From 9515ebbc39e2466262387d25c55f84c412e15e2e Mon Sep 17 00:00:00 2001 From: Saturneric Date: Mon, 16 Mar 2020 15:25:34 +0800 Subject: [PATCH 1/3] =?UTF-8?q?=E5=AE=8C=E5=96=84=E8=AE=A4=E8=AF=81?= =?UTF-8?q?=E7=AE=A1=E7=90=86=E5=AD=90=E7=B3=BB=E7=BB=9F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../auth/JSONRandomCodeGenerator.java | 2 +- .../auth/TimestampExpiredChecker.java | 18 ++++++++++++++++++ .../component/datamanager/JSONParameter.java | 8 +++++++- .../respond/UserLoginCheckerJSONRespond.java | 9 +++++---- .../permission/ASEAccessDeniedHandler.java | 10 ++-------- .../ASEAuthenticationEntryPoint.java | 4 ++-- .../ASEAuthenticationFailureHandler.java | 7 ++++--- ...SEUsernamePasswordAuthenticationFilter.java | 12 ++++++++++++ 8 files changed, 51 insertions(+), 19 deletions(-) create mode 100644 src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java diff --git a/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java b/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java index 954850b..fe2ce6c 100644 --- a/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java +++ b/src/main/java/com/codesdream/ase/component/auth/JSONRandomCodeGenerator.java @@ -14,6 +14,6 @@ public class JSONRandomCodeGenerator { public String generateRandomCode(String username, Date date, String clientCode){ return encoder.encode(String.format("RandomCode [%s][%s][%s]", - username, date.toString(), clientCode)); + username, Long.toString(date.getTime()), clientCode)); } } diff --git a/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java b/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java new file mode 100644 index 0000000..080bd20 --- /dev/null +++ b/src/main/java/com/codesdream/ase/component/auth/TimestampExpiredChecker.java @@ -0,0 +1,18 @@ +package com.codesdream.ase.component.auth; + +import org.springframework.stereotype.Component; + +import java.util.Date; + +// 验证时间戳是否有效 +@Component +public class TimestampExpiredChecker { + + public boolean checkTimestampBeforeMaxTime(String timestamp, int seconds){ + Date timestampDate = new Date(Long.parseLong(timestamp)); + long currentTime = System.currentTimeMillis(); + Date maxDate = new Date(currentTime + seconds * 1000); + return timestampDate.before(maxDate); + } + +} diff --git a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java index 103c5a0..3fd6706 100644 --- a/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java +++ b/src/main/java/com/codesdream/ase/component/datamanager/JSONParameter.java @@ -86,7 +86,13 @@ public class JSONParameter { // 获得标准的JSON响应字符串返回(403状态) public String getJSONStandardRespond403(){ - JSONBaseRespondObject respondObject = new JSONBaseRespondObject(403, "forbidden"); + JSONBaseRespondObject respondObject = new JSONBaseRespondObject(403, "Forbidden"); + return getJSONString(respondObject); + } + + // 获得标准的JSON响应字符串返回(401状态) + public String getJSONStandardRespond401(){ + JSONBaseRespondObject respondObject = new JSONBaseRespondObject(401, "Unauthorized"); return getJSONString(respondObject); } diff --git a/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java index 79ccfe9..208851a 100644 --- a/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java +++ b/src/main/java/com/codesdream/ase/component/json/respond/UserLoginCheckerJSONRespond.java @@ -1,14 +1,15 @@ package com.codesdream.ase.component.json.respond; +import com.sun.org.apache.xpath.internal.operations.Bool; import lombok.Data; import lombok.EqualsAndHashCode; @Data public class UserLoginCheckerJSONRespond { - boolean userExist = false; - boolean loginStatus = false; - boolean userBanned = false; + Boolean userExist = null; + Boolean userBanned = null; + Boolean loginStatus = null; String respondInformation = ""; - String token = ""; + String token = null; } diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java index 2043f27..67955f5 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAccessDeniedHandler.java @@ -26,15 +26,9 @@ public class ASEAccessDeniedHandler implements AccessDeniedHandler { throws IOException, ServletException { log.info("ASEAccessDeniedHandler Found!"); - response.setCharacterEncoding("utf-8"); - response.setContentType("text/javascript;charset=utf-8"); - UserLoginCheckerJSONRespond checkerRespond = new UserLoginCheckerJSONRespond(); - checkerRespond.setLoginStatus(true); - checkerRespond.setUserExist(true); - checkerRespond.setRespondInformation("Authenticated user has no access to this resource"); + // 对无权限操作返回403 + response.getWriter().print(jsonParameter.getJSONStandardRespond403()); - // 对匿名用户返回 - response.getWriter().print(jsonParameter.getJSONString(checkerRespond)); } } diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java index 3e62a3f..b367794 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationEntryPoint.java @@ -24,8 +24,8 @@ public class ASEAuthenticationEntryPoint implements AuthenticationEntryPoint { @Override public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException { - // 对匿名用户返回403 - response.getWriter().print(jsonParameter.getJSONStandardRespond403()); + // 对匿名用户返回401 + response.getWriter().print(jsonParameter.getJSONStandardRespond401()); } } diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java index 1680ec3..393d591 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEAuthenticationFailureHandler.java @@ -23,13 +23,14 @@ public class ASEAuthenticationFailureHandler extends SimpleUrlAuthenticationFail @Override public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) - throws IOException, ServletException + throws IOException { log.info("ASEAuthenticationFailureHandler Login Fail!"); UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); - respond.setUserExist(false); + + respond.setUserExist(null); + respond.setUserBanned(null); respond.setLoginStatus(false); - respond.setUserBanned(true); respond.setRespondInformation("Authentication Failed"); // 填充response对象 diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java index 2be84dd..7c78ae6 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java @@ -2,6 +2,7 @@ package com.codesdream.ase.component.permission; import com.codesdream.ase.component.auth.AJAXRequestChecker; import com.codesdream.ase.component.auth.JSONTokenUsernamePasswordAuthenticationToken; +import com.codesdream.ase.component.auth.TimestampExpiredChecker; import com.codesdream.ase.component.datamanager.JSONParameter; import com.codesdream.ase.component.json.request.UserLoginChecker; import lombok.extern.slf4j.Slf4j; @@ -12,6 +13,7 @@ import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; +import org.springframework.web.bind.annotation.RequestMapping; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; @@ -28,10 +30,20 @@ public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAut @Resource private AJAXRequestChecker ajaxRequestChecker; + @Resource + private TimestampExpiredChecker timestampExpiredChecker; + @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException { + String timestamp = request.getHeader("timestamp"); + + // 检查时间戳是否合理(60秒内) + if(!timestampExpiredChecker.checkTimestampBeforeMaxTime(timestamp, 60)){ + throw new AuthenticationServiceException("Timestamp Expired."); + } + // 判断是否为AJAX请求格式的数据 if(!ajaxRequestChecker.checkAjaxPOSTRequest(request)) { throw new AuthenticationServiceException("Authentication method not supported: NOT Ajax Method."); From 3a101a9a39dd103a8502d6801d913b7945b9c30a Mon Sep 17 00:00:00 2001 From: Saturneric Date: Tue, 17 Mar 2020 02:14:28 +0800 Subject: [PATCH 2/3] =?UTF-8?q?=E6=9B=B4=E6=8D=A2=E4=BA=91=E6=95=B0?= =?UTF-8?q?=E6=8D=AE=E5=BA=93?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/main/resources/application.properties | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index ef36be0..41c87dc 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -7,14 +7,14 @@ spring.thymeleaf.encoding=UTF-8 spring.jpa.generate-ddl=false spring.jpa.show-sql=true -spring.jpa.hibernate.ddl-auto=update +spring.jpa.hibernate.ddl-auto=none spring.jooq.sql-dialect=org.hibernate.dialect.MySQL5InnoDBDialect spring.jpa.open-in-view=true spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true -spring.datasource.url=jdbc:mysql://${MYSQL_HOST:119.23.9.34}:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC +spring.datasource.url=jdbc:mysql://${MYSQL_HOST:39.100.94.111}:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC spring.datasource.username=codedream -spring.datasource.password=codedreampasswd +spring.datasource.password=zP1+LKi?,{Kyv)uyYgd8 server.error.whitelabel.enabled=false From e1f25720c04e11c9ad9ab55e6e9246494a10046d Mon Sep 17 00:00:00 2001 From: Saturneric Date: Tue, 17 Mar 2020 14:22:50 +0800 Subject: [PATCH 3/3] =?UTF-8?q?=E6=9B=B4=E6=8D=A2=E4=BA=91=E6=95=B0?= =?UTF-8?q?=E6=8D=AE=E5=BA=93=E4=B8=BAMariaDB=EF=BC=9B=E6=B7=BB=E5=8A=A0Ma?= =?UTF-8?q?riaDB=E9=A9=B1=E5=8A=A8=EF=BC=9B?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- pom.xml | 7 +++++++ .../ASEUsernamePasswordAuthenticationFilter.java | 2 +- .../codesdream/ase/controller/LoginController.java | 8 ++++---- .../ase/controller/RegisterController.java | 4 ++-- .../ase/service/BaseInformationService.java | 14 +++++++------- src/main/resources/application.properties | 9 +++++---- 6 files changed, 26 insertions(+), 18 deletions(-) diff --git a/pom.xml b/pom.xml index b66f69d..aaa6cb5 100644 --- a/pom.xml +++ b/pom.xml @@ -138,6 +138,13 @@ 1.1.71.android + + org.mariadb.jdbc + mariadb-java-client + 2.5.4 + + + diff --git a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java index 7c78ae6..d09f9d2 100644 --- a/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java +++ b/src/main/java/com/codesdream/ase/component/permission/ASEUsernamePasswordAuthenticationFilter.java @@ -40,7 +40,7 @@ public class ASEUsernamePasswordAuthenticationFilter extends UsernamePasswordAut String timestamp = request.getHeader("timestamp"); // 检查时间戳是否合理(60秒内) - if(!timestampExpiredChecker.checkTimestampBeforeMaxTime(timestamp, 60)){ + if(timestamp == null || !timestampExpiredChecker.checkTimestampBeforeMaxTime(timestamp, 60)){ throw new AuthenticationServiceException("Timestamp Expired."); } diff --git a/src/main/java/com/codesdream/ase/controller/LoginController.java b/src/main/java/com/codesdream/ase/controller/LoginController.java index db99311..e9c539c 100644 --- a/src/main/java/com/codesdream/ase/controller/LoginController.java +++ b/src/main/java/com/codesdream/ase/controller/LoginController.java @@ -61,11 +61,11 @@ public class LoginController { // 构造返回对象 UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); respond.setUserExist(existStatus); - return jsonParameter.getJSONString(respond); + return jsonParameter.getJSONStandardRespond200(respond); } else { // 返回失败对象 - return jsonParameter.getJSONString(new JSONStandardFailedRespond()); + return jsonParameter.getJSONStandardRespond500("Error"); } } @@ -82,11 +82,11 @@ public class LoginController { if(loginChecker.getCheckType().equals("UIDGeneratorChecker")) { UserLoginCheckerJSONRespond respond = new UserLoginCheckerJSONRespond(); respond.setRespondInformation(userService.getUsernameByStudentId(loginChecker.getUsername())); - return jsonParameter.getJSONString(respond); + return jsonParameter.getJSONStandardRespond200(respond); } else { // 返回失败对象 - return jsonParameter.getJSONString(new JSONStandardFailedRespond()); + return jsonParameter.getJSONStandardRespond500("Error"); } diff --git a/src/main/java/com/codesdream/ase/controller/RegisterController.java b/src/main/java/com/codesdream/ase/controller/RegisterController.java index 01a4835..62ce6b3 100644 --- a/src/main/java/com/codesdream/ase/controller/RegisterController.java +++ b/src/main/java/com/codesdream/ase/controller/RegisterController.java @@ -16,10 +16,10 @@ import java.util.Map; @Controller public class RegisterController { @Resource - UserService userService; + private UserService userService; @Resource - BaseInformationService baseInformationService; + private BaseInformationService baseInformationService; @RequestMapping(value = "/register") String registerView(Model model){ diff --git a/src/main/java/com/codesdream/ase/service/BaseInformationService.java b/src/main/java/com/codesdream/ase/service/BaseInformationService.java index 870a816..072ec94 100644 --- a/src/main/java/com/codesdream/ase/service/BaseInformationService.java +++ b/src/main/java/com/codesdream/ase/service/BaseInformationService.java @@ -20,25 +20,25 @@ import java.util.Vector; public class BaseInformationService implements IBaseInformationService { @Resource - BaseAdministrativeDivisionRepository administrativeDivisionRepository; + private BaseAdministrativeDivisionRepository administrativeDivisionRepository; @Resource - BaseCandidateCategoryRepository candidateCategoryRepository; + private BaseCandidateCategoryRepository candidateCategoryRepository; @Resource - BaseCollegeRepository collegeRepository; + private BaseCollegeRepository collegeRepository; @Resource - BaseEthnicRepository ethnicRepository; + private BaseEthnicRepository ethnicRepository; @Resource - BaseMajorRepository majorRepository; + private BaseMajorRepository majorRepository; @Resource - BasePoliticalStatusRepository politicalStatusRepository; + private BasePoliticalStatusRepository politicalStatusRepository; @Resource - BaseStudentInfoRepository studentInfoRepository; + private BaseStudentInfoRepository studentInfoRepository; @Override public boolean checkAdministrativeDivision(String name) { diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 41c87dc..8693bdc 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -7,14 +7,15 @@ spring.thymeleaf.encoding=UTF-8 spring.jpa.generate-ddl=false spring.jpa.show-sql=true -spring.jpa.hibernate.ddl-auto=none -spring.jooq.sql-dialect=org.hibernate.dialect.MySQL5InnoDBDialect +spring.jpa.hibernate.ddl-auto=update +spring.jooq.sql-dialect=org.hibernate.dialect.MariaDB102Dialect spring.jpa.open-in-view=true spring.jpa.properties.hibernate.enable_lazy_load_no_trans=true -spring.datasource.url=jdbc:mysql://${MYSQL_HOST:39.100.94.111}:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC +spring.datasource.url=jdbc:mariadb://39.100.94.111:3306/ase?useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC spring.datasource.username=codedream -spring.datasource.password=zP1+LKi?,{Kyv)uyYgd8 +spring.datasource.password=codedreampasswd +spring.datasource.driver-class-name=org.mariadb.jdbc.Driver server.error.whitelabel.enabled=false