web端登录方式改为token验证登录，保存到cookie中

Server酱发送消息改为URLEncoder index页面新增备案号信息 home页更新版权信息
2020-04-07 11:23:55 +08:00 · 2020-04-07 11:23:55 +08:00 · ad332a80cf
commit ad332a80cf
parent 9dcee52750
10 changed files with 83 additions and 43 deletions
--- a/html/home.html
+++ b/html/home.html
@ -86,7 +86,7 @@
 		</div>
 		<div class="layui-footer">
-			©2019 <a href="http://jianrmod.cn">jianrmod.cn</a> - 舰R魔改宝盒小组
+			©2020 <a href="http://jianrmod.cn">jianrmod.cn</a> - 舰R魔改宝盒小组
 		</div>
 	</div>
--- a/html/index.html
+++ b/html/index.html
@ -33,6 +33,10 @@
 		</div>
 	</div>
 	</div>
 	<div style="bottom: 10px; left: 30%; position: fixed;">
 		<!-- 底部固定区域 -->
 		<a href="http://beian.miit.gov.cn/">湘ICP备16005656号-2</a>
 	  </div>
 </body>
 <link rel="stylesheet" href="../static/layui/css/layui.css">
 <script type="text/javascript" src="../static/layui/layui.all.js"></script>
--- a/pom.xml
+++ b/pom.xml
@ -10,7 +10,7 @@
    </parent>
    <groupId>com.yutou.jianrmod</groupId>
    <artifactId>servicer</artifactId>
-    <version>2.0.0-SNAPSHOT</version>
+    <version>2.0.1-release</version>
    <name>servicer</name>
    <description>Demo project for Spring Boot</description>
--- a/src/main/java/com/yutou/controller/Web/WebLoginController.java
+++ b/src/main/java/com/yutou/controller/Web/WebLoginController.java
@ -1,10 +1,13 @@
 package com.yutou.controller.Web;
 import java.nio.charset.StandardCharsets;
 import java.text.SimpleDateFormat;
 import javax.annotation.Resource;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import org.json.JSONObject;
 import org.springframework.stereotype.Controller;
@ -29,7 +32,7 @@ public class WebLoginController {
 	@RequestMapping("/user/login.do")
 	@ResponseBody
-	public String login(HttpServletRequest request) {
+	public String login(HttpServletRequest request, HttpServletResponse response) {
 		String uname = request.getParameter("uname");
 		String pass = request.getParameter("pass");
 		JSONObject json = new JSONObject();
@ -40,7 +43,6 @@ public class WebLoginController {
 		}
 		int str = userService.login(uname, pass);
 		json.put("id", str);
 		json.put("session", request.getSession().getId());
 		json.put("name", uname);
 		switch (str) {
 		case -2:
@ -64,11 +66,18 @@ public class WebLoginController {
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("id", str);
 			json.put("uid", str);
 			/*Tools.saveSession(request, request.getSession().getId(), str);*/
-			RedisUtlis.set(request.getSession().getId(),json.toString());
+			String token=Tools.getToken(request,str);
 			Cookie cookie=new Cookie("login",token);
 			cookie.setPath("/");
 			response.addCookie(cookie);
 			json.put("token",token);
 			RedisUtlis.set(token,json.toString());
 			request.getSession().setAttribute("power", 100);
 			break;
 		}
 		System.out.println(json.toString());
 		return json.toString();
 	}
@ -79,9 +88,9 @@ public class WebLoginController {
 		System.out.println("注册请求");
 		Tools.PrintfHttpServletRequest(request);
 		try {
-			uname=new String(uname.getBytes(),"UTF-8");
+			uname=new String(uname.getBytes(), StandardCharsets.UTF_8);
-			pass=new String(pass.getBytes(),"UTF-8");
+			pass=new String(pass.getBytes(), StandardCharsets.UTF_8);
-			name=new String(name.getBytes(),"UTF-8");
+			name=new String(name.getBytes(), StandardCharsets.UTF_8);
 		} catch (Exception e) {
 			// TODO Auto-generated catch block
 			e.printStackTrace();
@ -109,11 +118,12 @@ public class WebLoginController {
 		int udata = -1;
 		User user=null;
 		String referer=request.getHeader("referer");
 		JSONObject json = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			System.out.println( RedisUtlis.get(Tools.getCookie(request,"login")));
 			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid =  reJson.getInt("uid");
+			udata = reJson.getInt("uid");
 			udata =uid;
 			user=userService.getUser(udata);
 		} catch (Exception e) {
 			// TODO: handle exception
@ -121,8 +131,8 @@ public class WebLoginController {
 		UGroup group=permissionService.getGroup("管理员");
 		request.getSession().setAttribute("adminPower", group.getPermission());
 		int upower=UserPower.getPower(referer);
-		JSONObject json = new JSONObject();
+
-		if (udata == -1) {
+		if (udata == -1||udata==-999) {
 			json.put("code", UserEnum.LOGIN_NOT_LOGIN.code);
 			json.put("msg",  UserEnum.LOGIN_NOT_LOGIN.msg);
 		} else {
@ -141,7 +151,7 @@ public class WebLoginController {
 	@RequestMapping("/user/logout.do")
 	@ResponseBody
 	public String logout(HttpServletRequest request) {
-		RedisUtlis.remove(request.getSession().getId());
+		RedisUtlis.remove(Tools.getCookie(request,"login"));
 		return "{}";
 	}
--- a/src/main/java/com/yutou/controller/Web/WebPermissionController.java
+++ b/src/main/java/com/yutou/controller/Web/WebPermissionController.java
@ -35,6 +35,7 @@ public class WebPermissionController {
 		JSONObject json=new JSONObject();
 		JSONArray array=new JSONArray();
 		User user=userService.getUser(Tools.getUserId(request));
 		System.out.println(user);
 		for (UGroup group : list) {
 			JSONObject tmp=new JSONObject();
 			tmp.put("permission", group.getTitle());
--- a/src/main/java/com/yutou/controller/Web/WebUserController.java
+++ b/src/main/java/com/yutou/controller/Web/WebUserController.java
@ -44,9 +44,9 @@ public class WebUserController {
 	@ResponseBody
 	public String getModOfUser(HttpServletRequest request) {
 		JSONObject json = new JSONObject();
-		String ujson = RedisUtlis.get(request.getSession().getId());
+		String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 		JSONObject uujson=new JSONObject(ujson);
-		int uid = Integer.valueOf(uujson.getString("uid"));
+		int uid = Integer.parseInt(uujson.getString("uid"));
 		List<TMod> list = modService.getUserOfId(uid);
 		if (list != null && list.size() > 0) {
 			json.put("code", ModEnum.SUCCESS.code);
@ -65,7 +65,7 @@ public class WebUserController {
 	public String getUserData(HttpServletRequest request) {
 		JSONObject userdata = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject json=new JSONObject(ujson);
 			int uid = json.getInt("uid");
 			userdata.put("msg", UserEnum.LOGIN_SUCCESS.code);
@ -92,11 +92,11 @@ public class WebUserController {
 				return userdata.toString();
 			}
 			JSONObject imageJson = (JSONObject) Tools.getSessionKey(request, "image");
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject json=new JSONObject(ujson);
 			int uid =  json.getInt("uid");
-			User user = userService.getUser(Integer.valueOf(uid));
+			User user = userService.getUser(uid);
-			UUserdata data = userService.getUUserData(Integer.valueOf(RedisUtlis.get(request.getSession().getId())));
+			UUserdata data = userService.getUUserData(uid);
 			if (!Tools.StringIsEmpty(email))
 				data.setEmail(email);
 			if (imageJson != null && !imageJson.isNull("url")) {
@ -127,9 +127,9 @@ public class WebUserController {
 			HttpServletRequest request) {
 		JSONObject json = new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson =RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid = Integer.valueOf(reJson.getString("uid"));
+			int uid = Integer.parseInt(reJson.getString("uid"));
 			String url = ServiceStaticValue.SERVICE_URL
 					+ Tools.createFile(request, "user/icon/" + uid + "/", file, "image.png");
 			json.put("id", 1);
@ -150,12 +150,13 @@ public class WebUserController {
 	public String rePassword(String uid,String name,HttpServletRequest request) {
 		JSONObject json=new JSONObject();
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson =RedisUtlis.get(Tools.getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
-			int uid_ = Integer.valueOf(reJson.getString("uid"));
+			System.out.println(ujson);
 			int uid_ =reJson.getInt("uid");
 			if(!Tools.StringIsEmpty(uid)) {
 				try {
-					uid_=Integer.valueOf(uid_);
+					uid_=Integer.parseInt(uid);
 				}catch (Exception e) {
 					// TODO: handle exception
 				}
@ -183,6 +184,7 @@ public class WebUserController {
 			}
 		}catch (Exception e) {
 			// TODO: handle exception
 			e.printStackTrace();
 			json.put("msg", "异常状态");
 			json.put("code", -1);
 		}
@ -208,16 +210,15 @@ public class WebUserController {
 		JSONObject json=new JSONObject();
 		try {
 			String uuid=Tools.loadSession(request, "uuid");
-			String ujson = RedisUtlis.get(request.getSession().getId());
+
-			JSONObject reJson=new JSONObject(ujson);
+			String uid = RedisUtlis.get(uuid);
 			String uid =reJson.getString("uid");
 			if(Tools.StringIsEmpty(uid)) {
 				json.put("msg", "非法操作，已记录您的IP");
 				json.put("code", -1);
 			}else {
-				User user=userService.getUser(Integer.valueOf(uid));
+				User user=userService.getUser(Integer.parseInt(uid));
-				String passowrd=request.getParameter("password");
+				String password=request.getParameter("password");
-				user.setPass(passowrd);
+				user.setPass(password);
 				RedisUtlis.removeLoginState(uid);
 				RedisUtlis.remove(uuid);
 				userService.updateUser(user);
@ -226,6 +227,7 @@ public class WebUserController {
 			}
 		} catch (Exception e) {
 			// TODO: handle exception
 			e.printStackTrace();
 			json.put("msg", "异常状态");
 			json.put("code", -1);
 		}
--- a/src/main/java/com/yutou/controller/admin/AdminUserController.java
+++ b/src/main/java/com/yutou/controller/admin/AdminUserController.java
@ -172,6 +172,7 @@ public class AdminUserController {
 	public boolean isAdmin(HttpServletRequest request) {
 		int uid=Tools.getUserId(request);
 		User user=userService.getUser(uid);
 		System.out.println(user);
 		if(user.getPower()<powerService.getGroup(POWER.ADMIN,null).getPermission()) {
 			return false;
 		}
--- a/src/main/java/com/yutou/controller/android/SystemController.java
+++ b/src/main/java/com/yutou/controller/android/SystemController.java
@ -23,6 +23,9 @@ import com.yutou.utlis.EmailTools;
 import com.yutou.utlis.RedisUtlis;
 import com.yutou.utlis.Tools;
 import java.io.UnsupportedEncodingException;
 import java.net.URLEncoder;
@RequestMapping("/android/system")
@Controller
 public class SystemController {
@ -50,6 +53,9 @@ public class SystemController {
 	public String addFeedBack(HttpServletRequest request) {
 		JSONObject json=new JSONObject();
 		int uid_ = Tools.getUidOfToken(request);
 		if(uid_==-1){
 			uid_=new JSONObject(RedisUtlis.get(Tools.getCookie(request,"login"))).getInt("uid");
 		}
 		if(uid_==0){
 			uid_=Tools.getUserId(request);
 		}
@ -75,7 +81,14 @@ public class SystemController {
 		json.put("code", 100);
 		json.put("msg", systemService.addFeedBack(_uid, context, sysinfo)==1?"提交成功":"提交失败");
 		UUserdata udata=user.getUUserData(Integer.parseInt(uid));
-		Tools.getHTTPUrlString("https://sc.ftqq.com/SCU64034T5adf5c5940dcecc016e0e9d0cf9b1e725da126ff47475.send?text=盒子问题反馈&desp="+"来自uid:"+uid+"的问题反馈"+context+",系统信息:"+sysinfo+",对方邮箱:"+udata.getEmail());
+		String msg="来自uid:"+uid+"的问题反馈"+context+",系统信息:"+sysinfo+",对方邮箱:"+udata.getEmail();
 		try {
 			Tools.getHTTPUrlString("https://sc.ftqq.com/SCU64034T5adf5c5940dcecc016e0e9d0cf9b1e725da126ff47475.send?text="
 					+ URLEncoder.encode("盒子问题反馈","UTF-8")
 					+"&desp="+URLEncoder.encode(msg,"UTF-8"));
 		} catch (UnsupportedEncodingException e) {
 			e.printStackTrace();
 		}
 		try {
 			EmailTools.send("583819556@qq.com", "盒子问题反馈", "来自uid:"+uid+"的问题反馈\n"+context+"\n系统信息:"+sysinfo+"\n对方邮箱:"+udata.getEmail());
 		} catch (Exception e) {
--- a/src/main/java/com/yutou/controller/android/UserController.java
+++ b/src/main/java/com/yutou/controller/android/UserController.java
@ -65,7 +65,7 @@ public class UserController {
 			json.put("code", UserEnum.LOGIN_blacklist.code);
 			break;
 		default:
-			String token = getToken(request, uid);
+			String token =Tools. getToken(request, uid);
 			json.put("msg", "登录成功");
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("token", token);
@ -110,7 +110,7 @@ public class UserController {
 		if (str >= 0) {
 			json.put("code", UserEnum.REG_SUCCESS.code);
 			json.put("msg", UserEnum.REG_SUCCESS.msg);
-			String token = getToken(request, str);
+			String token = Tools.getToken(request, str);
 			json.put("token", token);
 			json.put("uid", str);
 			RedisUtlis.set(token, json.toString(), ServiceStaticValue.TOKEN_TIMEOUT);
@ -127,7 +127,7 @@ public class UserController {
 	public String reload(int uid, String token, HttpServletRequest request) {
 		JSONObject json = new JSONObject();
 		if ((boolean) request.getAttribute("loginState")) {
-			String newtoken = getToken(request, uid);
+			String newtoken =Tools.getToken(request, uid);
 			json.put("msg", "登录成功");
 			json.put("code", UserEnum.LOGIN_SUCCESS.code);
 			json.put("token", newtoken);
@ -257,10 +257,5 @@ public class UserController {
 		return json.toString();
 	}
-	private String getToken(HttpServletRequest request, int uid) {
+
 		String address = Tools.getRemoteAddress(request);
 		String time = System.currentTimeMillis() + "";
 		String token = MD5Signature.sign(address + time + (uid + ""), ServiceStaticValue.SERVICE_URL);
 		return token;
 	}
 }
--- a/src/main/java/com/yutou/utlis/Tools.java
+++ b/src/main/java/com/yutou/utlis/Tools.java
@ -220,7 +220,7 @@ public class Tools {
 		Cookie[] cookies = request.getCookies();
 		String value=null;
 		for (Cookie cookie : cookies) {
-			System.out.println("key:"+cookie.getName()+" value:"+cookie.getValue());
+			System.out.println(cookie.getName()+" "+cookie.getValue());
 			if (cookie.getName().equals(key)) {
 				value=cookie.getValue();
 				break;
@ -502,7 +502,7 @@ public class Tools {
 	}
 	public static int getUserId(HttpServletRequest request) {
 		try {
-			String ujson = RedisUtlis.get(request.getSession().getId());
+			String ujson = RedisUtlis.get(getCookie(request,"login"));
 			JSONObject reJson=new JSONObject(ujson);
 			int uid =  reJson.getInt("uid");
 			return uid;
@ -515,6 +515,9 @@ public class Tools {
 	public static int getUidOfToken(HttpServletRequest request) {
 		try {
 			String token=request.getParameter("token");
 			if(token==null){
 				return -1;
 			}
 			String ujson = RedisUtlis.get(token);
 			JSONObject reJson=new JSONObject(ujson);
 			if(reJson.getString("msg").equals("注册成功")) {
@ -537,4 +540,15 @@ public class Tools {
 	public static void resetCode(HttpServletResponse response) {
 		response.setContentType("text/html;charset=UTF-8");
 	}
 	/**
 	 * 创建用户登录token
 	 * @return token
 	 */
 	public static String getToken(HttpServletRequest request, int uid) {
 		String address = Tools.getRemoteAddress(request);
 		String time = System.currentTimeMillis() + "";
 		String token = MD5Signature.sign(address + time + (uid + ""), ServiceStaticValue.SERVICE_URL);
 		return token;
 	}
 }