remove operator login

src/main/java/love/sola/netsupport/api/Register.java

@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 
 import com.google.gson.Gson;
+import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.enums.ISP;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -44,7 +45,7 @@ public class Register extends HttpServlet {
 			printAuthorizeFailed(request, out);
 			return;
 		}
-		String wechat = (String) session.getAttribute("wechat");
+		String wechat = (String) session.getAttribute(Attribute.WECHAT);
 		if (wechat == null) {
 			printAuthorizeFailed(request, out);
 			return;

src/main/java/love/sola/netsupport/api/TicketQuery.java

@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 
 import com.google.gson.Gson;
+import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -55,7 +56,7 @@ public class TicketQuery extends HttpServlet {
 			if (session == null) {
 				return new Response(Response.ResponseCode.UNAUTHORIZED);
 			}
-			User u = (User) session.getAttribute("user");
+			User u = (User) session.getAttribute(Attribute.USER);
 			if (u == null) return new Response(Response.ResponseCode.UNAUTHORIZED);
 
 			Criteria c = s.createCriteria(Ticket.class);

src/main/java/love/sola/netsupport/api/TicketSubmit.java

@@ -1,6 +1,7 @@
 package love.sola.netsupport.api;
 
 import com.google.gson.Gson;
+import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.pojo.User;
 import love.sola.netsupport.sql.SQLCore;
@@ -57,7 +58,7 @@ public class TicketSubmit extends HttpServlet {
 			if (session == null) {
 				return new Response(Response.ResponseCode.UNAUTHORIZED);
 			}
-			User u = (User) session.getAttribute("user");
+			User u = (User) session.getAttribute(Attribute.USER);
 			if (u == null) return new Response(Response.ResponseCode.UNAUTHORIZED);
 
 			if (TableTicket.hasOpen(u)) {

src/main/java/love/sola/netsupport/api/admin/Login.java

@@ -1,61 +0,0 @@
-package love.sola.netsupport.api.admin;
-
-import com.google.gson.Gson;
-import love.sola.netsupport.api.Response;
-import love.sola.netsupport.enums.Attribute;
-import love.sola.netsupport.pojo.Operator;
-import love.sola.netsupport.sql.SQLCore;
-import love.sola.netsupport.util.Checker;
-import love.sola.netsupport.util.Crypto;
-import love.sola.netsupport.util.ParseUtil;
-import me.chanjar.weixin.common.session.WxSession;
-
-import javax.servlet.ServletException;
-import javax.servlet.annotation.WebServlet;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import java.io.IOException;
-import java.io.PrintWriter;
-
-/**
- * ***********************************************
- * Created by Sola on 2015/12/12.
- * Don't modify this source without my agreement
- * ***********************************************
- */
-@WebServlet(name = "Login", urlPatterns = "/api/login", loadOnStartup = 31)
-public class Login extends HttpServlet {
-
-	private Gson gson = SQLCore.gson;
-
-	protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		doGet(request, response);
-	}
-
-	protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
-		request.setCharacterEncoding("utf-8");
-		response.setCharacterEncoding("utf-8");
-		response.addHeader("Content-type", "text/json;charset=utf-8");
-		PrintWriter out = response.getWriter();
-		String json = gson.toJson(login(request));
-		out.println(ParseUtil.parseJsonP(request, json));
-		out.close();
-	}
-
-	private Response login(HttpServletRequest request) {
-		String password = request.getParameter("pass");
-		if (Checker.hasNull(password)) return new Response(Response.ResponseCode.PARAMETER_REQUIRED);
-
-		WxSession session = Checker.isOperator(request);
-		if (session == null) {
-			return new Response(Response.ResponseCode.UNAUTHORIZED);
-		}
-		Operator operator = (Operator) session.getAttribute(Attribute.OPERATOR);
-
-		if (!Crypto.check(password,operator.getPassword()))
-			return new Response(Response.ResponseCode.WRONG_PASSWORD);
-		else
-			return new Response(Response.ResponseCode.OK, operator);
-	}
-}

src/main/java/love/sola/netsupport/api/admin/TicketUpdate.java

@@ -2,11 +2,14 @@ package love.sola.netsupport.api.admin;
 
 import com.google.gson.Gson;
 import love.sola.netsupport.api.Response;
+import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Operator;
 import love.sola.netsupport.pojo.Ticket;
 import love.sola.netsupport.sql.SQLCore;
 import love.sola.netsupport.util.Checker;
 import love.sola.netsupport.util.ParseUtil;
+import love.sola.netsupport.wechat.Command;
+import me.chanjar.weixin.common.session.WxSession;
 import org.hibernate.HibernateException;
 import org.hibernate.Session;
 
@@ -15,7 +18,6 @@ import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.io.PrintWriter;
 
@@ -50,13 +52,12 @@ public class TicketUpdate extends HttpServlet {
 		String remark = request.getParameter("remark");
 		String status = request.getParameter("status");
 		if (Checker.hasNull(ticket, remark, status)) return new Response(Response.ResponseCode.PARAMETER_REQUIRED);
-
-		try (Session s = SQLCore.sf.openSession()) {
-			HttpSession httpSession = request.getSession(false);
-			if (!Checker.isOperator(httpSession)) {
+		WxSession session = Checker.isAuthorized(request, Command.LOGIN);
+		if (session == null) {
 			return new Response(Response.ResponseCode.UNAUTHORIZED);
 		}
-			Operator op = (Operator) httpSession.getAttribute("operator");
+		try (Session s = SQLCore.sf.openSession()) {
+			Operator op = (Operator) session.getAttribute(Attribute.OPERATOR);
 			Ticket t = s.get(Ticket.class, Integer.parseInt(ticket));
 			if (t == null) {
 				return new Response(Response.ResponseCode.TICKET_NOT_FOUND);

src/main/java/love/sola/netsupport/util/Checker.java

@@ -27,11 +27,4 @@ public class Checker {
 		return s == null ? null : s.getAttribute(Attribute.AUTHORIZED) == c ? s : null;
 	}
 
-	public static WxSession isOperator(HttpServletRequest r) {
-		String t = r.getParameter("token");
-		if (t == null || t.isEmpty()) return null;
-		WxSession s = WechatSession.get(t, false);
-		return s == null ? null : s.getAttribute(Attribute.OPERATOR) == null ? null : s;
-	}
-
 }

src/main/java/love/sola/netsupport/wechat/handler/LoginHandler.java

@@ -1,10 +1,13 @@
 package love.sola.netsupport.wechat.handler;
 
 import love.sola.netsupport.enums.Access;
+import love.sola.netsupport.enums.Attribute;
 import love.sola.netsupport.pojo.Operator;
 import love.sola.netsupport.sql.TableOperator;
-import love.sola.netsupport.util.RSAUtil;
+import love.sola.netsupport.wechat.Command;
+import love.sola.netsupport.wechat.WechatSession;
 import me.chanjar.weixin.common.exception.WxErrorException;
+import me.chanjar.weixin.common.session.WxSession;
 import me.chanjar.weixin.common.session.WxSessionManager;
 import me.chanjar.weixin.mp.api.WxMpMessageHandler;
 import me.chanjar.weixin.mp.api.WxMpService;
@@ -32,13 +35,20 @@ public class LoginHandler implements WxMpMessageHandler {
 			Operator operator = TableOperator.get(wxMessage.getFromUserName());
 			if (operator == null)
 				out.content(lang("Not_Operator"));
-			else if (operator.getAccess() == Access.NOLOGIN)
+			else if (operator.getAccess() == Access.NOLOGIN) {
 				out.content(lang("No_Login"));
-			else
-				out.content(format("Operator_Login_Link", wxMessage.getFromUserName(), RSAUtil.publicKey_s));
+			} else {
+				String id = WechatSession.genId();
+				WxSession session = WechatSession.get(id, true);
+				session.setAttribute(Attribute.AUTHORIZED, Command.LOGIN);
+				session.setAttribute(Attribute.WECHAT, wxMessage.getFromUserName());
+				session.setAttribute(Attribute.OPERATOR, operator);
+				out.content(format("Operator_Home_Page", id));
+			}
+
 		} catch (Exception e) {
 			e.printStackTrace();
-			out.content(lang("Internal_Error"));
+			out.content(lang("Login_Error"));
 		}
 		return out.build();
 	}

src/main/resources/lang.yml

@@ -11,7 +11,7 @@ REGEX_CANCEL: '^(?i)(Cancel)|(取消)|(撤销)|(qx)$'
 REGEX_LOGIN: '^(?i)Authme$'
 
 #Event
-Event_Subscribe: "欢迎使用电子科技大学中山学院网络维护科微信自助报修平台。\n如您在使用中遇到任何问题，请将投诉或建议邮件至loli@sola.love."
+Event_Subscribe: "欢迎使用电子科技大学中山学院网络维护科微信自助报修平台。\n如您在使用中遇到任何问题，请将投诉或建议邮件至loli@sola.love.\n\n请发送'绑定'进行微信绑定"
 Invalid_Operation: 'Whoops，报修姬找不到你想要的东西啦 (╯‵□′)╯︵┻━┻。'
 Message_Spam: '你的打字速度太快了，喝一杯82年的Java压压惊吧。'
 #Register
@@ -37,13 +37,15 @@ User_Cancel_Remark: '用户手动取消报修。'
 Cancel_Failed: '取消失败。'
 #Login
 Not_Operator: '嘟嘟嘟……'
+No_Login: 'Permission Denied.'
+Internal_Error: '啊哦，登录失败了哦。'
 
 #URL
 User_Register_Link: '您尚未进行微信绑定, 请<a href="http://topaz.sinaapp.com/nm/v1/reg.html?token={0}">点击这里</a>进行微信绑定操作。'
 User_Query_Link: 'http://topaz.sinaapp.com/nm/v1/list.html?token={0}'
 User_Submit_Link: 'http://topaz.sinaapp.com/nm/v1/rrepair.html?token={0}&name={1}&isp={2}&room={3}&block={4}&phone={5,number,#}'
 Result_Page: 'http://topaz.sinaapp.com/nm/v1/result.html'
-Operator_Login_Link: '<a href="http://topaz.sinaapp.com/nm/v1/login.html?token={0}&pkey={1}">CLICK HERE</a>'
+Operator_Home_Page: '<a href="http://topaz.sinaapp.com/nm/v1/man/home.html?token={0}">CLICK HERE</a>'
 
 #Localized
 #Status