Merge pull request #137 from Lixuhuilll/vcode

修复登录不校验邮箱是否激活的问题，修复注册不发送激活邮件的问题，修复可能的多线程数据争用问题
MaaAssistantArknights · Sep 27, 2023 · 9cf327f · 9cf327f
2 parents 876371c + ad6422d
commit 9cf327f
Show file tree

Hide file tree

Showing 14 changed files with 153 additions and 220 deletions.
diff --git a/src/main/java/plus/maa/backend/common/bo/EmailBusinessObject.java b/src/main/java/plus/maa/backend/common/bo/EmailBusinessObject.java
@@ -133,22 +133,6 @@ public void sendVerificationCodeMessage(String code) {
         }
     }
 
-
-    public void sendActivateUrlMessage(String url) {
-
-        try {
-            send(this.mailAccount, this.emailList
-                    , this.title + "  账户激活"
-                    , defaultMailIncludeHtmlTemplates(
-                            "mail-activateUrl.ftlh", url
-                    )
-                    , this.isHtml
-            );
-        } catch (Exception ex) {
-            throw new RuntimeException("邮件发送失败", ex);
-        }
-    }
-
     public void sendCommentNotification(Map<String, String> map) {
         try {
             send(this.mailAccount,

diff --git a/src/main/java/plus/maa/backend/controller/UserController.java b/src/main/java/plus/maa/backend/controller/UserController.java
@@ -5,25 +5,25 @@
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
-import jakarta.servlet.http.HttpServletResponse;
 import jakarta.validation.Valid;
 import lombok.Data;
 import lombok.RequiredArgsConstructor;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.validation.annotation.Validated;
-import org.springframework.web.bind.annotation.*;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
 import plus.maa.backend.config.SpringDocConfig;
 import plus.maa.backend.config.external.MaaCopilotProperties;
 import plus.maa.backend.config.security.AuthenticationHelper;
 import plus.maa.backend.controller.request.user.*;
-import plus.maa.backend.controller.response.user.MaaLoginRsp;
 import plus.maa.backend.controller.response.MaaResult;
+import plus.maa.backend.controller.response.user.MaaLoginRsp;
 import plus.maa.backend.controller.response.user.MaaUserInfo;
 import plus.maa.backend.service.EmailService;
 import plus.maa.backend.service.UserService;
 
-import java.io.IOException;
-
 /**
  * 用户相关接口
  * <a href=
@@ -45,40 +45,6 @@ public class UserController {
     @Value("${maa-copilot.jwt.header}")
     private String header;
 
-    /**
-     * 激活token中的用户
-     *
-     * @param activateDTO 激活码
-     * @return 成功响应
-     */
-    @Operation(summary = "激活用户")
-    @ApiResponse(description = "激活用户结果")
-    @SecurityRequirement(name = SpringDocConfig.SECURITY_SCHEME_NAME)
-    @PostMapping("/activate")
-    public MaaResult<Void> activate(
-            @Parameter(description = "激活用户请求") @Valid @RequestBody ActivateDTO activateDTO
-    ) {
-        // FIXME 应改为从 body 中获取， 解决激活——登录悖论，待讨论
-        var userId = helper.requireUserId();
-        userService.activateUser(userId, activateDTO);
-        return MaaResult.success();
-    }
-
-    /**
-     * 注册完成后发送邮箱激活码
-     *
-     * @return null
-     */
-    @Operation(summary = "完成注册后发送邮箱激活码")
-    @ApiResponse(description = "激活码发送结果")
-    @SecurityRequirement(name = SpringDocConfig.SECURITY_SCHEME_NAME)
-    @PostMapping("/activate/request")
-    public MaaResult<Void> activateRequest() {
-        // FIXME 完成注册后发送激活码不应该由客户端请求
-        userService.sendActiveCodeByEmail(helper.requireUserId());
-        return MaaResult.success();
-    }
-
     /**
      * 更新当前用户的密码(根据原密码)
      *
@@ -177,9 +143,8 @@ public MaaResult<MaaUserInfo> register(@Parameter(description = "用户注册请
     @PostMapping("/sendRegistrationToken")
     @Operation(summary = "注册时发送验证码")
     @ApiResponse(description = "发送验证码结果", responseCode = "204")
-    public MaaResult<Void> sendRegistrationToken(@Parameter(description = "发送注册验证码请求") @RequestBody SendRegistrationTokenDTO regDTO) {
-        //FIXME: 增加频率限制或者 captcha
-        emailService.sendVCode(regDTO.getEmail());
+    public MaaResult<Void> sendRegistrationToken(@Parameter(description = "发送注册验证码请求") @RequestBody @Valid SendRegistrationTokenDTO regDTO) {
+        userService.sendRegistrationToken(regDTO);
         return new MaaResult<>(204, null, null);
     }
 
@@ -195,19 +160,4 @@ public MaaResult<Void> sendRegistrationToken(@Parameter(description = "发送注
     public MaaResult<MaaLoginRsp> login(@Parameter(description = "登录请求") @RequestBody @Valid LoginDTO user) {
         return MaaResult.success("登陆成功", userService.login(user));
     }
-
-    @GetMapping("/activateAccount")
-    @Operation(summary = "激活账号")
-    @ApiResponse(description = "激活账号结果")
-    public MaaResult<Void> activateAccount(@Parameter(description = "激活请求") EmailActivateReq activateDTO,
-                                           @Parameter(description = "页面跳转参数") HttpServletResponse response) {
-        userService.activateAccount(activateDTO);
-        // 激活成功 跳转页面
-        try {
-            response.sendRedirect(properties.getInfo().getFrontendDomain());
-        } catch (IOException e) {
-            throw new RuntimeException(e);
-        }
-        return MaaResult.success();
-    }
 }
diff --git a/src/main/java/plus/maa/backend/controller/request/user/ActivateDTO.java b/src/main/java/plus/maa/backend/controller/request/user/ActivateDTO.java
diff --git a/src/main/java/plus/maa/backend/controller/request/user/LoginDTO.java b/src/main/java/plus/maa/backend/controller/request/user/LoginDTO.java
@@ -15,6 +15,7 @@
 @NoArgsConstructor
 @AllArgsConstructor
 public class LoginDTO {
+    @NotBlank(message = "邮箱格式错误")
     @Email(message = "邮箱格式错误")
     private String email;
     @NotBlank(message = "请输入用户密码")

diff --git a/src/main/java/plus/maa/backend/controller/request/user/PasswordResetDTO.java b/src/main/java/plus/maa/backend/controller/request/user/PasswordResetDTO.java
@@ -18,6 +18,7 @@ public class PasswordResetDTO {
     /**
      * 邮箱
      */
+    @NotBlank(message = "邮箱格式错误")
     @Email(message = "邮箱格式错误")
     private String email;
     /**

diff --git a/src/main/java/plus/maa/backend/controller/request/user/PasswordResetVCodeDTO.java b/src/main/java/plus/maa/backend/controller/request/user/PasswordResetVCodeDTO.java
@@ -1,6 +1,7 @@
 package plus.maa.backend.controller.request.user;
 
 import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -17,6 +18,7 @@ public class PasswordResetVCodeDTO {
     /**
      * 邮箱
      */
+    @NotBlank(message = "邮箱格式错误")
     @Email(message = "邮箱格式错误")
     private String email;
 }
diff --git a/src/main/java/plus/maa/backend/controller/request/user/PasswordUpdateDTO.java b/src/main/java/plus/maa/backend/controller/request/user/PasswordUpdateDTO.java
@@ -17,6 +17,7 @@
 public class PasswordUpdateDTO {
     @NotBlank(message = "请输入原密码")
     private String originalPassword;
+    @NotBlank(message = "密码长度必须在8-32位之间")
     @Length(min = 8, max = 32, message = "密码长度必须在8-32位之间")
     private String newPassword;
 }
diff --git a/src/main/java/plus/maa/backend/controller/request/user/RegisterDTO.java b/src/main/java/plus/maa/backend/controller/request/user/RegisterDTO.java
@@ -1,6 +1,7 @@
 package plus.maa.backend.controller.request.user;
 
 import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -15,11 +16,15 @@
 @NoArgsConstructor
 @AllArgsConstructor
 public class RegisterDTO {
+    @NotBlank(message = "邮箱格式错误")
     @Email(message = "邮箱格式错误")
     private String email;
-    @Length(min = 4, max = 24, message = "用户名长度应在2-24位之间")
+    @NotBlank(message = "用户名长度应在4-24位之间")
+    @Length(min = 4, max = 24, message = "用户名长度应在4-24位之间")
     private String userName;
+    @NotBlank(message = "密码长度必须在8-32位之间")
     @Length(min = 8, max = 32, message = "密码长度必须在8-32位之间")
     private String password;
+    @NotBlank(message = "请输入验证码")
     private String registrationToken;
 }
diff --git a/src/main/java/plus/maa/backend/controller/request/user/SendRegistrationTokenDTO.java b/src/main/java/plus/maa/backend/controller/request/user/SendRegistrationTokenDTO.java
@@ -1,10 +1,12 @@
 package plus.maa.backend.controller.request.user;
 
 import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
 import lombok.Data;
 
 @Data
 public class SendRegistrationTokenDTO {
+    @NotBlank(message = "邮箱格式错误")
     @Email(message = "邮箱格式错误")
     private String email;
 }
diff --git a/src/main/java/plus/maa/backend/controller/request/user/UserInfoUpdateDTO.java b/src/main/java/plus/maa/backend/controller/request/user/UserInfoUpdateDTO.java
@@ -1,5 +1,6 @@
 package plus.maa.backend.controller.request.user;
 
+import jakarta.validation.constraints.NotBlank;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -14,6 +15,7 @@
 @NoArgsConstructor
 @AllArgsConstructor
 public class UserInfoUpdateDTO {
-    @Length(min = 4, max = 24, message = "用户名长度应在2-24位之间")
+    @NotBlank(message = "用户名长度应在4-24位之间")
+    @Length(min = 4, max = 24, message = "用户名长度应在4-24位之间")
     private String userName;
 }