JavaWeb/web_toolset
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

首页登陆替换成Google身份验证器

Browse Source 
新增配置工具类
更新页面
This commit is contained in:
Yutousama
2020-09-29 08:52:16 +08:00
parent 11bbd3642e
commit 71d8a52dec
9 changed files with 325 additions and 40 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
src/main/java/com/yutou/tools/web/ToolsController.java Normal file
View File

@@ -0,0 +1,45 @@
package com.yutou.tools.web;
import com.yutou.tools.nas.UpdateIp;
import com.yutou.tools.utils.RedisTools;
import com.yutou.tools.utils.Tools;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import java.io.IOException;
@Controller
public class ToolsController {
@ResponseBody
@RequestMapping("/tools/openpc.do")
public String open_pc(HttpServletRequest request, String type) {
if (StringUtils.isEmpty(type)) {
if (Tools.checkWebLogin(request) == 1) {
Tools.get("http://" + UpdateIp.nas_ip + ":8000/tools/openpc.do?token=zIrsh9TUZP2lfRW753PannG49E7VJvor&type=nas");
}
} else {
if (type.equals("nas")) {
try {
Process process = Runtime.getRuntime().exec("wakeonlan 00:D8:61:6F:02:2F");
RedisTools.processOut(process.getInputStream());
RedisTools.processOut(process.getErrorStream());
process.destroy();
} catch (IOException e) {
e.printStackTrace();
}
}
}
return "ok";
}
@ResponseBody
@RequestMapping("/tools/server.do")
public String sendServerManager(String title, String msg) {
Tools.sendServer(title, msg);
return "ok";
}
}

74
src/main/java/com/yutou/tools/web/userController.java
View File

@@ -3,9 +3,12 @@ package com.yutou.tools.web;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONArray;
import com.alibaba.fastjson.JSONObject;
import com.yutou.tools.Tools.GoogleAccount;
import com.yutou.tools.utils.ConfigTools;
import com.yutou.tools.utils.RedisTools;
import com.yutou.tools.utils.Tools;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
@@ -56,15 +59,18 @@ public class userController {
@ResponseBody
public String captcha(HttpServletRequest request) {
JSONArray array = new JSONArray();
JSONObject json = new JSONObject();
if (RedisTools.get("ban") != null) {
array = JSONArray.parseArray(RedisTools.get("ban"));
}
if (array.contains(Tools.getRemoteAddress(request))) {
System.out.println("IP已被封禁");
return "ERROR!";
json.put("msg", "IP已被封禁");
json.put("code", -1);
return json.toJSONString();
}
int[] captcha = Tools.randomCommon(0, 9, 6);
/* //原验证码方案
int[] captcha = Tools.randomCommon(0, 9, 6);
String cc = "";
for (int value : captcha) {
cc += value;
@@ -75,8 +81,21 @@ public class userController {
String url = "http://tools.yutou233.cn/login/ban.do?token=" + token;
Tools.sendServer("管理后台登录验证码", "本次登录验证码为:" + cc
+ ",登录IP:" + Tools.getRemoteAddress(request)
+ ",非正常登录封禁IP:" + url);
return "ok";
+ ",非正常登录封禁IP:" + url);*/
String secret = (String) ConfigTools.load(ConfigTools.DATA, "secret");
if (StringUtils.isEmpty(secret)) {
secret = GoogleAccount.generateSecretKey();
String uname=GoogleAccount.isDev?"yutou(dev)":"yutou";
String code = GoogleAccount.getQRBarcode(uname, secret);
ConfigTools.save(ConfigTools.DATA,"secret_tmp",secret);
json.put("msg", "绑定连接");
json.put("code", 1);
json.put("data", code);
return json.toJSONString();
}
json.put("msg", "ok");
json.put("code", 0);
return json.toJSONString();
}
@RequestMapping("/login/ban.do")
@@ -88,8 +107,8 @@ public class userController {
if (RedisTools.get("ban") != null) {
array = JSONArray.parseArray(RedisTools.get("bean"));
}
if(array==null){
array=new JSONArray();
if (array == null) {
array = new JSONArray();
}
array.add(ip);
RedisTools.set("ban", array.toJSONString());
@@ -107,16 +126,39 @@ public class userController {
@ResponseBody
public String login(HttpServletResponse response, String code) {
JSONObject json = new JSONObject();
if (RedisTools.get("login").equals(code.trim())) {
String uuid = UUID.randomUUID().toString();
Tools.setCookie(response, "user", uuid.replace("-", ""), 30 * 24 * 60 * 60);
RedisTools.set(uuid.replace("-", ""), "ok", 30 * 24 * 60 * 60);
json.put("code", 0);
json.put("msg", "登录成功");
return json.toJSONString();
String secret= (String) ConfigTools.load(ConfigTools.DATA,"secret");
if(StringUtils.isEmpty(secret)){
secret= (String) ConfigTools.load(ConfigTools.DATA,"secret_tmp");
if(StringUtils.isEmpty(secret)){
json.put("code",-2);
json.put("msg","未绑定");
return json.toJSONString();
}
if(new GoogleAccount().check_code(secret,Long.parseLong(code),System.currentTimeMillis())){
json.put("code", 0);
json.put("msg", "登录成功");
ConfigTools.save(ConfigTools.DATA,"secret",secret);
ConfigTools.save(ConfigTools.DATA,"secret_tmp","");
}else {
json.put("code", -2);
json.put("msg", "登录失败");
return json.toJSONString();
}
}else{
if(new GoogleAccount().check_code(secret,Long.parseLong(code),System.currentTimeMillis())){
json.put("code", 0);
json.put("msg", "登录成功");
}else {
json.put("code", -2);
json.put("msg", "登录失败");
return json.toJSONString();
}
}
json.put("code", -2);
json.put("msg", "登录安全码错误");
String uuid = UUID.randomUUID().toString();
Tools.setCookie(response, "user", uuid.replace("-", ""), 30 * 24 * 60 * 60);
RedisTools.set(uuid.replace("-", ""), "ok", 30 * 24 * 60 * 60);
json.put("code", 0);
json.put("msg", "登录成功");
return json.toJSONString();
}