From 0376be59ebe2ef72093d30765bca777f8e010b1f Mon Sep 17 00:00:00 2001 From: Saturneric Date: Mon, 2 Mar 2020 09:34:39 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=E7=99=BB=E5=BD=95session?= =?UTF-8?q?=E9=97=AE=E9=A2=98;=E5=AE=8C=E5=96=84JSON=E6=95=B0=E6=8D=AE?= =?UTF-8?q?=E5=A4=84=E7=90=86=E4=BD=93=E7=B3=BB;?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../component/datamanager/JSONParameter.java | 39 ++--- .../datamanager/RespondJSONBaseObject.java | 20 --- .../request}/UserLoginChecker.java | 2 +- .../json/respond/FailedSONRespond.java | 9 ++ .../json/respond/JSONBaseRespondObject.java | 22 +++ .../respond/UserLoginCheckerJSONRespond.java} | 8 +- .../permission/ASEAccessDeniedHandler.java | 3 +- .../ASEAuthenticationEntryPoint.java | 3 +- .../ASEAuthenticationFailureHandler.java | 5 +- .../ASEAuthenticationSuccessHandler.java | 31 +++- ...EUsernamePasswordAuthenticationFilter.java | 36 ++--- .../configure/CustomWebSecurityConfig.java | 31 +++- .../ase/controller/ActivityController.java | 8 +- .../ase/controller/LoginController.java | 25 ++-- src/main/resources/application.properties | 4 +- .../assets/js/ase/ase-jquery-framework.js | 4 +- src/main/resources/templates/home.html | 141 +----------------- src/main/resources/templates/login.html | 2 +- 18 files changed, 163 insertions(+), 230 deletions(-) delete mode 100644 src/main/java/com/codesdream/ase/component/datamanager/RespondJSONBaseObject.java rename src/main/java/com/codesdream/ase/component/{permission => json/request}/UserLoginChecker.java (74%) create mode 100644 src/main/java/com/codesdream/ase/component/json/respond/FailedSONRespond.java create mode 100644 src/main/java/com/codesdream/ase/component/json/respond/JSONBaseRespondObject.java rename src/main/java/com/codesdream/ase/component/{permission/UserLoginCheckerRespond.java => json/respond/UserLoginCheckerJSONRespond.java} (53%) diff --git a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java index 7043439..97b932c 100644 --- a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java +++ b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java @@ -8,6 +8,7 @@ import javax.servlet.http.HttpServletRequest; import java.io.BufferedReader; import java.io.InputStreamReader; import java.nio.charset.StandardCharsets; +import java.util.Optional; /** * 处理JSON相关数据 @@ -15,25 +16,28 @@ import java.nio.charset.StandardCharsets; @Component public class JSONParameter { - // 提取Request中的JSON数据 - public JSONObject getJSONByRequest(HttpServletRequest request){ - JSONObject jsonParam = null; + // 处理Request Body + public String getRequestBody(HttpServletRequest request){ try { - // 获取输入流 - BufferedReader streamReader = - new BufferedReader(new InputStreamReader(request.getInputStream(), StandardCharsets.UTF_8)); - - // 写入数据到 String Builder - StringBuilder sb = new StringBuilder(); - String line = null; - while ((line = streamReader.readLine()) != null) { - sb.append(line); - } - jsonParam = JSONObject.parseObject(sb.toString()); + return request.getParameter("json"); } catch (Exception e) { e.printStackTrace(); + return null; } - return jsonParam; + } + + // 提取Request中的JSON数据 + public Optional getJSONByRequest(HttpServletRequest request){ + try { + JSONObject jsonParam = null; + String content = getRequestBody(request); + jsonParam = JSONObject.parseObject(content); + return Optional.ofNullable(jsonParam); + } catch (Exception e) { + e.printStackTrace(); + return Optional.empty(); + } + } // 根据JSON对象构造JSON字符串用于返回 @@ -52,8 +56,9 @@ public class JSONParameter { } // 由Request获得对应的Java对象(常用于Post请求中) - public T getJavaObjectByRequest(HttpServletRequest request, Class type){ - return getJavaObject(getJSONByRequest(request), type); + public Optional getJavaObjectByRequest(HttpServletRequest request, Class type){ + Optional json = getJSONByRequest(request); + return json.map(jsonObject -> getJavaObject(jsonObject, type)); } } diff --git a/src/main/java/com/codesdream/ase/component/datamanager/RespondJSONBaseObject.java b/src/main/java/com/codesdream/ase/component/datamanager/RespondJSONBaseObject.java deleted file mode 100644 index fa92c54..0000000 --- a/src/main/java/com/codesdream/ase/component/datamanager/RespondJSONBaseObject.java +++ /dev/null @@ -1,20 +0,0 @@ -package com.codesdream.ase.component.datamanager; - -import lombok.Data; - -import java.util.Date; - -// 服务端返回的JSON对象模板 -@Data -public class RespondJSONBaseObject { - String status = "fail"; - Date time = new Date(); - - public RespondJSONBaseObject(){ - - } - - public RespondJSONBaseObject(String status){ - this.status = status; - } -} diff --git a/src/main/java/com/codesdream/ase/component/permission/UserLoginChecker.java b/src/main/java/com/codesdream/ase/component/json/request/UserLoginChecker.java similarity index 74% rename from src/main/java/com/codesdream/ase/component/permission/UserLoginChecker.java rename to src/main/java/com/codesdream/ase/component/json/request/UserLoginChecker.java index 97dd4f6..ac0c738 100644 --- a/src/main/java/com/codesdream/ase/component/permission/UserLoginChecker.java +++ b/src/main/java/com/codesdream/ase/component/json/request/UserLoginChecker.java @@ -1,4 +1,4 @@ -package com.codesdream.ase.component.permission; +package com.codesdream.ase.component.json.request; import lombok.Data; diff --git a/src/main/java/com/codesdream/ase/component/json/respond/FailedSONRespond.java b/src/main/java/com/codesdream/ase/component/json/respond/FailedSONRespond.java new file mode 100644 index 0000000..e0c6de7 --- /dev/null +++ b/src/main/java/com/codesdream/ase/component/json/respond/FailedSONRespond.java @@ -0,0 +1,9 @@ +package com.codesdream.ase.component.json.respond; + +// 请求失败返回JSON +public class FailedSONRespond extends JSONBaseRespondObject { + public FailedSONRespond(){ + super(); + this.status = "fail"; + } +} diff --git a/src/main/java/com/codesdream/ase/component/json/respond/JSONBaseRespondObject.java b/src/main/java/com/codesdream/ase/component/json/respond/JSONBaseRespondObject.java new file mode 100644 index 0000000..a441bd5 --- /dev/null +++ b/src/main/java/com/codesdream/ase/component/json/respond/JSONBaseRespondObject.java @@ -0,0 +1,22 @@ +package com.codesdream.ase.component.json.respond; + +import lombok.Data; + +import java.util.Date; + +// 服务端返回的JSON对象基础信息 +@Data +public class JSONBaseRespondObject { + // 请求成功状态 + String status = "fail"; + // 时间 + Date time = new Date(); + + public JSONBaseRespondObject(){ + + } + + public JSONBaseRespondObject(String status){ + this.status = status; + } +} diff --git a/src/main/java/com/codesdream/ase/component/permission/UserLoginCheckerRespond.java b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java similarity index 53% rename from src/main/java/com/codesdream/ase/component/permission/UserLoginCheckerRespond.java rename to src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java index 13163a1..bbd291c 100644 --- a/src/main/java/com/codesdream/ase/component/permission/UserLoginCheckerRespond.java +++ b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java @@ -1,18 +1,18 @@ -package com.codesdream.ase.component.permission; +package com.codesdream.ase.component.json.respond; -import com.codesdream.ase.component.datamanager.RespondJSONBaseObject; import lombok.Data; import lombok.EqualsAndHashCode; @EqualsAndHashCode(callSuper = true) @Data -public class UserLoginCheckerRespond extends RespondJSONBaseObject { +public class UserLoginCheckerJSONRespond extends JSONBaseRespondObject { boolean userExist = false; boolean loginStatus = false; boolean userBanned = false; String respondInformation = ""; + String sessionId = ""; - public UserLoginCheckerRespond(){ + public UserLoginCheckerJSONRespond(){ super("success"); } diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java index 5374ff9..2043f27 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java @@ -1,6 +1,7 @@ package com.codesdream.ase.component.permission; import com.codesdream.ase.component.datamanager.JSONParameter; +import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; import lombok.extern.slf4j.Slf4j; import org.springframework.security.access.AccessDeniedException; import org.springframework.security.web.access.AccessDeniedHandler; @@ -27,7 +28,7 @@ public class ASEAccessDeniedHandler implements AccessDeniedHandler { response.setCharacterEncoding("utf-8"); response.setContentType("text/javascript;charset=utf-8"); - UserLoginCheckerRespond checkerRespond = new UserLoginCheckerRespond(); + UserLoginCheckerJSONRespond checkerRespond = new UserLoginCheckerJSONRespond(); checkerRespond.setLoginStatus(true); checkerRespond.setUserExist(true); checkerRespond.setRespondInformation("Authenticated user has no access to this resource"); diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java index d3f6807..caf783c 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java @@ -1,6 +1,7 @@ package com.codesdream.ase.component.permission; import com.codesdream.ase.component.datamanager.JSONParameter; +import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.AuthenticationEntryPoint; @@ -26,7 +27,7 @@ public class ASEAuthenticationEntryPoint implements AuthenticationEntryPoint { response.setCharacterEncoding("utf-8"); response.setContentType("text/javascript;charset=utf-8"); - UserLoginCheckerRespond checkerRespond = new UserLoginCheckerRespond(); + UserLoginCheckerJSONRespond checkerRespond = new UserLoginCheckerJSONRespond(); checkerRespond.setLoginStatus(false); checkerRespond.setUserExist(false); checkerRespond.setUserBanned(true); diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java index a231c1c..cf200cb 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java @@ -1,10 +1,9 @@ package com.codesdream.ase.component.permission; import com.codesdream.ase.component.datamanager.JSONParameter; +import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; import lombok.extern.slf4j.Slf4j; -import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; -import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler; import org.springframework.stereotype.Component; @@ -27,7 +26,7 @@ public class ASEAuthenticationFailureHandler extends SimpleUrlAuthenticationFail throws IOException, ServletException { log.info("ASEAuthenticationSuccessHandler Login Fail!"); - UserLoginCheckerRespond respond = new UserLoginCheckerRespond(); + UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); respond.setUserExist(false); respond.setLoginStatus(false); respond.setUserBanned(true); diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java index f867824..85543fd 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationSuccessHandler.java @@ -1,17 +1,23 @@ package com.codesdream.ase.component.permission; import com.codesdream.ase.component.datamanager.JSONParameter; +import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; +import com.codesdream.ase.model.permission.User; import lombok.extern.slf4j.Slf4j; import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContext; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler; +import org.springframework.security.web.authentication.WebAuthenticationDetails; import org.springframework.stereotype.Component; import javax.annotation.Resource; import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; import java.io.IOException; -import java.security.Principal; +import java.util.Optional; // 认证成功返回 @Slf4j @@ -24,12 +30,27 @@ public class ASEAuthenticationSuccessHandler extends SavedRequestAwareAuthentica public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { - log.info("ASEAuthenticationSuccessHandler Login Success!"); - UserLoginCheckerRespond respond = new UserLoginCheckerRespond(); + // 对AJAX登录请求特殊化处理 + if(Optional.ofNullable(request.getHeader("X-Requested-With")).isPresent()) { + HttpSession session = request.getSession(); + SecurityContext securityContext = SecurityContextHolder.getContext(); + + session.setAttribute("SPRING_SECURITY_CONTEXT", securityContext); + } + + // 打印用户登录成功日志 + log.info(String.format("ASEAuthenticationSuccessHandler: %s Login Success.", + ((User)authentication.getDetails()).getUsername())); + + UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); respond.setUserExist(authentication.isAuthenticated()); respond.setLoginStatus(authentication.isAuthenticated()); - // 填充response对象 + + // 获得session id + WebAuthenticationDetails webAuthenticationDetails = (WebAuthenticationDetails) (authentication.getDetails()); + respond.setSessionId(webAuthenticationDetails.getSessionId()); + response.getWriter().write(jsonParameter.getJSONString(respond)); -/* response.sendRedirect("/home");*/ + } } diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java index 5aa95e8..a9e71c1 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java @@ -1,29 +1,19 @@ package com.codesdream.ase.component.permission; -import com.alibaba.fastjson.JSONObject; import com.codesdream.ase.component.datamanager.JSONParameter; -import lombok.Data; +import com.codesdream.ase.component.json.request.UserLoginChecker; import lombok.extern.slf4j.Slf4j; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.MediaType; -import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.AuthenticationServiceException; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; -import org.springframework.security.web.util.TextEscapeUtils; -import org.springframework.security.web.util.matcher.AntPathRequestMatcher; -import org.springframework.stereotype.Component; import javax.annotation.Resource; -import javax.servlet.ServletException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; -import java.io.IOException; +import java.util.Optional; // 登录验证过滤器 @Slf4j @@ -35,27 +25,31 @@ public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAut @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { - // 判断是否为JSON格式的数据 - log.info(String.format("Content Type: %s", request.getContentType())); - if(request.getContentType().equals("application/x-www-form-urlencoded; charset=UTF-8")) { - UserLoginChecker checker = jsonParameter.getJavaObjectByRequest(request, UserLoginChecker.class); - if (!checker.getCheckType().equals("From")) + // 判断是否为AJAX请求格式的数据 + if(Optional.ofNullable(request.getHeader("X-Requested-With")).isPresent()) { + + Optional checker = jsonParameter.getJavaObjectByRequest(request, UserLoginChecker.class); + if(!checker.isPresent()) throw new BadCredentialsException("Invalid AJAX JSON Request"); + if (!checker.get().getCheckType().equals("From")) throw new AuthenticationServiceException("Invalid Checker Type"); - String username = checker.getUsername(); - String password = checker.getPassword(); + // 获得相应的用户名密码 + String username = checker.get().getUsername(); + String password = checker.get().getPassword(); if (username == null) username = ""; if (password == null) password = ""; // 去除首尾两端的空白字符 username = username.trim(); + password = password.trim(); UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password); - log.info(String.format("User Authentication: %s %s.", username, password)); + + log.info(String.format("User AJAX JSON Authentication: %s %s.", username, password)); setDetails(request, authRequest); diff --git a/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java b/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java index 279b3c4..9659196 100644 --- a/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java +++ b/src/main/java/com/codesdream/ase/configure/CustomWebSecurityConfig.java @@ -9,7 +9,15 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.http.SessionCreationPolicy; +import org.springframework.security.core.session.SessionRegistry; +import org.springframework.security.core.session.SessionRegistryImpl; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; +import org.springframework.security.web.authentication.session.CompositeSessionAuthenticationStrategy; +import org.springframework.security.web.authentication.session.ConcurrentSessionControlAuthenticationStrategy; +import org.springframework.security.web.authentication.session.SessionAuthenticationStrategy; +import org.springframework.security.web.context.HttpSessionSecurityContextRepository; +import org.springframework.security.web.context.SecurityContextPersistenceFilter; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; import javax.annotation.Resource; @@ -57,7 +65,9 @@ public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter { .accessDeniedHandler(accessDeniedHandler); // 替换掉原有的UsernamePasswordAuthenticationFilter - http.addFilterBefore(usernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class); + http.addFilterAt(aseUsernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class) + .addFilterAfter(new SecurityContextPersistenceFilter(), UsernamePasswordAuthenticationFilter.class); + } @Override @@ -82,15 +92,30 @@ public class CustomWebSecurityConfig extends WebSecurityConfigurerAdapter { //注册自定义的UsernamePasswordAuthenticationFilter @Bean - ASEUsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter() throws Exception { + ASEUsernamePasswordAuthenticationFilter aseUsernamePasswordAuthenticationFilter() throws Exception { ASEUsernamePasswordAuthenticationFilter filter = new ASEUsernamePasswordAuthenticationFilter(); filter.setAuthenticationSuccessHandler(successHandler); filter.setAuthenticationFailureHandler(failureHandler); + filter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy(sessionRegistry())); + filter.setAllowSessionCreation(true); filter.setRequiresAuthenticationRequestMatcher( new AntPathRequestMatcher("/login/process", "POST")); - filter.setAuthenticationManager(authenticationManagerBean()); return filter; } + + @Bean + public SessionRegistry sessionRegistry() { + return new SessionRegistryImpl(); + } + + + @Bean + public SessionAuthenticationStrategy sessionAuthenticationStrategy(SessionRegistry sessionRegistry){ + return new ConcurrentSessionControlAuthenticationStrategy(sessionRegistry){{ + setMaximumSessions(1); + }}; + } + } diff --git a/src/main/java/com/codesdream/ase/controller/ActivityController.java b/src/main/java/com/codesdream/ase/controller/ActivityController.java index dff7f0f..4beedfc 100644 --- a/src/main/java/com/codesdream/ase/controller/ActivityController.java +++ b/src/main/java/com/codesdream/ase/controller/ActivityController.java @@ -22,6 +22,7 @@ import java.lang.reflect.InvocationTargetException; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Optional; @Controller public class ActivityController { @@ -45,8 +46,11 @@ public class ActivityController { if(!webFormValidator.check(activityFormConfigure.getStdActivityForm(), parameterMap)) { throw new InvalidFormFormatException("Invalid activity form."); } - JSONObject jsonObject = jsonParameter.getJSONByRequest(request); - Activity activity = jsonObject.toJavaObject(Activity.class); + // 需要检查JSON是否合法 + Optional jsonObject = jsonParameter.getJSONByRequest(request); + if(!jsonObject.isPresent()) return "error"; + Activity activity = jsonObject.get().toJavaObject(Activity.class); + NullValueValidator nullValueValidator = aseSpringUtil.getBean(NullValueValidator.class); List nullValues = nullValueValidator.checkNullValues(activity); diff --git a/src/main/java/com/codesdream/ase/controller/LoginController.java b/src/main/java/com/codesdream/ase/controller/LoginController.java index 6328f4f..33fb19f 100644 --- a/src/main/java/com/codesdream/ase/controller/LoginController.java +++ b/src/main/java/com/codesdream/ase/controller/LoginController.java @@ -1,18 +1,15 @@ package com.codesdream.ase.controller; -import com.alibaba.fastjson.JSON; import com.alibaba.fastjson.JSONObject; import com.codesdream.ase.component.datamanager.JSONParameter; -import com.codesdream.ase.component.datamanager.RespondJSONBaseObject; +import com.codesdream.ase.component.json.respond.FailedSONRespond; +import com.codesdream.ase.component.json.respond.JSONBaseRespondObject; import com.codesdream.ase.component.permission.ASEUsernameEncoder; -import com.codesdream.ase.component.permission.UserLoginChecker; -import com.codesdream.ase.component.permission.UserLoginCheckerRespond; +import com.codesdream.ase.component.json.request.UserLoginChecker; +import com.codesdream.ase.component.json.respond.UserLoginCheckerJSONRespond; import com.codesdream.ase.service.IUserService; -import com.fasterxml.jackson.databind.util.JSONPObject; -import com.sun.org.apache.xpath.internal.operations.Bool; import lombok.extern.slf4j.Slf4j; import org.springframework.stereotype.Controller; -import org.springframework.stereotype.Service; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; @@ -20,6 +17,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; +import java.util.Optional; /** @@ -46,8 +44,13 @@ public class LoginController { @RequestMapping(value = "/login/check", method = RequestMethod.POST) @ResponseBody String checkLogin(HttpServletRequest request){ - JSONObject json = jsonParameter.getJSONByRequest(request); - UserLoginChecker loginChecker = json.toJavaObject(UserLoginChecker.class); + + // 检查是否为JSON + Optional json = jsonParameter.getJSONByRequest(request); + if(!json.isPresent()) return jsonParameter.getJSONString(new FailedSONRespond()); + + + UserLoginChecker loginChecker = json.get().toJavaObject(UserLoginChecker.class); // 检查类型 if(loginChecker.getCheckType().equals("UsernameExistChecker")){ // 根据学号计算用户名 @@ -55,13 +58,13 @@ public class LoginController { // 查询用户名存在状态 boolean existStatus = userService.checkIfUserExists(user).getKey(); // 构造返回对象 - UserLoginCheckerRespond respond = new UserLoginCheckerRespond(); + UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); respond.setUserExist(existStatus); return jsonParameter.getJSONString(respond); } else { // 返回失败对象 - return jsonParameter.getJSONString(new RespondJSONBaseObject()); + return jsonParameter.getJSONString(new JSONBaseRespondObject()); } } diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index e887681..ef36be0 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -18,5 +18,7 @@ spring.datasource.password=codedreampasswd server.error.whitelabel.enabled=false -logging.level.org.springframework.security=DEBUG +logging.level.root=info +logging.level.org.springframework.security=info +server.servlet.session.timeout=30m diff --git a/src/main/resources/static/assets/js/ase/ase-jquery-framework.js b/src/main/resources/static/assets/js/ase/ase-jquery-framework.js index d5ec105..f800c54 100644 --- a/src/main/resources/static/assets/js/ase/ase-jquery-framework.js +++ b/src/main/resources/static/assets/js/ase/ase-jquery-framework.js @@ -173,7 +173,7 @@ function ase_form_post(url ,id, callback){ type: "POST", dataType: "json", url: url , - data: JSON.stringify(form_object), + data: { json: JSON.stringify(form_object) }, success: callback.success, error : callback.error, }); @@ -187,7 +187,7 @@ function ase_post_object(url, object, callback){ type: "POST", dataType: "json", url: url , - data: JSON.stringify(object), + data: { json: JSON.stringify(object) }, success: callback.success, error : callback.error, }); diff --git a/src/main/resources/templates/home.html b/src/main/resources/templates/home.html index 38a39f4..b61bf98 100644 --- a/src/main/resources/templates/home.html +++ b/src/main/resources/templates/home.html @@ -2,9 +2,8 @@ -
- -home + + home @@ -375,142 +374,10 @@ - - + + - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html index 8372f2d..4f94998 100644 --- a/src/main/resources/templates/login.html +++ b/src/main/resources/templates/login.html @@ -17,7 +17,7 @@

登录

-
+