remove operator login

2025-10-28 23:55:04 +08:00 · 2015-12-14 22:48:32 +08:00
parent 0cfe01e4d1
commit 723566c1ee
8 changed files with 33 additions and 85 deletions
--- a/src/main/java/love/sola/netsupport/api/Register.java
+++ b/src/main/java/love/sola/netsupport/api/Register.java
@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 import com.google.gson.Gson;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.enums.ISP;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -44,7 +45,7 @@ public class Register extends HttpServlet {
 			printAuthorizeFailed(request, out);
 			return;
 		}
-		String wechat = (String) session.getAttribute("wechat");
+		String wechat = (String) session.getAttribute(Attribute.WECHAT);
 		if (wechat == null) {
 			printAuthorizeFailed(request, out);
 			return;
--- a/src/main/java/love/sola/netsupport/api/TicketQuery.java
+++ b/src/main/java/love/sola/netsupport/api/TicketQuery.java
@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 import com.google.gson.Gson;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -55,7 +56,7 @@ public class TicketQuery extends HttpServlet {
 			if (session == null) {
 				return new Response(Response.ResponseCode.UNAUTHORIZED);
 			}
-			User u = (User) session.getAttribute("user");
+			User u = (User) session.getAttribute(Attribute.USER);
 			if (u == null) return new Response(Response.ResponseCode.UNAUTHORIZED);
 			Criteria c = s.createCriteria(Ticket.class);
--- a/src/main/java/love/sola/netsupport/api/TicketSubmit.java
+++ b/src/main/java/love/sola/netsupport/api/TicketSubmit.java
@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 import com.google.gson.Gson;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -57,7 +58,7 @@ public class TicketSubmit extends HttpServlet {
 			if (session == null) {
 				return new Response(Response.ResponseCode.UNAUTHORIZED);
 			}
-			User u = (User) session.getAttribute("user");
+			User u = (User) session.getAttribute(Attribute.USER);
 			if (u == null) return new Response(Response.ResponseCode.UNAUTHORIZED);
 			if (TableTicket.hasOpen(u)) {
--- a/src/main/java/love/sola/netsupport/api/admin/Login.java
+++ b/src/main/java/love/sola/netsupport/api/admin/Login.java
@@ -1,61 +0,0 @@
 package love.sola.netsupport.api.admin;
 import com.google.gson.Gson;
 import love.sola.netsupport.api.Response;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Operator;
 import love.sola.netsupport.sql.SQLCore;
 import love.sola.netsupport.util.Checker;
 import love.sola.netsupport.util.Crypto;
 import love.sola.netsupport.util.ParseUtil;
 import me.chanjar.weixin.common.session.WxSession;
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.io.PrintWriter;
 /**
 * ***********************************************
 * Created by Sola on 2015/12/12.
 * Don't modify this source without my agreement
 * ***********************************************
 */
@WebServlet(name = "Login", urlPatterns = "/api/login", loadOnStartup = 31)
 public class Login extends HttpServlet {
 	private Gson gson = SQLCore.gson;
 	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
 		doGet(request, response);
 	}
 	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
 		request.setCharacterEncoding("utf-8");
 		response.setCharacterEncoding("utf-8");
 		response.addHeader("Content-type", "text/json;charset=utf-8");
 		PrintWriter out = response.getWriter();
 		String json = gson.toJson(login(request));
 		out.println(ParseUtil.parseJsonP(request, json));
 		out.close();
 	}
 	private Response login(HttpServletRequest request) {
 		String password = request.getParameter("pass");
 		if (Checker.hasNull(password)) return new Response(Response.ResponseCode.PARAMETER_REQUIRED);
 		WxSession session = Checker.isOperator(request);
 		if (session == null) {
 			return new Response(Response.ResponseCode.UNAUTHORIZED);
 		}
 		Operator operator = (Operator) session.getAttribute(Attribute.OPERATOR);
 		if (!Crypto.check(password,operator.getPassword()))
 			return new Response(Response.ResponseCode.WRONG_PASSWORD);
 		else
 			return new Response(Response.ResponseCode.OK, operator);
 	}
 }
--- a/src/main/java/love/sola/netsupport/api/admin/TicketUpdate.java
+++ b/src/main/java/love/sola/netsupport/api/admin/TicketUpdate.java
@@ -2,11 +2,14 @@ package love.sola.netsupport.api.admin;
 import com.google.gson.Gson;
 import love.sola.netsupport.api.Response;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Operator;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.sql.SQLCore;
 import love.sola.netsupport.util.Checker;
 import love.sola.netsupport.util.ParseUtil;
 import love.sola.netsupport.wechat.Command;
 import me.chanjar.weixin.common.session.WxSession;
 import org.hibernate.HibernateException;
 import org.hibernate.Session;
@@ -15,7 +18,6 @@ import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.io.PrintWriter;
@@ -50,13 +52,12 @@ public class TicketUpdate extends HttpServlet {
 		String remark = request.getParameter("remark");
 		String status = request.getParameter("status");
 		if (Checker.hasNull(ticket, remark, status)) return new Response(Response.ResponseCode.PARAMETER_REQUIRED);
-
+		WxSession session = Checker.isAuthorized(request, Command.LOGIN);
 		if (session == null) {
 			return new Response(Response.ResponseCode.UNAUTHORIZED);
 		}
 		try (Session s = SQLCore.sf.openSession()) {
-			HttpSession httpSession = request.getSession(false);
+			Operator op = (Operator) session.getAttribute(Attribute.OPERATOR);
 			if (!Checker.isOperator(httpSession)) {
 				return new Response(Response.ResponseCode.UNAUTHORIZED);
 			}
 			Operator op = (Operator) httpSession.getAttribute("operator");
 			Ticket t = s.get(Ticket.class, Integer.parseInt(ticket));
 			if (t == null) {
 				return new Response(Response.ResponseCode.TICKET_NOT_FOUND);
--- a/src/main/java/love/sola/netsupport/util/Checker.java
+++ b/src/main/java/love/sola/netsupport/util/Checker.java
@@ -27,11 +27,4 @@ public class Checker {
 		return s == null ? null : s.getAttribute(Attribute.AUTHORIZED) == c ? s : null;
 	}
 	public static WxSession isOperator(HttpServletRequest r) {
 		String t = r.getParameter("token");
 		if (t == null || t.isEmpty()) return null;
 		WxSession s = WechatSession.get(t, false);
 		return s == null ? null : s.getAttribute(Attribute.OPERATOR) == null ? null : s;
 	}
 }
--- a/src/main/java/love/sola/netsupport/wechat/handler/LoginHandler.java
+++ b/src/main/java/love/sola/netsupport/wechat/handler/LoginHandler.java
@@ -1,10 +1,13 @@
 package love.sola.netsupport.wechat.handler;
 import love.sola.netsupport.enums.Access;
 import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Operator;
 import love.sola.netsupport.sql.TableOperator;
-import love.sola.netsupport.util.RSAUtil;
+import love.sola.netsupport.wechat.Command;
 import love.sola.netsupport.wechat.WechatSession;
 import me.chanjar.weixin.common.exception.WxErrorException;
 import me.chanjar.weixin.common.session.WxSession;
 import me.chanjar.weixin.common.session.WxSessionManager;
 import me.chanjar.weixin.mp.api.WxMpMessageHandler;
 import me.chanjar.weixin.mp.api.WxMpService;
@@ -32,13 +35,20 @@ public class LoginHandler implements WxMpMessageHandler {
 			Operator operator = TableOperator.get(wxMessage.getFromUserName());
 			if (operator == null)
 				out.content(lang("Not_Operator"));
-			else if (operator.getAccess() == Access.NOLOGIN)
+			else if (operator.getAccess() == Access.NOLOGIN) {
 				out.content(lang("No_Login"));
-			else
+			} else {
-				out.content(format("Operator_Login_Link", wxMessage.getFromUserName(), RSAUtil.publicKey_s));
+				String id = WechatSession.genId();
 				WxSession session = WechatSession.get(id, true);
 				session.setAttribute(Attribute.AUTHORIZED, Command.LOGIN);
 				session.setAttribute(Attribute.WECHAT, wxMessage.getFromUserName());
 				session.setAttribute(Attribute.OPERATOR, operator);
 				out.content(format("Operator_Home_Page", id));
 			}
 		} catch (Exception e) {
 			e.printStackTrace();
-			out.content(lang("Internal_Error"));
+			out.content(lang("Login_Error"));
 		}
 		return out.build();
 	}
--- a/src/main/resources/lang.yml
+++ b/src/main/resources/lang.yml
@@ -11,7 +11,7 @@ REGEX_CANCEL: '^(?i)(Cancel)|(取消)|(撤销)|(qx)$'
 REGEX_LOGIN: '^(?i)Authme$'
 #Event
-Event_Subscribe: "欢迎使用电子科技大学中山学院网络维护科微信自助报修平台。\n如您在使用中遇到任何问题，请将投诉或建议邮件至loli@sola.love."
+Event_Subscribe: "欢迎使用电子科技大学中山学院网络维护科微信自助报修平台。\n如您在使用中遇到任何问题，请将投诉或建议邮件至loli@sola.love.\n\n请发送'绑定'进行微信绑定"
 Invalid_Operation: 'Whoops，报修姬找不到你想要的东西啦 (╯‵□′)╯︵┻━┻。'
 Message_Spam: '你的打字速度太快了，喝一杯82年的Java压压惊吧。'
 #Register
@@ -37,13 +37,15 @@ User_Cancel_Remark: '用户手动取消报修。'
 Cancel_Failed: '取消失败。'
 #Login
 Not_Operator: '嘟嘟嘟……'
 No_Login: 'Permission Denied.'
 Internal_Error: '啊哦，登录失败了哦。'
 #URL
 User_Register_Link: '您尚未进行微信绑定, 请<a href="http://topaz.sinaapp.com/nm/v1/reg.html?token={0}">点击这里</a>进行微信绑定操作。'
 User_Query_Link: 'http://topaz.sinaapp.com/nm/v1/list.html?token={0}'
 User_Submit_Link: 'http://topaz.sinaapp.com/nm/v1/rrepair.html?token={0}&name={1}&isp={2}&room={3}&block={4}&phone={5,number,#}'
 Result_Page: 'http://topaz.sinaapp.com/nm/v1/result.html'
-Operator_Login_Link: '<a href="http://topaz.sinaapp.com/nm/v1/login.html?token={0}&pkey={1}">CLICK HERE</a>'
+Operator_Home_Page: '<a href="http://topaz.sinaapp.com/nm/v1/man/home.html?token={0}">CLICK HERE</a>'
 #Localized
 #Status