diff --git a/build.gradle.kts b/build.gradle.kts index 03c3e0c..714b58d 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -19,7 +19,8 @@ repositories { } dependencies { - implementation("cn.hutool:hutool-crypto:5.8.32") + implementation("cn.hutool:hutool-core:5.8.32") + implementation("com.bol:spring-data-mongodb-encrypt:2.9.1") implementation("com.squareup.okhttp3:okhttp:4.12.0") implementation("com.alibaba.fastjson2:fastjson2:2.0.53") implementation("com.alibaba.fastjson2:fastjson2-extension-spring6:2.0.53") @@ -31,15 +32,15 @@ dependencies { implementation("org.springframework.boot:spring-boot-starter-security") implementation("org.thymeleaf.extras:thymeleaf-extras-springsecurity6") implementation("org.springframework.boot:spring-boot-starter-cache") + implementation("org.liquibase:liquibase-core") + implementation("org.springframework.session:spring-session-data-redis") + implementation("org.springframework.boot:spring-boot-starter-data-mongodb") testImplementation("org.springframework.security:spring-security-test") annotationProcessor("org.projectlombok:lombok") implementation("org.springframework.boot:spring-boot-starter-thymeleaf") - implementation("org.springframework.boot:spring-boot-starter-jdbc") testImplementation("org.mybatis.spring.boot:mybatis-spring-boot-starter-test:3.0.3") testImplementation("org.springframework.boot:spring-boot-starter-test") testImplementation("io.projectreactor:reactor-test") - runtimeOnly("com.h2database:h2") - implementation("org.springframework.boot:spring-boot-starter-data-jpa") testRuntimeOnly("org.junit.platform:junit-platform-launcher") } dependencyManagement { diff --git a/src/main/java/fuck/manthe/nmsl/annotation/Encrypted.java b/src/main/java/fuck/manthe/nmsl/annotation/Encrypted.java deleted file mode 100644 index f4421d1..0000000 --- a/src/main/java/fuck/manthe/nmsl/annotation/Encrypted.java +++ /dev/null @@ -1,15 +0,0 @@ -package fuck.manthe.nmsl.annotation; - -import fuck.manthe.nmsl.conventer.CryptConverter; -import jakarta.persistence.Convert; - -import java.lang.annotation.ElementType; -import java.lang.annotation.Retention; -import java.lang.annotation.RetentionPolicy; -import java.lang.annotation.Target; - -@Target({ElementType.METHOD, ElementType.FIELD, ElementType.TYPE}) -@Retention(RetentionPolicy.RUNTIME) -@Convert(converter = CryptConverter.class) -public @interface Encrypted { -} diff --git a/src/main/java/fuck/manthe/nmsl/config/SecurityConfig.java b/src/main/java/fuck/manthe/nmsl/config/SecurityConfig.java index 38911ca..d456af2 100644 --- a/src/main/java/fuck/manthe/nmsl/config/SecurityConfig.java +++ b/src/main/java/fuck/manthe/nmsl/config/SecurityConfig.java @@ -15,16 +15,15 @@ public class SecurityConfig { @Bean public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http - .authorizeHttpRequests((conf) -> conf + .authorizeHttpRequests(conf -> conf .requestMatchers("/dashboard**").authenticated() - .requestMatchers("/admin/**").hasRole("ADMIN") + .requestMatchers("/admin/**").hasAuthority("ADMIN") .anyRequest().permitAll() ) -// .formLogin((form) -> form -// .loginPage("/dashboard/login") -// .loginProcessingUrl("/dashboard/login") -// .permitAll() -// ) + .formLogin((form) -> form + .loginPage("/login") + .permitAll() + ) .formLogin(AbstractAuthenticationFilterConfigurer::permitAll) .csrf(AbstractHttpConfigurer::disable) .logout(LogoutConfigurer::permitAll); diff --git a/src/main/java/fuck/manthe/nmsl/controller/AuthController.java b/src/main/java/fuck/manthe/nmsl/controller/AuthController.java index 56bf464..bd83246 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/AuthController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/AuthController.java @@ -1,6 +1,5 @@ package fuck.manthe.nmsl.controller; -import cn.hutool.crypto.SecureUtil; import com.standardwebhooks.exceptions.WebhookSigningException; import fuck.manthe.nmsl.entity.*; import fuck.manthe.nmsl.entity.dto.VapeAuthorizeDTO; @@ -18,6 +17,7 @@ import org.springframework.data.redis.core.RedisTemplate; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import java.net.URLDecoder; @@ -33,7 +33,7 @@ public class AuthController { RedisTemplate redisTemplate; @Resource - CrackedUserService crackedUserService; + UserService userService; @Resource RedeemService redeemService; @@ -56,6 +56,9 @@ public class AuthController { @Resource MaintenanceService maintenanceService; + @Resource + PasswordEncoder passwordEncoder; + @Value("${share.cold-down.global.enabled}") boolean coldDownEnabled; @@ -77,18 +80,18 @@ public String auth(HttpServletRequest request) throws Exception { String password = map.get("password"); // 统计请求次数 log.info("User {} login", username); - CrackedUser crackedUser = crackedUserService.findByUsername(username); + User crackedUser = userService.findByUsername(username); if (maintenanceService.isMaintaining() && crackedUser.getExpire() != -1) { // 暂停注入 log.info("Blocked user {} to inject. Injections are only open to lifetime users. (Maintaining)", username); return ErrorCode.SERVER.formatError("Maintaining"); } analysisService.authRequested(username); - if (!crackedUserService.isValid(username, password)) { + if (!userService.isValid(username, password)) { // 凭证错误 return ErrorCode.ACCOUNT.formatError("Unauthorized"); } - if (crackedUserService.hasExpired(username)) { + if (userService.hasExpired(username)) { // 账户失效 return ErrorCode.ACCOUNT.formatError("Expired"); } @@ -161,7 +164,7 @@ public ResponseEntity> redeem(@RequestParam String username, @R return ResponseEntity.status(HttpStatus.BAD_REQUEST).body(RestBean.failure(401, "Code was redeemed")); } - if (crackedUserService.addUser(CrackedUser.builder().password(SecureUtil.sha1(password)).username(username).expire(expire).build())) { + if (userService.addUser(User.builder().password(passwordEncoder.encode(password)).username(username).expire(expire).build())) { if (redeemService.useCode(redeemCode.getCode(), username)) { log.info("User {} registered it's account with the code {} ({}d).", username, redeemCode.getCode(), redeemCode.getDate()); } @@ -175,7 +178,7 @@ public ResponseEntity> redeem(@RequestParam String username, @R webhookService.pushAll("renew", message); return ResponseEntity.ok(RestBean.success("Registered.")); - } else if (crackedUserService.isValid(username, password) && crackedUserService.renew(username, redeemCode.getDate())) { + } else if (userService.isValid(username, password) && userService.renew(username, redeemCode.getDate())) { if (redeemService.useCode(redeemCode.getCode(), username)) { log.info("User {} renewed it's account with the code {} ({}d).", username, redeemCode.getCode(), redeemCode.getDate()); } @@ -184,7 +187,7 @@ public ResponseEntity> redeem(@RequestParam String username, @R message.setRedeemUsername(username); message.setTimestamp(System.currentTimeMillis() / 1000L); message.setCode(redeemCode.getCode()); - message.setExpireAt(crackedUserService.findByUsername(username).getExpire()); + message.setExpireAt(userService.findByUsername(username).getExpire()); message.setContent("用户 %s 使用%s 兑换了%s 天订阅".formatted(username, redeemCode.getCode(), redeemCode.getDate())); webhookService.pushAll("renew", message); return ResponseEntity.ok(RestBean.success("Renewed.")); @@ -199,7 +202,7 @@ public String checkConnection() { @GetMapping("verify") public ResponseEntity verify(@RequestParam String username, @RequestParam String password) { - if (!crackedUserService.isValid(username, password) || crackedUserService.hasExpired(username)) { + if (!userService.isValid(username, password) || userService.hasExpired(username)) { return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } return ResponseEntity.ok("Valid user"); @@ -207,7 +210,7 @@ public ResponseEntity verify(@RequestParam String username, @RequestPara @PostMapping("verify") public ResponseEntity verify(@RequestBody VerifyLoginDTO dto) { - if (!crackedUserService.isValidHash(dto.getUsername(), dto.getHashedPassword()) || crackedUserService.hasExpired(dto.getUsername())) { + if (!userService.isValid(dto.getUsername(), dto.getPassword()) || userService.hasExpired(dto.getUsername())) { return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); } return ResponseEntity.ok("Valid user"); diff --git a/src/main/java/fuck/manthe/nmsl/controller/QueueController.java b/src/main/java/fuck/manthe/nmsl/controller/QueueController.java index 0fb7989..8c0940d 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/QueueController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/QueueController.java @@ -2,8 +2,8 @@ import fuck.manthe.nmsl.entity.RestBean; import fuck.manthe.nmsl.entity.dto.LoginDTO; -import fuck.manthe.nmsl.service.CrackedUserService; import fuck.manthe.nmsl.service.QueueService; +import fuck.manthe.nmsl.service.UserService; import jakarta.annotation.Resource; import org.jetbrains.annotations.NotNull; import org.springframework.http.HttpStatus; @@ -16,14 +16,14 @@ @RequestMapping("colddown/queue") public class QueueController { @Resource - CrackedUserService crackedUserService; + UserService userService; @Resource QueueService queueService; @PostMapping("join") public @NotNull ResponseEntity> join(@RequestBody LoginDTO login) { - if (!crackedUserService.isValid(login.getUsername(), login.getPassword())) + if (!userService.isValid(login.getUsername(), login.getPassword())) return new ResponseEntity<>(RestBean.unauthorized("Unauthorized"), HttpStatus.UNAUTHORIZED); if (!queueService.join(login.getUsername())) return new ResponseEntity<>(RestBean.failure(409, "You're always queued."), HttpStatus.CONFLICT); @@ -39,7 +39,7 @@ public List query() { @DeleteMapping("quit") public @NotNull ResponseEntity> quit(@RequestBody LoginDTO login) { // 不想玩了可以直接取消名额. - if (!crackedUserService.isValid(login.getUsername(), login.getPassword())) + if (!userService.isValid(login.getUsername(), login.getPassword())) return new ResponseEntity<>(RestBean.failure(403, "Unauthorized"), HttpStatus.UNAUTHORIZED); queueService.quit(login.getUsername()); return ResponseEntity.ok(RestBean.success("Removed " + login.getUsername() + " from queue.")); diff --git a/src/main/java/fuck/manthe/nmsl/controller/WebController.java b/src/main/java/fuck/manthe/nmsl/controller/WebController.java index fcc5925..141f15e 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/WebController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/WebController.java @@ -31,6 +31,11 @@ public String register() { return "redeem"; } + @GetMapping("login") + public String login() { + return "login"; + } + @GetMapping("maintain") public String maintain(@RequestParam(required = false) String redirect) { if (!maintenanceService.isMaintaining()) { diff --git a/src/main/java/fuck/manthe/nmsl/controller/admin/AdminController.java b/src/main/java/fuck/manthe/nmsl/controller/admin/AdminController.java index 6f17175..ca32e9a 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/admin/AdminController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/admin/AdminController.java @@ -1,13 +1,17 @@ package fuck.manthe.nmsl.controller.admin; +import cn.hutool.core.util.RandomUtil; +import fuck.manthe.nmsl.entity.User; import fuck.manthe.nmsl.entity.dto.AnalysisDTO; import fuck.manthe.nmsl.service.AnalysisService; -import fuck.manthe.nmsl.service.CrackedUserService; +import fuck.manthe.nmsl.service.UserService; +import jakarta.annotation.PostConstruct; import jakarta.annotation.Resource; import lombok.extern.log4j.Log4j2; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.ResponseEntity; import org.springframework.scheduling.annotation.Scheduled; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @@ -17,7 +21,7 @@ @Log4j2 public class AdminController { @Resource - CrackedUserService crackedUserService; + UserService userService; @Resource AnalysisService analysisService; @@ -25,6 +29,27 @@ public class AdminController { @Value("${share.user.auto-delete-expired}") boolean autoDeleteExpired; + @Resource + private PasswordEncoder passwordEncoder; + + @PostConstruct + public void init() { + if (userService.count() == 0) { + String password = RandomUtil.randomString(16); + log.warn("Admin account created"); + log.warn("Username: admin"); + log.warn("Password: {}", password); + log.info("Dashboard at /dashboard"); + log.warn("Please keep the account information safe, you will not be able to see it again!"); + userService.addUser(User.builder() + .username("admin") + .password(passwordEncoder.encode(password)) + .role("ADMIN") + .expire(-1L) + .build()); + } + } + @RequestMapping("ping") public ResponseEntity ping() { return ResponseEntity.ok("Pong"); @@ -36,7 +61,7 @@ public AnalysisDTO analysis() { .todayLaunch(analysisService.getTodayLaunch()) .totalLaunch(analysisService.getTotalLaunch()) .todayRegister(analysisService.getTodayRegister()) - .currentUsers(crackedUserService.count()) + .currentUsers(userService.count()) .build(); } @@ -49,7 +74,7 @@ public String logSuper() { @Scheduled(cron = "0 0 0 * * *") public void autoJob() { if (autoDeleteExpired) { - crackedUserService.removeExpired(); + userService.removeExpired(); } analysisService.reset(); } diff --git a/src/main/java/fuck/manthe/nmsl/controller/admin/GatewayAdminController.java b/src/main/java/fuck/manthe/nmsl/controller/admin/GatewayAdminController.java index 70b8584..5e53a17 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/admin/GatewayAdminController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/admin/GatewayAdminController.java @@ -29,7 +29,7 @@ public RestBean add(@RequestBody GatewayDTO gateway) throws Exception { } @DeleteMapping("remove") - public ResponseEntity> remove(@RequestParam long id) { + public ResponseEntity> remove(@RequestParam String id) { if (gatewayService.removeGateway(id)) { return new ResponseEntity<>(RestBean.failure(404, "Gateway not found"), HttpStatus.NOT_FOUND); } diff --git a/src/main/java/fuck/manthe/nmsl/controller/admin/UserManageController.java b/src/main/java/fuck/manthe/nmsl/controller/admin/UserManageController.java index 37f3c01..1d10798 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/admin/UserManageController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/admin/UserManageController.java @@ -1,19 +1,18 @@ package fuck.manthe.nmsl.controller.admin; -import cn.hutool.crypto.SecureUtil; -import fuck.manthe.nmsl.entity.CrackedUser; import fuck.manthe.nmsl.entity.RestBean; +import fuck.manthe.nmsl.entity.User; import fuck.manthe.nmsl.entity.dto.AddUserDTO; -import fuck.manthe.nmsl.entity.dto.CrackedUserDTO; import fuck.manthe.nmsl.entity.dto.RenewDTO; import fuck.manthe.nmsl.entity.dto.ResetPasswordDTO; +import fuck.manthe.nmsl.entity.dto.UserDTO; import fuck.manthe.nmsl.service.AnalysisService; -import fuck.manthe.nmsl.service.CrackedUserService; +import fuck.manthe.nmsl.service.UserService; import jakarta.annotation.Resource; -import jakarta.transaction.Transactional; import lombok.extern.log4j.Log4j2; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.web.bind.annotation.*; import java.util.List; @@ -23,14 +22,17 @@ @RequestMapping("/admin/user") public class UserManageController { @Resource - CrackedUserService crackedUserService; + UserService userService; @Resource AnalysisService analysisService; + @Resource + PasswordEncoder passwordEncoder; + @GetMapping("list") - public List listUsers() { - return crackedUserService.list().stream().map((user) -> CrackedUserDTO.builder() + public List listUsers() { + return userService.list().stream().map((user) -> UserDTO.builder() .id(user.getId()) .username(user.getUsername()) .expire(user.getExpire()) @@ -46,7 +48,7 @@ public ResponseEntity> addUser(@RequestBody AddUserDTO dto) { if (dto.getDays() != -1) { expire = System.currentTimeMillis() + (long) dto.getDays() * 24 * 60 * 60 * 1000; } - if (crackedUserService.addUser(CrackedUser.builder().password(SecureUtil.sha1(dto.getPassword())).username(dto.getUsername()).expire(expire).build())) { + if (userService.addUser(User.builder().password(passwordEncoder.encode(dto.getPassword())).username(dto.getUsername()).expire(expire).build())) { return ResponseEntity.ok(RestBean.success("OK")); } return new ResponseEntity<>(RestBean.failure(409, "Conflict"), HttpStatus.CONFLICT); @@ -56,7 +58,7 @@ public ResponseEntity> addUser(@RequestBody AddUserDTO dto) { @PostMapping("renew/{username}") public ResponseEntity> renew(@PathVariable String username, @RequestBody RenewDTO dto) { log.info("An admin renewed the expire date of user {} ({}d)", username, dto.getDays()); - if (crackedUserService.renew(username, dto.getDays())) { + if (userService.renew(username, dto.getDays())) { return ResponseEntity.ok(RestBean.success("OK")); } return new ResponseEntity<>(HttpStatus.BAD_REQUEST); @@ -64,30 +66,29 @@ public ResponseEntity> renew(@PathVariable String username, @Re @PostMapping("renewAll") public ResponseEntity> renewAll(@RequestBody RenewDTO dto) { - crackedUserService.renewAll(dto.getDays()); + userService.renewAll(dto.getDays()); return ResponseEntity.ok(RestBean.success("OK")); } @DeleteMapping("remove/{username}") public RestBean removeUser(@PathVariable String username) { log.info("An admin removed a user with name {}", username); - crackedUserService.removeUser(username); + userService.removeUser(username); return RestBean.success(); } @PostMapping("password/{username}/reset") public ResponseEntity> resetPassword(@PathVariable String username, @RequestBody ResetPasswordDTO dto) { log.info("An admin reset the password of user {}", username); - if (crackedUserService.resetPassword(username, dto.getPassword())) { + if (userService.resetPassword(username, dto.getPassword())) { return ResponseEntity.ok(RestBean.success()); } return new ResponseEntity<>(HttpStatus.BAD_REQUEST); } - @Transactional @DeleteMapping("removeExpired") public RestBean removeExpired() { - crackedUserService.removeExpired(); + userService.removeExpired(); return RestBean.success("Success"); } } diff --git a/src/main/java/fuck/manthe/nmsl/controller/admin/WebhookController.java b/src/main/java/fuck/manthe/nmsl/controller/admin/WebhookController.java index a831bf3..d45bd58 100644 --- a/src/main/java/fuck/manthe/nmsl/controller/admin/WebhookController.java +++ b/src/main/java/fuck/manthe/nmsl/controller/admin/WebhookController.java @@ -26,13 +26,13 @@ public ResponseEntity> add(@RequestBody AddWebhookDTO dto) { @DeleteMapping("{id}/remove") public ResponseEntity> remove(@PathVariable String id) { - webhookService.remove(Long.parseLong(id)); + webhookService.remove(id); return ResponseEntity.ok(RestBean.success("Success")); } @PostMapping("{id}/name") public ResponseEntity> rename(@PathVariable String id, @RequestBody RenameWebhookDTO dto) { - WebhookEndpoint entity = webhookService.find(Long.parseLong(id)); + WebhookEndpoint entity = webhookService.find(id); entity.setName(dto.getName()); webhookService.update(entity); return ResponseEntity.ok(RestBean.success(entity.asViewObject(WebhookEndpointVO.class))); @@ -40,7 +40,7 @@ public ResponseEntity> rename(@PathVariable String i @PostMapping("{id}/secret") public ResponseEntity> updateSecret(@PathVariable String id, @RequestBody UpdateWebhookSecretDTO dto) { - WebhookEndpoint entity = webhookService.find(Long.parseLong(id)); + WebhookEndpoint entity = webhookService.find(id); entity.setSecret(dto.getSecret()); webhookService.update(entity); return ResponseEntity.ok(RestBean.success(entity.asViewObject(WebhookEndpointVO.class))); @@ -48,7 +48,7 @@ public ResponseEntity> updateSecret(@PathVariable St @PostMapping("{id}/url") public ResponseEntity> updateUrl(@PathVariable String id, @RequestBody UpdateWebhookUrlDTO dto) { - WebhookEndpoint entity = webhookService.find(Long.parseLong(id)); + WebhookEndpoint entity = webhookService.find(id); entity.setUrl(dto.getUrl()); webhookService.update(entity); return ResponseEntity.ok(RestBean.success(entity.asViewObject(WebhookEndpointVO.class))); @@ -56,7 +56,7 @@ public ResponseEntity> updateUrl(@PathVariable Strin @PostMapping("{id}/test") public ResponseEntity> test(@PathVariable String id, @RequestBody TestWebhookDTO dto) throws Exception { - WebhookEndpoint endpoint = webhookService.find(Long.parseLong(id)); + WebhookEndpoint endpoint = webhookService.find(id); webhookService.push(endpoint, "test", JSON.toJSONString(dto)); return ResponseEntity.ok(RestBean.success("Pushed")); } diff --git a/src/main/java/fuck/manthe/nmsl/conventer/CryptConverter.java b/src/main/java/fuck/manthe/nmsl/conventer/CryptConverter.java deleted file mode 100644 index 8b8c918..0000000 --- a/src/main/java/fuck/manthe/nmsl/conventer/CryptConverter.java +++ /dev/null @@ -1,34 +0,0 @@ -package fuck.manthe.nmsl.conventer; - -import fuck.manthe.nmsl.utils.CryptUtil; -import jakarta.persistence.AttributeConverter; -import jakarta.persistence.Converter; -import lombok.SneakyThrows; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; - -@Converter() -@Component -public class CryptConverter implements AttributeConverter { - - static CryptUtil cryptUtil; - - @Autowired - public void setCryptUtil(CryptUtil cryptUtil) { - CryptConverter.cryptUtil = cryptUtil; - } - - @SneakyThrows - @Override - public String convertToDatabaseColumn(String attribute) { - if (attribute == null) return null; - return cryptUtil.encryptString(attribute); - } - - @SneakyThrows - @Override - public String convertToEntityAttribute(String dbData) { - if (dbData == null) return null; - return cryptUtil.decryptStringToString(dbData); - } -} diff --git a/src/main/java/fuck/manthe/nmsl/entity/Admin.java b/src/main/java/fuck/manthe/nmsl/entity/Admin.java deleted file mode 100644 index 6977a4b..0000000 --- a/src/main/java/fuck/manthe/nmsl/entity/Admin.java +++ /dev/null @@ -1,19 +0,0 @@ -package fuck.manthe.nmsl.entity; - -import jakarta.persistence.Entity; -import jakarta.persistence.GeneratedValue; -import jakarta.persistence.GenerationType; -import jakarta.persistence.Id; -import lombok.Data; - -@Data -@Entity -public class Admin { - @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private long id; - - private String username; - private String password; - private String role; -} diff --git a/src/main/java/fuck/manthe/nmsl/entity/Gateway.java b/src/main/java/fuck/manthe/nmsl/entity/Gateway.java index d40fd2c..2e52434 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/Gateway.java +++ b/src/main/java/fuck/manthe/nmsl/entity/Gateway.java @@ -1,25 +1,24 @@ package fuck.manthe.nmsl.entity; -import fuck.manthe.nmsl.annotation.Encrypted; -import jakarta.persistence.*; +import com.bol.secure.Encrypted; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; @Data @Builder -@Entity +@Document @AllArgsConstructor @NoArgsConstructor public class Gateway { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + private String id; private String name; private String address; - @Column(name = "gateway_key") @Encrypted private String key; } diff --git a/src/main/java/fuck/manthe/nmsl/entity/RedeemCode.java b/src/main/java/fuck/manthe/nmsl/entity/RedeemCode.java index e564ab0..c8054c9 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/RedeemCode.java +++ b/src/main/java/fuck/manthe/nmsl/entity/RedeemCode.java @@ -1,27 +1,27 @@ package fuck.manthe.nmsl.entity; -import jakarta.persistence.*; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; @Data @Builder -@Entity +@Document @AllArgsConstructor @NoArgsConstructor public class RedeemCode implements BaseData { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + private String id; private String code; private Integer date; @Builder.Default - private String reseller = "DingZhen"; + private String reseller = "Manthe"; private String redeemer; - @Column(name = "IS_AVAILABLE") + private boolean available; } diff --git a/src/main/java/fuck/manthe/nmsl/entity/CrackedUser.java b/src/main/java/fuck/manthe/nmsl/entity/User.java similarity index 57% rename from src/main/java/fuck/manthe/nmsl/entity/CrackedUser.java rename to src/main/java/fuck/manthe/nmsl/entity/User.java index fae5df9..bf39a2e 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/CrackedUser.java +++ b/src/main/java/fuck/manthe/nmsl/entity/User.java @@ -1,27 +1,26 @@ package fuck.manthe.nmsl.entity; -import jakarta.persistence.Entity; -import jakarta.persistence.GeneratedValue; -import jakarta.persistence.GenerationType; -import jakarta.persistence.Id; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; @Data -@AllArgsConstructor -@Entity @Builder +@Document +@AllArgsConstructor @NoArgsConstructor -public class CrackedUser { +public class User { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + private String id; private String username; private String password; + private String role; + @Builder.Default private Long expire = -1L; // 失效时间,设置为-1禁用 } diff --git a/src/main/java/fuck/manthe/nmsl/entity/VapeAccount.java b/src/main/java/fuck/manthe/nmsl/entity/VapeAccount.java index 93066af..8dbc737 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/VapeAccount.java +++ b/src/main/java/fuck/manthe/nmsl/entity/VapeAccount.java @@ -1,24 +1,24 @@ package fuck.manthe.nmsl.entity; -import fuck.manthe.nmsl.conventer.CryptConverter; -import jakarta.persistence.*; +import com.bol.secure.Encrypted; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; @Data -@Entity -@AllArgsConstructor -@NoArgsConstructor @Builder +@Document +@NoArgsConstructor +@AllArgsConstructor public class VapeAccount { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + private String id; private String username; - @Convert(converter = CryptConverter.class) + @Encrypted private String password; private String hwid; } diff --git a/src/main/java/fuck/manthe/nmsl/entity/WebhookEndpoint.java b/src/main/java/fuck/manthe/nmsl/entity/WebhookEndpoint.java index 47fdb7c..284f729 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/WebhookEndpoint.java +++ b/src/main/java/fuck/manthe/nmsl/entity/WebhookEndpoint.java @@ -1,27 +1,25 @@ package fuck.manthe.nmsl.entity; -import fuck.manthe.nmsl.annotation.Encrypted; -import jakarta.persistence.Entity; -import jakarta.persistence.GeneratedValue; -import jakarta.persistence.GenerationType; -import jakarta.persistence.Id; +import com.bol.secure.Encrypted; import lombok.AllArgsConstructor; import lombok.Builder; import lombok.Data; import lombok.NoArgsConstructor; +import org.springframework.data.annotation.Id; +import org.springframework.data.mongodb.core.mapping.Document; @Data -@Entity @Builder +@Document @AllArgsConstructor @NoArgsConstructor public class WebhookEndpoint implements BaseData { @Id - @GeneratedValue(strategy = GenerationType.IDENTITY) - private Long id; + private String id; private String name; private String url; + @Encrypted private String secret; } diff --git a/src/main/java/fuck/manthe/nmsl/entity/dto/CrackedUserDTO.java b/src/main/java/fuck/manthe/nmsl/entity/dto/UserDTO.java similarity index 81% rename from src/main/java/fuck/manthe/nmsl/entity/dto/CrackedUserDTO.java rename to src/main/java/fuck/manthe/nmsl/entity/dto/UserDTO.java index fbdae35..137b66d 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/dto/CrackedUserDTO.java +++ b/src/main/java/fuck/manthe/nmsl/entity/dto/UserDTO.java @@ -5,8 +5,8 @@ @Data @Builder -public class CrackedUserDTO { - private Long id; +public class UserDTO { + private String id; private String username; private Long expire; diff --git a/src/main/java/fuck/manthe/nmsl/entity/dto/VerifyLoginDTO.java b/src/main/java/fuck/manthe/nmsl/entity/dto/VerifyLoginDTO.java index e9612fc..39b485d 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/dto/VerifyLoginDTO.java +++ b/src/main/java/fuck/manthe/nmsl/entity/dto/VerifyLoginDTO.java @@ -5,5 +5,5 @@ @Data public class VerifyLoginDTO { private String username; - private String hashedPassword; // password with sha1 + private String password; } diff --git a/src/main/java/fuck/manthe/nmsl/entity/vo/GatewayVO.java b/src/main/java/fuck/manthe/nmsl/entity/vo/GatewayVO.java index 750808d..f96050f 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/vo/GatewayVO.java +++ b/src/main/java/fuck/manthe/nmsl/entity/vo/GatewayVO.java @@ -6,7 +6,7 @@ @Data @Builder public class GatewayVO { - private Long id; + private String id; private String name; private String address; diff --git a/src/main/java/fuck/manthe/nmsl/entity/vo/RedeemCodeVO.java b/src/main/java/fuck/manthe/nmsl/entity/vo/RedeemCodeVO.java index ae37611..b049830 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/vo/RedeemCodeVO.java +++ b/src/main/java/fuck/manthe/nmsl/entity/vo/RedeemCodeVO.java @@ -4,7 +4,7 @@ @Data public class RedeemCodeVO { - private Long id; + private String id; private String code; private Integer date; diff --git a/src/main/java/fuck/manthe/nmsl/entity/vo/WebhookEndpointVO.java b/src/main/java/fuck/manthe/nmsl/entity/vo/WebhookEndpointVO.java index 1e5f2a4..f01b939 100644 --- a/src/main/java/fuck/manthe/nmsl/entity/vo/WebhookEndpointVO.java +++ b/src/main/java/fuck/manthe/nmsl/entity/vo/WebhookEndpointVO.java @@ -4,7 +4,7 @@ @Data public class WebhookEndpointVO { - private long id; + private String id; private String name; private String url; diff --git a/src/main/java/fuck/manthe/nmsl/filter/AdminFilter.java b/src/main/java/fuck/manthe/nmsl/filter/AdminFilter.java deleted file mode 100644 index e56bd7d..0000000 --- a/src/main/java/fuck/manthe/nmsl/filter/AdminFilter.java +++ /dev/null @@ -1,49 +0,0 @@ -package fuck.manthe.nmsl.filter; - -import jakarta.annotation.PostConstruct; -import jakarta.servlet.*; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; -import lombok.extern.log4j.Log4j2; - -import java.io.IOException; -import java.util.UUID; - -//@Component -//@Order(1) -@Log4j2 -public class AdminFilter implements Filter { - String adminPassword = System.getProperty("adminPassword", UUID.randomUUID().toString()); - - @PostConstruct - public void init() { - log.warn("Admin password: {}", adminPassword); - } - - - @Override - public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) - throws IOException, ServletException { - - HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpServletResponse httpResponse = (HttpServletResponse) response; - - String requestURI = httpRequest.getRequestURI(); - - if (requestURI.equals("/admin/logSuper")) { - log.warn("Admin password (Requested from web): {}", adminPassword); - chain.doFilter(request, response); - } else if (requestURI.startsWith("/admin/")) { - String adminParam = httpRequest.getHeader("X-Admin-Password"); - - if (adminPassword.equals(adminParam)) { - chain.doFilter(request, response); - } else { - log.warn("Someone tried to log in to the dashboard, but the password was incorrect."); - httpResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "Invalid admin parameter"); - } - } else { - chain.doFilter(request, response); - } - } -} diff --git a/src/main/java/fuck/manthe/nmsl/repository/AdminRepository.java b/src/main/java/fuck/manthe/nmsl/repository/AdminRepository.java deleted file mode 100644 index 65518ef..0000000 --- a/src/main/java/fuck/manthe/nmsl/repository/AdminRepository.java +++ /dev/null @@ -1,12 +0,0 @@ -package fuck.manthe.nmsl.repository; - -import fuck.manthe.nmsl.entity.Admin; -import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.stereotype.Repository; - -import java.util.Optional; - -@Repository -public interface AdminRepository extends JpaRepository { - Optional findByUsername(String username); -} diff --git a/src/main/java/fuck/manthe/nmsl/repository/GatewayRepository.java b/src/main/java/fuck/manthe/nmsl/repository/GatewayRepository.java index a08f145..4467000 100644 --- a/src/main/java/fuck/manthe/nmsl/repository/GatewayRepository.java +++ b/src/main/java/fuck/manthe/nmsl/repository/GatewayRepository.java @@ -1,9 +1,9 @@ package fuck.manthe.nmsl.repository; import fuck.manthe.nmsl.entity.Gateway; -import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.mongodb.repository.MongoRepository; import org.springframework.stereotype.Repository; @Repository -public interface GatewayRepository extends JpaRepository { +public interface GatewayRepository extends MongoRepository { } diff --git a/src/main/java/fuck/manthe/nmsl/repository/RedeemRepository.java b/src/main/java/fuck/manthe/nmsl/repository/RedeemRepository.java index 094e9e8..887014f 100644 --- a/src/main/java/fuck/manthe/nmsl/repository/RedeemRepository.java +++ b/src/main/java/fuck/manthe/nmsl/repository/RedeemRepository.java @@ -1,14 +1,14 @@ package fuck.manthe.nmsl.repository; import fuck.manthe.nmsl.entity.RedeemCode; -import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.mongodb.repository.MongoRepository; import org.springframework.stereotype.Repository; import java.util.List; import java.util.Optional; @Repository -public interface RedeemRepository extends JpaRepository { +public interface RedeemRepository extends MongoRepository { Optional findByCode(String code); Optional findByAvailableAndCode(boolean available, String code); diff --git a/src/main/java/fuck/manthe/nmsl/repository/UserRepository.java b/src/main/java/fuck/manthe/nmsl/repository/UserRepository.java index 1126c38..eb9a395 100644 --- a/src/main/java/fuck/manthe/nmsl/repository/UserRepository.java +++ b/src/main/java/fuck/manthe/nmsl/repository/UserRepository.java @@ -1,14 +1,14 @@ package fuck.manthe.nmsl.repository; -import fuck.manthe.nmsl.entity.CrackedUser; -import org.springframework.data.jpa.repository.JpaRepository; +import fuck.manthe.nmsl.entity.User; +import org.springframework.data.mongodb.repository.MongoRepository; import org.springframework.stereotype.Repository; import java.util.Optional; @Repository -public interface UserRepository extends JpaRepository { - Optional findByUsername(String username); +public interface UserRepository extends MongoRepository { + Optional findByUsername(String username); boolean existsByUsername(String username); diff --git a/src/main/java/fuck/manthe/nmsl/repository/VapeAccountRepository.java b/src/main/java/fuck/manthe/nmsl/repository/VapeAccountRepository.java index 656d0a3..5743e82 100644 --- a/src/main/java/fuck/manthe/nmsl/repository/VapeAccountRepository.java +++ b/src/main/java/fuck/manthe/nmsl/repository/VapeAccountRepository.java @@ -1,11 +1,11 @@ package fuck.manthe.nmsl.repository; import fuck.manthe.nmsl.entity.VapeAccount; -import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.mongodb.repository.MongoRepository; import org.springframework.stereotype.Repository; @Repository -public interface VapeAccountRepository extends JpaRepository { +public interface VapeAccountRepository extends MongoRepository { boolean existsByUsername(String username); diff --git a/src/main/java/fuck/manthe/nmsl/repository/WebhookEndpointRepository.java b/src/main/java/fuck/manthe/nmsl/repository/WebhookEndpointRepository.java index d461269..9f8685f 100644 --- a/src/main/java/fuck/manthe/nmsl/repository/WebhookEndpointRepository.java +++ b/src/main/java/fuck/manthe/nmsl/repository/WebhookEndpointRepository.java @@ -1,10 +1,10 @@ package fuck.manthe.nmsl.repository; import fuck.manthe.nmsl.entity.WebhookEndpoint; -import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.mongodb.repository.MongoRepository; import org.springframework.stereotype.Repository; @Repository -public interface WebhookEndpointRepository extends JpaRepository { +public interface WebhookEndpointRepository extends MongoRepository { void deleteByName(String name); } diff --git a/src/main/java/fuck/manthe/nmsl/service/AdminService.java b/src/main/java/fuck/manthe/nmsl/service/AdminService.java deleted file mode 100644 index f87f05d..0000000 --- a/src/main/java/fuck/manthe/nmsl/service/AdminService.java +++ /dev/null @@ -1,7 +0,0 @@ -package fuck.manthe.nmsl.service; - -import fuck.manthe.nmsl.entity.Admin; - -public interface AdminService { - Admin findByUsername(String username); -} diff --git a/src/main/java/fuck/manthe/nmsl/service/GatewayService.java b/src/main/java/fuck/manthe/nmsl/service/GatewayService.java index baf17c3..9be5740 100644 --- a/src/main/java/fuck/manthe/nmsl/service/GatewayService.java +++ b/src/main/java/fuck/manthe/nmsl/service/GatewayService.java @@ -21,7 +21,7 @@ public interface GatewayService { void addGateway(Gateway gateway); - boolean removeGateway(long id); + boolean removeGateway(String id); Gateway getOne(); diff --git a/src/main/java/fuck/manthe/nmsl/service/CrackedUserService.java b/src/main/java/fuck/manthe/nmsl/service/UserService.java similarity index 53% rename from src/main/java/fuck/manthe/nmsl/service/CrackedUserService.java rename to src/main/java/fuck/manthe/nmsl/service/UserService.java index d28e419..922a77f 100644 --- a/src/main/java/fuck/manthe/nmsl/service/CrackedUserService.java +++ b/src/main/java/fuck/manthe/nmsl/service/UserService.java @@ -1,23 +1,21 @@ package fuck.manthe.nmsl.service; -import fuck.manthe.nmsl.entity.CrackedUser; +import fuck.manthe.nmsl.entity.User; import java.util.List; -public interface CrackedUserService { +public interface UserService { boolean isValid(String username, String password); - boolean isValidHash(String username, String password); - - boolean addUser(CrackedUser user); + boolean addUser(User user); void removeUser(String username); - void removeUser(CrackedUser user); + void removeUser(User user); boolean renew(String username, int days); - void renew(CrackedUser user, int days); + void renew(User user, int days); void renewAll(int days); @@ -25,12 +23,12 @@ public interface CrackedUserService { boolean resetPassword(String username, String newPassword); - List list(); + List list(); long count(); void removeExpired(); - CrackedUser findByUsername(String username); + User findByUsername(String username); } diff --git a/src/main/java/fuck/manthe/nmsl/service/WebhookService.java b/src/main/java/fuck/manthe/nmsl/service/WebhookService.java index c842b7c..4b85261 100644 --- a/src/main/java/fuck/manthe/nmsl/service/WebhookService.java +++ b/src/main/java/fuck/manthe/nmsl/service/WebhookService.java @@ -16,11 +16,11 @@ public interface WebhookService { */ WebhookEndpoint add(String name, String url, String secret); - WebhookEndpoint find(long id); + WebhookEndpoint find(String id); List list(); - void remove(long id); + void remove(String id); WebhookEndpoint update(WebhookEndpoint entity); diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/AdminServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/AdminServiceImpl.java deleted file mode 100644 index 039af10..0000000 --- a/src/main/java/fuck/manthe/nmsl/service/impl/AdminServiceImpl.java +++ /dev/null @@ -1,18 +0,0 @@ -package fuck.manthe.nmsl.service.impl; - -import fuck.manthe.nmsl.entity.Admin; -import fuck.manthe.nmsl.repository.AdminRepository; -import fuck.manthe.nmsl.service.AdminService; -import jakarta.annotation.Resource; -import org.springframework.stereotype.Service; - -@Service -public class AdminServiceImpl implements AdminService { - @Resource - AdminRepository adminRepository; - - @Override - public Admin findByUsername(String username) { - return adminRepository.findByUsername(username).orElse(null); - } -} diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/GatewayServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/GatewayServiceImpl.java index 0f2821a..fa99a1a 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/GatewayServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/GatewayServiceImpl.java @@ -79,7 +79,7 @@ public void addGateway(Gateway gateway) { } @Override - public boolean removeGateway(long id) { + public boolean removeGateway(String id) { if (!gatewayRepository.existsById(id)) return false; gatewayRepository.deleteById(id); return true; diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/MaintenanceServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/MaintenanceServiceImpl.java index 9571443..843a10a 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/MaintenanceServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/MaintenanceServiceImpl.java @@ -1,7 +1,7 @@ package fuck.manthe.nmsl.service.impl; -import fuck.manthe.nmsl.service.CrackedUserService; import fuck.manthe.nmsl.service.MaintenanceService; +import fuck.manthe.nmsl.service.UserService; import fuck.manthe.nmsl.utils.Const; import jakarta.annotation.Resource; import lombok.extern.log4j.Log4j2; @@ -21,7 +21,7 @@ public class MaintenanceServiceImpl implements MaintenanceService { RedisTemplate longRedisTemplate; @Resource - CrackedUserService crackedUserService; + UserService userService; @Value("${share.maintain.auto-renew}") boolean shouldRenew; @@ -41,7 +41,7 @@ public void setMaintaining(boolean maintaining) { booleanRedisTemplate.opsForValue().set(Const.IS_MAINTAINING, false); int days = calculateDuration(); if (shouldRenew && days > 0) { - crackedUserService.renewAll(days); + userService.renewAll(days); } log.info("Maintain mode disabled."); } diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/RedeemServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/RedeemServiceImpl.java index 837918b..2f286c2 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/RedeemServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/RedeemServiceImpl.java @@ -3,8 +3,7 @@ import fuck.manthe.nmsl.entity.RedeemCode; import fuck.manthe.nmsl.repository.RedeemRepository; import fuck.manthe.nmsl.service.RedeemService; -import jakarta.transaction.Transactional; -import org.springframework.beans.factory.annotation.Autowired; +import jakarta.annotation.Resource; import org.springframework.stereotype.Service; import java.util.List; @@ -12,11 +11,10 @@ @Service public class RedeemServiceImpl implements RedeemService { - @Autowired + @Resource RedeemRepository redeemRepository; @Override - @Transactional public RedeemCode infoOrNull(String codeString) { Optional redeemCode = redeemRepository.findByCode(codeString); return redeemCode.orElse(null); @@ -39,7 +37,6 @@ public boolean useCode(String code, String username) { } @Override - @Transactional public boolean removeCode(String code) { if (redeemRepository.findByCode(code).isEmpty()) return false; redeemRepository.deleteByCode(code); @@ -62,7 +59,6 @@ public List listSold() { } @Override - @Transactional public void deleteByRedeemer(String username) { redeemRepository.deleteAllByRedeemer(username); } diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/UserDetailsServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/UserDetailsServiceImpl.java index 862d969..e111245 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/UserDetailsServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/UserDetailsServiceImpl.java @@ -1,8 +1,8 @@ package fuck.manthe.nmsl.service.impl; -import fuck.manthe.nmsl.entity.Admin; +import fuck.manthe.nmsl.entity.User; import fuck.manthe.nmsl.entity.UserDetailsImpl; -import fuck.manthe.nmsl.service.AdminService; +import fuck.manthe.nmsl.service.UserService; import jakarta.annotation.Resource; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -12,16 +12,18 @@ @Service public class UserDetailsServiceImpl implements UserDetailsService { @Resource - AdminService adminService; + UserService userService; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { - Admin admin = adminService.findByUsername(username); - if (admin == null) return null; + User user = userService.findByUsername(username); + if (user == null) { + throw new UsernameNotFoundException("User not found with username: " + username); + } return UserDetailsImpl.builder() - .username(admin.getUsername()) - .password(admin.getPassword()) - .role(admin.getRole()) + .username(user.getUsername()) + .password(user.getPassword()) + .role(user.getRole()) .build(); } } diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/CrackedUserServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/UserServiceImpl.java similarity index 70% rename from src/main/java/fuck/manthe/nmsl/service/impl/CrackedUserServiceImpl.java rename to src/main/java/fuck/manthe/nmsl/service/impl/UserServiceImpl.java index 9dd8ebe..fddf640 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/CrackedUserServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/UserServiceImpl.java @@ -1,14 +1,13 @@ package fuck.manthe.nmsl.service.impl; -import cn.hutool.crypto.SecureUtil; -import fuck.manthe.nmsl.entity.CrackedUser; +import fuck.manthe.nmsl.entity.User; import fuck.manthe.nmsl.repository.UserRepository; import fuck.manthe.nmsl.service.AnalysisService; -import fuck.manthe.nmsl.service.CrackedUserService; import fuck.manthe.nmsl.service.RedeemService; +import fuck.manthe.nmsl.service.UserService; import jakarta.annotation.Resource; -import jakarta.transaction.Transactional; import lombok.extern.log4j.Log4j2; +import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import java.util.List; @@ -16,7 +15,7 @@ @Log4j2 @Service -public class CrackedUserServiceImpl implements CrackedUserService { +public class UserServiceImpl implements UserService { @Resource UserRepository userRepository; @@ -26,23 +25,21 @@ public class CrackedUserServiceImpl implements CrackedUserService { @Resource RedeemService redeemService; - @Override - public boolean isValid(String username, String password) { - return isValidHash(username, SecureUtil.sha1(password)); - } + @Resource + PasswordEncoder passwordEncoder; @Override - public boolean isValidHash(String username, String password) { - Optional optional = userRepository.findByUsername(username); + public boolean isValid(String username, String password) { + Optional optional = userRepository.findByUsername(username); if (optional.isPresent()) { - CrackedUser user = optional.get(); - return user.getPassword().equals(password); + User user = optional.get(); + return passwordEncoder.matches(password, user.getPassword()); } return false; } @Override - public boolean addUser(CrackedUser user) { + public boolean addUser(User user) { if (userRepository.existsByUsername(user.getUsername())) { return false; } @@ -52,7 +49,6 @@ public boolean addUser(CrackedUser user) { } @Override - @Transactional public void removeUser(String username) { // delete user userRepository.deleteByUsername(username); @@ -61,21 +57,21 @@ public void removeUser(String username) { } @Override - public void removeUser(CrackedUser user) { + public void removeUser(User user) { userRepository.delete(user); } @Override public boolean renew(String username, int days) { - Optional optional = userRepository.findByUsername(username); + Optional optional = userRepository.findByUsername(username); if (optional.isEmpty()) return false; - CrackedUser user = optional.get(); + User user = optional.get(); renew(user, days); return true; } @Override - public void renew(CrackedUser user, int days) { + public void renew(User user, int days) { if (days == -1) { user.setExpire(-1L); } else { @@ -93,7 +89,7 @@ public void renew(CrackedUser user, int days) { @Override public void renewAll(int days) { log.info("Adding {} days to all users", days); - for (CrackedUser crackedUser : list()) { + for (User crackedUser : list()) { if (crackedUser.getExpire() == -1) continue; renew(crackedUser, days); } @@ -101,7 +97,7 @@ public void renewAll(int days) { @Override public boolean hasExpired(String username) { - Optional optional = userRepository.findByUsername(username); + Optional optional = userRepository.findByUsername(username); if (optional.isEmpty()) return true; if (optional.get().getExpire() == -1L) { return false; @@ -111,16 +107,16 @@ public boolean hasExpired(String username) { @Override public boolean resetPassword(String username, String newPassword) { - Optional optional = userRepository.findByUsername(username); + Optional optional = userRepository.findByUsername(username); if (optional.isEmpty()) return false; - CrackedUser user = optional.get(); - user.setPassword(SecureUtil.sha1(newPassword)); + User user = optional.get(); + user.setPassword(passwordEncoder.encode(newPassword)); userRepository.save(user); return true; } @Override - public List list() { + public List list() { return userRepository.findAll(); } @@ -135,7 +131,7 @@ public void removeExpired() { } @Override - public CrackedUser findByUsername(String username) { + public User findByUsername(String username) { return userRepository.findByUsername(username).orElse(null); } } diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/VapeAccountServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/VapeAccountServiceImpl.java index be0ad5e..eb4c09b 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/VapeAccountServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/VapeAccountServiceImpl.java @@ -8,7 +8,6 @@ import fuck.manthe.nmsl.utils.Const; import fuck.manthe.nmsl.utils.CryptUtil; import jakarta.annotation.Resource; -import jakarta.transaction.Transactional; import lombok.extern.log4j.Log4j2; import okhttp3.MediaType; import okhttp3.OkHttpClient; @@ -100,7 +99,6 @@ public boolean addAccount(VapeAccount account) { } @Override - @Transactional public boolean removeAccount(String username) { if (!vapeAccountRepository.existsByUsername(username)) { return false; diff --git a/src/main/java/fuck/manthe/nmsl/service/impl/WebhookServiceImpl.java b/src/main/java/fuck/manthe/nmsl/service/impl/WebhookServiceImpl.java index 079febd..bd013af 100644 --- a/src/main/java/fuck/manthe/nmsl/service/impl/WebhookServiceImpl.java +++ b/src/main/java/fuck/manthe/nmsl/service/impl/WebhookServiceImpl.java @@ -49,7 +49,7 @@ public WebhookEndpoint add(String name, String url, String secret) { } @Override - public WebhookEndpoint find(long id) { + public WebhookEndpoint find(String id) { return webhookEndpointRepository.findById(id).orElse(null); } @@ -59,7 +59,7 @@ public List list() { } @Override - public void remove(long id) { + public void remove(String id) { webhookEndpointRepository.deleteById(id); } diff --git a/src/main/resources/application.yml b/src/main/resources/application.yml index 0f72944..b42479b 100644 --- a/src/main/resources/application.yml +++ b/src/main/resources/application.yml @@ -1,11 +1,9 @@ spring: application: name: DingZhenServlet - datasource: - url: jdbc:h2:file:./dingzhen - username: sa - password: - driver-class-name: org.h2.Driver + data: + mongodb: + uri: mongodb://localhost:27017/vape-share jpa: hibernate: ddl-auto: update diff --git a/src/main/resources/templates/dashboard/add-user.html b/src/main/resources/templates/dashboard/add-user.html index 0544354..887bc84 100644 --- a/src/main/resources/templates/dashboard/add-user.html +++ b/src/main/resources/templates/dashboard/add-user.html @@ -32,7 +32,6 @@

添加用户

const username = document.getElementById('username').value; const password = document.getElementById('password').value; const days = document.getElementById('days').value; - const adminPassword = localStorage.getItem('adminPassword'); if (!username || !password || !days) { mdui.alert('请填写所有字段'); @@ -42,7 +41,7 @@

添加用户

fetch(`/admin/user/add`, { method: 'POST', headers: { - 'X-Admin-Password': adminPassword + 'Content-Type': "application/json", }, body: JSON.stringify({ username: username, diff --git a/src/main/resources/templates/dashboard/basic-settings.html b/src/main/resources/templates/dashboard/basic-settings.html index 3689339..613f084 100644 --- a/src/main/resources/templates/dashboard/basic-settings.html +++ b/src/main/resources/templates/dashboard/basic-settings.html @@ -42,15 +42,11 @@

基本设置

let maintenanceModeState = true; function resetGlobalColdDown() { - const adminPassword = localStorage.getItem('adminPassword'); - mdui.confirm('确定要重置注入冷却吗?', '重置确认', function () { fetch('/admin/colddown/reset', { method: 'POST', - headers: { - 'X-Admin-Password': adminPassword - }, + headers: {} }) .then(response => response.json()) .then(data => { @@ -82,12 +78,9 @@

基本设置

} function loadMaintenanceState() { - const adminPassword = localStorage.getItem('adminPassword'); - fetch("/admin/maintenance/state", { method: 'GET', headers: { - 'X-Admin-Password': adminPassword, 'Content-Type': "application/json" } }) @@ -101,14 +94,12 @@

基本设置

} function toggleInject() { - const adminPassword = localStorage.getItem('adminPassword'); mdui.confirm(`确定要${maintenanceText()}维护模式吗?`, '确认', function () { fetch('/admin/maintenance/state', { method: 'POST', headers: { - 'X-Admin-Password': adminPassword, 'Content-Type': "application/json" }, body: JSON.stringify({ diff --git a/src/main/resources/templates/dashboard/index.html b/src/main/resources/templates/dashboard/index.html index 537bd13..65195f0 100644 --- a/src/main/resources/templates/dashboard/index.html +++ b/src/main/resources/templates/dashboard/index.html @@ -87,45 +87,38 @@ diff --git a/src/main/resources/templates/dashboard/manage-vape-accounts.html b/src/main/resources/templates/dashboard/manage-vape-accounts.html index 1a1aad7..e126b60 100644 --- a/src/main/resources/templates/dashboard/manage-vape-accounts.html +++ b/src/main/resources/templates/dashboard/manage-vape-accounts.html @@ -45,8 +45,6 @@

管理 VAPE 账号