diff --git a/pom.xml b/pom.xml
index b66f69d..aaa6cb5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -138,6 +138,13 @@
1.1.71.android
+
+ org.mariadb.jdbc
+ mariadb-java-client
+ 2.5.4
+
+
+
diff --git a/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java b/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java
index 954850b..fe2ce6c 100644
--- a/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java
+++ b/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java
@@ -14,6 +14,6 @@ public class JSONRandomCodeGenerator {
public String generateRandomCode(String username, Date date, String clientCode){
return encoder.encode(String.format("RandomCode [%s][%s][%s]",
- username, date.toString(), clientCode));
+ username, Long.toString(date.getTime()), clientCode));
}
}
diff --git a/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java b/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java
new file mode 100644
index 0000000..080bd20
--- /dev/null
+++ b/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java
@@ -0,0 +1,18 @@
+package com.codesdream.ase.component.auth;
+
+import org.springframework.stereotype.Component;
+
+import java.util.Date;
+
+// 验证时间戳是否有效
+@Component
+public class TimestampExpiredChecker {
+
+ public boolean checkTimestampBeforeMaxTime(String timestamp, int seconds){
+ Date timestampDate = new Date(Long.parseLong(timestamp));
+ long currentTime = System.currentTimeMillis();
+ Date maxDate = new Date(currentTime + seconds * 1000);
+ return timestampDate.before(maxDate);
+ }
+
+}
diff --git a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java
index 103c5a0..3fd6706 100644
--- a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java
+++ b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java
@@ -86,7 +86,13 @@ public class JSONParameter {
// 获得标准的JSON响应字符串返回(403状态)
public String getJSONStandardRespond403(){
- JSONBaseRespondObject respondObject = new JSONBaseRespondObject(403, "forbidden");
+ JSONBaseRespondObject respondObject = new JSONBaseRespondObject(403, "Forbidden");
+ return getJSONString(respondObject);
+ }
+
+ // 获得标准的JSON响应字符串返回(401状态)
+ public String getJSONStandardRespond401(){
+ JSONBaseRespondObject respondObject = new JSONBaseRespondObject(401, "Unauthorized");
return getJSONString(respondObject);
}
diff --git a/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java
index 79ccfe9..208851a 100644
--- a/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java
+++ b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java
@@ -1,14 +1,15 @@
package com.codesdream.ase.component.json.respond;
+import com.sun.org.apache.xpath.internal.operations.Bool;
import lombok.Data;
import lombok.EqualsAndHashCode;
@Data
public class UserLoginCheckerJSONRespond {
- boolean userExist = false;
- boolean loginStatus = false;
- boolean userBanned = false;
+ Boolean userExist = null;
+ Boolean userBanned = null;
+ Boolean loginStatus = null;
String respondInformation = "";
- String token = "";
+ String token = null;
}
diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java
index 2043f27..67955f5 100644
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java
@@ -26,15 +26,9 @@ public class ASEAccessDeniedHandler implements AccessDeniedHandler {
throws IOException, ServletException {
log.info("ASEAccessDeniedHandler Found!");
- response.setCharacterEncoding("utf-8");
- response.setContentType("text/javascript;charset=utf-8");
- UserLoginCheckerJSONRespond checkerRespond = new UserLoginCheckerJSONRespond();
- checkerRespond.setLoginStatus(true);
- checkerRespond.setUserExist(true);
- checkerRespond.setRespondInformation("Authenticated user has no access to this resource");
+ // 对无权限操作返回403
+ response.getWriter().print(jsonParameter.getJSONStandardRespond403());
- // 对匿名用户返回
- response.getWriter().print(jsonParameter.getJSONString(checkerRespond));
}
}
diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java
index 3e62a3f..b367794 100644
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java
@@ -24,8 +24,8 @@ public class ASEAuthenticationEntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
throws IOException, ServletException {
- // 对匿名用户返回403
- response.getWriter().print(jsonParameter.getJSONStandardRespond403());
+ // 对匿名用户返回401
+ response.getWriter().print(jsonParameter.getJSONStandardRespond401());
}
}
diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java
index 1680ec3..393d591 100644
--- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java
@@ -23,13 +23,14 @@ public class ASEAuthenticationFailureHandler extends SimpleUrlAuthenticationFail
@Override
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
- throws IOException, ServletException
+ throws IOException
{
log.info("ASEAuthenticationFailureHandler Login Fail!");
UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond();
- respond.setUserExist(false);
+
+ respond.setUserExist(null);
+ respond.setUserBanned(null);
respond.setLoginStatus(false);
- respond.setUserBanned(true);
respond.setRespondInformation("Authentication Failed");
// 填充response对象
diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java
index 2be84dd..d09f9d2 100644
--- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java
+++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java
@@ -2,6 +2,7 @@ package com.codesdream.ase.component.permission;
import com.codesdream.ase.component.auth.AJAXRequestChecker;
import com.codesdream.ase.component.auth.JSONTokenUsernamePasswordAuthenticationToken;
+import com.codesdream.ase.component.auth.TimestampExpiredChecker;
import com.codesdream.ase.component.datamanager.JSONParameter;
import com.codesdream.ase.component.json.request.UserLoginChecker;
import lombok.extern.slf4j.Slf4j;
@@ -12,6 +13,7 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
+import org.springframework.web.bind.annotation.RequestMapping;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
@@ -28,10 +30,20 @@ public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAut
@Resource
private AJAXRequestChecker ajaxRequestChecker;
+ @Resource
+ private TimestampExpiredChecker timestampExpiredChecker;
+
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response)
throws AuthenticationException {
+ String timestamp = request.getHeader("timestamp");
+
+ // 检查时间戳是否合理(60秒内)
+ if(timestamp == null || !timestampExpiredChecker.checkTimestampBeforeMaxTime(timestamp, 60)){
+ throw new AuthenticationServiceException("Timestamp Expired.");
+ }
+
// 判断是否为AJAX请求格式的数据
if(!ajaxRequestChecker.checkAjaxPOSTRequest(request)) {
throw new AuthenticationServiceException("Authentication method not supported: NOT Ajax Method.");
diff --git a/src/main/java/com/codesdream/ase/controller/LoginController.java b/src/main/java/com/codesdream/ase/controller/LoginController.java
index db99311..e9c539c 100644
--- a/src/main/java/com/codesdream/ase/controller/LoginController.java
+++ b/src/main/java/com/codesdream/ase/controller/LoginController.java
@@ -61,11 +61,11 @@ public class LoginController {
// 构造返回对象
UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond();
respond.setUserExist(existStatus);
- return jsonParameter.getJSONString(respond);
+ return jsonParameter.getJSONStandardRespond200(respond);
}
else {
// 返回失败对象
- return jsonParameter.getJSONString(new JSONStandardFailedRespond());
+ return jsonParameter.getJSONStandardRespond500("Error");
}
}
@@ -82,11 +82,11 @@ public class LoginController {
if(loginChecker.getCheckType().equals("UIDGeneratorChecker")) {
UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond();
respond.setRespondInformation(userService.getUsernameByStudentId(loginChecker.getUsername()));
- return jsonParameter.getJSONString(respond);
+ return jsonParameter.getJSONStandardRespond200(respond);
}
else {
// 返回失败对象
- return jsonParameter.getJSONString(new JSONStandardFailedRespond());
+ return jsonParameter.getJSONStandardRespond500("Error");
}
diff --git a/src/main/java/com/codesdream/ase/controller/RegisterController.java b/src/main/java/com/codesdream/ase/controller/RegisterController.java
index 01a4835..62ce6b3 100644
--- a/src/main/java/com/codesdream/ase/controller/RegisterController.java
+++ b/src/main/java/com/codesdream/ase/controller/RegisterController.java
@@ -16,10 +16,10 @@ import java.util.Map;
@Controller
public class RegisterController {
@Resource
- UserService userService;
+ private UserService userService;
@Resource
- BaseInformationService baseInformationService;
+ private BaseInformationService baseInformationService;
@RequestMapping(value = "/register")
String registerView(Model model){
diff --git a/src/main/java/com/codesdream/ase/service/BaseInformationService.java b/src/main/java/com/codesdream/ase/service/BaseInformationService.java
index 870a816..072ec94 100644
--- a/src/main/java/com/codesdream/ase/service/BaseInformationService.java
+++ b/src/main/java/com/codesdream/ase/service/BaseInformationService.java
@@ -20,25 +20,25 @@ import java.util.Vector;
public class BaseInformationService implements IBaseInformationService {
@Resource
- BaseAdministrativeDivisionRepository administrativeDivisionRepository;
+ private BaseAdministrativeDivisionRepository administrativeDivisionRepository;
@Resource
- BaseCandidateCategoryRepository candidateCategoryRepository;
+ private BaseCandidateCategoryRepository candidateCategoryRepository;
@Resource
- BaseCollegeRepository collegeRepository;
+ private BaseCollegeRepository collegeRepository;
@Resource
- BaseEthnicRepository ethnicRepository;
+ private BaseEthnicRepository ethnicRepository;
@Resource
- BaseMajorRepository majorRepository;
+ private BaseMajorRepository majorRepository;
@Resource
- BasePoliticalStatusRepository politicalStatusRepository;
+ private BasePoliticalStatusRepository politicalStatusRepository;
@Resource
- BaseStudentInfoRepository studentInfoRepository;
+ private BaseStudentInfoRepository studentInfoRepository;
@Override
public boolean checkAdministrativeDivision(String name) {
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index ef36be0..8693bdc 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -8,13 +8,14 @@ spring.thymeleaf.encoding=UTF-8
spring.jpa.generate-ddl=false
spring.jpa.show-sql=true
spring.jpa.hibernate.ddl-auto=update
-spring.jooq.sql-dialect=org.hibernate.dialect.MySQL5InnoDBDialect
+spring.jooq.sql-dialect=org.hibernate.dialect.MariaDB102Dialect
spring.jpa.open-in-view=true
spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true
-spring.datasource.url=jdbc:mysql://${MYSQL_HOST:119.23.9.34}:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC
+spring.datasource.url=jdbc:mariadb://39.100.94.111:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC
spring.datasource.username=codedream
spring.datasource.password=codedreampasswd
+spring.datasource.driver-class-name=org.mariadb.jdbc.Driver
server.error.whitelabel.enabled=false