From ad332a80cfc0dfb03bdfff89f70920226d2c8095 Mon Sep 17 00:00:00 2001
From: Yutousama <583819556@qq.com>
Date: Tue, 7 Apr 2020 11:23:55 +0800
Subject: [PATCH] =?UTF-8?q?web=E7=AB=AF=E7=99=BB=E5=BD=95=E6=96=B9?=
 =?UTF-8?q?=E5=BC=8F=E6=94=B9=E4=B8=BAtoken=E9=AA=8C=E8=AF=81=E7=99=BB?=
 =?UTF-8?q?=E5=BD=95=EF=BC=8C=E4=BF=9D=E5=AD=98=E5=88=B0cookie=E4=B8=AD=20?=
 =?UTF-8?q?Server=E9=85=B1=E5=8F=91=E9=80=81=E6=B6=88=E6=81=AF=E6=94=B9?=
 =?UTF-8?q?=E4=B8=BAURLEncoder=20index=E9=A1=B5=E9=9D=A2=E6=96=B0=E5=A2=9E?=
 =?UTF-8?q?=E5=A4=87=E6=A1=88=E5=8F=B7=E4=BF=A1=E6=81=AF=20home=E9=A1=B5?=
 =?UTF-8?q?=E6=9B=B4=E6=96=B0=E7=89=88=E6=9D=83=E4=BF=A1=E6=81=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 html/home.html                                |  2 +-
 html/index.html                               |  4 +++
 pom.xml                                       |  2 +-
 .../controller/Web/WebLoginController.java    | 34 +++++++++++-------
 .../Web/WebPermissionController.java          |  1 +
 .../controller/Web/WebUserController.java     | 36 ++++++++++---------
 .../controller/admin/AdminUserController.java |  1 +
 .../controller/android/SystemController.java  | 15 +++++++-
 .../controller/android/UserController.java    | 13 +++----
 src/main/java/com/yutou/utlis/Tools.java      | 18 ++++++++--
 10 files changed, 83 insertions(+), 43 deletions(-)

diff --git a/html/home.html b/html/home.html
index ef80d2f..6566d27 100644
--- a/html/home.html
+++ b/html/home.html
@@ -86,7 +86,7 @@
 		</div>
 
 		<div class="layui-footer">
-			©2019 <a href="http://jianrmod.cn">jianrmod.cn</a> - 舰R魔改宝盒小组
+			©2020 <a href="http://jianrmod.cn">jianrmod.cn</a> - 舰R魔改宝盒小组
 		</div>
 	</div>
 
diff --git a/html/index.html b/html/index.html
index 7cacc0b..a60019a 100644
--- a/html/index.html
+++ b/html/index.html
@@ -33,6 +33,10 @@
 		</div>
 	</div>
 	</div>
+	<div style="bottom: 10px; left: 30%; position: fixed;">
+		<!-- 底部固定区域 -->
+		<a href="http://beian.miit.gov.cn/">湘ICP备16005656号-2</a>
+	  </div>
 </body>
 <link rel="stylesheet" href="../static/layui/css/layui.css">
 <script type="text/javascript" src="../static/layui/layui.all.js"></script>
diff --git a/pom.xml b/pom.xml
index d91c8b2..6cd4bf6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -10,7 +10,7 @@
     </parent>
     <groupId>com.yutou.jianrmod</groupId>
     <artifactId>servicer</artifactId>
-    <version>2.0.0-SNAPSHOT</version>
+    <version>2.0.1-release</version>
     <name>servicer</name>
     <description>Demo project for Spring Boot</description>
 
diff --git a/src/main/java/com/yutou/controller/Web/WebLoginController.java b/src/main/java/com/yutou/controller/Web/WebLoginController.java
index ed1fcf6..48350ce 100644
--- a/src/main/java/com/yutou/controller/Web/WebLoginController.java
+++ b/src/main/java/com/yutou/controller/Web/WebLoginController.java
@@ -1,10 +1,13 @@
 package com.yutou.controller.Web;
 
 
+import java.nio.charset.StandardCharsets;
 import java.text.SimpleDateFormat;
 
 import javax.annotation.Resource;
+import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 import org.json.JSONObject;
 import org.springframework.stereotype.Controller;
@@ -29,7 +32,7 @@ public class WebLoginController {
 
 	@RequestMapping("/user/login.do")
 	@ResponseBody
-	public String login(HttpServletRequest request) {
+	public String login(HttpServletRequest request, HttpServletResponse response) {
 		String uname = request.getParameter("uname");
 		String pass = request.getParameter("pass");
 		JSONObject json = new JSONObject();
@@ -40,7 +43,6 @@ public class WebLoginController {
 		}
 		int str = userService.login(uname, pass);
 		json.put("id", str);
-		json.put("session", request.getSession().getId());
 		json.put("name", uname);
 		switch (str) {
 		case -2:
@@ -64,11 +66,18 @@ public class WebLoginController {
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("id", str);
 			json.put("uid", str);
+
 			/*Tools.saveSession(request, request.getSession().getId(), str);*/
-			RedisUtlis.set(request.getSession().getId(),json.toString());
+			String token=Tools.getToken(request,str);
+			Cookie cookie=new Cookie("login",token);
+			cookie.setPath("/");
+			response.addCookie(cookie);
+			json.put("token",token);
+			RedisUtlis.set(token,json.toString());
 			request.getSession().setAttribute("power", 100);
 			break;
 		}
+		System.out.println(json.toString());
 		return json.toString();
 	}
 
@@ -79,9 +88,9 @@ public class WebLoginController {
 		System.out.println("注册请求");
 		Tools.PrintfHttpServletRequest(request);
 		try {
-			uname=new String(uname.getBytes(),"UTF-8");
-			pass=new String(pass.getBytes(),"UTF-8");
-			name=new String(name.getBytes(),"UTF-8");
+			uname=new String(uname.getBytes(), StandardCharsets.UTF_8);
+			pass=new String(pass.getBytes(), StandardCharsets.UTF_8);
+			name=new String(name.getBytes(), StandardCharsets.UTF_8);
 		} catch (Exception e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
@@ -109,11 +118,12 @@ public class WebLoginController {
 		int udata = -1;
 		User user=null;
 		String referer=request.getHeader("referer");
+		JSONObject json = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			System.out.println( RedisUtlis.get(Tools.getCookie(request,"login")));
+			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid =  reJson.getInt("uid");
-			udata =uid;
+			udata = reJson.getInt("uid");
 			user=userService.getUser(udata);
 		} catch (Exception e) {
 			// TODO: handle exception
@@ -121,8 +131,8 @@ public class WebLoginController {
 		UGroup group=permissionService.getGroup("管理员");
 		request.getSession().setAttribute("adminPower", group.getPermission());
 		int upower=UserPower.getPower(referer);
-		JSONObject json = new JSONObject();
-		if (udata == -1) {
+
+		if (udata == -1||udata==-999) {
 			json.put("code", UserEnum.LOGIN_NOT_LOGIN.code);
 			json.put("msg",  UserEnum.LOGIN_NOT_LOGIN.msg);
 		} else {
@@ -141,7 +151,7 @@ public class WebLoginController {
 	@RequestMapping("/user/logout.do")
 	@ResponseBody
 	public String logout(HttpServletRequest request) {
-		RedisUtlis.remove(request.getSession().getId());
+		RedisUtlis.remove(Tools.getCookie(request,"login"));
 		return "{}";
 	}
 
diff --git a/src/main/java/com/yutou/controller/Web/WebPermissionController.java b/src/main/java/com/yutou/controller/Web/WebPermissionController.java
index f22df83..bd3e8fa 100644
--- a/src/main/java/com/yutou/controller/Web/WebPermissionController.java
+++ b/src/main/java/com/yutou/controller/Web/WebPermissionController.java
@@ -35,6 +35,7 @@ public class WebPermissionController {
 		JSONObject json=new JSONObject();
 		JSONArray array=new JSONArray();
 		User user=userService.getUser(Tools.getUserId(request));
+		System.out.println(user);
 		for (UGroup group : list) {
 			JSONObject tmp=new JSONObject();
 			tmp.put("permission", group.getTitle());
diff --git a/src/main/java/com/yutou/controller/Web/WebUserController.java b/src/main/java/com/yutou/controller/Web/WebUserController.java
index 4e2b86e..095ab42 100644
--- a/src/main/java/com/yutou/controller/Web/WebUserController.java
+++ b/src/main/java/com/yutou/controller/Web/WebUserController.java
@@ -44,9 +44,9 @@ public class WebUserController {
 	@ResponseBody
 	public String getModOfUser(HttpServletRequest request) {
 		JSONObject json = new JSONObject();
-		String ujson = RedisUtlis.get(request.getSession().getId());
+		String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 		JSONObject uujson=new JSONObject(ujson);
-		int uid = Integer.valueOf(uujson.getString("uid"));
+		int uid = Integer.parseInt(uujson.getString("uid"));
 		List<TMod> list = modService.getUserOfId(uid);
 		if (list != null && list.size() > 0) {
 			json.put("code", ModEnum.SUCCESS.code);
@@ -65,7 +65,7 @@ public class WebUserController {
 	public String getUserData(HttpServletRequest request) {
 		JSONObject userdata = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject json=new JSONObject(ujson);
 			int uid = json.getInt("uid");
 			userdata.put("msg", UserEnum.LOGIN_SUCCESS.code);
@@ -92,11 +92,11 @@ public class WebUserController {
 				return userdata.toString();
 			}
 			JSONObject imageJson = (JSONObject) Tools.getSessionKey(request, "image");
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject json=new JSONObject(ujson);
 			int uid =  json.getInt("uid");
-			User user = userService.getUser(Integer.valueOf(uid));
-			UUserdata data = userService.getUUserData(Integer.valueOf(RedisUtlis.get(request.getSession().getId())));
+			User user = userService.getUser(uid);
+			UUserdata data = userService.getUUserData(uid);
 			if (!Tools.StringIsEmpty(email))
 				data.setEmail(email);
 			if (imageJson != null && !imageJson.isNull("url")) {
@@ -127,9 +127,9 @@ public class WebUserController {
 			HttpServletRequest request) {
 		JSONObject json = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson =RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid = Integer.valueOf(reJson.getString("uid"));
+			int uid = Integer.parseInt(reJson.getString("uid"));
 			String url = ServiceStaticValue.SERVICE_URL
 					+ Tools.createFile(request, "user/icon/" + uid + "/", file, "image.png");
 			json.put("id", 1);
@@ -150,12 +150,13 @@ public class WebUserController {
 	public String rePassword(String uid,String name,HttpServletRequest request) {
 		JSONObject json=new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson =RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid_ = Integer.valueOf(reJson.getString("uid"));
+			System.out.println(ujson);
+			int uid_ =reJson.getInt("uid");
 			if(!Tools.StringIsEmpty(uid)) {
 				try {
-					uid_=Integer.valueOf(uid_);
+					uid_=Integer.parseInt(uid);
 				}catch (Exception e) {
 					// TODO: handle exception
 				}
@@ -183,6 +184,7 @@ public class WebUserController {
 			}
 		}catch (Exception e) {
 			// TODO: handle exception
+			e.printStackTrace();
 			json.put("msg", "异常状态");
 			json.put("code", -1);
 		}
@@ -208,16 +210,15 @@ public class WebUserController {
 		JSONObject json=new JSONObject();
 		try {
 			String uuid=Tools.loadSession(request, "uuid");
-			String ujson = RedisUtlis.get(request.getSession().getId());
-			JSONObject reJson=new JSONObject(ujson);
-			String uid =reJson.getString("uid");
+
+			String uid = RedisUtlis.get(uuid);
 			if(Tools.StringIsEmpty(uid)) {
 				json.put("msg", "非法操作，已记录您的IP");
 				json.put("code", -1);
 			}else {
-				User user=userService.getUser(Integer.valueOf(uid));
-				String passowrd=request.getParameter("password");
-				user.setPass(passowrd);
+				User user=userService.getUser(Integer.parseInt(uid));
+				String password=request.getParameter("password");
+				user.setPass(password);
 				RedisUtlis.removeLoginState(uid);
 				RedisUtlis.remove(uuid);
 				userService.updateUser(user);
@@ -226,6 +227,7 @@ public class WebUserController {
 			}
 		} catch (Exception e) {
 			// TODO: handle exception
+			e.printStackTrace();
 			json.put("msg", "异常状态");
 			json.put("code", -1);
 		}
diff --git a/src/main/java/com/yutou/controller/admin/AdminUserController.java b/src/main/java/com/yutou/controller/admin/AdminUserController.java
index d0b8665..18db976 100644
--- a/src/main/java/com/yutou/controller/admin/AdminUserController.java
+++ b/src/main/java/com/yutou/controller/admin/AdminUserController.java
@@ -172,6 +172,7 @@ public class AdminUserController {
 	public boolean isAdmin(HttpServletRequest request) {
 		int uid=Tools.getUserId(request);
 		User user=userService.getUser(uid);
+		System.out.println(user);
 		if(user.getPower()<powerService.getGroup(POWER.ADMIN,null).getPermission()) {
 			return false;
 		}
diff --git a/src/main/java/com/yutou/controller/android/SystemController.java b/src/main/java/com/yutou/controller/android/SystemController.java
index f32e826..2a35924 100644
--- a/src/main/java/com/yutou/controller/android/SystemController.java
+++ b/src/main/java/com/yutou/controller/android/SystemController.java
@@ -23,6 +23,9 @@ import com.yutou.utlis.EmailTools;
 import com.yutou.utlis.RedisUtlis;
 import com.yutou.utlis.Tools;
 
+import java.io.UnsupportedEncodingException;
+import java.net.URLEncoder;
+
 @RequestMapping("/android/system")
 @Controller
 public class SystemController {
@@ -50,6 +53,9 @@ public class SystemController {
 	public String addFeedBack(HttpServletRequest request) {
 		JSONObject json=new JSONObject();
 		int uid_ = Tools.getUidOfToken(request);
+		if(uid_==-1){
+			uid_=new JSONObject(RedisUtlis.get(Tools.getCookie(request,"login"))).getInt("uid");
+		}
 		if(uid_==0){
 			uid_=Tools.getUserId(request);
 		}
@@ -75,7 +81,14 @@ public class SystemController {
 		json.put("code", 100);
 		json.put("msg", systemService.addFeedBack(_uid, context, sysinfo)==1?"提交成功":"提交失败");
 		UUserdata udata=user.getUUserData(Integer.parseInt(uid));
-		Tools.getHTTPUrlString("https://sc.ftqq.com/SCU64034T5adf5c5940dcecc016e0e9d0cf9b1e725da126ff47475.send?text=盒子问题反馈&desp="+"来自uid:"+uid+"的问题反馈"+context+",系统信息:"+sysinfo+",对方邮箱:"+udata.getEmail());
+		String msg="来自uid:"+uid+"的问题反馈"+context+",系统信息:"+sysinfo+",对方邮箱:"+udata.getEmail();
+		try {
+			Tools.getHTTPUrlString("https://sc.ftqq.com/SCU64034T5adf5c5940dcecc016e0e9d0cf9b1e725da126ff47475.send?text="
+					+ URLEncoder.encode("盒子问题反馈","UTF-8")
+					+"&desp="+URLEncoder.encode(msg,"UTF-8"));
+		} catch (UnsupportedEncodingException e) {
+			e.printStackTrace();
+		}
 		try {
 			EmailTools.send("583819556@qq.com", "盒子问题反馈", "来自uid:"+uid+"的问题反馈\n"+context+"\n系统信息:"+sysinfo+"\n对方邮箱:"+udata.getEmail());
 		} catch (Exception e) {
diff --git a/src/main/java/com/yutou/controller/android/UserController.java b/src/main/java/com/yutou/controller/android/UserController.java
index fb7468e..1023267 100644
--- a/src/main/java/com/yutou/controller/android/UserController.java
+++ b/src/main/java/com/yutou/controller/android/UserController.java
@@ -65,7 +65,7 @@ public class UserController {
 			json.put("code", UserEnum.LOGIN_blacklist.code);
 			break;
 		default:
-			String token = getToken(request, uid);
+			String token =Tools. getToken(request, uid);
 			json.put("msg", "登录成功");
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("token", token);
@@ -110,7 +110,7 @@ public class UserController {
 		if (str >= 0) {
 			json.put("code", UserEnum.REG_SUCCESS.code);
 			json.put("msg", UserEnum.REG_SUCCESS.msg);
-			String token = getToken(request, str);
+			String token = Tools.getToken(request, str);
 			json.put("token", token);
 			json.put("uid", str);
 			RedisUtlis.set(token, json.toString(), ServiceStaticValue.TOKEN_TIMEOUT);
@@ -127,7 +127,7 @@ public class UserController {
 	public String reload(int uid, String token, HttpServletRequest request) {
 		JSONObject json = new JSONObject();
 		if ((boolean) request.getAttribute("loginState")) {
-			String newtoken = getToken(request, uid);
+			String newtoken =Tools.getToken(request, uid);
 			json.put("msg", "登录成功");
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("token", newtoken);
@@ -257,10 +257,5 @@ public class UserController {
 		return json.toString();
 	}
 	
-	private String getToken(HttpServletRequest request, int uid) {
-		String address = Tools.getRemoteAddress(request);
-		String time = System.currentTimeMillis() + "";
-		String token = MD5Signature.sign(address + time + (uid + ""), ServiceStaticValue.SERVICE_URL);
-		return token;
-	}
+
 }
diff --git a/src/main/java/com/yutou/utlis/Tools.java b/src/main/java/com/yutou/utlis/Tools.java
index 0465443..c6b71c5 100644
--- a/src/main/java/com/yutou/utlis/Tools.java
+++ b/src/main/java/com/yutou/utlis/Tools.java
@@ -220,7 +220,7 @@ public class Tools {
 		Cookie[] cookies = request.getCookies();
 		String value=null;
 		for (Cookie cookie : cookies) {
-			System.out.println("key:"+cookie.getName()+" value:"+cookie.getValue());
+			System.out.println(cookie.getName()+" "+cookie.getValue());
 			if (cookie.getName().equals(key)) {
 				value=cookie.getValue();
 				break;
@@ -502,7 +502,7 @@ public class Tools {
 	}
 	public static int getUserId(HttpServletRequest request) {
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
 			int uid =  reJson.getInt("uid");
 			return uid;
@@ -515,6 +515,9 @@ public class Tools {
 	public static int getUidOfToken(HttpServletRequest request) {
 		try {
 			String token=request.getParameter("token");
+			if(token==null){
+				return -1;
+			}
 			String ujson = RedisUtlis.get(token);
 			JSONObject reJson=new JSONObject(ujson);
 			if(reJson.getString("msg").equals("注册成功")) {
@@ -537,4 +540,15 @@ public class Tools {
 	public static void resetCode(HttpServletResponse response) {
 		response.setContentType("text/html;charset=UTF-8");
 	}
+
+	/**
+	 * 创建用户登录token
+	 * @return token
+	 */
+	public static String getToken(HttpServletRequest request, int uid) {
+		String address = Tools.getRemoteAddress(request);
+		String time = System.currentTimeMillis() + "";
+		String token = MD5Signature.sign(address + time + (uid + ""), ServiceStaticValue.SERVICE_URL);
+		return token;
+	}
 }