            param.put("scene", 3);
+            param.put("openid", openid);
+            String url = "https://api.weixin.qq.com/wxa/msg_sec_check?access_token=" + accessToken;
+            String res = HttpHelper.httpPost(url, param.toString());
+            JSONObject result = JSONObject.parseObject(res);
+            JSONObject resultData = result.getJSONObject(WxConstant.RESULT);
+            if (!resultData.getString(WxConstant.LABEL).equals(WxConstant.LABEL_DATA)) {
+                return ResultBody.error(ResultEnum.DYNAMIC_SENSITIVE_INFO);
+            }
+        } catch (Exception e) {
+            e.printStackTrace();
+        }
+        return ResultBody.success();
+    }
+
+    @Override
+    public String getStableAccessToken() {
+        //token有效期为7200s，需要保存起来，先从redis中获取accessToken，没有则请求获取
+        String accessToken = stringRedisTemplate.opsForValue().get(WxConstant.IUAV_MINI_PROGRAM_STABLE_ACCESS_TOKEN);
+        if (StringUtils.isBlank(accessToken)) {
+            Map<String, String> params = new HashMap<String, String>();
+            params.put("grant_type", "client_credential");
+            params.put("appid", userSystemConstant.getWxAppId());
+            params.put("secret", userSystemConstant.getWxAppSecret());
+            String stableAccessTokenUrl = "https://api.weixin.qq.com/cgi-bin/stable_token";
+            String res = null;
+            try {
+                res = HttpsRequestUtil.httpsRequest(stableAccessTokenUrl, "POST", null, JSONObject.toJSONString(params));
+            } catch (Exception e) {
+                e.printStackTrace();
+            }
+            JSONObject tokenResult = JSONObject.parseObject(res);
+            if (res.indexOf("access_token") == -1) {
+                return null;
+            }
+            accessToken = tokenResult.getString("access_token");
+            long expiresIn = tokenResult.getLong("expires_in");
+            //保存进redis
+            stringRedisTemplate.opsForValue().set(WxConstant.IUAV_MINI_PROGRAM_STABLE_ACCESS_TOKEN, accessToken, expiresIn, TimeUnit.SECONDS);
+            return accessToken;
+        }
+        return accessToken;
+    }
+}

release-service/src/main/resources/application-dev.yml

@@ -76,6 +76,17 @@ spring:
     password: ${RABBITMQ_PASSWORD}
     virtual-host: dev
 
+wx:
+  sub:
+    appid: wx5c6a105a0ddca4c5
+    secret: 96c75255dd26f82f8d55e15b59e101c7
+  app:
+    id: wx18b7883acd204278
+    secret: 28afe74ba373830237a8133a7431ee82
+    miniprogram-state: trial
+    env-version: trial
+    port: user
+
 #eureka   eureka.client.register-with-eureka=true
 eureka:
   instance: