1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
package com.reyun.service.impl;
import com.reyun.service.MessageCodeService;
import com.reyun.util.*;
import org.codehaus.jettison.json.JSONException;
import org.codehaus.jettison.json.JSONObject;
import org.springframework.stereotype.Service;
import java.util.*;
/**
* Created by liucheng@reyun.com on 2017/6/8 0008.
*/
@Service
public class MessageCodeServiceImpl implements MessageCodeService {
@Override
public String sendMessageCode(String phone , String ip) {
String result = "success";
String code = new String();
RedisUtilNew redisUtilNew = RedisUtilNew.getInstance();
/**
* 1. 短信验证码 请求次数入库
*/
String times = redisUtilNew.get(phone + "times");
Integer timeadd = 0;
//发送验证码次数增加
if (ValidateUtil.isValid(times)) {
timeadd = Integer.parseInt(times) + 1;
/**
* 这里redis设有过期时间的key不能更新,需要获取他的过期时间,删除,重新set
*/
//获取过去时间
Long expiretime = redisUtilNew.getExpireTime(phone+ "times");
//删除key
redisUtilNew.delete(phone+ "times");
//重新赋值
redisUtilNew.expireValue(phone + "times",timeadd.toString(), expiretime.intValue());
} else {
//首次进入获取验证码
redisUtilNew.expireValue(phone + "times","1", 86400);
}
/**
* 一个ip每天最多发送50次短信验证请求
* 2. 验证ip的真实性,如果ip不为空并且入redis库次数不超过50次,正常
* 如果ip为空,但请求次数不超过100,正常
* 如果ip为空,并且请求次数不超过100,发送邮件告警
*/
//声明iptimes在redis中的key
String ipTimesKey = "";
if (ValidateUtil.isValid(ip))
{
ipTimesKey = ip + "times";
}
else
{
ipTimesKey = "unknowtimes";
}
//更新redis中的ip数量信息
String iptimes = redisUtilNew.get(ipTimesKey);
Integer iptimeadd = 0;
//ip发送验证码次数增加
if (ValidateUtil.isValid(iptimes)) {
iptimeadd = Integer.parseInt(iptimes) + 1;
Long ipexpiretime = redisUtilNew.getExpireTime(ipTimesKey);
redisUtilNew.delete(ipTimesKey);
redisUtilNew.expireValue(ipTimesKey, iptimeadd.toString(),ipexpiretime.intValue());
} else {
//首次进入
redisUtilNew.expireValue(ipTimesKey, "1",86400);
}
/**
* 3.判断短信验证码次数超过5次 或者ip地址请求验证码超过50次,不发验证码
*/
//短信验证码次数
if (timeadd <= 5 && iptimeadd <= Integer.parseInt(Constant.REDIS_IP_REQUEST_TIMES) && !"unknowtimes".equals(ipTimesKey)) {
//发送验证码
Map<String, String> conditions = new HashMap<String, String>();
// System.out.println(Constant.messageCodeUrl + "?phone=" + phone + "&tplcode=3053455&len=6");
String responseJson = HttpClientUtil.doHttpPostRequest(Constant.messageCodeUrl + "?phone=" + phone + "&tplcode=3053455&len=6", "tkio", conditions);
// System.out.println(responseJson);
//获取验证码
JSONObject jsonObject = null;
try {
jsonObject = new JSONObject(responseJson);
String content = jsonObject.getString("content");
JSONObject contentObject = new JSONObject(content);
String obj = contentObject.getString("obj");
code = obj;
} catch (JSONException e) {
e.printStackTrace();
}
//redis存放短信验证码,并设计有效时间
redisUtilNew.expireValue(phone, code,Integer.parseInt(Constant.REDIS_KEY_VALID_TIME));
}
else if (timeadd > 5)
{
result = "manytimes";
}
else if (!"unknowtimes".equals(ipTimesKey) && iptimeadd > Integer.parseInt(Constant.REDIS_IP_REQUEST_TIMES))
{
result = "ipmanytimes";
}
//异常ip超过100返回并发送报警邮件
else if ("unknowtimes".equals(ipTimesKey) && iptimeadd > Integer.parseInt(Constant.REDIS_IP_UNKNOWN_REQUEST_TIMES))
{
result = "iperror";
//发送邮件
String subject = "trakingio_demo登录ip异常邮件";
StringBuilder sb = new StringBuilder();
sb.append("<!doctype html> <html><head></head><body> ")
.append("于").append(DateUtil.getCurrentDateStr()).append("demo登录的短信验证功能未知ip的请求总量超出100")
.append("。请及时处理")
.append("</body></html>");
List<String> list = new ArrayList<>();
String receiver = Constant.mailList;
list = Arrays.asList(receiver.split(","));
try {
//MailUtils.sendHtmlEmail(subject, sb.toString(), list);
SendCommonPostMail.sendMailReuse(list, subject, sb.toString(),null,null);
} catch (Exception e) {
e.printStackTrace();
}
}
return result;
}
@Override
public String varifyMessagecode(String phone, String code) {
String result = "success";
RedisUtilNew redisUtilNew = RedisUtilNew.getInstance();
String truecode = redisUtilNew.get(phone);
//验证码时效性
if (ValidateUtil.isValid(truecode))
{
if (!truecode.equals(code))
{
result = "code error";
}
} else {
result = "code out of time";
}
return result;
}
public static void main(String[] args) throws JSONException {
Map<String, String> conditions = new HashMap<String, String>();
String responseJson = HttpClientUtil.doHttpPostRequest(Constant.messageCodeUrl + "?phone=18612058495&tplcode=3053455&len=6", "tkio", conditions);
JSONObject jsonObject = new JSONObject(responseJson);
String content = jsonObject.getString("content");
JSONObject contentObject = new JSONObject(content);
String obj = contentObject.getString("obj");
//String code = jsonObject.getString("code");
//System.out.println(code);
}
}