修复一些已知的安全问题
1. 🎨 剔除主动推送百度 SEO 功能 2. 🎨 优化记录最后在线时间代码 3. 🎨 优化代码结构 4. ⬆️ 升级 log4j2 依赖
This commit is contained in:
commit
1e08f9be9e
45
pom.xml
45
pom.xml
@ -24,6 +24,12 @@
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
<artifactId>spring-boot-starter-data-redis</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
@ -37,7 +43,7 @@
|
||||
<dependency>
|
||||
<groupId>org.mybatis.spring.boot</groupId>
|
||||
<artifactId>mybatis-spring-boot-starter</artifactId>
|
||||
<version>2.1.1</version>
|
||||
<version>2.2.0</version>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
@ -89,13 +95,13 @@
|
||||
<dependency>
|
||||
<groupId>com.github.pagehelper</groupId>
|
||||
<artifactId>pagehelper</artifactId>
|
||||
<version>5.2.0</version>
|
||||
<version>5.3.0</version>
|
||||
</dependency>
|
||||
<!-- fastjson -->
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>fastjson</artifactId>
|
||||
<version>1.2.76</version>
|
||||
<version>1.2.78</version>
|
||||
</dependency>
|
||||
<!-- shiro权限控制框架 -->
|
||||
<dependency>
|
||||
@ -145,7 +151,30 @@
|
||||
<dependency>
|
||||
<groupId>com.alibaba</groupId>
|
||||
<artifactId>druid-spring-boot-starter</artifactId>
|
||||
<version>1.1.20</version>
|
||||
<version>1.2.8</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-api</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
<dependency>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-to-slf4j</artifactId>
|
||||
<version>2.16.0</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-api</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.logging.log4j</groupId>
|
||||
<artifactId>log4j-api</artifactId>
|
||||
<version>2.16.0</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.springframework.boot</groupId>
|
||||
@ -168,7 +197,7 @@
|
||||
<dependency>
|
||||
<groupId>org.jodd</groupId>
|
||||
<artifactId>jodd-http</artifactId>
|
||||
<version>5.0.13</version>
|
||||
<version>6.0.6</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.github.binarywang</groupId>
|
||||
@ -202,12 +231,16 @@
|
||||
<dependency>
|
||||
<groupId>com.baidu.aip</groupId>
|
||||
<artifactId>java-sdk</artifactId>
|
||||
<version>4.11.3</version>
|
||||
<version>4.16.2</version>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>org.slf4j</groupId>
|
||||
<artifactId>slf4j-simple</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>com.google.guava</groupId>
|
||||
<artifactId>guava</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
|
||||
|
@ -37,7 +37,7 @@ public class SecurityAspect {
|
||||
Logger logger = LoggerFactory.getLogger(SecurityAspect.class);
|
||||
|
||||
@Pointcut("@annotation(com.rymcu.forest.core.service.security.annotation.SecurityInterceptor)")
|
||||
public void pointCut() {
|
||||
public void securityPointCut() {
|
||||
}
|
||||
|
||||
/**
|
||||
@ -47,7 +47,7 @@ public class SecurityAspect {
|
||||
* @return 方法执行结果
|
||||
* @throws Throwable 调用出错
|
||||
*/
|
||||
@Before(value = "pointCut()")
|
||||
@Before(value = "securityPointCut()")
|
||||
public void doBefore(JoinPoint joinPoint) throws BaseApiException {
|
||||
logger.info("检查用户修改信息权限 start ...");
|
||||
HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest();
|
||||
|
@ -3,14 +3,16 @@ package com.rymcu.forest.jwt.service;
|
||||
|
||||
import com.rymcu.forest.jwt.def.JwtConstants;
|
||||
import com.rymcu.forest.jwt.model.TokenModel;
|
||||
import com.rymcu.forest.service.UserService;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.SignatureAlgorithm;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.data.redis.core.StringRedisTemplate;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.time.LocalDateTime;
|
||||
import java.time.format.DateTimeFormatter;
|
||||
import java.util.Date;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
@ -21,17 +23,20 @@ import java.util.concurrent.TimeUnit;
|
||||
*/
|
||||
@Component
|
||||
public class RedisTokenManager implements TokenManager {
|
||||
|
||||
@Autowired
|
||||
private StringRedisTemplate redisTemplate;
|
||||
@Resource
|
||||
private UserService userService;
|
||||
|
||||
/**
|
||||
* 生成TOKEN
|
||||
*/
|
||||
@Override
|
||||
public String createToken(String id) {
|
||||
//使用uuid作为源token
|
||||
//使用 account 作为源 token
|
||||
String token = Jwts.builder().setId(id).setSubject(id).setIssuedAt(new Date()).signWith(SignatureAlgorithm.HS256, JwtConstants.JWT_SECRET).compact();
|
||||
//存储到redis并设置过期时间
|
||||
//存储到 redis 并设置过期时间
|
||||
redisTemplate.boundValueOps(id).set(token, JwtConstants.TOKEN_EXPIRES_HOUR, TimeUnit.HOURS);
|
||||
return token;
|
||||
}
|
||||
@ -46,15 +51,20 @@ public class RedisTokenManager implements TokenManager {
|
||||
if (model == null) {
|
||||
return false;
|
||||
}
|
||||
String token = (String) redisTemplate.boundValueOps(model.getUsername()).get();
|
||||
String token = redisTemplate.boundValueOps(model.getUsername()).get();
|
||||
if (token == null || !token.equals(model.getToken())) {
|
||||
return false;
|
||||
}
|
||||
//如果验证成功,说明此用户进行了一次有效操作,延长token的过期时间
|
||||
// 如果验证成功,说明此用户进行了一次有效操作,延长 token 的过期时间
|
||||
redisTemplate.boundValueOps(model.getUsername()).expire(JwtConstants.TOKEN_EXPIRES_HOUR, TimeUnit.HOURS);
|
||||
StringBuilder key = new StringBuilder();
|
||||
key.append(JwtConstants.LAST_ONLINE).append(model.getUsername());
|
||||
redisTemplate.boundValueOps(key.toString()).set(LocalDateTime.now().toString(), JwtConstants.LAST_ONLINE_EXPIRES_MINUTE, TimeUnit.MINUTES);
|
||||
String result = redisTemplate.boundValueOps(key.toString()).get();
|
||||
if (StringUtils.isBlank(result)) {
|
||||
// 更新最后在线时间
|
||||
userService.updateLastOnlineTimeByEmail(model.getUsername());
|
||||
redisTemplate.boundValueOps(key.toString()).set(LocalDateTime.now().toString(), JwtConstants.LAST_ONLINE_EXPIRES_MINUTE, TimeUnit.MINUTES);
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
|
@ -15,6 +15,7 @@ import com.rymcu.forest.service.TagService;
|
||||
import com.rymcu.forest.service.UserService;
|
||||
import com.rymcu.forest.util.*;
|
||||
import com.rymcu.forest.web.api.exception.BaseApiException;
|
||||
import com.rymcu.forest.web.api.exception.ErrorCode;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.text.StringEscapeUtils;
|
||||
@ -46,24 +47,21 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
|
||||
@Value("${resource.domain}")
|
||||
private String domain;
|
||||
@Value("${env}")
|
||||
private String env;
|
||||
|
||||
private static final int MAX_PREVIEW = 200;
|
||||
private static final String defaultStatus = "0";
|
||||
private static final String defaultTopicUri = "news";
|
||||
private static final String DEFAULT_STATUS = "0";
|
||||
private static final String DEFAULT_TOPIC_URI = "news";
|
||||
private static final int ADMIN_ROLE_WEIGHTS = 2;
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> findArticles(ArticleSearchDTO searchDTO) {
|
||||
List<ArticleDTO> list;
|
||||
if (StringUtils.isNotBlank(searchDTO.getTopicUri()) && !defaultTopicUri.equals(searchDTO.getTopicUri())) {
|
||||
if (StringUtils.isNotBlank(searchDTO.getTopicUri()) && !DEFAULT_TOPIC_URI.equals(searchDTO.getTopicUri())) {
|
||||
list = articleMapper.selectArticlesByTopicUri(searchDTO.getTopicUri());
|
||||
} else {
|
||||
list = articleMapper.selectArticles(searchDTO.getSearchText(), searchDTO.getTag(), searchDTO.getTopicUri());
|
||||
}
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@ -73,31 +71,26 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
if (articleDTO == null) {
|
||||
return null;
|
||||
}
|
||||
articleDTO = genArticle(articleDTO, type);
|
||||
genArticle(articleDTO, type);
|
||||
return articleDTO;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> findArticlesByTopicUri(String name) {
|
||||
List<ArticleDTO> articleDTOS = articleMapper.selectArticlesByTopicUri(name);
|
||||
articleDTOS.forEach(articleDTO -> {
|
||||
genArticle(articleDTO, 0);
|
||||
});
|
||||
return articleDTOS;
|
||||
List<ArticleDTO> list = articleMapper.selectArticlesByTopicUri(name);
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> findArticlesByTagName(String name) {
|
||||
List<ArticleDTO> articleDTOS = articleMapper.selectArticlesByTagName(name);
|
||||
return articleDTOS;
|
||||
return articleMapper.selectArticlesByTagName(name);
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> findUserArticlesByIdUser(Integer idUser) {
|
||||
List<ArticleDTO> list = articleMapper.selectUserArticles(idUser);
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@ -119,11 +112,14 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
String articleContent = article.getArticleContent();
|
||||
String articleContentHtml = article.getArticleContentHtml();
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
if (Objects.isNull(user)) {
|
||||
throw new BaseApiException(ErrorCode.INVALID_TOKEN);
|
||||
}
|
||||
String reservedTag = checkTags(articleTags);
|
||||
boolean notification = false;
|
||||
if (StringUtils.isNotBlank(reservedTag)) {
|
||||
Integer roleWeights = userService.findRoleWeightsByUser(user.getIdUser());
|
||||
if (roleWeights > 2) {
|
||||
if (roleWeights > ADMIN_ROLE_WEIGHTS) {
|
||||
map.put("message", StringEscapeUtils.unescapeJava(reservedTag) + "标签为系统保留标签!");
|
||||
return map;
|
||||
} else {
|
||||
@ -144,10 +140,8 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
} else {
|
||||
newArticle = articleMapper.selectByPrimaryKey(article.getIdArticle());
|
||||
// 如果文章之前状态为草稿则应视为新发布文章
|
||||
if (defaultStatus.equals(newArticle.getArticleStatus())) {
|
||||
if (DEFAULT_STATUS.equals(newArticle.getArticleStatus())) {
|
||||
isUpdate = true;
|
||||
} else {
|
||||
isUpdate = false;
|
||||
}
|
||||
if (!user.getIdUser().equals(newArticle.getArticleAuthorId())) {
|
||||
map.put("message", "非法访问!");
|
||||
@ -161,13 +155,13 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
}
|
||||
|
||||
// 发送相关通知
|
||||
if (defaultStatus.equals(newArticle.getArticleStatus())) {
|
||||
if (DEFAULT_STATUS.equals(newArticle.getArticleStatus())) {
|
||||
// 发送系统通知
|
||||
if (notification) {
|
||||
NotificationUtils.sendAnnouncement(newArticle.getIdArticle(), NotificationConstant.Article, newArticle.getArticleTitle());
|
||||
} else {
|
||||
// 发送关注通知
|
||||
StringBuffer dataSummary = new StringBuffer();
|
||||
StringBuilder dataSummary = new StringBuilder();
|
||||
if (isUpdate) {
|
||||
dataSummary.append(user.getNickname()).append("更新了文章: ").append(newArticle.getArticleTitle());
|
||||
NotificationUtils.sendArticlePush(newArticle.getIdArticle(), NotificationConstant.UpdateArticle, dataSummary.toString(), newArticle.getArticleAuthorId());
|
||||
@ -176,53 +170,33 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
NotificationUtils.sendArticlePush(newArticle.getIdArticle(), NotificationConstant.PostArticle, dataSummary.toString(), newArticle.getArticleAuthorId());
|
||||
}
|
||||
}
|
||||
}
|
||||
// 草稿不更新索引
|
||||
if ("0".equals(article.getArticleStatus())) {
|
||||
System.out.println("开始增加索引");
|
||||
// 草稿不更新索引
|
||||
if (isUpdate) {
|
||||
log.info("更新文章索引,id={}",newArticle.getIdArticle());
|
||||
log.info("更新文章索引,id={}", newArticle.getIdArticle());
|
||||
luceneService.updateArticle(newArticle.getIdArticle().toString());
|
||||
} else {
|
||||
log.info("写入文章索引,id={}",newArticle.getIdArticle());
|
||||
log.info("写入文章索引,id={}", newArticle.getIdArticle());
|
||||
luceneService.writeArticle(newArticle.getIdArticle().toString());
|
||||
}
|
||||
}
|
||||
tagService.saveTagArticle(newArticle, articleContentHtml);
|
||||
|
||||
if (defaultStatus.equals(newArticle.getArticleStatus())) {
|
||||
// 更新文章链接
|
||||
newArticle.setArticlePermalink(domain + "/article/" + newArticle.getIdArticle());
|
||||
newArticle.setArticleLink("/article/" + newArticle.getIdArticle());
|
||||
} else {
|
||||
// 更新文章链接
|
||||
newArticle.setArticlePermalink(domain + "/draft/" + newArticle.getIdArticle());
|
||||
newArticle.setArticleLink("/draft/" + newArticle.getIdArticle());
|
||||
}
|
||||
tagService.saveTagArticle(newArticle, articleContentHtml);
|
||||
|
||||
if (StringUtils.isNotBlank(articleContentHtml)) {
|
||||
String previewContent;
|
||||
if (articleContentHtml.length() > MAX_PREVIEW) {
|
||||
previewContent = BaiDuAipUtils.getNewsSummary(newArticle.getArticleTitle(), articleContentHtml, MAX_PREVIEW);
|
||||
if (previewContent.length() > MAX_PREVIEW) {
|
||||
previewContent = previewContent.substring(0, MAX_PREVIEW);
|
||||
}
|
||||
} else {
|
||||
previewContent = Html2TextUtil.getContent(articleContentHtml);
|
||||
String previewContent = Html2TextUtil.getContent(articleContentHtml);
|
||||
if (previewContent.length() > MAX_PREVIEW) {
|
||||
previewContent = previewContent.substring(0, MAX_PREVIEW);
|
||||
}
|
||||
newArticle.setArticlePreviewContent(previewContent);
|
||||
}
|
||||
articleMapper.updateByPrimaryKeySelective(newArticle);
|
||||
|
||||
// 推送百度 SEO
|
||||
if (!ProjectConstant.ENV.equals(env)
|
||||
&& defaultStatus.equals(newArticle.getArticleStatus())
|
||||
&& articleContent.length() >= MAX_PREVIEW) {
|
||||
if (isUpdate) {
|
||||
BaiDuUtils.sendUpdateSEOData(newArticle.getArticlePermalink());
|
||||
} else {
|
||||
BaiDuUtils.sendSEOData(newArticle.getArticlePermalink());
|
||||
}
|
||||
}
|
||||
|
||||
map.put("id", newArticle.getIdArticle());
|
||||
return map;
|
||||
}
|
||||
@ -265,15 +239,18 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
Map<String, String> map = new HashMap(1);
|
||||
// 鉴权
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
if (Objects.isNull(user)) {
|
||||
throw new BaseApiException(ErrorCode.INVALID_TOKEN);
|
||||
}
|
||||
Integer roleWeights = userService.findRoleWeightsByUser(user.getIdUser());
|
||||
if (roleWeights > 2) {
|
||||
if (roleWeights > ADMIN_ROLE_WEIGHTS) {
|
||||
Article article = articleMapper.selectByPrimaryKey(id);
|
||||
if (!user.getIdUser().equals(article.getArticleAuthorId())) {
|
||||
map.put("message", "非法访问!");
|
||||
return map;
|
||||
}
|
||||
}
|
||||
Integer result;
|
||||
int result;
|
||||
// 判断是否有评论
|
||||
boolean isHavComment = articleMapper.existsCommentWithPrimaryKey(id);
|
||||
if (isHavComment) {
|
||||
@ -312,6 +289,9 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
public Map share(Integer id) throws BaseApiException {
|
||||
Article article = articleMapper.selectByPrimaryKey(id);
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
if (Objects.isNull(user)) {
|
||||
throw new BaseApiException(ErrorCode.INVALID_TOKEN);
|
||||
}
|
||||
StringBuilder shareUrl = new StringBuilder(article.getArticlePermalink());
|
||||
shareUrl.append("?s=").append(user.getNickname());
|
||||
Map map = new HashMap(1);
|
||||
@ -322,28 +302,25 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
@Override
|
||||
public List<ArticleDTO> findDrafts() throws BaseApiException {
|
||||
User user = UserUtils.getCurrentUserByToken();
|
||||
if (Objects.isNull(user)) {
|
||||
throw new BaseApiException(ErrorCode.INVALID_TOKEN);
|
||||
}
|
||||
List<ArticleDTO> list = articleMapper.selectDrafts(user.getIdUser());
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> findArticlesByIdPortfolio(Integer idPortfolio) {
|
||||
List<ArticleDTO> list = articleMapper.selectArticlesByIdPortfolio(idPortfolio);
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<ArticleDTO> selectUnbindArticles(Integer idPortfolio, String searchText, Integer idUser) {
|
||||
List<ArticleDTO> list = articleMapper.selectUnbindArticlesByIdPortfolio(idPortfolio, searchText, idUser);
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@ -380,9 +357,7 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
@Override
|
||||
public List<ArticleDTO> findAnnouncements() {
|
||||
List<ArticleDTO> list = articleMapper.selectAnnouncements();
|
||||
list.forEach(article -> {
|
||||
genArticle(article, 0);
|
||||
});
|
||||
list.forEach(articleDTO -> genArticle(articleDTO, 0));
|
||||
return list;
|
||||
}
|
||||
|
||||
@ -401,7 +376,7 @@ public class ArticleServiceImpl extends AbstractService<Article> implements Arti
|
||||
article.setArticleContent(articleContent.getArticleContentHtml());
|
||||
// 获取所属作品集列表数据
|
||||
List<PortfolioArticleDTO> portfolioArticleDTOList = articleMapper.selectPortfolioArticles(article.getIdArticle());
|
||||
portfolioArticleDTOList.forEach(portfolioArticleDTO -> genPortfolioArticles(portfolioArticleDTO));
|
||||
portfolioArticleDTOList.forEach(this::genPortfolioArticles);
|
||||
article.setPortfolios(portfolioArticleDTOList);
|
||||
} else if (type.equals(articleEdit)) {
|
||||
article.setArticleContent(articleContent.getArticleContent());
|
||||
|
@ -27,7 +27,6 @@ import java.util.*;
|
||||
|
||||
|
||||
/**
|
||||
*
|
||||
* @author CodeGenerator
|
||||
* @date 2018/05/29
|
||||
*/
|
||||
@ -48,7 +47,7 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
private final static String DEFAULT_AVATAR = "https://static.rymcu.com/article/1578475481946.png";
|
||||
|
||||
@Override
|
||||
public User findByAccount(String account) throws TooManyResultsException{
|
||||
public User findByAccount(String account) throws TooManyResultsException {
|
||||
return userMapper.findByAccount(account);
|
||||
}
|
||||
|
||||
@ -56,13 +55,13 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Map register(String email, String password, String code) {
|
||||
Map map = new HashMap(2);
|
||||
map.put("message","验证码无效!");
|
||||
map.put("message", "验证码无效!");
|
||||
String vCode = redisService.get(email);
|
||||
if(StringUtils.isNotBlank(vCode)){
|
||||
if(vCode.equals(code)){
|
||||
if (StringUtils.isNotBlank(vCode)) {
|
||||
if (vCode.equals(code)) {
|
||||
User user = userMapper.findByAccount(email);
|
||||
if(user != null){
|
||||
map.put("message","该邮箱已被注册!");
|
||||
if (user != null) {
|
||||
map.put("message", "该邮箱已被注册!");
|
||||
} else {
|
||||
user = new User();
|
||||
String nickname = email.split("@")[0];
|
||||
@ -83,8 +82,8 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
.nickname(user.getNickname())
|
||||
.signature(user.getSignature())
|
||||
.build());
|
||||
map.put("message","注册成功!");
|
||||
map.put("flag",1);
|
||||
map.put("message", "注册成功!");
|
||||
map.put("flag", 1);
|
||||
redisService.delete(email);
|
||||
}
|
||||
}
|
||||
@ -106,19 +105,20 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
public Map login(String account, String password) {
|
||||
Map map = new HashMap(1);
|
||||
User user = userMapper.findByAccount(account);
|
||||
if(user != null){
|
||||
if(Utils.comparePwd(password, user.getPassword())){
|
||||
if (user != null) {
|
||||
if (Utils.comparePwd(password, user.getPassword())) {
|
||||
userMapper.updateLastLoginTime(user.getIdUser());
|
||||
userMapper.updateLastOnlineTimeByEmail(user.getEmail());
|
||||
TokenUser tokenUser = new TokenUser();
|
||||
BeanCopierUtil.copy(user, tokenUser);
|
||||
tokenUser.setToken(tokenManager.createToken(account));
|
||||
tokenUser.setWeights(userMapper.selectRoleWeightsByUser(user.getIdUser()));
|
||||
map.put("user", tokenUser);
|
||||
} else {
|
||||
map.put("message","密码错误!");
|
||||
map.put("message", "密码错误!");
|
||||
}
|
||||
} else {
|
||||
map.put("message","该账号不存在!");
|
||||
map.put("message", "该账号不存在!");
|
||||
}
|
||||
return map;
|
||||
}
|
||||
@ -133,12 +133,12 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
public Map forgetPassword(String code, String password) {
|
||||
Map map = new HashMap<>(2);
|
||||
String email = redisService.get(code);
|
||||
if(StringUtils.isBlank(email)){
|
||||
map.put("message","链接已失效");
|
||||
if (StringUtils.isBlank(email)) {
|
||||
map.put("message", "链接已失效");
|
||||
} else {
|
||||
userMapper.updatePasswordByEmail(email,Utils.entryptPassword(password));
|
||||
map.put("message","修改成功,正在跳转登录登陆界面!");
|
||||
map.put("flag",1);
|
||||
userMapper.updatePasswordByEmail(email, Utils.entryptPassword(password));
|
||||
map.put("message", "修改成功,正在跳转登录登陆界面!");
|
||||
map.put("flag", 1);
|
||||
}
|
||||
return map;
|
||||
}
|
||||
@ -147,9 +147,9 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Map updateUserRole(Integer idUser, Integer idRole) {
|
||||
Map map = new HashMap(1);
|
||||
Integer result = userMapper.updateUserRole(idUser,idRole);
|
||||
if(result == 0) {
|
||||
map.put("message","更新失败!");
|
||||
Integer result = userMapper.updateUserRole(idUser, idRole);
|
||||
if (result == 0) {
|
||||
map.put("message", "更新失败!");
|
||||
}
|
||||
return map;
|
||||
}
|
||||
@ -158,9 +158,9 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
@Transactional(rollbackFor = Exception.class)
|
||||
public Map updateStatus(Integer idUser, String status) {
|
||||
Map map = new HashMap(1);
|
||||
Integer result = userMapper.updateStatus(idUser,status);
|
||||
if(result == 0) {
|
||||
map.put("message","更新失败!");
|
||||
Integer result = userMapper.updateStatus(idUser, status);
|
||||
if (result == 0) {
|
||||
map.put("message", "更新失败!");
|
||||
}
|
||||
return map;
|
||||
}
|
||||
@ -199,7 +199,7 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
user.setAvatarUrl(avatarUrl);
|
||||
user.setAvatarType("0");
|
||||
}
|
||||
Integer result = userMapper.updateUserInfo(user.getIdUser(), user.getNickname(), user.getAvatarType(),user.getAvatarUrl(),user.getSignature(), user.getSex());
|
||||
Integer result = userMapper.updateUserInfo(user.getIdUser(), user.getNickname(), user.getAvatarType(), user.getAvatarUrl(), user.getSignature(), user.getSex());
|
||||
UserIndexUtil.addIndex(UserLucene.builder()
|
||||
.idUser(user.getIdUser())
|
||||
.nickname(user.getNickname())
|
||||
@ -209,7 +209,7 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
map.put("message", "操作失败!");
|
||||
return map;
|
||||
}
|
||||
map.put("user",user);
|
||||
map.put("user", user);
|
||||
return map;
|
||||
}
|
||||
|
||||
@ -257,15 +257,15 @@ public class UserServiceImpl extends AbstractService<User> implements UserServic
|
||||
@Override
|
||||
public Map updateEmail(ChangeEmailDTO changeEmailDTO) {
|
||||
Map map = new HashMap(2);
|
||||
map.put("message","验证码无效!");
|
||||
map.put("message", "验证码无效!");
|
||||
Integer idUser = changeEmailDTO.getIdUser();
|
||||
String email = changeEmailDTO.getEmail();
|
||||
String code = changeEmailDTO.getCode();
|
||||
String vCode = redisService.get(email);
|
||||
if(StringUtils.isNotBlank(vCode) && StringUtils.isNotBlank(code)){
|
||||
if(vCode.equals(code)){
|
||||
if (StringUtils.isNotBlank(vCode) && StringUtils.isNotBlank(code)) {
|
||||
if (vCode.equals(code)) {
|
||||
userMapper.updateEmail(idUser, email);
|
||||
map.put("message","更新成功!");
|
||||
map.put("message", "更新成功!");
|
||||
map.put("email", email);
|
||||
}
|
||||
}
|
||||
|
@ -10,7 +10,7 @@ import org.springframework.stereotype.Component;
|
||||
/**
|
||||
* @author ronger
|
||||
*/
|
||||
@Component
|
||||
//@Component
|
||||
@Slf4j
|
||||
public class BaiDuCronTask {
|
||||
|
||||
|
@ -80,7 +80,7 @@
|
||||
</update>
|
||||
|
||||
<select id="findByAccount" resultMap="BaseResultMap">
|
||||
select id, nickname, account, password, status, avatar_type, avatar_url from forest_user where (account = #{account} or email = #{account} ) and status = 0
|
||||
select id, nickname, account, password, status, avatar_type, avatar_url, email from forest_user where (account = #{account} or email = #{account} ) and status = 0
|
||||
</select>
|
||||
<select id="findUserInfoByAccount" resultMap="UserInfoResultMapper">
|
||||
select id, nickname, sex, avatar_type, avatar_url, email, phone, account, status, signature, last_login_time, last_online_time from forest_user where account = #{account}
|
||||
|
1
src/main/resources/log4j2.component.properties
Normal file
1
src/main/resources/log4j2.component.properties
Normal file
@ -0,0 +1 @@
|
||||
log4j2.formatMsgNoLookups=True
|
Loading…
Reference in New Issue
Block a user