2021SC@SDUSC
分析登录控制模块。代码太长,直接写在注释里吧。
可以看出的功能是,登录仍然需要用户输入:账号密码。
虽然从现在主流的软件工程开发风格角度讲,账密不符合如今的低密码趋势,但是值得学习的地方是进行了加密操作。(起码不像某网站一样可以抓包到明文密码)
@RestController
@RequestMapping("/user")
public class LoginController {
@Autowired
UmsUserRepository service;
@Autowired
TokenService tokenService;
@PostMapping("/login")
public JSONObject login(String username, String password) {
//账密登录set
JSONObject jsonObject = new JSONObject();
UmsUser user = new UmsUser();
user.setUsername(username);
user.setPassword(password);
Optional userForbase = service.findOne(Example.of(user));
if (userForbase.isPresent()) {
if (!userForbase.get().getPassword().equals(user.getPassword())) {
jsonObject.put("message", "登录失败,密码错误");
} else {
String token = tokenService.getToken(userForbase.get());
jsonObject.put("token", token);
jsonObject.put("user", userForbase);
}
}else{
jsonObject.put("message", "登录失败,用户不存在或密码错误");
}
return jsonObject;
}
@PostMapping("/register")
public Object register(String username, String password, String nickname) {
JSONObject jsonObject = new JSONObject();
UmsUser fuser = new UmsUser();
fuser.setUsername(username);
Optional one = service.findOne(Example.of(fuser));
if (one.isPresent()) {
jsonObject.put("message", "用户已存在");
} else {
fuser.setPassword(password);
fuser.setNickname(nickname);
fuser.setStatus(1);
fuser.setCount(1);
service.save(fuser);
jsonObject = login(username, password);
}
return jsonObject;
}
@UserLoginToken
@GetMapping("/get_message")
public String getMessage() {
return "通过验证";
}
@PostMapping("/set_password")
public String setPassword(String username, String password, String /confirm/iPassword) {
if (password == null || password.equals("") || confirmPassword == null || /confirm/iPassword.equals("")) {
return "密码不能为空";
}
if (!password.equals(/confirm/iPassword)) {
return "两次输入密码不同";
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
if (one.get().getPassword().equals(password)) {
return "密码重复";
} else {
user = one.get();
user.setPassword(password);
service.save(user);
return password;
}
} else {
return "用户不存在";
}
}
@PostMapping("/set_nickname")
public String setNickname(String username, String nickname) {
if (nickname == null || nickname.equals("")) {
return "昵称不能为空";
//监测
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
user = one.get();
user.setNickname(nickname);
service.save(user);
return nickname;
} else {
return "用户不存在";
}
}
@PostMapping("/set_email")
public String setEmail(String username, String email) {
if (email == null || email.equals("")) {
return "邮箱不能为空";
}
if (email.indexOf('@') == -1) {
return "邮箱地址格式错误";
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
user = one.get();
user.setEmail(email);
service.save(user);
return email;
} else {
return "用户不存在";
}
}
@PostMapping("/set_phone")
public String setPhone(String username, String phone) {
//设置手机号
if (phone == null || phone.equals("")) {
return "手机号码不能为空";
}
if (phone.trim().length() != 11) {
return "号码格式不正确";
}
if (phone.charAt(0) != '1' || (phone.charAt(0) == '1' && "358".indexOf(phone.charAt(1)) == -1)) {
return "号码格式不正确";
//或许可以改进号码格式与地域??
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
user = one.get();
user.setPhone(new BigInteger(phone));
service.save(user);
return phone;
} else {
return "用户不存在";
}
}
@PostMapping("/set_sex")
public Integer setSex(String username, Integer sex) {
if (sex == null) {
return -1; // 参数为空
}
if (sex != 0 && sex != 1) {
return -2; // 参数不合法
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
user = one.get();
user.setSex(sex);
service.save(user);
return sex;
} else {
return -3; // 用户不存在
}
}
@PostMapping("/set_birthday")
public String setBirthday(String username, String birthday) {
if (birthday == null || birthday.equals("")) {
return "生日不能为空";
}
if (birthday.length() != 10
|| birthday.indexOf('-') == -1
|| !birthday.substring(0, 4).matches("[0-9]*")
|| !birthday.substring(5, 7).matches("[0-9]*")
|| !birthday.substring(8).matches("[0-9]*")) {
return "生日格式应为 yyyy-MM-dd";
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
user = one.get();
user.setBirthday(birthday);
service.save(user);
return birthday;
} else {
return "用户不存在";
}
}
@PostMapping(value = "/set_avatar", produces = "application/json")
public String setAvatar(@RequestBody JSONObject data) {
String username = data.getString("username");
String img = data.getString("img").replaceAll(" ", "+");
String[] d = img.split("base64,");
if (d.length == 2) {
String b = d[1];
//base64转换成二进制byte,跟大一Java课设中的商品图片处理采用了同一种方式。
byte[] bs = base64Util.base64Decode2Bytes(b);
for(int i = 0 ; i < bs.length; ++i) {
if(bs[i] < 0) {
//调整异常数据
bs[i] += 256;
}
}
try {
String imgFilePath = System.getProperty("user.dir");
File dir = new File(imgFilePath + "/userimg/picture/");
if (!dir.exists() && !dir.mkdirs()) {
return "生成图片存储路径失败";
}
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (!one.isPresent()) {
return "用户不存在";
} else {
user = one.get();
imgFilePath += "/userimg/picture/" + one.get().getUsername() + ".jpg";
user.setImgurl(imgFilePath);
BufferedOutputStream out = new BufferedOutputStream(new FileOutputStream(imgFilePath));
out.write(bs);
out.flush();
out.close();
service.save(user);
return "图片写入成功";
}
} catch (IOException e) {
e.printStackTrace();
return "图片写入失败";
}
}
return "base64格式错误";
}
@GetMapping("/get_avatar")
public void getAvatar(HttpServletResponse response, String username) {
UmsUser user = new UmsUser();
user.setUsername(username);
Optional one = service.findOne(Example.of(user));
if (one.isPresent()) {
try {
ServletOutputStream out = response.getOutputStream();
InputStream in = new FileInputStream(System.getProperty("user.dir") + "/userimg/picture/" + username + ".jpg");
byte[] data = new byte[in.available()];
while (in.read(data) == -1) break;
in.close();
out.write(data);
out.flush();
out.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
