portal-web/src/main/java/com/ekexiu/portal/service/SysService.java

package com.ekexiu.portal.service;

import java.io.IOException;
import java.sql.Connection;
import java.sql.SQLException;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.TimeUnit;

import javax.mail.MessagingException;

import org.apache.log4j.Logger;
import org.jfw.apt.annotation.Autowrie;
import org.jfw.apt.annotation.Nullable;
import org.jfw.apt.web.annotation.Path;
import org.jfw.apt.web.annotation.method.SetCookie;
import org.jfw.apt.web.annotation.operate.Get;
import org.jfw.apt.web.annotation.operate.Post;
import org.jfw.apt.web.annotation.param.JdbcConn;
import org.jfw.apt.web.annotation.param.PathVar;
import org.jfw.apt.web.annotation.param.SessionVal;
import org.jfw.util.StringUtil;
import org.jfw.util.context.JfwAppContext;
import org.jfw.util.exception.JfwBaseException;
import org.jfw.util.state.StateCode;

import com.ekexiu.portal.dao.OrgDao;
import com.ekexiu.portal.dao.OrgUserDao;
import com.ekexiu.portal.dao.ProfessorDao;
import com.ekexiu.portal.dao.UserDao;
import com.ekexiu.portal.dao.UserOpenIdDao;
import com.ekexiu.portal.mail.MailService;
import com.ekexiu.portal.mobile.MobilePhoneService;
import com.ekexiu.portal.oauth.OAuthService;
import com.ekexiu.portal.oauth.OAuthUser;
import com.ekexiu.portal.po.OrgUser;
import com.ekexiu.portal.po.Organization;
import com.ekexiu.portal.po.Professor;
import com.ekexiu.portal.po.User;
import com.ekexiu.portal.po.UserOpenId;
import com.ekexiu.portal.pojo.SessionUser;

@Path
public class SysService {
	public static final String DEFAULT_PASS_WORD = "11111111111111111111111111111111";
	public static SimpleDateFormat DATE = new SimpleDateFormat("yyyyMMddHHmmss");
	private Logger logger = Logger.getLogger(SysService.class);

	@Autowrie
	private UserDao userDao;
	@Autowrie
	private OrgUserDao orgUserDao;
	@Autowrie
	private OrgDao orgDao;
	@Autowrie
	private OrgService orgService;
	@Autowrie
	private ProfessorDao professorDao;
	@Autowrie
	private ProfessorService professorService;
	@Autowrie
	private MailService mailservice;
	@Autowrie
	private MobilePhoneService mobilePhoneServcie;
	@Autowrie
	private GrowthLogService growthLogService;
	@Autowrie
	private GrowthRuleService rule;
	@Autowrie
	private OAuthService oauthService;
	@Autowrie
	private UserOpenIdDao userOpenIdDao;

	private String bindMailSubject;

	private String bindMailReplaceKey;
	private String bindMailReplaceContentTempalte;
	private long timeLimitWithBindMail = 10 * 60 * 1000;

	private String bindOrgMailReplaceKey;
	private String bindOrgMailSubject;
	private String bindOrgMailReplaceContentTempalte;
	private long timeLimitWithBindOrgMail = 10 * 60 * 1000;

	private String regMailSubject = "注册[科袖网]用户";
	private String regMailReplaceKey;
	private String regMailReplaceContentTempalte;
	private long timeLimitWithRegMail = 10 * 60 * 1000;

	private String orgRegMailSubject = "注册[科袖网]企业用户";
	private String orgRegMailReplaceKey;
	private String orgRegMailReplaceContentTempalte;
	private long timeLimitWithOrgRegMail = 10 * 60 * 1000;

	private String sendConsultMailSubject;
	private String sendConsultMailContentTemplate;
	private String sendConsultSMSContentTemplate;

	private String bindMobilePhoneReplaceKey;
	private String bindMobilePhoneContentTemplate;
	private long timeLimitWithBindMobilePhone = 3 * 60 * 1000;

	private String phoneRetrievePasswordReplaceKey;
	private String phoneRetrievePasswordContentTemplate;
	private long timeLimitWithPhoneRetrievePassword = 3 * 60 * 1000;

	private String mailRetrievePasswordContentTemplate;
	private String mailRetrievePasswordReplaceKey;
	private String mailRetrievePasswordSubject;
	private long timeLimitWithMailRetrivePassword = 10 * 60 * 1000;

	private String orgMailRetrievePasswordContentTemplate;
	private String orgMailRetrievePasswordReplaceKey;
	private String orgMailRetrievePasswordSubject;
	private long timeLimitWithOrgMailRetrivePassword = 10 * 60 * 1000;

	private String regMobilePhoneReplaceKey;
	private String regMobilePhoneContentTemplate;
	private long timeLimitWithRegMobilePhone = 3 * 60 * 1000;

	private String loginMobilePhoneReplaceKey;
	private String loginMobilePhoneContentTemplate;
	private long timeLimitWithLoginMobilePhone = 3 * 60 * 1000;

	private String phoneContentTemplate;
	private String phoneReplaceKey = "mobileCode";
	private String inviteReplacePhone = "phoneKey";
	private String inviteReplaceEmail = "mailKey";
	private String inviteReplaceCode = "invitCodeKey";
	private String inviteMailSubject = "[ 科袖网 ]特邀科研专家邀请函";
	private String inviteMailContentTempalte;

	private String inviteStaffReplaceKey = "stateCode";
	private String inviteStaffMailTempalte;
	private String inviteStaffOrgKey = "orgKey";
	private String inviteStaffSubject = "[ 科袖网 ]企业员工邀请函";

	private String retrieveOrgSuccessTempalte;
	private String retrieveOrgSuccessSubject;
	private String retrieveOrgFailTempalte;
	private String retrieveOrgFailSubject;

	public String getRegMailReplaceKey() {
		return regMailReplaceKey;
	}

	public void setRegMailReplaceKey(String regMailReplaceKey) {
		this.regMailReplaceKey = regMailReplaceKey;
	}

	public String getRegMailReplaceContentTempalte() {
		return regMailReplaceContentTempalte;
	}

	public void setRegMailReplaceContentTempalte(String regMailReplaceContentTempalte) {
		this.regMailReplaceContentTempalte = regMailReplaceContentTempalte;
	}

	public long getTimeLimitWithRegMail() {
		return timeLimitWithRegMail;
	}

	public void setTimeLimitWithRegMail(long timeLimitWithRegMail) {
		this.timeLimitWithRegMail = timeLimitWithRegMail;
	}

	public String getRegMobilePhoneReplaceKey() {
		return regMobilePhoneReplaceKey;
	}

	public void setRegMobilePhoneReplaceKey(String regMobilePhoneReplaceKey) {
		this.regMobilePhoneReplaceKey = regMobilePhoneReplaceKey;
	}

	public String getRegMobilePhoneContentTemplate() {
		return regMobilePhoneContentTemplate;
	}

	public void setRegMobilePhoneContentTemplate(String regMobilePhoneContentTemplate) {
		this.regMobilePhoneContentTemplate = regMobilePhoneContentTemplate;
	}

	public long getTimeLimitWithRegMobilePhone() {
		return timeLimitWithRegMobilePhone;
	}

	public void setTimeLimitWithRegMobilePhone(long timeLimitWithRegMobilePhone) {
		this.timeLimitWithRegMobilePhone = timeLimitWithRegMobilePhone;
	}

	public String getLoginMobilePhoneReplaceKey() {
		return loginMobilePhoneReplaceKey;
	}

	public void setLoginMobilePhoneReplaceKey(String loginMobilePhoneReplaceKey) {
		this.loginMobilePhoneReplaceKey = loginMobilePhoneReplaceKey;
	}

	public String getLoginMobilePhoneContentTemplate() {
		return loginMobilePhoneContentTemplate;
	}

	public void setLoginMobilePhoneContentTemplate(String loginMobilePhoneContentTemplate) {
		this.loginMobilePhoneContentTemplate = loginMobilePhoneContentTemplate;
	}

	public long getTimeLimitWithLoginMobilePhone() {
		return timeLimitWithLoginMobilePhone;
	}

	public void setTimeLimitWithLoginMobilePhone(long timeLimitWithLoginMobilePhone) {
		this.timeLimitWithLoginMobilePhone = timeLimitWithLoginMobilePhone;
	}

	public String getMailRetrievePasswordSubject() {
		return mailRetrievePasswordSubject;
	}

	public void setMailRetrievePasswordSubject(String mailRetrievePasswordSubject) {
		this.mailRetrievePasswordSubject = mailRetrievePasswordSubject;
	}

	public MobilePhoneService getMobilePhoneServcie() {
		return mobilePhoneServcie;
	}

	public void setMobilePhoneServcie(MobilePhoneService mobilePhoneServcie) {
		this.mobilePhoneServcie = mobilePhoneServcie;
	}

	public GrowthLogService getGrowthLogService() {
		return growthLogService;
	}

	public void setGrowthLogService(GrowthLogService growthLogService) {
		this.growthLogService = growthLogService;
	}

	public GrowthRuleService getRule() {
		return rule;
	}

	public void setRule(GrowthRuleService rule) {
		this.rule = rule;
	}

	public String getPhoneRetrievePasswordReplaceKey() {
		return phoneRetrievePasswordReplaceKey;
	}

	public void setPhoneRetrievePasswordReplaceKey(String phoneRetrievePasswordReplaceKey) {
		this.phoneRetrievePasswordReplaceKey = phoneRetrievePasswordReplaceKey;
	}

	public String getPhoneRetrievePasswordContentTemplate() {
		return phoneRetrievePasswordContentTemplate;
	}

	public void setPhoneRetrievePasswordContentTemplate(String phoneRetrievePasswordContentTemplate) {
		this.phoneRetrievePasswordContentTemplate = phoneRetrievePasswordContentTemplate;
	}

	public long getTimeLimitWithPhoneRetrievePassword() {
		return timeLimitWithPhoneRetrievePassword;
	}

	public void setTimeLimitWithPhoneRetrievePassword(long timeLimitWithPhoneRetrievePassword) {
		this.timeLimitWithPhoneRetrievePassword = timeLimitWithPhoneRetrievePassword;
	}

	public long getTimeLimitWithMailRetrivePassword() {
		return timeLimitWithMailRetrivePassword;
	}

	public void setTimeLimitWithMailRetrivePassword(long timeLimitWithMailRetrivePassword) {
		this.timeLimitWithMailRetrivePassword = timeLimitWithMailRetrivePassword;
	}

	public String getOrgMailRetrievePasswordContentTemplate() {
		return orgMailRetrievePasswordContentTemplate;
	}

	public void setOrgMailRetrievePasswordContentTemplate(String orgMailRetrievePasswordContentTemplate) {
		this.orgMailRetrievePasswordContentTemplate = orgMailRetrievePasswordContentTemplate;
	}

	public String getOrgMailRetrievePasswordReplaceKey() {
		return orgMailRetrievePasswordReplaceKey;
	}

	public void setOrgMailRetrievePasswordReplaceKey(String orgMailRetrievePasswordReplaceKey) {
		this.orgMailRetrievePasswordReplaceKey = orgMailRetrievePasswordReplaceKey;
	}

	public String getOrgMailRetrievePasswordSubject() {
		return orgMailRetrievePasswordSubject;
	}

	public void setOrgMailRetrievePasswordSubject(String orgMailRetrievePasswordSubject) {
		this.orgMailRetrievePasswordSubject = orgMailRetrievePasswordSubject;
	}

	public long getTimeLimitWithOrgMailRetrivePassword() {
		return timeLimitWithOrgMailRetrivePassword;
	}

	public void setTimeLimitWithOrgMailRetrivePassword(long timeLimitWithOrgMailRetrivePassword) {
		this.timeLimitWithOrgMailRetrivePassword = timeLimitWithOrgMailRetrivePassword;
	}

	public String getBindMobilePhoneReplaceKey() {
		return bindMobilePhoneReplaceKey;
	}

	public void setBindMobilePhoneReplaceKey(String bindMobilePhoneReplaceKey) {
		this.bindMobilePhoneReplaceKey = bindMobilePhoneReplaceKey;
	}

	public String getSendConsultMailSubject() {
		return sendConsultMailSubject;
	}

	public void setSendConsultMailSubject(String sendConsultMailSubject) {
		this.sendConsultMailSubject = sendConsultMailSubject;
	}

	public String getSendConsultMailContentTemplate() {
		return sendConsultMailContentTemplate;
	}

	public void setSendConsultMailContentTemplate(String sendConsultMailContentTemplate) {
		this.sendConsultMailContentTemplate = sendConsultMailContentTemplate;
	}

	public String getSendConsultSMSContentTemplate() {
		return sendConsultSMSContentTemplate;
	}

	public void setSendConsultSMSContentTemplate(String sendConsultSMSContentTemplate) {
		this.sendConsultSMSContentTemplate = sendConsultSMSContentTemplate;
	}

	public String getBindMobilePhoneContentTemplate() {
		return bindMobilePhoneContentTemplate;
	}

	public void setBindMobilePhoneContentTemplate(String bindMobilePhoneContentTemplate) {
		this.bindMobilePhoneContentTemplate = bindMobilePhoneContentTemplate;
	}

	public long getTimeLimitWithBindMobilePhone() {
		return timeLimitWithBindMobilePhone;
	}

	public void setTimeLimitWithBindMobilePhone(long timeLimitWithBindMobilePhone) {
		this.timeLimitWithBindMobilePhone = timeLimitWithBindMobilePhone;
	}

	public void setMailRetrievePasswordContentTemplate(String retrievePasswordContentTemplate) {
		this.mailRetrievePasswordContentTemplate = retrievePasswordContentTemplate;
	}

	public String getBindMailSubject() {
		return bindMailSubject;
	}

	public void setBindMailSubject(String bindMailSubject) {
		this.bindMailSubject = bindMailSubject;
	}

	public long getTimeLimitWithBindMail() {
		return timeLimitWithBindMail;
	}

	public void setTimeLimitWithBindMail(long timeLimitWithBindMail) {
		this.timeLimitWithBindMail = timeLimitWithBindMail;
	}

	public String getMailRetrievePasswordReplaceKey() {
		return mailRetrievePasswordReplaceKey;
	}

	public void setMailRetrievePasswordReplaceKey(String retrievePasswordReplaceKey) {
		this.mailRetrievePasswordReplaceKey = retrievePasswordReplaceKey;
	}

	public String getBindMailReplaceKey() {
		return bindMailReplaceKey;
	}

	public void setBindMailReplaceKey(String bindMailReplaceKey) {
		this.bindMailReplaceKey = bindMailReplaceKey;
	}

	public String getBindOrgMailReplaceKey() {
		return bindOrgMailReplaceKey;
	}

	public void setBindOrgMailReplaceKey(String bindOrgMailReplaceKey) {
		this.bindOrgMailReplaceKey = bindOrgMailReplaceKey;
	}

	public String getBindOrgMailSubject() {
		return bindOrgMailSubject;
	}

	public void setBindOrgMailSubject(String bindOrgMailSubject) {
		this.bindOrgMailSubject = bindOrgMailSubject;
	}

	public String getBindOrgMailReplaceContentTempalte() {
		return bindOrgMailReplaceContentTempalte;
	}

	public void setBindOrgMailReplaceContentTempalte(String bindOrgMailReplaceContentTempalte) {
		this.bindOrgMailReplaceContentTempalte = bindOrgMailReplaceContentTempalte;
	}

	public long getTimeLimitWithBindOrgMail() {
		return timeLimitWithBindOrgMail;
	}

	public void setTimeLimitWithBindOrgMail(long timeLimitWithBindOrgMail) {
		this.timeLimitWithBindOrgMail = timeLimitWithBindOrgMail;
	}

	public String getMailRetrievePasswordContentTemplate() {
		return mailRetrievePasswordContentTemplate;
	}

	public String getBindMailReplaceContentTempalte() {
		return bindMailReplaceContentTempalte;
	}

	public void setBindMailReplaceContentTempalte(String bindMailReplaceContentTempalte) {
		this.bindMailReplaceContentTempalte = bindMailReplaceContentTempalte;
	}

	public String getPhoneContentTemplate() {
		return phoneContentTemplate;
	}

	public void setPhoneContentTemplate(String phoneContentTemplate) {
		this.phoneContentTemplate = phoneContentTemplate;
	}

	public String getPhoneReplaceKey() {
		return phoneReplaceKey;
	}

	public void setPhoneReplaceKey(String phoneReplaceKey) {
		this.phoneReplaceKey = phoneReplaceKey;
	}

	public String getInviteReplacePhone() {
		return inviteReplacePhone;
	}

	public void setInviteReplacePhone(String inviteReplacePhone) {
		this.inviteReplacePhone = inviteReplacePhone;
	}

	public String getInviteReplaceEmail() {
		return inviteReplaceEmail;
	}

	public void setInviteReplaceEmail(String inviteReplaceEmail) {
		this.inviteReplaceEmail = inviteReplaceEmail;
	}

	public String getInviteReplaceCode() {
		return inviteReplaceCode;
	}

	public void setInviteReplaceCode(String inviteReplaceCode) {
		this.inviteReplaceCode = inviteReplaceCode;
	}

	public String getInviteMailSubject() {
		return inviteMailSubject;
	}

	public void setInviteMailSubject(String inviteMailSubject) {
		this.inviteMailSubject = inviteMailSubject;
	}

	public String getInviteMailContentTempalte() {
		return inviteMailContentTempalte;
	}

	public void setInviteMailContentTempalte(String inviteMailContentTempalte) {
		this.inviteMailContentTempalte = inviteMailContentTempalte;
	}

	public UserDao getUserDao() {
		return userDao;
	}

	public void setUserDao(UserDao userDao) {
		this.userDao = userDao;
	}

	public OrgUserDao getOrgUserDao() {
		return orgUserDao;
	}

	public void setOrgUserDao(OrgUserDao orgUserDao) {
		this.orgUserDao = orgUserDao;
	}

	public OrgDao getOrgDao() {
		return orgDao;
	}

	public void setOrgDao(OrgDao orgDao) {
		this.orgDao = orgDao;
	}

	public OrgService getOrgService() {
		return orgService;
	}

	public void setOrgService(OrgService orgService) {
		this.orgService = orgService;
	}

	public ProfessorDao getProfessorDao() {
		return professorDao;
	}

	public void setProfessorDao(ProfessorDao professorDao) {
		this.professorDao = professorDao;
	}

	public ProfessorService getProfessorService() {
		return professorService;
	}

	public void setProfessorService(ProfessorService professorService) {
		this.professorService = professorService;
	}

	public MailService getMailservice() {
		return mailservice;
	}

	public void setMailservice(MailService mailservice) {
		this.mailservice = mailservice;
	}

	public String getRegMailSubject() {
		return regMailSubject;
	}

	public void setRegMailSubject(String regMailSubject) {
		this.regMailSubject = regMailSubject;
	}

	public String getOrgRegMailSubject() {
		return orgRegMailSubject;
	}

	public void setOrgRegMailSubject(String orgRegMailSubject) {
		this.orgRegMailSubject = orgRegMailSubject;
	}

	public String getOrgRegMailReplaceKey() {
		return orgRegMailReplaceKey;
	}

	public void setOrgRegMailReplaceKey(String orgRegMailReplaceKey) {
		this.orgRegMailReplaceKey = orgRegMailReplaceKey;
	}

	public String getOrgRegMailReplaceContentTempalte() {
		return orgRegMailReplaceContentTempalte;
	}

	public void setOrgRegMailReplaceContentTempalte(String orgRegMailReplaceContentTempalte) {
		this.orgRegMailReplaceContentTempalte = orgRegMailReplaceContentTempalte;
	}

	public long getTimeLimitWithOrgRegMail() {
		return timeLimitWithOrgRegMail;
	}

	public void setTimeLimitWithOrgRegMail(long timeLimitWithOrgRegMail) {
		this.timeLimitWithOrgRegMail = timeLimitWithOrgRegMail;
	}

	public String getInviteStaffReplaceKey() {
		return inviteStaffReplaceKey;
	}

	public void setInviteStaffReplaceKey(String inviteStaffReplaceKey) {
		this.inviteStaffReplaceKey = inviteStaffReplaceKey;
	}

	public String getInviteStaffMailTempalte() {
		return inviteStaffMailTempalte;
	}

	public void setInviteStaffMailTempalte(String inviteStaffMailTempalte) {
		this.inviteStaffMailTempalte = inviteStaffMailTempalte;
	}

	public String getInviteStaffOrgKey() {
		return inviteStaffOrgKey;
	}

	public void setInviteStaffOrgKey(String inviteStaffOrgKey) {
		this.inviteStaffOrgKey = inviteStaffOrgKey;
	}

	public String getInviteStaffSubject() {
		return inviteStaffSubject;
	}

	public void setInviteStaffSubject(String inviteStaffSubject) {
		this.inviteStaffSubject = inviteStaffSubject;
	}

	public String getRetrieveOrgSuccessTempalte() {
		return retrieveOrgSuccessTempalte;
	}

	public void setRetrieveOrgSuccessTempalte(String retrieveOrgSuccessTempalte) {
		this.retrieveOrgSuccessTempalte = retrieveOrgSuccessTempalte;
	}

	public String getRetrieveOrgSuccessSubject() {
		return retrieveOrgSuccessSubject;
	}

	public void setRetrieveOrgSuccessSubject(String retrieveOrgSuccessSubject) {
		this.retrieveOrgSuccessSubject = retrieveOrgSuccessSubject;
	}

	public String getRetrieveOrgFailTempalte() {
		return retrieveOrgFailTempalte;
	}

	public void setRetrieveOrgFailTempalte(String retrieveOrgFailTempalte) {
		this.retrieveOrgFailTempalte = retrieveOrgFailTempalte;
	}

	public String getRetrieveOrgFailSubject() {
		return retrieveOrgFailSubject;
	}

	public void setRetrieveOrgFailSubject(String retrieveOrgFailSubject) {
		this.retrieveOrgFailSubject = retrieveOrgFailSubject;
	}

	public OAuthService getOauthService() {
		return oauthService;
	}

	public void setOauthService(OAuthService oauthService) {
		this.oauthService = oauthService;
	}

	public UserOpenIdDao getUserOpenIdDao() {
		return userOpenIdDao;
	}

	public void setUserOpenIdDao(UserOpenIdDao userOpenIdDao) {
		this.userOpenIdDao = userOpenIdDao;
	}

	/**
	 * 验证注册时填写的手机号和邮箱是否已经注册过
	 * 
	 * @param con
	 * @param key
	 *            手机号或邮箱
	 * @return 如果该手机或邮箱已经注册过返回false， 否则返回true
	 * @throws SQLException
	 */
	@Get
	@Path("/isReg")
	public boolean isReg(@JdbcConn Connection con, String key) throws SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, key);
		if (null != user) {
			return false;
		} else {
			return true;
		}
	}

	@Get
	@Path("/isRegOrg")
	public boolean isRegOrg(@JdbcConn Connection con, String email) throws SQLException {
		OrgUser orgUser = this.orgUserDao.queryByEmail(con, email);
		if (null != orgUser) {
			return false;
		} else {
			return true;
		}
	}

	@Get
	@Path("/isOrgUser")
	public boolean isOrgUser(@JdbcConn Connection con, String orgName) throws SQLException, JfwBaseException {
		String orgId = this.orgDao.queryByName(con, orgName);
		if (orgId == null) {
			return true;
		} else {
			if (this.orgUserDao.queryOne(con, orgId) == null) {
				return true;
			} else {
				String authStatus = (this.orgDao.query(con, orgId)).getAuthStatus();
				if ("3".equals(authStatus)) {
					throw new JfwBaseException(3, "该企业为科袖认证企业");
				} else if ("2".equals(authStatus)) {
					throw new JfwBaseException(4, "该企业正在进行认证审核");
				} else {
					throw new JfwBaseException(2, "该企业已注册科袖账号");
				}
			}
		}
	}

	@Get
	@Path("/qaUser")
	public User queryUser(@JdbcConn Connection con, String id) throws SQLException {
		User user = this.userDao.query(con, id);
		User user2 = new User();
		user2.setId(user.getId());
		user2.setMobilePhone(user.getMobilePhone());
		user2.setEmail(user.getEmail());
		return user2;
	}

	/**
	 * 手机验证注册
	 * 
	 * @param con
	 * @param state
	 *            发送手机验证码的返回值
	 * @param mobilePhone
	 *            验证的手机号
	 * @param validateCode
	 *            手机验证码
	 * @param password
	 *            注册密码
	 * @return
	 * @throws SQLException
	 * @throws JfwBaseException
	 */
	@Post
	@Path("/regmobile")
	public String regMobile(@JdbcConn(true) Connection con, String state, String mobilePhone, String validateCode, String password, @Nullable String inviterId) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis())
			throw new JfwBaseException(-1, "验证超时");
		try {
			if (!sc.getKey().equals(mobilePhone)) {
				throw new JfwBaseException(-2, "手机号与验证手机不匹配");
			}
			if (!sc.getValue().equals(validateCode)) {
				throw new JfwBaseException(-3, "验证码错误");
			}
			User user = new User();
			user.setId(StringUtil.buildUUID());
			String passwd = StringUtil.md5(password);
			user.setMobilePhone(mobilePhone);
			user.setPasswd(passwd);
			user.setUserType("0");
			user.setInviterId(inviterId);
			user.setActiveTime(DATE.format(new Date()));
			this.userDao.insert(con, user);
			if (inviterId != null) {
				this.growthLogService.invite(con, inviterId, user.getId());
			}
			return user.getId();
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	private void associatedOpenId(Connection con, User user, String oauthType, String openid, String authCode) throws SQLException, JfwBaseException {
		if (oauthType != null) {
			if (oauthService.getHandlers().get(oauthType) == null) {
				throw new JfwBaseException(-4, "invalid oautyType");
			}
			if (openid != null) {
				UserOpenId uoi = new UserOpenId();
				uoi.setOauthType(oauthType);
				uoi.setOpenid(openid);
				uoi.setUserid(user.getId());
				try {
					userOpenIdDao.insert(con, uoi);
				} catch (SQLException e) {
					if ("23505".equals(e.getSQLState())) {
						throw new JfwBaseException(-6, "associated openid");
					}
					throw e;
				}

			} else {
				throw new JfwBaseException(-5, "关链第三方登录时,OPENID不可都为空");
			}
		} else if (null != authCode) {
			@SuppressWarnings("unchecked")
			StateCode<OAuthUser, UserOpenId> ac = (StateCode<OAuthUser, UserOpenId>) JfwAppContext.getCachedObject(authCode);
			if (ac == null || ac.getExpiredTime() < System.currentTimeMillis())
				throw new JfwBaseException(-7, "authCode is expired");
			OAuthUser ou = ac.getKey();
			openid = ou.getOpenId();
			oauthType = ou.getType();
			UserOpenId uoi = new UserOpenId();
			uoi.setOauthType(oauthType);
			uoi.setOpenid(openid);
			uoi.setUserid(user.getId());
			try {
				userOpenIdDao.insert(con, uoi);
				JfwAppContext.removeCachedObject(authCode);
			} catch (SQLException e) {
				if ("23505".equals(e.getSQLState())) {
					throw new JfwBaseException(-8, "associated openid");
				}
				throw e;
			}

		}
	}

	@Post
	@Path("/mobileReg")
	public String mobileReg(@JdbcConn(true) Connection con, String state, String mobilePhone, String validateCode, String password, @Nullable String inviterId,
			String name,	@Nullable String oauthType, @Nullable String openid, @Nullable String authCode) throws SQLException, JfwBaseException, IOException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis())
			throw new JfwBaseException(-1, "验证超时");
		try {
			if (!sc.getKey().equals(mobilePhone)) {
				throw new JfwBaseException(-2, "手机号与验证手机不匹配");
			}
			if (!sc.getValue().equals(validateCode)) {
				throw new JfwBaseException(-3, "验证码错误");
			}
			User user = new User();
			user.setId(StringUtil.buildUUID());
			String passwd = StringUtil.md5(password);
			user.setMobilePhone(mobilePhone);
			user.setPasswd(passwd);
			user.setUserType("0");
			user.setInviterId(inviterId);
			user.setActiveTime(DATE.format(new Date()));
			this.userDao.insert(con, user);
			this.associatedOpenId(con, user, oauthType, openid, authCode);
			if (inviterId != null) {
				this.growthLogService.invite(con, inviterId, user.getId());
			}
			Professor professor = new Professor();
			professor.setId(user.getId());
			professor.setName(name);
			professor.setAuthentication(-1);
			this.professorService.insert(con, professor, null);
			return user.getId();
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	/**
	 * 邮箱验证并注册
	 * 
	 * @param con
	 * @param key
	 *            发送邮箱验证的返回值
	 * 
	 * @return 验证成功 用户登录并返回用户信息 验证失败返回null
	 * @throws SQLException
	 * @throws JfwBaseException
	 */
	@Get
	@Path("/regmail/{key}")
	public void regeMail(@JdbcConn(false) Connection con, @PathVar String key) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-1, "验证链接已失效");
		}
		try {
			User user = new User();
			user.setEmail(sc.getCode());
			user.setId(StringUtil.buildUUID());
			user.setSendMailStatus(0);
			user.setPasswd(StringUtil.md5(sc.getKey()));
			user.setUserType("0");
			user.setInviterId(sc.getValue());
			user.setActiveTime(DATE.format(new Date()));
			this.userDao.insert(con, user);
			con.commit();
			if (sc.getValue() != null) {
				this.growthLogService.invite(con, sc.getValue(), user.getId());
			}
		} catch (SQLException e) {
			try {
				con.rollback();
			} catch (Exception ee) {
			}
			if ("23505".equals(e.getSQLState())) {
				throw new JfwBaseException(-3, "邮箱[" + sc.getCode() + "]已被注册过了");
			}
			throw e;
		} finally {
			JfwAppContext.removeCachedObject(key);
		}
	}

	@Get
	@Path("/mailReg")
	public void emailReg(@JdbcConn(false) Connection con, String key) throws SQLException, JfwBaseException, IOException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-1, "验证链接已失效");
		}
		try {
			User user = new User();
			user.setEmail(sc.getCode());
			user.setId(StringUtil.buildUUID());
			user.setSendMailStatus(0);
			user.setPasswd(StringUtil.md5(sc.getKey()));
			user.setUserType("0");
			user.setInviterId(sc.getValue());
			user.setActiveTime(DATE.format(new Date()));
			this.userDao.insert(con, user);
			if (sc.getValue() != null) {
				this.growthLogService.invite(con, sc.getValue(), user.getId());
			}
			Professor professor = new Professor();
			professor.setId(user.getId());
			professor.setName(sc.getDescp());
			professor.setAuthentication(-1);
			this.professorService.insert(con, professor, null);
			con.commit();
		} catch (SQLException e) {
			try {
				con.rollback();
			} catch (Exception ee) {
			}
			if ("23505".equals(e.getSQLState())) {
				throw new JfwBaseException(-3, "邮箱[" + sc.getCode() + "]已被注册过了");
			}
			throw e;
		} finally {
			JfwAppContext.removeCachedObject(key);
		}
	}

	/**
	 * 发送邮箱注册验证邮件
	 * 
	 * @param con
	 * @param mail
	 *            待验证的邮箱地址
	 * @param password
	 *            密码
	 * @throws JfwBaseException
	 * @throws SQLException
	 */
	@Post
	@Path("/regmail")
	public void regMail(@JdbcConn(false) Connection con, String mail, String password, @Nullable String inviterId) throws JfwBaseException, SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, mail);
		if (null != user) {
			throw new JfwBaseException(-1, "邮箱[" + mail + "]已被注册过了");
		} else {

			StateCode<String, String> sc = new StateCode<String, String>();
			final String key = JfwAppContext.cacheObjectAndGenKey(sc);
			Map<String, String> map = new HashMap<>();
			map.put(this.regMailReplaceKey, key);
			try {
				this.mailservice.sendSimpleMail(mail, this.regMailReplaceContentTempalte, map, this.regMailSubject);
			} catch (MessagingException e) {
				JfwAppContext.removeCachedObject(key);
				throw new JfwBaseException(-2, "给邮箱[" + mail + "]发邮件错误", e);
			}
			sc.setCode(mail);
			sc.setKey(password);
			sc.setValue(inviterId);
			sc.setBuildTime(System.currentTimeMillis());
			sc.setExpiredTime(sc.getBuildTime() + this.timeLimitWithRegMail);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithRegMail, TimeUnit.MILLISECONDS);
		}
	}

	@Post
	@Path("/emailReg")
	public void emailReg(@JdbcConn(false) Connection con, String mail, String password, @Nullable String inviterId, String name)
			throws JfwBaseException, SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, mail);
		if (null != user) {
			throw new JfwBaseException(-1, "邮箱[" + mail + "]已被注册过了");
		} else {

			StateCode<String, String> sc = new StateCode<String, String>();
			final String key = JfwAppContext.cacheObjectAndGenKey(sc);
			Map<String, String> map = new HashMap<>();
			map.put(this.regMailReplaceKey, key);
			try {
				this.mailservice.sendSimpleMail(mail, this.regMailReplaceContentTempalte, map, this.regMailSubject);
			} catch (MessagingException e) {
				JfwAppContext.removeCachedObject(key);
				throw new JfwBaseException(-2, "给邮箱[" + mail + "]发邮件错误", e);
			}
			sc.setCode(mail);
			sc.setKey(password);
			sc.setValue(inviterId);
			sc.setDescp(name);
			sc.setBuildTime(System.currentTimeMillis());
			sc.setExpiredTime(sc.getBuildTime() + this.timeLimitWithRegMail);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithRegMail, TimeUnit.MILLISECONDS);
		}
	}

	/**
	 * 验证企业邮箱并注册企业账号
	 * 
	 * @param con
	 * @param key
	 *            邮箱验证的返回值
	 * @throws SQLException
	 * @throws JfwBaseException
	 * @throws IOException
	 */
	@Get
	@Path("/regOrgMail/{key}")
	public void regOrgMail(@JdbcConn(false) Connection con, @PathVar String key) throws SQLException, JfwBaseException, IOException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-1, "验证链接已失效");
		}
		String orgId = this.orgDao.queryByName(con, sc.getValue());
		if ((orgId != null) && (this.orgUserDao.queryOne(con, orgId) != null)) {
			throw new JfwBaseException(2, "该企业已注册科袖账号");
		}
		try {
			OrgUser orgUser = new OrgUser();
			orgUser.setEmail(sc.getCode());
			if (orgId != null) {
				orgUser.setId(orgId);
			} else {
				orgUser.setId(this.orgService.createOrganization(con, sc.getValue()));
			}
			orgUser.setPasswd(StringUtil.md5(sc.getKey()));
			orgUser.setUserType("1");
			this.orgUserDao.insert(con, orgUser);
			this.orgDao.updateIsJoin(con, orgUser.getId(), "1");
			con.commit();
		} catch (SQLException e) {
			try {
				con.rollback();
			} catch (Exception ee) {
			}
			if ("23505".equals(e.getSQLState())) {
				throw new JfwBaseException(-3, "邮箱[" + sc.getCode() + "]已被注册过了");
			}
			throw e;
		} finally {
			JfwAppContext.removeCachedObject(key);
		}
	}

	/**
	 * 给注册的企业邮箱发送验证邮件
	 * 
	 * @param con
	 * @param orgName
	 *            企业名称
	 * @param mail
	 *            企业邮箱
	 * @param password
	 *            密码
	 * @throws JfwBaseException
	 * @throws SQLException
	 */
	@Post
	@Path("/regOrgMail")
	public void regOrgMail(@JdbcConn(false) Connection con, String orgName, String mail, String password) throws JfwBaseException, SQLException {
		OrgUser orgUser = this.orgUserDao.queryByEmail(con, mail);
		if (null != orgUser) {
			throw new JfwBaseException(-1, "邮箱[" + mail + "]已被注册过了");
		} else {

			StateCode<String, String> sc = new StateCode<String, String>();
			final String key = JfwAppContext.cacheObjectAndGenKey(sc);
			Map<String, String> map = new HashMap<>();
			map.put(this.orgRegMailReplaceKey, key);
			try {
				this.mailservice.sendSimpleMail(mail, this.orgRegMailReplaceContentTempalte, map, this.orgRegMailSubject);
			} catch (MessagingException e) {
				JfwAppContext.removeCachedObject(key);
				throw new JfwBaseException(-2, "给邮箱[" + mail + "]发邮件错误", e);
			}
			sc.setCode(mail);
			sc.setKey(password);
			sc.setValue(orgName);
			sc.setBuildTime(System.currentTimeMillis());
			sc.setExpiredTime(sc.getBuildTime() + this.timeLimitWithOrgRegMail);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithOrgRegMail, TimeUnit.MILLISECONDS);
		}
	}

	@Get
	@Path("/sendMailInvite")
	public String sendMailInvite(@JdbcConn(false) Connection con, String id) throws SQLException, MessagingException, JfwBaseException {
		User user = this.userDao.query(con, id);
		if (user == null) {
			throw new JfwBaseException("系统没有此用户");
		}
		if (user.getEmail() == null) {
			throw new JfwBaseException("邮箱不能为空");
		}
		if (user.getInviteCode() == null) {
			throw new JfwBaseException("该用户没有邀请码");
		}
		String mailContent = this.inviteMailContentTempalte;
		mailContent = mailContent.replaceAll(this.inviteReplaceEmail, user.getEmail());
		mailContent = mailContent.replaceAll(this.inviteReplaceCode, user.getInviteCode());
		String phoneReplace = "";
		if (user.getMobilePhone() != null && user.getMobilePhone().trim().length() == 11) {
			String mobile = user.getMobilePhone().trim();
			mobile = mobile.substring(0, 3) + "****" + mobile.substring(7);
			phoneReplace = this.phoneContentTemplate.replaceAll(this.phoneReplaceKey, mobile);
		}
		mailContent = mailContent.replaceAll(this.inviteReplacePhone, phoneReplace);
		this.mailservice.sendSimpleMail(user.getEmail(), mailContent, null, this.inviteMailSubject);
		return "send success !";
	}

	@Post
	@Path("/inviteStaff/{key}")
	public Map<String, String> inviteStaff(@JdbcConn Connection con, @PathVar String key) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null) {
			throw new JfwBaseException(-1, "验证链接已失效");
		}
		Organization org = this.orgDao.query(con, sc.getKey());
		if (org == null) {
			throw new JfwBaseException(-2, "不存在的企业");
		}
		Map<String, String> map = new HashMap<String, String>();
		map.put("orgId", org.getId());
		map.put("orgName", org.getName());
		map.put("email", sc.getValue());
		return map;

	}

	@SetCookie(checkResultNull = true, path = "/", value = { "userid=result.getId()", "userMobilePhone=result.getMobilePhone()", "userType=result.getType()",
			"userAuth=String.valueOf(result.isAuth())", "userEmail=result.getEmail()==null?\"\":result.getEmail()",
			"userName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/regInviteStaff")
	@SuppressWarnings("unchecked")
	public SessionUser regInviteStaff(@JdbcConn(true) Connection con, String key, String state, String phone, String validateCode, String name, String passwd)
			throws SQLException, JfwBaseException {
		StateCode<String, String> stateCode = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (stateCode == null) {
			throw new JfwBaseException(-1, "邮箱验证链接已失效");
		}
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-2, "短信验证超时");
		}
		if (!sc.getKey().equals(phone)) {
			throw new JfwBaseException(-3, "手机号与验证手机不匹配");
		}
		if (!sc.getValue().equals(validateCode)) {
			throw new JfwBaseException(-4, "手机验证码错误");
		}
		try {
			String id = StringUtil.buildUUID();
			User user = new User();
			user.setId(id);
			user.setMobilePhone(phone);
			user.setEmail(stateCode.getValue());
			user.setPasswd(StringUtil.md5(passwd));
			user.setUserType("0");
			user.setActiveTime(DATE.format(new Date()));
			this.userDao.insert(con, user);
			Professor professor = new Professor();
			professor.setId(id);
			professor.setName(name);
			professor.setOrgId(stateCode.getKey());
			professor.setOrgAuth("1");
			professor.setPhone(user.getMobilePhone());
			professor.setEmail(user.getEmail());
			int value = 0;
			if (user.getMobilePhone() != null && user.getMobilePhone().trim().length() == 11) {
				professor.setPhone(user.getMobilePhone());
				value = value + this.rule.getBindMobile();
				this.growthLogService.firstBindMobile(con, professor.getId());
			}
			if (user.getEmail() != null && !"".equals(user.getEmail())) {
				professor.setEmail(user.getEmail());
				value = value + this.rule.getBindEmail();
				this.growthLogService.firstBindEmail(con, professor.getId());
			}
			professor.setScoreValue(value);
			professor.setGrowthValue(value);
			this.professorDao.insert(con, professor);
			SessionUser ret = new SessionUser();
			ret.setMobilePhone(phone);
			ret.setEmail(user.getEmail());
			ret.setName(name);
			ret.setId(id);
			ret.setType(user.getUserType());
			ret.setAuth(true);
			return ret;
		} finally {
			JfwAppContext.removeCachedObject(key);
			JfwAppContext.removeCachedObject(state);
		}
	}

	@Get
	@Path("/inviteStaffMail")
	public boolean inviteStaffMail(@JdbcConn(false) Connection con, String orgId, String mail) throws SQLException, JfwBaseException {
		Organization org = this.orgDao.query(con, orgId);
		if (org == null) {
			throw new JfwBaseException(-1, "系统没有该企业");
		}
		StateCode<String, String> sc = new StateCode<String, String>();
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		Map<String, String> map = new HashMap<>();
		map.put(this.inviteStaffReplaceKey, key);
		String mailContent = this.inviteStaffMailTempalte;
		mailContent = mailContent.replaceAll(this.inviteStaffOrgKey, org.getName());
		try {
			this.mailservice.sendSimpleMail(mail, mailContent, map, this.inviteStaffSubject);
		} catch (MessagingException e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		sc.setKey(orgId);
		sc.setValue(mail);
		sc.setCode(org.getName());
		return true;
	}

	@Post
	@Path("/retrieveOrgSuccess")
	public boolean retrieveOrgUserSuccess(@JdbcConn(false) Connection con, String mail) throws SQLException, JfwBaseException {
		try {
			this.mailservice.sendSimpleMail(mail, this.retrieveOrgSuccessTempalte, null, this.retrieveOrgSuccessSubject);
		} catch (MessagingException e) {
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@Post
	@Path("/retrieveOrgFail")
	public boolean retrieveOrgUserFail(@JdbcConn(false) Connection con, String mail) throws SQLException, JfwBaseException {
		try {
			this.mailservice.sendSimpleMail(mail, this.retrieveOrgFailTempalte, null, this.retrieveOrgFailSubject);
		} catch (MessagingException e) {
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@SetCookie(checkResultNull = true, path = "/", value = { "userid=result.getId()", "userMobilePhone=result.getMobilePhone()", "userType=result.getType()",
			"userAuth=String.valueOf(result.isAuth())", "userEmail=result.getEmail()==null?\"\":result.getEmail()",
			"userName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/invitelogin")
	public SessionUser inviteLogin(@JdbcConn Connection con, String key, String code) throws SQLException {
		User user = userDao.queryByEmailOrMobilePhone(con, key);
		if (null == user) {
			return null;
		}
		if (!user.getInviteCode().equals(code)) {
			return null;
		}
		Professor professor = this.professorDao.query(con, user.getId());
		SessionUser ret = new SessionUser();
		ret.setId(user.getId());
		ret.setMobilePhone(user.getMobilePhone());
		ret.setType(user.getUserType());
		ret.setEmail(user.getEmail());
		ret.setName(professor.getName());
		ret.setAuth(!DEFAULT_PASS_WORD.equals(user.getPasswd()));
		return ret;
	}

	@SetCookie(checkResultNull = true, path = "/", value = { "userid=result.getId()", "userMobilePhone=result.getMobilePhone()", "userType=result.getType()",
			"userAuth=String.valueOf(result.isAuth())", "userEmail=result.getEmail()==null?\"\":result.getEmail()",
			"userName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/slogin")
	public SessionUser sLogin(@JdbcConn Connection con, String code, String mobile) throws SQLException {
		User user = userDao.query(con, code);
		if (null == user)
			return null;
		if (!mobile.equals(user.getMobilePhone()))
			return null;
		Professor professor = this.professorDao.query(con, code);
		SessionUser ret = new SessionUser();
		ret.setId(code);
		ret.setMobilePhone(mobile);
		ret.setType(user.getUserType());
		ret.setEmail(user.getEmail());
		ret.setName(professor.getName());
		ret.setAuth(!DEFAULT_PASS_WORD.equals(user.getPasswd()));
		return ret;
	}

	@SetCookie(checkResultNull = true, path = "/", value = { "userid=result.getId()", "userMobilePhone=result.getMobilePhone()", "userType=result.getType()",
			"userAuth=String.valueOf(result.isAuth())", "userEmail=result.getEmail()==null?\"\":result.getEmail()",
			"userName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/login")
	public SessionUser login(@JdbcConn Connection con, String lk, String pw) throws SQLException, JfwBaseException {
		User user = userDao.queryByEmailOrMobilePhone(con, lk);
		if (null == user)
			throw new JfwBaseException(-1, "该用户还未注册");
		if (DEFAULT_PASS_WORD.equals(user.getPasswd()))
			return null;
		if (!StringUtil.md5(pw).equals(user.getPasswd()))
			return null;

		SessionUser ret = new SessionUser();
		ret.setId(user.getId());
		Professor pf = this.professorDao.query(con, user.getId());
		if (null != pf) {
			ret.setName(pf.getName());
		}
		ret.setMobilePhone(user.getMobilePhone());
		ret.setType(user.getUserType());
		ret.setEmail(user.getEmail());
		ret.setAuth(true);
		return ret;
	}

	@SetCookie(checkResultNull = true, path = "/", value = { "userid=result.getId()", "userMobilePhone=result.getMobilePhone()", "userType=result.getType()",
			"userAuth=String.valueOf(result.isAuth())", "userEmail=result.getEmail()==null?\"\":result.getEmail()",
			"userName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/mobileLogin")
	public SessionUser mobileLogin(@JdbcConn Connection con, String state, String mobilePhone, String validateCode) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-1, "验证超时");
		}
		if (!sc.getKey().equals(mobilePhone)) {
			throw new JfwBaseException(-2, "手机号与验证手机不匹配");
		}
		if (!sc.getValue().equals(validateCode)) {
			throw new JfwBaseException(-3, "验证码错误");
		}
		User user = userDao.queryByEmailOrMobilePhone(con, mobilePhone);
		if (null == user) {
			throw new JfwBaseException(-4, "该用户还未注册");
		}
		try {
			SessionUser ret = new SessionUser();
			ret.setId(user.getId());
			Professor professor = this.professorDao.query(con, user.getId());
			if (null != professor) {
				ret.setName(professor.getName());
			}
			ret.setMobilePhone(user.getMobilePhone());
			ret.setType(user.getUserType());
			ret.setEmail(user.getEmail());
			ret.setAuth(!DEFAULT_PASS_WORD.equals(user.getPasswd()));
			return ret;
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	@SetCookie(checkResultNull = true, path = "/", value = { "orgId=result.getId()", "orgType=result.getType()", "orgAuth=String.valueOf(result.isAuth())",
			"orgEmail=result.getEmail()==null?\"\":result.getEmail()",
			"orgName=result.getName()==null?\"\":java.net.URLEncoder.encode(result.getName(),\"utf-8\")" })
	@Post
	@Path("/orgLogin")
	public SessionUser orgLogin(@JdbcConn Connection con, String lk, String pw) throws SQLException, JfwBaseException {
		OrgUser orgUser = this.orgUserDao.queryByEmail(con, lk);
		if (null == orgUser)
			throw new JfwBaseException(-1, "该用户还未注册");
		if (!StringUtil.md5(pw).equals(orgUser.getPasswd()))
			return null;

		SessionUser ret = new SessionUser();
		ret.setId(orgUser.getId());
		Organization org = this.orgDao.query(con, orgUser.getId());
		if (org != null) {
			ret.setName(org.getName());
		}
		ret.setType(orgUser.getUserType());
		ret.setEmail(orgUser.getEmail());
		ret.setAuth(true);
		return ret;
	}

	@Post
	@Path("/cp")
	public boolean changePw(@JdbcConn(true) Connection con, String id, String npw, @Nullable String onw) throws SQLException {
		if (onw == null) {
			return this.userDao.updatePasswdAndActive(con, StringUtil.md5(npw), DATE.format(new Date()), id) > 0;
		} else {
			return this.userDao.updatePasswd(con, StringUtil.md5(npw), id, StringUtil.md5(onw)) > 0;
		}
	}

	@Post
	@Path("/cpOrg")
	public boolean changeOrgPw(@JdbcConn(true) Connection con, String id, String npw, String onw) throws SQLException {
		return this.orgUserDao.updatePw(con, id, StringUtil.md5(npw), StringUtil.md5(onw)) > 0;
	}

	@Get
	@Path("/reqBindMail")
	public boolean reqBindMail(@JdbcConn(false) Connection con, String userid, String mail) throws JfwBaseException, SQLException {
		User user = this.userDao.query(con, userid);
		if (null == user)
			return false;

		StateCode<String, String> sc = new StateCode<String, String>();
		sc.setKey(userid);
		sc.setValue(mail);
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);

		Map<String, String> map = new HashMap<String, String>();
		map.put(this.bindMailReplaceKey, key);
		try {
			mailservice.sendSimpleMail(mail, this.bindMailReplaceContentTempalte, map, this.bindMailSubject);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithBindMail + 10000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithBindMail + 20000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@Get
	@Path("/bindMail/{key}")
	public boolean bindMail(@JdbcConn(true) Connection con, @PathVar String key) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null)
			return false;
		if (sc.getExpiredTime() < System.currentTimeMillis())
			return false;
		try {
			Professor professor = this.professorDao.queryOne(con, sc.getKey());
			if (professor.getPhone() == null || professor.getPhone().isEmpty()) {
				this.professorDao.updateEmail(con, sc.getKey(), sc.getValue());
			}
			this.userDao.updateEmail(con, sc.getValue(), sc.getKey());
			this.growthLogService.bindEmail(con, sc.getKey());
			return true;
		} finally {
			JfwAppContext.removeCachedObject(key);
		}
	}

	@Get
	@Path("/reqBindOrgMail")
	public boolean reqBindOrgMail(@JdbcConn(false) Connection con, String id, String mail) throws JfwBaseException, SQLException {
		OrgUser orgUser = this.orgUserDao.queryOne(con, id);
		if (null == orgUser)
			return false;

		StateCode<String, String> sc = new StateCode<String, String>();
		sc.setKey(id);
		sc.setValue(mail);
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);

		Map<String, String> map = new HashMap<String, String>();
		map.put(this.bindOrgMailReplaceKey, key);
		try {
			mailservice.sendSimpleMail(mail, this.bindOrgMailReplaceContentTempalte, map, this.bindOrgMailSubject);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithBindOrgMail + 10000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithBindOrgMail + 20000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@Get
	@Path("/bindOrgMail/{key}")
	public String bindOrgMail(@JdbcConn(true) Connection con, @PathVar String key) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(key);
		if (sc == null || sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException(-1, "验证链接已失效");
		}
		try {
			this.orgUserDao.updateEmail(con, sc.getKey(), sc.getValue());
			return sc.getValue();
		} finally {
			JfwAppContext.removeCachedObject(key);
		}
	}

	@Get
	@Path("/vcWithBind")
	public String reqBindBindMobilePhone(@JdbcConn(false) Connection con, String userid, String mobilePhone) throws JfwBaseException, SQLException {
		User user = this.userDao.query(con, userid);
		if (null == user)
			return null;
		user = this.userDao.queryByEmailOrMobilePhone(con, mobilePhone);
		if (null != user)
			throw new JfwBaseException(-1, "该手机号已经绑定其他用户");

		StateCode<String, String> sc = new StateCode<String, String>();

		final String key = JfwAppContext.cacheObjectAndGenKey(sc);

		try {
			Random rd = new Random();
			int vi = rd.nextInt(10000);

			String vc = String.format("%04d", vi);
			sc.setKey(mobilePhone);
			sc.setValue(vc);
			this.mobilePhoneServcie.sendMessage(mobilePhone, this.bindMobilePhoneContentTemplate, this.bindMobilePhoneReplaceKey, vc);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithBindMobilePhone + 5000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithBindMobilePhone + 10000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10012, "send mobile phone message to " + mobilePhone + " error", e);
		}
		return key;
	}

	/**
	 * 发送手机验证码
	 * 
	 * @param con
	 * @param mobilePhone
	 *            验证的手机号
	 * @return
	 * @throws JfwBaseException
	 * @throws SQLException
	 */
	@Get
	@Path("/regmobilephone")
	public String regMobilePhone(@JdbcConn(false) Connection con, String mobilePhone) throws JfwBaseException, SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, mobilePhone);
		if (null != user) {
			return null;
		}
		StateCode<String, String> sc = new StateCode<String, String>();
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		try {
			Random rd = new Random();
			int vi = rd.nextInt(10000);
			String vc = String.format("%04d", vi);
			sc.setKey(mobilePhone);
			sc.setValue(vc);
			this.mobilePhoneServcie.sendMessage(mobilePhone, this.regMobilePhoneContentTemplate, this.regMobilePhoneReplaceKey, vc);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithRegMobilePhone + 5000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithRegMobilePhone + 10000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10012, "send mobile phone message to " + mobilePhone + " error", e);
		}
		return key;
	}

	@Get
	@Path("/sendMobileForLogin")
	public String sendMobileForLogin(@JdbcConn(false) Connection con, String mobilePhone) throws JfwBaseException, SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, mobilePhone);
		if (null == user) {
			return null;
		}
		StateCode<String, String> sc = new StateCode<String, String>();
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		try {
			Random rd = new Random();
			int vi = rd.nextInt(10000);
			String vc = String.format("%04d", vi);
			sc.setKey(mobilePhone);
			sc.setValue(vc);
			this.mobilePhoneServcie.sendMessage(mobilePhone, this.loginMobilePhoneContentTemplate, this.loginMobilePhoneReplaceKey, vc);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithLoginMobilePhone + 5000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithLoginMobilePhone + 10000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10012, "send mobile phone message to " + mobilePhone + " error", e);
		}
		return key;
	}

	@Post
	@Path("/bindMobilePhone")
	public boolean bindMobilePhone(@JdbcConn(true) Connection con, String state, String userid, String mobilePhone, String validateCode)
			throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null)
			return false;
		if (sc.getExpiredTime() < System.currentTimeMillis())
			return false;
		try {
			if (!sc.getKey().equals(mobilePhone) || !sc.getValue().equals(validateCode))
				return false;
			Professor professor = this.professorDao.queryOne(con, userid);
			if (professor.getPhone() == null || professor.getPhone().isEmpty()) {
				this.professorDao.updatePhone(con, userid, mobilePhone);
			}
			this.userDao.updateMobilePhone(con, mobilePhone, userid);
			this.growthLogService.bindMobile(con, userid);
			return true;
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	@Get
	@Path("/vcWithRP")
	public String rePassWordWithPhone(@JdbcConn(false) Connection con, String mobilePhone) throws JfwBaseException, SQLException {

		User user = this.userDao.queryByEmailOrMobilePhone(con, mobilePhone);
		if (null == user)
			throw new JfwBaseException(-1, "该手机号还未注册");

		StateCode<String, String> sc = new StateCode<String, String>();
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		try {
			Random rd = new Random();
			int vi = rd.nextInt(10000);

			String vc = String.format("%04d", vi);
			sc.setKey(mobilePhone);
			sc.setValue(vc);
			this.mobilePhoneServcie.sendMessage(mobilePhone, this.phoneRetrievePasswordContentTemplate, this.phoneRetrievePasswordReplaceKey, vc);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithPhoneRetrievePassword + 5000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithPhoneRetrievePassword + 10000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10012, "send mobile phone message to " + mobilePhone + " error", e);
		}
		return key;
	}

	@Post
	@Path("/validCode")
	public boolean validCode(String state, String vc) throws JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null) {
			throw new JfwBaseException("验证超时");
		}
		if (sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException("验证超时");
		}
		return sc.getValue().equals(vc);
	}

	@Post
	@Path("/checkPicture")
	public boolean checkPictureVC(@SessionVal(value = "verification", defaultvalue = "null", remove = true) String verification, String submitVerification)
			throws JfwBaseException {
		if (null == verification) {
			throw new JfwBaseException("Picture is expire !");
		}
		return verification.equals(submitVerification);
	}

	@Post
	@Path("/resetPasswordWithMobilePhone")
	public boolean resetPassword(@JdbcConn(true) Connection con, String state, String mobilePhone, String pw, String vc) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null) {
			throw new JfwBaseException("验证超时");
		}
		if (sc.getExpiredTime() < System.currentTimeMillis()) {
			throw new JfwBaseException("验证超时");
		}
		try {
			if (!sc.getKey().equals(mobilePhone) || !sc.getValue().equals(vc))
				return false;
			int ret = this.userDao.updatePasswdWithMobile(con, StringUtil.md5(pw), DATE.format(new Date()), mobilePhone);
			if (ret == 0) {
				return this.userDao.updatePasswordWithMobileOrEmail(con, StringUtil.md5(pw), mobilePhone) > 0;
			}
			return ret > 0;
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	@Get
	@Path("/reqRpWithEmail")
	public boolean reqRpWithEmail(@JdbcConn(false) Connection con, String mail) throws JfwBaseException, SQLException {
		User user = this.userDao.queryByEmailOrMobilePhone(con, mail);
		if (user == null)
			return false;
		StateCode<String, String> sc = new StateCode<String, String>();
		sc.setKey(user.getId());
		sc.setValue(mail);
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		Map<String, String> map = new HashMap<String, String>();
		map.put(this.mailRetrievePasswordReplaceKey, key);
		try {
			mailservice.sendSimpleMail(mail, this.mailRetrievePasswordContentTemplate, map, this.mailRetrievePasswordSubject);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithMailRetrivePassword + 10000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithMailRetrivePassword + 20000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@Get
	@Path("/validMailState")
	public boolean validMailState(String state) {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null)
			return false;
		if (sc.getExpiredTime() < System.currentTimeMillis())
			return false;
		return true;
	}

	@Post
	@Path("/resetPasswordWith")
	public boolean resetPassword(@JdbcConn(true) Connection con, String state, String pw) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null)
			throw new JfwBaseException("验证超时");
		if (sc.getExpiredTime() < System.currentTimeMillis())
			throw new JfwBaseException("验证超时");
		String key = sc.getKey();
		try {
			int ret = this.userDao.updatePasswdAndActive(con, StringUtil.md5(pw), DATE.format(new Date()), key);
			if (ret == 0) {
				return this.userDao.updatePassword(con, StringUtil.md5(pw), key) > 0;
			}
			return ret > 0;
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	@Get
	@Path("/resetWithOrgEmail")
	public boolean resetWithOrgEmail(@JdbcConn(false) Connection con, String mail) throws JfwBaseException, SQLException {
		OrgUser orgUser = this.orgUserDao.queryByEmail(con, mail);
		if (orgUser == null)
			return false;
		StateCode<String, String> sc = new StateCode<String, String>();
		sc.setKey(orgUser.getId());
		sc.setValue(mail);
		final String key = JfwAppContext.cacheObjectAndGenKey(sc);
		Map<String, String> map = new HashMap<String, String>();
		map.put(this.orgMailRetrievePasswordReplaceKey, key);
		try {
			mailservice.sendSimpleMail(mail, this.orgMailRetrievePasswordContentTemplate, map, this.orgMailRetrievePasswordSubject);
			long ct = System.currentTimeMillis();
			long et = ct + this.timeLimitWithOrgMailRetrivePassword + 10000;
			sc.setBuildTime(ct);
			sc.setExpiredTime(et);
			JfwAppContext.getScheduledExecutorService().schedule(new Runnable() {
				@Override
				public void run() {
					JfwAppContext.removeCachedObject(key);
				}
			}, this.timeLimitWithOrgMailRetrivePassword + 20000, TimeUnit.MILLISECONDS);
		} catch (Exception e) {
			JfwAppContext.removeCachedObject(key);
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
		return true;
	}

	@Post
	@Path("/resetPwByOrgEmail")
	public boolean resetPwByOrgEmail(@JdbcConn(true) Connection con, String state, String pw) throws SQLException, JfwBaseException {
		@SuppressWarnings("unchecked")
		StateCode<String, String> sc = (StateCode<String, String>) JfwAppContext.getCachedObject(state);
		if (sc == null)
			throw new JfwBaseException("验证超时");
		if (sc.getExpiredTime() < System.currentTimeMillis())
			throw new JfwBaseException("验证超时");
		String key = sc.getKey();
		try {
			return this.orgUserDao.updatePasswd(con, key, StringUtil.md5(pw)) > 0;
		} finally {
			JfwAppContext.removeCachedObject(state);
		}
	}

	/**
	 * 给指定邮箱发送邀请邮件
	 * 
	 * @param con
	 * @param mobilePhones
	 *            手机号数组
	 * @param emails
	 *            邮箱
	 * @param inviteCodes
	 *            邀请码
	 * @throws SQLException
	 * @throws MessagingException
	 */
	@Post
	@Path("/sendmail")
	public int sendmail(@JdbcConn Connection con, @Nullable String[] mobilePhones, String[] emails, String[] inviteCodes)
			throws SQLException, MessagingException {
		for (int i = 0; i < emails.length; i++) {
			if (mobilePhones[i] == "") {
				mobilePhones[i] = null;
			}
			this.sendInviteMail(con, emails[i], mobilePhones[i], inviteCodes[i]);
			this.logger.info("成功发送邀请邮件:" + emails[i]);
		}
		return emails.length;
	}

	public void sendInviteMail(@JdbcConn Connection con, String email, @Nullable String mobilePhone, String inviteCode)
			throws SQLException, MessagingException {
		String mailContent = this.inviteMailContentTempalte;
		mailContent = mailContent.replaceAll(this.inviteReplaceEmail, email);
		mailContent = mailContent.replaceAll(this.inviteReplaceCode, inviteCode);
		String phoneReplace = "";
		if (mobilePhone != null && mobilePhone.trim().length() == 11) {
			String mobile = mobilePhone.trim();
			mobile = mobile.substring(0, 3) + "****" + mobile.substring(7);
			phoneReplace = this.phoneContentTemplate.replaceAll(this.phoneReplaceKey, mobile);
		}
		mailContent = mailContent.replaceAll(this.inviteReplacePhone, phoneReplace);
		this.mailservice.sendSimpleMail(email, mailContent, null, this.inviteMailSubject);
	}

	public void sendConsultMail(String mail) throws SQLException, JfwBaseException {
		try {
			mailservice.sendSimpleMail(mail, this.sendConsultMailContentTemplate, null, this.sendConsultMailSubject);
		} catch (Exception e) {
			throw new JfwBaseException(10011, "send mail to " + mail + " error", e);
		}
	}

	public void sendConsultSMS(String mobilePhone) throws SQLException, JfwBaseException {
		try {
			this.mobilePhoneServcie.sendMarketMessage(mobilePhone, this.sendConsultSMSContentTemplate);
		} catch (Exception e) {
			throw new JfwBaseException(10012, "send mobile phone message to " + mobilePhone + " error", e);
		}
	}

	public static void main(String[] args) {
		System.out.println(String.format("%04d", new Random().nextInt(10000)));
	}
}