backendTeam/WechatTicketSystem
1
0
Fork 0
mirror of https://github.com/ZSCNetSupportDept/WechatTicketSystem.git synced 2025-10-28 23:55:04 +08:00
Code Issues Packages Projects Releases Wiki Activity

operator login interface

Browse Source
This commit is contained in:
Sola
2015-12-12 05:00:06 +08:00
parent a3ba3377db
commit 8a8281b973
10 changed files with 185 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/main/java/love/sola/netsupport/api/Authorize.java
View File

@@ -5,6 +5,7 @@ import love.sola.netsupport.config.Settings;
import love.sola.netsupport.pojo.User;
import love.sola.netsupport.sql.SQLCore;
import love.sola.netsupport.sql.TableUser;
import love.sola.netsupport.util.Checker;
import love.sola.netsupport.util.ParseUtil;
import love.sola.netsupport.wechat.Command;
@@ -13,6 +14,7 @@ import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
@@ -60,14 +62,16 @@ public class Authorize extends HttpServlet {
l = System.currentTimeMillis();
}
if (l == null || c == null) {
if (!Checker.nonNull(c, l)) {
return new Response(Response.ResponseCode.AUTHORIZE_FAILED);
}
if (l < System.currentTimeMillis() - Settings.I.User_Command_Timeout * 1000) {
return new Response(Response.ResponseCode.REQUEST_EXPIRED);
}
request.getSession(true).setAttribute("authorized", c);
request.getSession(true).setAttribute("wechat", wechat);
HttpSession httpSession = request.getSession(true);
httpSession.setAttribute("authorized", c);
httpSession.setAttribute("wechat", wechat);
switch (c) {
case REGISTER:
break;
@@ -75,7 +79,7 @@ public class Authorize extends HttpServlet {
case SUBMIT:
User u = TableUser.getUserByWechat(wechat);
if (u == null) return new Response(Response.ResponseCode.AUTHORIZE_FAILED);
request.getSession(true).setAttribute("user", u);
httpSession.setAttribute("user", u);
break;
default:
return new Response(Response.ResponseCode.AUTHORIZE_FAILED);

15
src/main/java/love/sola/netsupport/api/Register.java
View File

@@ -3,13 +3,16 @@ package love.sola.netsupport.api;
import love.sola.netsupport.enums.ISP;
import love.sola.netsupport.pojo.User;
import love.sola.netsupport.sql.TableUser;
import love.sola.netsupport.util.Checker;
import love.sola.netsupport.util.Redirect;
import love.sola.netsupport.wechat.Command;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
@@ -30,7 +33,12 @@ public class Register extends HttpServlet {
response.setCharacterEncoding("utf-8");
response.addHeader("Content-type", "text/plain;charset=utf-8");
String wechat = checkWechat(request);
HttpSession httpSession = request.getSession(false);
if (Checker.authorized(httpSession, Command.REGISTER)) {
Redirect.message(response, 0, "Authorize_Failed");
return;
}
String wechat = (String) httpSession.getAttribute("wechat");
if (wechat == null) {
Redirect.message(response, 0, "Illegal_Request");
return;
@@ -144,9 +152,4 @@ public class Register extends HttpServlet {
return -1;
}
private String checkWechat(HttpServletRequest request) {
if (request.getSession(false) == null) return null;
return (String) request.getSession(false).getAttribute("wechat");
}
}

3
src/main/java/love/sola/netsupport/api/Response.java
View File

@@ -38,8 +38,11 @@ public class Response {
AUTHORIZE_FAILED(-9),
USER_NOT_FOUND(-11),
TICKET_NOT_FOUND(-12),
OPERATOR_NOT_FOUND(-13),
UNAUTHORIZED(-20),
REQUEST_EXPIRED(-21),
WRONG_PASSWORD(-22),
INCORRECT_WECHAT(-23),
INTERNAL_ERROR(-90),
DATABASE_ERROR(-91),
;

5
src/main/java/love/sola/netsupport/api/TicketQuery.java
View File

@@ -4,6 +4,7 @@ import com.google.gson.Gson;
import love.sola.netsupport.pojo.Ticket;
import love.sola.netsupport.pojo.User;
import love.sola.netsupport.sql.SQLCore;
import love.sola.netsupport.util.Checker;
import love.sola.netsupport.util.ParseUtil;
import love.sola.netsupport.wechat.Command;
import org.hibernate.Criteria;
@@ -27,7 +28,7 @@ import java.io.PrintWriter;
* Don't modify this source without my agreement
* ***********************************************
*/
@WebServlet(name = "QueryTicket", urlPatterns = "/api/ticketquery", loadOnStartup = 23)
@WebServlet(name = "QueryTicket", urlPatterns = "/api/ticketquery", loadOnStartup = 24)
public class TicketQuery extends HttpServlet {
private Gson gson = SQLCore.gson;
@@ -51,7 +52,7 @@ public class TicketQuery extends HttpServlet {
try (Session s = SQLCore.sf.openSession()) {
HttpSession httpSession = request.getSession(false);
if (httpSession == null || httpSession.getAttribute("authorized") != Command.QUERY) {
if (Checker.authorized(httpSession, Command.QUERY)) {
return new Response(Response.ResponseCode.UNAUTHORIZED);
}
User u = (User) httpSession.getAttribute("user");

3
src/main/java/love/sola/netsupport/api/TicketSubmit.java
View File

@@ -4,6 +4,7 @@ import com.google.gson.Gson;
import love.sola.netsupport.pojo.Ticket;
import love.sola.netsupport.pojo.User;
import love.sola.netsupport.sql.SQLCore;
import love.sola.netsupport.util.Checker;
import love.sola.netsupport.util.ParseUtil;
import love.sola.netsupport.wechat.Command;
import org.hibernate.HibernateException;
@@ -54,7 +55,7 @@ public class TicketSubmit extends HttpServlet {
try (Session s = SQLCore.sf.openSession()) {
HttpSession httpSession = request.getSession(false);
if (httpSession == null || httpSession.getAttribute("authorized") != Command.SUBMIT) {
if (Checker.authorized(httpSession, Command.SUBMIT)) {
return new Response(Response.ResponseCode.UNAUTHORIZED);
}
User u = (User) httpSession.getAttribute("user");

75
src/main/java/love/sola/netsupport/api/admin/Login.java Normal file
View File

@@ -0,0 +1,75 @@
package love.sola.netsupport.api.admin;
import com.google.gson.Gson;
import love.sola.netsupport.api.Response;
import love.sola.netsupport.pojo.Operator;
import love.sola.netsupport.sql.SQLCore;
import love.sola.netsupport.util.Checker;
import love.sola.netsupport.util.Crypto;
import love.sola.netsupport.util.ParseUtil;
import org.hibernate.HibernateException;
import org.hibernate.Session;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
/**
* ***********************************************
* Created by Sola on 2015/12/12.
* Don't modify this source without my agreement
* ***********************************************
*/
@WebServlet(name = "Login", urlPatterns = "/api/login", loadOnStartup = 31)
public class Login extends HttpServlet {
private Gson gson = SQLCore.gson;
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
doGet(request, response);
}
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
request.setCharacterEncoding("utf-8");
response.setCharacterEncoding("utf-8");
response.addHeader("Content-type", "text/json;charset=utf-8");
PrintWriter out = response.getWriter();
String json = gson.toJson(login(request));
out.println(ParseUtil.parseJsonP(request, json));
out.close();
}
private Response login(HttpServletRequest request) {
String wechat = request.getParameter("wechat");
String opId = request.getParameter("op");
String password = request.getParameter("pass");
if (Checker.nonNull(wechat, opId, password)) return new Response(Response.ResponseCode.PARAMETER_REQUIRED);
try (Session s = SQLCore.sf.openSession()) {
Operator operator = s.get(Operator.class, Integer.parseInt(opId));
if (operator == null) return new Response(Response.ResponseCode.OPERATOR_NOT_FOUND);
if (!wechat.equals(operator.getWechat()))
return new Response(Response.ResponseCode.INCORRECT_WECHAT);
if (!Crypto.check(password,operator.getPassword()))
return new Response(Response.ResponseCode.WRONG_PASSWORD);
HttpSession httpSession = request.getSession(true);
httpSession.setAttribute("wechat", wechat);
httpSession.setAttribute("operator", operator);
return new Response(Response.ResponseCode.OK);
} catch (NumberFormatException e) {
return new Response(Response.ResponseCode.ILLEGAL_PARAMETER);
} catch (HibernateException e) {
e.printStackTrace();
return new Response(Response.ResponseCode.DATABASE_ERROR, e);
} catch (Exception e) {
e.printStackTrace();
return new Response(Response.ResponseCode.INTERNAL_ERROR, e);
}
}
}

51
src/main/java/love/sola/netsupport/util/AESUtil.java Normal file
View File

@@ -0,0 +1,51 @@
package love.sola.netsupport.util;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import java.nio.charset.StandardCharsets;
public class AESUtil {
public static final byte[] initVector = "RandomInitVector".getBytes(StandardCharsets.UTF_8);
public static final byte[] key = "$bitch@sola.love".getBytes(StandardCharsets.UTF_8);
public static String encrypt(String value) {
try {
IvParameterSpec iv = new IvParameterSpec(initVector);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.ENCRYPT_MODE, skeySpec, iv);
byte[] encrypted = cipher.doFinal(value.getBytes());
return Base64.encodeBase64String(encrypted);
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
public static String decrypt(String encrypted) {
try {
IvParameterSpec iv = new IvParameterSpec(initVector);
SecretKeySpec skeySpec = new SecretKeySpec(key, "AES");
Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5PADDING");
cipher.init(Cipher.DECRYPT_MODE, skeySpec, iv);
byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted));
return new String(original);
} catch (Exception ex) {
ex.printStackTrace();
}
return null;
}
}

24
src/main/java/love/sola/netsupport/util/Checker.java Normal file
View File

@@ -0,0 +1,24 @@
package love.sola.netsupport.util;
import love.sola.netsupport.wechat.Command;
import javax.servlet.http.HttpSession;
/**
* ***********************************************
* Created by Sola on 2015/12/12.
* Don't modify this source without my agreement
* ***********************************************
*/
public class Checker {
public static boolean nonNull(Object... v) {
for (Object o : v) if (o == null) return false;
return true;
}
public static boolean authorized(HttpSession s, Command c) {
return s != null && s.getAttribute("authorized") == c;
}
}

4
src/main/java/love/sola/netsupport/util/Crypt.java → src/main/java/love/sola/netsupport/util/Crypto.java
View File

@@ -8,14 +8,14 @@ import org.mindrot.jbcrypt.BCrypt;
* Don't modify this source without my agreement
* ***********************************************
*/
public class Crypt {
public class Crypto {
public static String hash(String pw) {
return BCrypt.hashpw(pw, BCrypt.gensalt());
}
public static boolean check(String plain, String hash) {
return BCrypt.checkpw(plain, hash);
return BCrypt.checkpw(AESUtil.decrypt(plain), hash);
}
}

9
src/test/java/love/sola/netsupport/wechat/TestEncrypt.java
View File

@@ -1,5 +1,6 @@
package love.sola.netsupport.wechat;
import love.sola.netsupport.util.AESUtil;
import org.junit.Test;
import org.mindrot.jbcrypt.BCrypt;
@@ -12,9 +13,15 @@ import org.mindrot.jbcrypt.BCrypt;
public class TestEncrypt {
@Test
public void test() {
public void testBCrypt() {
String hash = BCrypt.hashpw("mypasswordhere", BCrypt.gensalt());
assert BCrypt.checkpw("mypasswordhere", hash);
}
@Test
public void testAES() {
assert "Hello World".equals(AESUtil.decrypt(AESUtil.encrypt("Hello World")));
assert "Encrypt".equals(AESUtil.decrypt(AESUtil.encrypt("Encrypt")));
}
}