From 520d2feebc252bd0cc6259086bf96a82bb855808 Mon Sep 17 00:00:00 2001 From: HuangHai <10402852@qq.com> Date: Tue, 29 Apr 2025 15:58:14 +0800 Subject: [PATCH] 'commit' --- .../Controller/LoginPersonController.java | 32 ++++++----- .../Controller/TeacherYdController.java | 52 +++++++++-------- .../com/dsideal/dsBase/Util/CookieUtil.java | 56 +++++++++++++++++++ 3 files changed, 99 insertions(+), 41 deletions(-) create mode 100644 dsBase/src/main/java/com/dsideal/dsBase/Util/CookieUtil.java diff --git a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java index 03d8b7da..985df1bc 100644 --- a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java +++ b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java @@ -42,13 +42,13 @@ public class LoginPersonController extends Controller { String checkCodeKey = ""; //万能验证码:dsideal if (!captcha.equals("dsideal")) { - if (SessionKit.get(getRequest(), getResponse(), "captcha") == null) { + if (CookieUtil.getValue(getRequest(), "captcha") == null) { resultJson.put("success", false); resultJson.put("msg", "在浏览器会话中没有检查到验证码,你的行为将会记录!"); renderJson(resultJson); return; } - String memory_captcha = SessionKit.get(getRequest(), getResponse(), "captcha").toLowerCase(); + String memory_captcha = Objects.requireNonNull(CookieUtil.getValue(getRequest(), "captcha")).toLowerCase(); //验证码错误次数 checkCodeKey = "Yzm_error_" + username; int CheckCodeErrCnt = 4; //最多允许错几次 4+1 @@ -186,7 +186,7 @@ public class LoginPersonController extends Controller { */ @Before(POST.class) @EmptyInterface({"username", "password", "platform"}) - public void doLogin_Internal(String username, String password,String platform) { + public void doLogin_Internal(String username, String password, String platform) { JSONObject resultJson = new JSONObject(); //检查缓存中此账号错误了几次 @@ -283,7 +283,8 @@ public class LoginPersonController extends Controller { */ @Before({GET.class}) public void logout() { - SessionKit.clear(getRequest(), getResponse()); + //SessionKit.clear(getRequest(), getResponse()); + //TODO: 登出功能需要完善,目前只重定向到登录页面 redirect("/plogin.html"); } @@ -298,7 +299,7 @@ public class LoginPersonController extends Controller { public void ResetPwd(String person_id) { //修改密码 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String operator = rPerson.getStr("person_id"); + String operator = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); lm.changePwd(operator, ip_address, "123456", person_id); @@ -315,7 +316,8 @@ String operator = rPerson.getStr("person_id"); @EmptyInterface({"old_pwd", "new_pwd"}) @LengthInterface({"new_pwd,6,18"}) public void changePwd(String old_pwd, String new_pwd) { - String person_id = SessionKit.get(getRequest(), getResponse(), "person_id"); + Record rPerson = JwtUtil.getPersonInfo(getRequest()); + String person_id = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); @@ -341,7 +343,8 @@ String operator = rPerson.getStr("person_id"); @Before({GET.class}) public void getLoginPersonInfo() { JSONObject resultJson = new JSONObject(); - String personId = SessionKit.get(getRequest(), getResponse(), "person_id"); + Record rPerson = JwtUtil.getPersonInfo(getRequest()); + String personId = rPerson.getStr("person_id"); Record record = lm.getLoginInfoByPersonId(personId); if (record == null) { resultJson.put("success", false); @@ -430,7 +433,7 @@ String operator = rPerson.getStr("person_id"); * @param limit 每页数量 */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3"}) @IsNumericInterface({"page", "limit"}) public void getPrintAreaManager(int page, int limit) { @@ -442,7 +445,7 @@ String operator = rPerson.getStr("person_id"); * 获取县区管理员的帐号和原始密码(导出EXCEL) */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3"}) public void getPrintAreaManagerForExcel() { //模板文件 @@ -467,7 +470,7 @@ String operator = rPerson.getStr("person_id"); * @param area_id 县区ID */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3"}) @EmptyInterface({"area_id"}) @IsNumericInterface({"page", "limit"}) @@ -482,7 +485,7 @@ String operator = rPerson.getStr("person_id"); * @param area_id 县区id */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3"}) @EmptyInterface({"area_id"}) public void getPrintAreaBureauForExcel(String area_id) { @@ -519,7 +522,7 @@ String operator = rPerson.getStr("person_id"); // 重新生成code captcha.createCode(); //写入session - SessionKit.set(getRequest(), getResponse(), "captcha", captcha.getCode()); + CookieUtil.set(getResponse(), "captcha", captcha.getCode(), true, false); // 将内存中的图片通过流动形式输出到客户端 captcha.write(response.getOutputStream()); } catch (Exception e) { @@ -536,9 +539,10 @@ String operator = rPerson.getStr("person_id"); * @param email 邮箱 */ @Before(POST.class) - + public void updateTelephoneEmail(String telephone, String email) { - String personId = SessionKit.get(getRequest(), getResponse(), "person_id"); + Record rPerson = JwtUtil.getPersonInfo(getRequest()); + String personId = rPerson.getStr("person_id"); lm.updateTelephoneEmail(personId, telephone, email); Kv kv = Kv.create(); kv.set("success", true); diff --git a/dsBase/src/main/java/com/dsideal/dsBase/TeacherYd/Controller/TeacherYdController.java b/dsBase/src/main/java/com/dsideal/dsBase/TeacherYd/Controller/TeacherYdController.java index e52ac7a6..df9437b1 100644 --- a/dsBase/src/main/java/com/dsideal/dsBase/TeacherYd/Controller/TeacherYdController.java +++ b/dsBase/src/main/java/com/dsideal/dsBase/TeacherYd/Controller/TeacherYdController.java @@ -26,7 +26,7 @@ public class TeacherYdController extends Controller { * @param person_id */ @Before({GET.class}) - + @EmptyInterface({"person_id"}) @IsSysAdminInterface({"1", "2", "3", "4"}) public void getPersonStatus(String person_id) { @@ -47,7 +47,7 @@ public class TeacherYdController extends Controller { * 获取全部的教师状态 */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) public void get_dm_status_teacher() { List rs = model.get_dm_status_teacher(); @@ -58,7 +58,7 @@ public class TeacherYdController extends Controller { * 返回调转审核的两种状态 */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) public void getTransferApplyStatus() { List rs = model.getTransferApplyStatus(); @@ -72,14 +72,14 @@ public class TeacherYdController extends Controller { * @param status_code */ @Before({POST.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @EmptyInterface({"person_id", "status_code"}) public void updateTeacherStatus(String person_id, String status_code) { //操作人 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String operator = rPerson.getStr("person_id"); + String operator = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); @@ -97,7 +97,7 @@ String operator = rPerson.getStr("person_id"); * @param person_id */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @EmptyInterface({"person_id"}) @@ -118,7 +118,7 @@ String operator = rPerson.getStr("person_id"); * @param apply_message */ @Before({POST.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @EmptyInterface({"target_bureau_id", "person_id", "apply_message"}) @@ -143,7 +143,7 @@ String operator = rPerson.getStr("person_id"); //操作人 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String operator = rPerson.getStr("person_id"); + String operator = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); @@ -164,7 +164,7 @@ String operator = rPerson.getStr("person_id"); * @param person_name */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @IsNumericInterface({"page", "limit"}) public void getTeacherTransferApplyList(int page, int limit, String person_name) { @@ -190,7 +190,7 @@ String operator = rPerson.getStr("person_id"); * @param echo_message */ @Before({POST.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @EmptyInterface({"echo_message"}) @@ -205,7 +205,7 @@ String operator = rPerson.getStr("person_id"); } //操作人 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String operator = rPerson.getStr("person_id"); + String operator = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); @@ -221,7 +221,7 @@ String operator = rPerson.getStr("person_id"); * @param person_name */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @IsNumericInterface({"page", "limit"}) @@ -232,7 +232,7 @@ String operator = rPerson.getStr("person_id"); //当前登录人员所在单位 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String person_id = rPerson.getStr("person_id"); + String person_id = rPerson.getStr("person_id"); BaseModel bm = new BaseModel(); String bureau_id = bm.getPersonInfo(person_id).getStr("bureau_id"); Page rs = model.getTeacherTransferEchoList(page, limit, bureau_id, person_name); @@ -245,14 +245,14 @@ String person_id = rPerson.getStr("person_id"); * @param id */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @IsNumericInterface({"id"}) public void getTeacherTransferInfoById(int id) { //尝试修改一下阅读状态 Record rPerson = JwtUtil.getPersonInfo(getRequest()); - String person_id = rPerson.getStr("person_id"); + String person_id = rPerson.getStr("person_id"); boolean result = model.ChangeTransferApplyReadStatus(id, person_id); if (!result) { renderJson(CommonUtil.returnMessageJson(false, "处理阅读状态失败!!")); @@ -267,7 +267,7 @@ String person_id = rPerson.getStr("person_id"); * @param id */ @Before({POST.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) @IsNumericInterface({"id"}) @@ -280,8 +280,9 @@ String person_id = rPerson.getStr("person_id"); } Record rPerson = JwtUtil.getPersonInfo(getRequest()); String source_bureau_id = records.getFirst().getStr("source_bureau_id"); - String personId = rPerson.getStr("person_id");; - String identity_id = rPerson.getStr("identity_id"); + String personId = rPerson.getStr("person_id"); + ; + String identity_id = rPerson.getStr("identity_id"); LoginPersonModel _loginPersonModel = new LoginPersonModel(); Record obj = _loginPersonModel.getLoginInfoByPersonId(personId); if (identity_id != null && identity_id.equals("4") && !obj.get("bureau_id").equals(source_bureau_id)) { @@ -302,8 +303,7 @@ String person_id = rPerson.getStr("person_id"); } //4、删除它 //操作人 - Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String operator = rPerson.getStr("person_id"); + String operator = rPerson.getStr("person_id"); //客户端ip_address String ip_address = IpUtil.getIpAddr(getRequest()); model.deleteTransferInfoById(id, operator, ip_address); @@ -313,16 +313,15 @@ String operator = rPerson.getStr("person_id"); /** * 教师调转提醒(收到新的申请) - * */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) public void getNewTeacherTransferApplyCount() { //当前登录人员所在单位 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String person_id = rPerson.getStr("person_id"); + String person_id = rPerson.getStr("person_id"); BaseModel bm = new BaseModel(); String bureau_id = bm.getPersonInfo(person_id).getStr("bureau_id"); int count = model.getNewTeacherTransferApplyCount(bureau_id); @@ -333,16 +332,15 @@ String person_id = rPerson.getStr("person_id"); /** * 教师调转提醒(收到新的回执) - * */ @Before({GET.class}) - + @IsSysAdminInterface({"1", "2", "3", "4"}) public void getNewTeacherTransferEchoCount() { //当前登录人员所在单位 Record rPerson = JwtUtil.getPersonInfo(getRequest()); -String person_id = rPerson.getStr("person_id"); + String person_id = rPerson.getStr("person_id"); BaseModel bm = new BaseModel(); String bureau_id = bm.getPersonInfo(person_id).getStr("bureau_id"); int count = model.getNewTeacherTransferEchoCount(bureau_id); @@ -358,7 +356,7 @@ String person_id = rPerson.getStr("person_id"); * @param org_id */ @Before({POST.class}) - + @EmptyInterface({"person_id", "org_id"}) @IsSysAdminInterface({"1"}) diff --git a/dsBase/src/main/java/com/dsideal/dsBase/Util/CookieUtil.java b/dsBase/src/main/java/com/dsideal/dsBase/Util/CookieUtil.java new file mode 100644 index 00000000..1005c38d --- /dev/null +++ b/dsBase/src/main/java/com/dsideal/dsBase/Util/CookieUtil.java @@ -0,0 +1,56 @@ +package com.dsideal.dsBase.Util; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +public class CookieUtil { + + // 默认缓存时间,单位/秒, 2H + private static final int COOKIE_MAX_AGE = 60 * 60 * 2; + // 保存路径,根路径 + private static final String COOKIE_PATH = "/"; + + public static String getValue(HttpServletRequest request, String key) { + Cookie cookie = get(request, key); + if (cookie != null) { + return cookie.getValue(); + } + return null; + } + + private static Cookie get(HttpServletRequest request, String key) { + Cookie[] arr_cookie = request.getCookies(); + if (arr_cookie != null && arr_cookie.length > 0) { + for (Cookie cookie : arr_cookie) { + if (cookie.getName().equals(key)) { + return cookie; + } + } + } + return null; + } + + public static void set(HttpServletResponse response, String key, String value, boolean ifRemember,boolean isHttpOnly) { + int age = ifRemember ? COOKIE_MAX_AGE : -1; + set(response, key, value, null, COOKIE_PATH, age, isHttpOnly); + } + + private static void set(HttpServletResponse response, String key, String value, String domain, String path, int maxAge, boolean isHttpOnly) { + Cookie cookie = new Cookie(key, value); + if (domain != null) { + cookie.setDomain(domain); + } + cookie.setPath(path); + cookie.setMaxAge(maxAge); + cookie.setHttpOnly(isHttpOnly); + response.addCookie(cookie); + } + + public static void remove(HttpServletRequest request, HttpServletResponse response, String key) { + Cookie cookie = get(request, key); + if (cookie != null) { + set(response, key, "", null, COOKIE_PATH, 0, true); + } + } +}