igor/org.ccalm.jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Рефакторинг

Browse Source
This commit is contained in:
igor
2025-04-08 07:31:55 +05:00
parent 00d39d73bc
commit 4b64cae8c5
2 changed files with 166 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

305
src/main/java/org/ccalm/jwt/MainController.java
View File

@ -325,9 +325,12 @@ public class MainController implements ServletContextAware {
@Operation(summary = "Get API version(date) of build", description = "Returns the date and API name") @Operation(summary = "Get API version(date) of build", description = "Returns the date and API name")
@RequestMapping(value = "/",method = RequestMethod.GET,produces = "application/json;charset=utf-8") @RequestMapping(value = "/",method = RequestMethod.GET,produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public ResponseEntity<String> index() { public ResponseEntity<Object> index(
JSONObject json = new JSONObject(); @CookieValue(value = "lng", defaultValue = "1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate);
try { try {
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
json.put("error_marker",(String)null); json.put("error_marker",(String)null);
@ -361,31 +364,28 @@ public class MainController implements ServletContextAware {
endpoints.forEach(System.out::println); endpoints.forEach(System.out::println);
}*/ }*/
} catch (JSONException e) { return new ResponseEntity<>(json.toString(), HttpStatus.OK);
throw new RuntimeException(e); } catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, e);
return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
return ResponseEntity.ok(json.toString());
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation(summary = "Get user settings from the database by their ID in JWT", description = "Get user settings from the database by their ID from JWT") @Operation(summary = "Get user settings from the database by their ID in JWT", description = "Get user settings from the database by their ID from JWT")
@RequestMapping(value = "/get_settings",method = {RequestMethod.POST},produces = "application/json;charset=utf-8") @RequestMapping(value = "/get_settings",method = {RequestMethod.POST},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public Object get_settings(@CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) { public ResponseEntity<Object> get_settings(
Authentication authentication,
@RequestParam(required=false,name="lng",defaultValue = "1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
try{ try{
if(jwt_a.isEmpty() || countOccurrences(jwt_a, '.')!=2) if (authentication == null || !authentication.isAuthenticated()) {
{ throw new CustomException(10401, trt.trt(false, "Please_log_in"),UUID.randomUUID().toString(),false);
throw new CustomException(10000, trt.trt(false, "Please_log_in"),null,false);
}
Jws<Claims> claims = null;
try {
claims = Jwts.parserBuilder()
.setSigningKey(getPublicKey()) //.setSigningKey(key_a)
.build()
.parseClaimsJws(jwt_a);
} catch (Exception e) {
throw new CustomException(10000, trt.trt(false, "Please_log_in"),null,false);
} }
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
String sql = """ String sql = """
select select
us.name, us.name,
@ -397,49 +397,48 @@ public class MainController implements ServletContextAware {
and user_id=:user_id and user_id=:user_id
"""; """;
MapSqlParameterSource parameters = new MapSqlParameterSource(); MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id")); parameters.addValue("user_id", userDetails.getUserId());
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper()); List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
List<String> data = new ArrayList<>(); List<String> data = new ArrayList<>();
for (String s : ret) { for (String s : ret) {
data.add((new JSONObject(s)).getString("name")); data.add((new JSONObject(s)).getString("name"));
} }
return ApiResponseData.success(data);
return new ResponseEntity<>(data, HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
return e.getErrorResponseModel(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
return new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation(summary = "Create or update user settings", description = "") @Operation(summary = "Create or update user settings", description = "")
@RequestMapping(value = "/set_settings",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/set_settings",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public ResponseEntity<Object> set_settings(SettingModel setting, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) { public ResponseEntity<Object> set_settings(
Authentication authentication,
SettingModel setting,
@RequestParam(required=false,name="lng",defaultValue = "1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
try{ try{
if(jwt_a.isEmpty() || countOccurrences(jwt_a, '.')!=2) if (authentication == null || !authentication.isAuthenticated()) {
{ throw new CustomException(10401, trt.trt(false, "Please_log_in"),UUID.randomUUID().toString(),false);
throw new CustomException(10000, trt.trt(false, "Please_log_in"),null,false);
}
//Проверяю подпись токена
Jws<Claims> claims = null;
try {
claims = Jwts.parserBuilder()
.setSigningKey(getPublicKey())
.build()
.parseClaimsJws(jwt_a);
} catch (Exception e) {
throw new CustomException(10000, Arrays.asList(trt.trt(false, "Please_log_in"), trt.trt(false, "JWT_token_verification_error")),null,false);
} }
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
//TODO проверить доступ для выполнения данной функции //TODO проверить доступ для выполнения данной функции
//Выполняем функцию //Выполняем функцию
String sql = """ String sql = """
select id from main._users_settings where user_id=:user_id and identifier=:identifier limit 1 select id from main._users_settings where user_id=:user_id and identifier=:identifier limit 1
"""; """;
MapSqlParameterSource parameters = new MapSqlParameterSource(); MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id")); parameters.addValue("user_id", userDetails.getUserId());
parameters.addValue("identifier", setting.getIdentifier()); parameters.addValue("identifier", setting.getIdentifier());
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper()); List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
long id=0; long id=0;
@ -463,16 +462,16 @@ public class MainController implements ServletContextAware {
"""; """;
} }
parameters = new MapSqlParameterSource(); parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id")); parameters.addValue("user_id", userDetails.getUserId());
parameters.addValue("identifier", setting.getIdentifier()); parameters.addValue("identifier", setting.getIdentifier());
parameters.addValue("value", setting.getValue()); parameters.addValue("value", setting.getValue());
jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper()); jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
return new ResponseEntity<>(new ErrorResponseModel(0), HttpStatus.OK); return new ResponseEntity<>(new ErrorResponseModel(0), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
String uuid = UUID.randomUUID().toString(); if(e.isSaveToLog()) {
logger.error(uuid, e); logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR); return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
@ -513,8 +512,7 @@ public class MainController implements ServletContextAware {
Translation trt = new Translation(language_id, jdbcTemplate); Translation trt = new Translation(language_id, jdbcTemplate);
try { try {
if (authentication == null || !authentication.isAuthenticated()) { if (authentication == null || !authentication.isAuthenticated()) {
String uuid = UUID.randomUUID().toString(); throw new CustomException(10401, trt.trt(false, "Please_log_in"),UUID.randomUUID().toString(),false);
return new ResponseEntity<>(new ErrorResponseModel(10401, trt.trt(false, "Please_log_in"), null, uuid), HttpStatus.UNAUTHORIZED);
} }
UserDetails userDetails = (UserDetails) authentication.getPrincipal(); UserDetails userDetails = (UserDetails) authentication.getPrincipal();
@ -544,6 +542,14 @@ public class MainController implements ServletContextAware {
} }
return new ResponseEntity<>(ApiResponseData.success(data), HttpStatus.OK); return new ResponseEntity<>(ApiResponseData.success(data), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
if(e.getErrorCode()==10401)
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.UNAUTHORIZED);
else
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid, e); logger.error(uuid, e);
@ -554,12 +560,12 @@ public class MainController implements ServletContextAware {
@Operation(summary = "Generate CAPTCHA by email", description = "") @Operation(summary = "Generate CAPTCHA by email", description = "")
@RequestMapping(value = "/captcha",method = RequestMethod.POST,produces = "application/json;charset=utf-8") @RequestMapping(value = "/captcha",method = RequestMethod.POST,produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String captcha(Model model, @RequestBody EmailModel email_model, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) { public ResponseEntity<Object> captcha(Model model, @RequestBody EmailModel email_model, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try{ try{
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); //json.put("error_message","");
ImageCaptcha.Builder builder; ImageCaptcha.Builder builder;
if(Tools.isInteger(email_model.getWidth())) { if(Tools.isInteger(email_model.getWidth())) {
@ -586,9 +592,7 @@ public class MainController implements ServletContextAware {
byte[] bytes = baos.toByteArray(); byte[] bytes = baos.toByteArray();
json.put("image",Base64.getEncoder().encodeToString(bytes)); json.put("image",Base64.getEncoder().encodeToString(bytes));
} catch (IOException e) { } catch (IOException e) {
String uuid = UUID.randomUUID().toString(); throw new CustomException(10000, trt.trt(false, "Input_output_error"),UUID.randomUUID().toString(),true);
logger.error(uuid,e);
throw new CustomException(10000, trt.trt(false, "Input_output_error"),uuid,false);
} }
//Формирую JSON токена и шифрую его //Формирую JSON токена и шифрую его
@ -601,14 +605,17 @@ public class MainController implements ServletContextAware {
//Подпись для как бы токена //Подпись для как бы токена
json.put("token",sToken+"."+Tools.generateSignature(captchaKey, sToken)); json.put("token",sToken+"."+Tools.generateSignature(captchaKey, sToken));
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation( @Operation(
@ -753,11 +760,14 @@ public class MainController implements ServletContextAware {
return new ResponseEntity<>(new ErrorResponseModel(0,trt.trt(false, "The_verification_code_has_been_sent_to_your_email_address"),null), HttpStatus.OK); return new ResponseEntity<>(new ErrorResponseModel(0,trt.trt(false, "The_verification_code_has_been_sent_to_your_email_address"),null), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.OK); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid, e); logger.error(uuid, e);
return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false,"Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@ -765,10 +775,10 @@ public class MainController implements ServletContextAware {
@Operation(summary = "Create new user account", description = "After creating a user, adding a default user role") @Operation(summary = "Create new user account", description = "After creating a user, adding a default user role")
@RequestMapping(value = "/create",method = RequestMethod.POST,produces = "application/json;charset=utf-8") @RequestMapping(value = "/create",method = RequestMethod.POST,produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String create(@RequestBody NewUserModel newUserModel,@RequestParam(required=false,name="lng",defaultValue="1") String language_id) { public ResponseEntity<Object> create(@RequestBody NewUserModel newUserModel,@RequestParam(required=false,name="lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try{ try{
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
@ -906,47 +916,43 @@ public class MainController implements ServletContextAware {
json.put("error_message",trt.trt(false, "The_authorization_password_has_been_sent_to_your_email_address")); json.put("error_message",trt.trt(false, "The_authorization_password_has_been_sent_to_your_email_address"));
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation(summary = "Get user account information", description = "") @Operation(summary = "Get user account information", description = "")
@RequestMapping(value = "/info",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/info",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String info(Model model, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @CookieValue(value = "lng",defaultValue="1") String language_id) { public ResponseEntity<Object> info(
Authentication authentication,
@CookieValue(value = "lng",defaultValue="1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try { try {
if (authentication == null || !authentication.isAuthenticated()) {
throw new CustomException(10401, trt.trt(false, "Please_log_in"),UUID.randomUUID().toString(),false);
}
UserDetails userDetails = (UserDetails) authentication.getPrincipal();
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
if(jwt_a.isEmpty() || countOccurrences(jwt_a, '.')!=2)
{
throw new CustomException(10000, trt.trt(false, "Please_log_in"),null,false);
}
//Проверяю подпись токена
Jws<Claims> claims = null;
try {
claims = Jwts.parserBuilder()
.setSigningKey(getPublicKey())
.build()
.parseClaimsJws(jwt_a);
} catch (Exception e) {
throw new CustomException(10000, Arrays.asList(trt.trt(false, "Please_log_in"), trt.trt(false, "JWT_token_verification_error")),null,false);
}
//Выбираю данные о пользователе (TODO наверно стоит вызывать функцию get_user_info также и при логине) //Выбираю данные о пользователе (TODO наверно стоит вызывать функцию get_user_info также и при логине)
String sql = "select * from main.get_user_info(1,:user_id);"; String sql = "select * from main.get_user_info(1,:user_id);";
try { try {
MapSqlParameterSource parameters = new MapSqlParameterSource(); MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id")); parameters.addValue("user_id", userDetails.getUserId());
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper()); List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) { for (int i = 0; i < ret.size(); i++) {
json = new JSONObject(ret.get(i)); json = new JSONObject(ret.get(i));
@ -972,27 +978,32 @@ public class MainController implements ServletContextAware {
json.put("error_code",0); json.put("error_code",0);
} }
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
} logger.error(e.getErrorMarker(), e);
catch (Exception e) { }
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
//try { if(conn!=null) conn.close(); } catch (SQLException e) { throw new RuntimeException(e); }
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation(summary = "Login and get JWT token", description = "Login and get JWT token") @Operation(summary = "Login and get JWT token", description = "Login and get JWT token")
@RequestMapping(value = "/login",method = RequestMethod.POST,produces = "application/json;charset=utf-8") @RequestMapping(value = "/login",method = RequestMethod.POST,produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String login(HttpServletResponse response, HttpServletRequest request, @RequestBody LoginModel loginModel, @CookieValue(value = "lng", defaultValue = "1") String language_id) { public ResponseEntity<Object> login(
HttpServletResponse response,
HttpServletRequest request,
@RequestBody LoginModel loginModel,
@CookieValue(value = "lng", defaultValue = "1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try { try {
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
@ -1250,16 +1261,17 @@ public class MainController implements ServletContextAware {
json.put("roles",rolesArray); json.put("roles",rolesArray);
} }
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
//try { if(conn!=null) conn.close(); } catch (SQLException e) { throw new RuntimeException(e); }
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
Map<String, Integer> userIsBlocked(Translation trt, String login,String ip) throws CustomException { Map<String, Integer> userIsBlocked(Translation trt, String login,String ip) throws CustomException {
@ -1307,10 +1319,10 @@ public class MainController implements ServletContextAware {
@Operation(summary = "Function for generating a new TOTP key", description = "Function to generate a new TOTP key (a bit like login, but not login). If this is the first time you receive TOTP, then the old TOTP is not needed, but if it is the next one, then you do!") @Operation(summary = "Function for generating a new TOTP key", description = "Function to generate a new TOTP key (a bit like login, but not login). If this is the first time you receive TOTP, then the old TOTP is not needed, but if it is the next one, then you do!")
@RequestMapping(value = "/newtotp",method = {RequestMethod.POST},produces = "application/json;charset=utf-8") @RequestMapping(value = "/newtotp",method = {RequestMethod.POST},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String newtotp(HttpServletRequest request, @RequestBody LoginModel loginModel, @RequestParam(required=false,name="lng",defaultValue="1") String language_id) { public ResponseEntity<Object> newtotp(HttpServletRequest request, @RequestBody LoginModel loginModel, @RequestParam(required=false,name="lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try { try {
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
@ -1452,16 +1464,17 @@ public class MainController implements ServletContextAware {
json.put("error_message", ""); json.put("error_message", "");
json.put("url", otpauthUrl); json.put("url", otpauthUrl);
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
//try { if(conn!=null) conn.close(); } catch (SQLException e) { throw new RuntimeException(e); }
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@RequestMapping(value = "/logout",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/logout",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ -1475,11 +1488,11 @@ public class MainController implements ServletContextAware {
//Update refresh token //Update refresh token
@RequestMapping(value = "/refresh",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/refresh",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String refresh(HttpServletResponse response,HttpServletRequest request,@CookieValue(value = "jwt_a", defaultValue = "") String jwt_a,@CookieValue(value = "jwt_r", defaultValue = "") String jwt_r,@RequestParam(required=false,name="lng",defaultValue = "1") String language_id) { public ResponseEntity<Object> refresh(HttpServletResponse response,HttpServletRequest request,@CookieValue(value = "jwt_a", defaultValue = "") String jwt_a,@CookieValue(value = "jwt_r", defaultValue = "") String jwt_r,@RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try { try {
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
@ -1516,7 +1529,7 @@ public class MainController implements ServletContextAware {
String token_ar_sig = token.getBody().get("sig", String.class); //Она же но уже в токене обновления String token_ar_sig = token.getBody().get("sig", String.class); //Она же но уже в токене обновления
if(token_aa_sig==null || !token_aa_sig.equals(token_ar_sig)){ if(token_aa_sig==null || !token_aa_sig.equals(token_ar_sig)){
logout(response,request); //Удаляю куки чтобы эмулировать выход из приложения logout(response,request); //Удаляю куки чтобы эмулировать выход из приложения
return createStrJSONError(10000,trt.trt(false, "Attempt_to_substitution_tokens"),(String)null,(String)null); throw new CustomException(10000, trt.trt(false, "Attempt_to_substitution_tokens"),null,false);
} }
//TODO проверить не заблокирован ли пользователь //TODO проверить не заблокирован ли пользователь
@ -1559,16 +1572,17 @@ public class MainController implements ServletContextAware {
(System.currentTimeMillis() + access_time * 1000)/1000 (System.currentTimeMillis() + access_time * 1000)/1000
); );
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
json = Tools.createJSONError(10000,trt.trt(false, "Internal_Server_Error"), (String)null, uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@RequestMapping(value = "/reset",method = {RequestMethod.POST,RequestMethod.GET},produces = "text/html;charset=utf-8") @RequestMapping(value = "/reset",method = {RequestMethod.POST,RequestMethod.GET},produces = "text/html;charset=utf-8")
@ -1629,7 +1643,7 @@ public class MainController implements ServletContextAware {
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@RequestMapping(value = "/restore",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/restore",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String restore(Model model, @RequestBody RestoreModel restore, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) { public ResponseEntity<Object> restore(Model model, @RequestBody RestoreModel restore, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
String result=createStrJSONError(10000,trt.trt(false, "Request_not_processed"), (String)null, (String)null); String result=createStrJSONError(10000,trt.trt(false, "Request_not_processed"), (String)null, (String)null);
@ -1652,17 +1666,18 @@ public class MainController implements ServletContextAware {
//расшифровываю //расшифровываю
JSONObject token = new JSONObject(Tools.decryptText(captchaKey,payload)); JSONObject token = new JSONObject(Tools.decryptText(captchaKey,payload));
if(token==null) if(token==null) {
return createStrJSONError(10000,trt.trt(false, "Please_send_a_valid_JSON_string_in_your_token"), (String)null,(String)null); throw new CustomException(10000,trt.trt(false,"Please_send_a_valid_JSON_string_in_your_token"),null,false);
}
if(!restore.getCode().equals(token.getString("code"))){ if(!restore.getCode().equals(token.getString("code"))){
return createStrJSONError(10000,trt.trt(false, "The_code_did_not_match"),(String)null,(String)null); throw new CustomException(10000,trt.trt(false,"The_code_did_not_match"),null,false);
} }
if(token.getLong("exp")<Instant.now().getEpochSecond()){ if(token.getLong("exp")<Instant.now().getEpochSecond()){
return createStrJSONError(10000,trt.trt(false, "Captcha_is_outdated"),(String)null,(String)null); throw new CustomException(10000,trt.trt(false,"Captcha_is_outdated"),null,false);
} }
if (!token.has("email") || !Tools.isValidEmail(token.getString("email"))) { if (!token.has("email") || !Tools.isValidEmail(token.getString("email"))) {
return createStrJSONError(10000,trt.trt(false, "The_email_field_is_incorrect"),(String)null,(String)null); throw new CustomException(10000,trt.trt(false,"The_email_field_is_incorrect"),null,false);
} }
//Проверяю есть ли в базе пользователь если есть отправляю ему почту для востановления //Проверяю есть ли в базе пользователь если есть отправляю ему почту для востановления
@ -1674,8 +1689,9 @@ public class MainController implements ServletContextAware {
for (int i = 0; i < ret.size(); i++) { for (int i = 0; i < ret.size(); i++) {
id = (new JSONObject(ret.get(i))).getLong("id"); id = (new JSONObject(ret.get(i))).getLong("id");
} }
if(id==0) if(id==0) {
return createStrJSONError(10000, trt.trt(false,"User_with_this_email_was_not_found"),(String)null,(String)null); throw new CustomException(10000,trt.trt(false,"User_with_this_email_was_not_found"),null,false);
}
String password_new = Tools.generatePassword(6); String password_new = Tools.generatePassword(6);
@ -1694,13 +1710,10 @@ public class MainController implements ServletContextAware {
token_new = Tools.encryptText(captchaKey,token_new); token_new = Tools.encryptText(captchaKey,token_new);
token_new = token_new+"."+Tools.generateSignature(captchaKey, token_new); //Подпись для как бы токена token_new = token_new+"."+Tools.generateSignature(captchaKey, token_new); //Подпись для как бы токена
//token_new = token_new.replace("+", "-")
// .replace("/", "_")
// .replace("=", "^"); //Убираем спец символы для передачи через URL
try { try {
token_new = URLEncoder.encode(token_new, StandardCharsets.UTF_8.toString()); token_new = URLEncoder.encode(token_new, StandardCharsets.UTF_8.toString());
} catch (UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
return createStrJSONError(10000, trt.trt(false,"Internal_Server_Error"), (String)null, (String)null); throw new CustomException(10000,trt.trt(false,"Internal_Server_Error"),null,false);
} }
//Формирую ссылку для отправки на почту для сброса пароля //Формирую ссылку для отправки на почту для сброса пароля
@ -1712,25 +1725,29 @@ public class MainController implements ServletContextAware {
try { try {
EmailUtility.sendEmail(mail_host, mail_port, mail_login, mail_password, token.getString("email"), trt.trt(true,"Password_recovery"), html); EmailUtility.sendEmail(mail_host, mail_port, mail_login, mail_password, token.getString("email"), trt.trt(true,"Password_recovery"), html);
} catch (Exception ex) { } catch (Exception ex) {
String uuid = UUID.randomUUID().toString(); throw new CustomException(10000,trt.trt(false,"Failed_send_mail_to_s"),token.getString("email"),UUID.randomUUID().toString(),true);
logger.error(uuid, ex);
return createStrJSONError(10000,trt.trt(false,"Failed_send_mail_to_s"), token.getString("email"),uuid);
} }
return new ResponseEntity<>(createStrJSONError(0, trt.trt(false,"A_recovery_link_has_been_sent_to_your_email"),(String)null,(String)null), HttpStatus.OK);
} catch (CustomException e) {
if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
return createStrJSONError(10000,trt.trt(false,"Internal_Server_Error"), (String)null,uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} }
return createStrJSONError(0, trt.trt(false,"A_recovery_link_has_been_sent_to_your_email"),(String)null,(String)null);
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@RequestMapping(value = "/update",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/update",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
public String update(HttpServletRequest request, @RequestBody UpdateModel update, @RequestParam(required=false,name="lng",defaultValue="1") String language_id) { public ResponseEntity<Object> update(HttpServletRequest request, @RequestBody UpdateModel update, @RequestParam(required=false,name="lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
try { try {
JSONObject json = new JSONObject();
json.put("error_code",0); json.put("error_code",0);
json.put("error_message",""); json.put("error_message","");
@ -1812,15 +1829,17 @@ public class MainController implements ServletContextAware {
json.put("error_marker",(String)null); json.put("error_marker",(String)null);
} }
return new ResponseEntity<>(json.toString(), HttpStatus.OK);
} catch (CustomException e) { } catch (CustomException e) {
json = e.getJson(); if(e.isSaveToLog()) {
logger.error(e.getErrorMarker(), e);
}
return new ResponseEntity<>(e.getErrorResponseModel(), HttpStatus.INTERNAL_SERVER_ERROR);
} catch (Exception e) { } catch (Exception e) {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error(uuid,e); logger.error(uuid, e);
return createStrJSONError(10000,trt.trt(false,"Internal_Server_Error"), (String)null,uuid); return new ResponseEntity<>(new ErrorResponseModel(10000, trt.trt(false, "Internal_Server_Error"), null, uuid), HttpStatus.INTERNAL_SERVER_ERROR);
} finally {
} }
return json.toString();
} }
//------------------------------------------------------------------------------------------------------------------ //------------------------------------------------------------------------------------------------------------------
@Operation( @Operation(
@ -1847,8 +1866,12 @@ public class MainController implements ServletContextAware {
) )
@RequestMapping(value = "/alive",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8") @RequestMapping(value = "/alive",method = {RequestMethod.POST,RequestMethod.GET},produces = "application/json;charset=utf-8")
@ResponseBody @ResponseBody
//public ResponseEntity<Object> alive(HttpServletResponse response,HttpServletRequest request, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @CookieValue(value = "lng",defaultValue="1") String language_id) { public ResponseEntity<Object> alive(
public ResponseEntity<Object> alive(HttpServletResponse response,HttpServletRequest request, Authentication authentication, @CookieValue(value = "lng",defaultValue="1") String language_id) { Authentication authentication,
HttpServletResponse response,
HttpServletRequest request,
@CookieValue(value = "lng",defaultValue="1") String language_id
) {
Translation trt = new Translation(language_id,jdbcTemplate); Translation trt = new Translation(language_id,jdbcTemplate);
try { try {
if (authentication == null || !authentication.isAuthenticated()) { if (authentication == null || !authentication.isAuthenticated()) {

3
src/main/java/org/ccalm/jwt/models/ErrorResponseModel.java
View File

@ -7,6 +7,7 @@ import org.springframework.web.bind.annotation.ResponseStatus;
import java.util.Collections; import java.util.Collections;
import java.util.List; import java.util.List;
import java.util.UUID;
@Schema( @Schema(
description = "Error API response", description = "Error API response",
@ -35,7 +36,7 @@ public class ErrorResponseModel {
this.errorCode = errorCode; this.errorCode = errorCode;
this.errorMessage = null; this.errorMessage = null;
this.errorSetting = null; this.errorSetting = null;
this.errorMarker = null; this.errorMarker = UUID.randomUUID().toString();
} }
public ErrorResponseModel(int errorCode, List<String> errorMessage, String errorMarker) { public ErrorResponseModel(int errorCode, List<String> errorMessage, String errorMarker) {