aidlab/aida_back
7
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

TASK:免密登录;

Browse Source
This commit is contained in:
shahaibo
2024-01-17 17:49:40 +08:00
parent c5d540686e
commit 90634f73c7
7 changed files with 191 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

170
src/main/java/com/ai/da/service/impl/AccountServiceImpl.java
View File

@@ -647,12 +647,29 @@ public class AccountServiceImpl extends ServiceImpl<AccountMapper, Account> impl
@Override
public AccountLoginVO noLoginRequired(NoLoginRequiredDTO noLoginRequiredDTO) {
public AccountLoginVO noLoginRequired(NoLoginRequiredDTO noLoginRequiredDTO, HttpServletRequest request) {
String id = noLoginRequiredDTO.getId();
if (!isStringInRange(id)) {
throw new BusinessException("Illegal serial number!");
}
// 获取真实 IP 地址,考虑了经过代理的情况
String ipAddress = request.getHeader("X-Forwarded-For");
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
}
String browserIdentifiers = ipAddress + "," + id;
QueryWrapper<Account> qw = new QueryWrapper<>();
qw.lambda().eq(Account::getBrowserIdentifiers, noLoginRequiredDTO.getBrowserIdentifiers());
qw.lambda().eq(Account::getUserName, "PolyU-SFT-" + id);
qw.lambda().eq(Account::getBrowserIdentifiers, browserIdentifiers);
List<Account> accountList = accountMapper.selectList(qw);
if (CollectionUtil.isEmpty(accountList)) {
throw new BusinessException("This browser is not registered as login free");
throw new BusinessException("Machine identification has changed, login free has failed, please contact us at help@aida.com.hk.");
}
Account account = accountList.get(0);
AccountLoginVO response = CopyUtil.copyObject(account, AccountLoginVO.class);
@@ -668,12 +685,151 @@ public class AccountServiceImpl extends ServiceImpl<AccountMapper, Account> impl
}
@Override
public Boolean existNoLoginRequired(NoLoginRequiredDTO noLoginRequiredDTO) {
public Boolean existNoLoginRequired(NoLoginRequiredDTO noLoginRequiredDTO, HttpServletRequest request) {
String id = noLoginRequiredDTO.getId();
// 获取真实 IP 地址,考虑了经过代理的情况
String ipAddress = request.getHeader("X-Forwarded-For");
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
}
String browserIdentifiers = ipAddress + "," + id;
QueryWrapper<Account> qw = new QueryWrapper<>();
qw.lambda().eq(Account::getBrowserIdentifiers, noLoginRequiredDTO.getBrowserIdentifiers());
qw.lambda().eq(Account::getUserName, "PolyU-SFT-" + id);
List<Account> accountList = accountMapper.selectList(qw);
if (CollectionUtil.isEmpty(accountList)) {
return Boolean.FALSE;
if (!CollectionUtil.isEmpty(accountList)) {
throw new BusinessException("");
}
return Boolean.TRUE;
}
@Override
@Transactional(rollbackFor = Exception.class)
public String addNoLoginRequiredNew(NoLoginRequiredDTO noLoginRequiredDTO, HttpServletRequest request) {
// 验证机房注册序列号001-100
String id = noLoginRequiredDTO.getId();
if (!isStringInRange(id)) {
throw new BusinessException("Illegal serial number.");
}
// 获取真实 IP 地址,考虑了经过代理的情况
String ipAddress = request.getHeader("X-Forwarded-For");
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
}
String browserIdentifiers = ipAddress + "," + id;
// 构建查询条件,查找已注册的账户数量
QueryWrapper<Account> queryWrapper = new QueryWrapper<>();
queryWrapper.lambda().eq(Account::getUserName, "PolyU-SFT-" + id);
// queryWrapper.lambda().eq(Account::getBrowserIdentifiers, browserIdentifiers);
List<Account> existingAccounts = accountMapper.selectList(queryWrapper);
// 检查序列号是否被注册
if (CollectionUtil.isNotEmpty(existingAccounts)) {
throw new BusinessException("The serial number has already been registered.");
}
// 检查机器是否已经注册了别的序列号
queryWrapper.clear();
queryWrapper.lambda().like(Account::getBrowserIdentifiers, ipAddress);
List<Account> accountList = accountMapper.selectList(queryWrapper);
if (CollectionUtil.isNotEmpty(accountList)) {
throw new BusinessException("This machine has already been registered with serial number " + accountList.get(0).getUserName().split("-")[2]);
}
// 创建新账户
Account newAccount = new Account();
newAccount.setUserName("PolyU-SFT-" + id);
newAccount.setUserPassword("Third-000000");
newAccount.setValidStartTime(System.currentTimeMillis());
newAccount.setValidEndTime(System.currentTimeMillis() + 365L * 24 * 60 * 60 * 1000);
newAccount.setCreateDate(new Date());
newAccount.setIsBeginner(1);
newAccount.setIsTrial(0);
newAccount.setBrowserIdentifiers(browserIdentifiers);
newAccount.setLanguage(Language.ENGLISH.name());
// 插入新账户
accountMapper.insert(newAccount);
return "<!DOCTYPE html>\n" +
"                        <html lang=\"en\">\n" +
"                        <head>\n" +
"                            <meta charset=\"UTF-8\">\n" +
"                            <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n" +
"                            <title>Document</title>\n" +
"                        </head>\n" +
"                        <body>\n" +
"                        </body>\n" +
"                            <script>\n" +
"                                window.location.href = 'http://18.167.251.121:7788?"+id+"';\n" +
"                            </script>\n" +
"                        </html>";
}
public static boolean isStringInRange(String input) {
// 去除字符串两端的空格
input = input.trim();
// 使用正则表达式检查是否是三位数字
if (input.matches("\\d{3}")) {
// 将字符串转换为整数
int number = Integer.parseInt(input);
// 检查是否在指定范围内
return number >= 1 && number <= 100;
}
return false;
}
@Override
@Transactional(rollbackFor = Exception.class)
public Boolean deleteNoLoginRequiredNew(NoLoginRequiredDTO noLoginRequiredDTO, HttpServletRequest request) {
// 获取真实 IP 地址,考虑了经过代理的情况
String ipAddress = request.getHeader("X-Forwarded-For");
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getHeader("WL-Proxy-Client-IP");
}
if (ipAddress == null || ipAddress.isEmpty() || "unknown".equalsIgnoreCase(ipAddress)) {
ipAddress = request.getRemoteAddr();
}
// 删除将被注销的用户
QueryWrapper<Account> queryWrapperDelete = new QueryWrapper<>();
if (StringUtils.isNotBlank(noLoginRequiredDTO.getId()) && noLoginRequiredDTO.getDeleteById()) {
// 验证机房注册序列号001-100
String id = noLoginRequiredDTO.getId();
if (!isStringInRange(id)) {
throw new BusinessException("Illegal serial number.");
}
queryWrapperDelete.lambda().eq(Account::getUserName, "PolyU-SFT-" + noLoginRequiredDTO.getId());
}else {
queryWrapperDelete.lambda().like(Account::getBrowserIdentifiers, ipAddress);
}
List<Account> accountList = accountMapper.selectList(queryWrapperDelete);
if (CollectionUtil.isNotEmpty(accountList)) {
for (Account account : accountList) {
//jwt本身失效比较难做 统一用缓存实现 删除缓存就失效
String token = LocalCacheUtils.getTokenCache(String.valueOf(account.getId()));
if (StringUtils.isNotBlank(token)) {
LocalCacheUtils.delTokenCache(String.valueOf(account.getId()));
}
accountMapper.deleteById(account.getId());
// TODO:注销时删除用户数据workspacelikelibrary等
}
}
return Boolean.TRUE;
}