Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

API请求增加通过APIKEY认证方式 #23

Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

API请求增加通过APIKEY认证方式 #23

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
c7ec1db
first
ShervenLee Mar 22, 2020
601655c
API请求增加通过APIKEY认证,目前保留邮箱+密码认证方式。
ShervenLee Mar 22, 2020
47c2f90
API请求增加通过APIKEY认证,目前保留邮箱+密码认证方式
ShervenLee Mar 22, 2020
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 4 additions & 1 deletion sql/picturebed.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -248,7 +248,10 @@ CREATE TABLE `user` (
`isok` int(2) NOT NULL,
`memory` int(10) NULL DEFAULT NULL COMMENT '用户内存大小',
`groupid` int(255) NULL DEFAULT NULL,
PRIMARY KEY (`id`) USING BTREE
`apikey` VARCHAR(100) NULL DEFAULT NULL COMMENT '调用API的Key',
PRIMARY KEY (`id`) USING BTREE,
INDEX `apikey` (`apikey`),
INDEX `email` (`email`)
) ENGINE = InnoDB AUTO_INCREMENT = 2 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Compact;

-- ----------------------------
Expand Down
1 change: 1 addition & 0 deletions src/main/java/cn/hellohao/controller/AdminController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -369,6 +369,7 @@ public String toapi(HttpSession session, Model model, HttpServletRequest request
//key信息
model.addAttribute("username", u.getUsername());
model.addAttribute("level", u.getLevel());
model.addAttribute("apikey",u.getApikey());
model.addAttribute("domain", config.getDomain());
return "admin/api";
}
Expand Down
579 changes: 306 additions & 273 deletions src/main/java/cn/hellohao/controller/ClientController.java
View file
Open in desktop

Large diffs are not rendered by default.

19 changes: 14 additions & 5 deletions src/main/java/cn/hellohao/controller/UserController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,10 +2,7 @@

import java.net.URLDecoder;
import java.text.SimpleDateFormat;
import java.util.Date;
import java.util.List;
import java.util.Random;
import java.util.UUID;
import java.util.*;

import javax.mail.internet.MimeMessage;
import javax.servlet.http.Cookie;
Expand Down Expand Up @@ -47,7 +44,18 @@ public class UserController {
private SysConfigService sysConfigService;
@Autowired
private UserGroupService userGroupService;

@RequestMapping("/reset/apikey")
@ResponseBody
public ResultBean resetApikey(HttpSession session) {
Map<String, Object> map = new HashMap<>();
User user = (User)session.getAttribute("user");
String newApikey = userService.resetApikey(user.getId());

map.put("newApikey",newApikey);
user.setApikey(newApikey);
session.setAttribute("user",user);
return ResultBean.success(map);
}
@RequestMapping("/register")
@ResponseBody
public String Register(@Valid User u,Integer zctmp) {
Expand All @@ -72,6 +80,7 @@ public String Register(@Valid User u,Integer zctmp) {
user.setEmail(u.getEmail());
user.setUsername(u.getUsername());
user.setPassword(Base64Encryption.encryptBASE64(u.getPassword().getBytes()));
user.setApikey(userService.createApikey());
Config config = configService.getSourceype();
System.err.println("是否启用了邮箱激活:"+emailConfig.getUsing());
Integer type = 0;
Expand Down
8 changes: 8 additions & 0 deletions src/main/java/cn/hellohao/dao/UserMapper.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@

@Mapper
public interface UserMapper {
Integer resetApikey(@Param("userid")Integer userid,@Param("newApikey")String newApikey);
User getUsersByApikey(@Param("apikey") String apikey);
/**
* 检查APIkey用户名是否重复
* @param apikey
* @return
*/
Integer checkApiKey(@Param("apikey") String apikey);
//注册
Integer register(User user);

Expand Down
8 changes: 8 additions & 0 deletions src/main/java/cn/hellohao/pojo/User.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,15 @@ public class User {
private Integer isok;
private Integer memory;
private Integer groupid;
private String apikey;

public String getApikey() {
return apikey;
}

public void setApikey(String apikey) {
this.apikey = apikey;
}

public User() {
super();
Expand Down
23 changes: 23 additions & 0 deletions src/main/java/cn/hellohao/service/UserService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,29 @@
import java.util.List;

public interface UserService {
User getUsersByApiKey(String apikey);
/**
*
* @param userid
* @return 新的Apikey
*/
String resetApikey(Integer userid);

/**
* apikey是否存在
*
* @param apikey
* @return
*/
Boolean isApiKeyExist(String apikey);
/**
* 创建一个新的Apikey
*
* @return
*/
String createApikey();
User getUsersByApikey(String apikey);

//注册
Integer register(User user);

Expand Down
46 changes: 46 additions & 0 deletions src/main/java/cn/hellohao/service/impl/UserServiceImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,12 @@
import cn.hellohao.pojo.User;
import cn.hellohao.service.UserService;
import cn.hellohao.utils.Print;
import cn.hutool.crypto.digest.DigestUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;

import java.time.LocalDateTime;
import java.util.List;

@Service
Expand All @@ -19,6 +21,50 @@ public class UserServiceImpl implements UserService {
private UserMapper userMapper;
@Autowired
private CodeMapper codeMapper;

@Override
public String createApikey() {
String apikey;
do {
apikey = DigestUtil.md5Hex(LocalDateTime.now().toString());
} while (isApiKeyExist(apikey));
return apikey;
}

@Override
public User getUsersByApikey(String apikey) {
// TODO Auto-generated method stub
return userMapper.getUsersByApikey(apikey);
}

/**
* apikey是否存在
*
* @param apikey
* @return
*/
@Override
public Boolean isApiKeyExist(String apikey) {
if (userMapper.checkApiKey(apikey) > 0) {
return true;
}
return false;
}

@Override
public User getUsersByApiKey(String apikey) {
return userMapper.getUsersByApikey(apikey);
}

@Override
public String resetApikey(Integer userid){
String newApikey=createApikey();
userMapper.resetApikey( userid, newApikey);
return newApikey;
}



@Override
public Integer register(User user) {
// TODO Auto-generated method stub
Expand Down
40 changes: 34 additions & 6 deletions src/main/resources/mapper/UserMapper.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,11 +1,36 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="cn.hellohao.dao.UserMapper">

<select id="checkApiKey" parameterType="string" resultType="integer">
SELECT count(apikey) FROM `user` where apikey=#{apikey}
</select>
<!-- 查询当前用户:根据Apikey -->
<select id="getUsersByApikey" parameterType="string" resultType="cn.hellohao.pojo.User">
SELECT id,
username,
email,
password,
birthder,
LEVEL,
uid,
isok,
memory,
groupid,
apikey
FROM user
WHERE apikey = #{apikey}
</select>
<update id="resetApikey" parameterType="string">
UPDATE `user`
<set>
`apikey` = #{newApikey}
</set>
where `id`=#{userid}
</update>
<!-- 用户注册 -->
<insert id="register" parameterType="cn.hellohao.pojo.User">
INSERT INTO user (id, username, PASSWORD, email, birthder, LEVEL,uid,isok,memory,groupid)
VALUES (NULL, #{username}, #{password}, #{email}, #{birthder}, #{level},#{uid},#{isok},#{memory},#{groupid} )
INSERT INTO user (id, username, PASSWORD, email, birthder, LEVEL,uid,isok,memory,groupid,apikey)
VALUES (NULL, #{username}, #{password}, #{email}, #{birthder}, #{level},#{uid},#{isok},#{memory},#{groupid} ,#{apikey} )
</insert>
<!-- 查询是否有username -->
<select id="countusername" parameterType="string" resultType="integer">
Expand Down Expand Up @@ -58,7 +83,8 @@
uid,
isok,
memory,
groupid
groupid,
apikey
FROM user
WHERE email = #{email}
</select>
Expand All @@ -73,7 +99,8 @@
uid,
isok,
memory,
groupid
groupid,
apikey
FROM user
WHERE id = #{id}
</select>
Expand All @@ -88,7 +115,8 @@
uid,
isok,
memory,
groupid
groupid,
apikey
FROM user
WHERE uid = #{uid}
</select>
Expand Down
7 changes: 7 additions & 0 deletions src/main/resources/static/static/js/toastr.min.js
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

45 changes: 42 additions & 3 deletions src/main/resources/templates/admin/api.html
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
<link rel="stylesheet" th:href="@{/layui/layui/css/layui.css}">
<script th:src="@{/static/js/jquery-3.4.1.min.js}" type="text/javascript"></script>
<script th:src="@{/layui/layui/layui.js}"></script>
<script th:src="@{/static/js/toastr.min.js}" type="text/javascript"></script>
<style>
body{
font-family: 等线;
Expand Down Expand Up @@ -39,7 +40,7 @@ <h3>请求地址:</h3>
</tbody>
</table>
<br/>
<h3>请求参数:</h3>
<h3>请求参数:(为兼容低版本客户端,保留使用邮箱密码登陆方式)</h3>
<table class="layui-table">
<thead>
<tr>
Expand All @@ -59,15 +60,26 @@ <h3>请求参数:</h3>
<tr>
<td>email</td>
<td>String</td>
<td></td>
<td></td>
<td>用户邮箱</td>
</tr>
<tr>
<td>pass</td>
<td>String</td>
<td></td>
<td></td>
<td>用户密码</td>
</tr>
<tr>
<td>apikey</td>
<td>String</td>
<td>否</td>
<td>密钥(<span style="color: #FF5722;">请勿泄漏</span>)</td>
</tr>
<tr>
<td>你的密钥</td>
<td th:colspan="2" th:text="${apikey}" style="color:#FF5722 "></td>
<td><span onclick="resetApi()" class="layui-btn layui-btn-danger">重置ApiKey</span></td>
</tr>
</tbody>
</table>
<h3>返回参数:</h3>
Expand Down Expand Up @@ -95,6 +107,7 @@ <h3>返回参数:</h3>
<td>Array|Object</td>
<td>图片上传后的信息</td>
</tr>

</tbody>
</table>

Expand Down Expand Up @@ -136,6 +149,32 @@ <h3>


</div>
<script type="text/javascript">
function resetApi() {
layui.use('layer', function(){
var layer = layui.layer;
layer.confirm('危险-确定重置?', {
btn: ['确认重置', '取消'],
icon: 3,
title:'Apikey重置'
}, function(index, layero){
$.ajax({
type:"POST",
dataType:"json",
url:"/user/reset/apikey",
success: function (data) {
if (data.code==200){
toastr.success("重置成功");
window.location.reload();
}
}
});
}, function(index){

});
});

}
</script>
</body>
</html>