2020-04-16 01:53:25 +08:00
|
|
|
|
package com.yutou.tools.web;
|
|
|
|
|
|
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import com.alibaba.fastjson.JSON;
|
|
|
|
|
|
import com.alibaba.fastjson.JSONArray;
|
2020-04-16 01:53:25 +08:00
|
|
|
|
import com.alibaba.fastjson.JSONObject;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import com.yutou.tools.utils.RedisTools;
|
2020-04-16 01:53:25 +08:00
|
|
|
|
import com.yutou.tools.utils.Tools;
|
|
|
|
|
|
import org.springframework.stereotype.Controller;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
2020-05-04 03:26:52 +08:00
|
|
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import org.springframework.web.bind.annotation.ResponseBody;
|
2020-04-16 01:53:25 +08:00
|
|
|
|
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import javax.annotation.Resource;
|
2020-04-16 01:53:25 +08:00
|
|
|
|
import javax.servlet.http.Cookie;
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
2020-05-29 10:26:55 +08:00
|
|
|
|
import java.io.IOException;
|
|
|
|
|
|
import java.io.PrintWriter;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
import java.util.Objects;
|
|
|
|
|
|
import java.util.UUID;
|
2020-04-16 01:53:25 +08:00
|
|
|
|
|
|
|
|
|
|
@Controller
|
|
|
|
|
|
public class userController {
|
|
|
|
|
|
|
2020-04-17 14:32:22 +08:00
|
|
|
|
@RequestMapping("/login/check.do")
|
|
|
|
|
|
@ResponseBody
|
|
|
|
|
|
public String getLoginState(HttpServletRequest request) {
|
|
|
|
|
|
JSONObject json = new JSONObject();
|
|
|
|
|
|
json.put("code", -1);
|
|
|
|
|
|
json.put("msg", "未登录");
|
2020-05-04 03:26:52 +08:00
|
|
|
|
JSONArray array = new JSONArray();
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if (RedisTools.get("ban") != null) {
|
|
|
|
|
|
array = JSONArray.parseArray(RedisTools.get("ban"));
|
2020-04-17 14:32:22 +08:00
|
|
|
|
}
|
2020-05-04 03:26:52 +08:00
|
|
|
|
if (array.contains(Tools.getRemoteAddress(request))) {
|
|
|
|
|
|
json.put("code", -2);
|
|
|
|
|
|
json.put("msg", "未登录");
|
2020-04-17 14:32:22 +08:00
|
|
|
|
System.out.println("IP已被封禁");
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
|
|
|
|
|
Cookie cookie = Tools.getCookie(request, "user");
|
|
|
|
|
|
if (cookie == null) {
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if ("ok".equals(RedisTools.get(cookie.getValue()))) {
|
2020-04-17 14:32:22 +08:00
|
|
|
|
json.put("code", 0);
|
|
|
|
|
|
json.put("msg", "登录成功");
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
|
|
|
|
|
json.put("code", -1);
|
|
|
|
|
|
json.put("msg", "未登录");
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@RequestMapping("/login/sendCaptcha.do")
|
|
|
|
|
|
@ResponseBody
|
|
|
|
|
|
public String captcha(HttpServletRequest request) {
|
2020-05-04 03:26:52 +08:00
|
|
|
|
JSONArray array = new JSONArray();
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if (RedisTools.get("ban") != null) {
|
|
|
|
|
|
array = JSONArray.parseArray(RedisTools.get("ban"));
|
2020-05-04 03:26:52 +08:00
|
|
|
|
}
|
|
|
|
|
|
if (array.contains(Tools.getRemoteAddress(request))) {
|
|
|
|
|
|
|
|
|
|
|
|
System.out.println("IP已被封禁");
|
|
|
|
|
|
return "ERROR!";
|
|
|
|
|
|
}
|
|
|
|
|
|
int[] captcha = Tools.randomCommon(0, 9, 6);
|
2020-04-17 14:32:22 +08:00
|
|
|
|
String cc = "";
|
|
|
|
|
|
for (int value : captcha) {
|
|
|
|
|
|
cc += value;
|
|
|
|
|
|
}
|
2020-05-27 14:40:25 +08:00
|
|
|
|
RedisTools.set("login", cc, 5 * 60 * 1000);
|
2020-05-29 10:26:55 +08:00
|
|
|
|
String token = UUID.randomUUID().toString().replace("-", "");
|
|
|
|
|
|
RedisTools.set(token, Tools.getRemoteAddress(request), 10 * 60 * 1000);
|
|
|
|
|
|
String url = "http://tools.yutou233.cn/login/ban.do?token=" + token;
|
2020-04-17 14:32:22 +08:00
|
|
|
|
Tools.sendServer("管理后台登录验证码", "本次登录验证码为:" + cc
|
|
|
|
|
|
+ ",登录IP:" + Tools.getRemoteAddress(request)
|
2020-05-29 10:26:55 +08:00
|
|
|
|
+ ",非正常登录,封禁IP:" + url);
|
2020-04-17 14:32:22 +08:00
|
|
|
|
return "ok";
|
|
|
|
|
|
}
|
2020-05-29 10:26:55 +08:00
|
|
|
|
|
2020-05-04 03:26:52 +08:00
|
|
|
|
@RequestMapping("/login/ban.do")
|
2020-05-29 10:26:55 +08:00
|
|
|
|
public void banIp(HttpServletResponse response, String token, String model) throws IOException {
|
|
|
|
|
|
String ip = RedisTools.get(token);
|
|
|
|
|
|
PrintWriter writer = response.getWriter();
|
|
|
|
|
|
if (ip != null && model != null && model.equals("yes")) {
|
|
|
|
|
|
JSONArray array = null;
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if (RedisTools.get("ban") != null) {
|
|
|
|
|
|
array = JSONArray.parseArray(RedisTools.get("bean"));
|
2020-05-04 03:26:52 +08:00
|
|
|
|
}
|
2020-05-29 10:26:55 +08:00
|
|
|
|
if(array==null){
|
|
|
|
|
|
array=new JSONArray();
|
|
|
|
|
|
}
|
2020-05-04 03:26:52 +08:00
|
|
|
|
array.add(ip);
|
2020-05-29 10:26:55 +08:00
|
|
|
|
RedisTools.set("ban", array.toJSONString());
|
|
|
|
|
|
writer.write("已封禁");
|
|
|
|
|
|
} else {
|
|
|
|
|
|
String url = "http://tools.yutou233.cn/login/ban.do?token=" + token + "&model=yes";
|
|
|
|
|
|
String html = "<div><a href=" + url + ">click my is ban this IP :" + ip + "</a></div>";
|
|
|
|
|
|
writer.write(html);
|
2020-05-04 03:26:52 +08:00
|
|
|
|
}
|
2020-05-29 10:26:55 +08:00
|
|
|
|
writer.flush();
|
|
|
|
|
|
writer.close();
|
2020-05-04 03:26:52 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@RequestMapping(value = "/login/login.do", method = RequestMethod.POST)
|
|
|
|
|
|
@ResponseBody
|
|
|
|
|
|
public String login(HttpServletResponse response, String code) {
|
|
|
|
|
|
JSONObject json = new JSONObject();
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if (RedisTools.get("login").equals(code.trim())) {
|
2020-05-04 03:26:52 +08:00
|
|
|
|
String uuid = UUID.randomUUID().toString();
|
|
|
|
|
|
Tools.setCookie(response, "user", uuid.replace("-", ""), 30 * 24 * 60 * 60);
|
2020-05-27 14:40:25 +08:00
|
|
|
|
RedisTools.set(uuid.replace("-", ""), "ok", 30 * 24 * 60 * 60);
|
2020-05-04 03:26:52 +08:00
|
|
|
|
json.put("code", 0);
|
|
|
|
|
|
json.put("msg", "登录成功");
|
2020-04-16 01:53:25 +08:00
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
2020-05-04 03:26:52 +08:00
|
|
|
|
json.put("code", -2);
|
|
|
|
|
|
json.put("msg", "登录安全码错误");
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@RequestMapping(value = "/login/logout.do", method = RequestMethod.POST)
|
|
|
|
|
|
@ResponseBody
|
|
|
|
|
|
public String logout(HttpServletRequest request, HttpServletResponse response) {
|
|
|
|
|
|
JSONObject json = new JSONObject();
|
|
|
|
|
|
Cookie cookie = Tools.getCookie(request, "user");
|
|
|
|
|
|
json.put("code", -1);
|
|
|
|
|
|
json.put("msg", "退出失败");
|
|
|
|
|
|
if (cookie != null) {
|
2020-05-27 14:40:25 +08:00
|
|
|
|
if ("ok".equals(RedisTools.get(cookie.getValue()))) {
|
|
|
|
|
|
RedisTools.set(cookie.getValue(), "ok", 1);
|
2020-05-04 03:26:52 +08:00
|
|
|
|
Tools.deleteCookie(request, response, "user");
|
|
|
|
|
|
json.put("code", 0);
|
|
|
|
|
|
json.put("msg", "退出成功");
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
return json.toJSONString();
|
|
|
|
|
|
|
2020-04-16 01:53:25 +08:00
|
|
|
|
}
|
|
|
|
|
|
}
|
