发表于: 2019-10-11 19:44:41
1 915
一、今天完成的事
1.修改注册登录逻辑,完成基本的注册登录实现中
@RequestMapping(value = "/a/register/1", method = RequestMethod.POST)
public String insert(User user, String name, HttpServletResponse response,Model model,HttpServletRequest request) throws Exception {
log.info("user========================" + user);
// 对传入参数进行判空
log.info(!ObjectUtils.isEmpty(user.getName()));
if (!ObjectUtils.isEmpty(user.getName()) && !ObjectUtils.isEmpty(user.getPassword())) {
String code = request.getParameter("code");
log.info(code);
if(!ObjectUtils.isEmpty(user.getPhone())==false){
log.info("手机号不能为空,请返回");
model.addAttribute("code",-1);
model.addAttribute("message","手机号不能为空,请返回");
return "verify";
}
if(!ObjectUtils.isEmpty(user.getEmail())==false){
log.info("邮箱不能为空,请返回");
model.addAttribute("code",-1);
model.addAttribute("message","邮箱不能为空,请返回");
return "verify";
}
if(!ObjectUtils.isEmpty(code)==false){
log.info("验证码不能为空,请返回");
model.addAttribute("code",-1);
model.addAttribute("message","请先获取验证码");
return "verify";
}
// 注册时,先根据用户名查数据库,如果查不出则插入,否则返回注册页面
List<User> userName = userService.selectByName(user.getName());
log.info("userName====================" + userName);
if (ObjectUtils.isEmpty(userName)) {
// 插入时,使用MD5加密再加盐
user.setPassword(Md5Util.getMd5(user.getPassword() + user.getId()));
log.info("用户名和加密后的密码=================" + user);
boolean row = userService.insert(user);
log.info("是否插入================" + row);
log.info("userId===============" + user.getId());
User dbUser = userService.selectByCondition(user.getName(), user.getPassword());
// 发一个token
log.info(dbUser);
String token =
DESUtil.encrypt(dbUser.getId() + "|" +
System.currentTimeMillis() + "|" + user.getName());
log.info("token=================" + token);
Cookie cookie = new Cookie("token", token);
cookie.setMaxAge(0);
log.info("tokenName===================" + cookie.getName());
log.info("tokenValue==================" + cookie.getValue());
response.addCookie(cookie);
log.info("确认数据======================");
return "login";
}
log.info("用户名已存在=================");
model.addAttribute("code",-2);
model.addAttribute("message","用户名已存在,请返回");
return "verify";
}
log.info("用户名密码为空================");
model.addAttribute("code",-2);
model.addAttribute("message","用户名密码为空,请返回");
return "verify";
}
想写页面来实现的,没有成功,就用json来接收返回的信息
.png)
用手机和邮箱验证码可以生成到token来登录
@RequestMapping(value = "/a/login/phone/1")
public String loginForPhone(HttpServletRequest request, HttpServletResponse response, User user,Model model) throws Exception {
String phone = request.getParameter("phone");
log.info(phone);
user = userService.selectByPhone(phone);
log.info(user);
if (user != null&&user.getId()!=null) {
String token = DESUtil.encrypt(user.getId() + "|" +
System.currentTimeMillis() + "|" + user.getName());
log.info("token===============" + token);
Cookie cookie = new Cookie("token", token);
cookie.setMaxAge(30*60);
cookie.setPath("/");
log.info("tokenName=========" + cookie.getName());
log.info("tokenValue==========" + cookie.getValue());
response.addCookie(cookie);
log.info("cookie 是" + cookie);
model.addAttribute("code",1);
model.addAttribute("message","登录成功");
return "verify";
} else {
log.debug("手机号不存在");
model.addAttribute("code",-1);
model.addAttribute("message","手机号不存在,请返回重新登录");
return "verify";
}
}
二、遇到的问题
三、收获
为了防止在OSS上的数据被其他人盗链而产生额外费用,您可以设置防盗链功能,包括以下参数:
Referer白名单。仅允许指定的域名访问OSS资源。
是否允许空Referer。如果不允许空Referer,则只有HTTP或HTTPS header中包含Referer字段的请求才能访问OSS资源。
设置防盗链
以下代码用于设置防盗链:
#include "oss_api.h"
#include "aos_http_io.h"
const char *endpoint = "<yourEndpoint>";
const char *access_key_id = "<yourAccessKeyId>";
const char *access_key_secret = "<yourAccessKeySecret>";
const char *bucket_name = "<yourBucketName>";
void init_options(oss_request_options_t *options)
{
options->config = oss_config_create(options->pool);
/* 用char*类型的字符串初始化aos_string_t类型。*/
aos_str_set(&options->config->endpoint, endpoint);
aos_str_set(&options->config->access_key_id, access_key_id);
aos_str_set(&options->config->access_key_secret, access_key_secret);
/* 是否使用了CNAME。0表示不使用。*/
options->config->is_cname = 0;
/* 设置网络相关参数,比如超时时间等。*/
options->ctl = aos_http_controller_create(options->pool, 0);
}
int main(int argc, char *argv[])
{
/* 在程序入口调用aos_http_io_initialize方法来初始化网络、内存等全局资源。*/
if (aos_http_io_initialize(NULL, 0) != AOSE_OK) {
exit(1);
}
/* 用于内存管理的内存池(pool),等价于apr_pool_t。其实现代码在apr库中。*/
aos_pool_t *pool;
/* 重新创建一个内存池,第二个参数是NULL,表示没有继承其它内存池。*/
aos_pool_create(&pool, NULL);
/* 创建并初始化options,该参数包括endpoint、access_key_id、acces_key_secret、is_cname、curl等全局配置信息。*/
oss_request_options_t *oss_client_options;
/* 在内存池中分配内存给options。*/
oss_client_options = oss_request_options_create(pool);
/* 初始化Client的选项oss_client_options。*/
init_options(oss_client_options);
/* 初始化参数。*/
aos_string_t bucket;
aos_table_t *resp_headers = NULL;
aos_status_t *resp_status = NULL;
oss_referer_config_t referer_config;
aos_str_set(&bucket, bucket_name);
aos_list_init(&referer_config.referer_list);
oss_create_and_add_refer(pool, &referer_config, "http://www.aliyun.com");
oss_create_and_add_refer(pool, &referer_config, "https://www.aliyun.com");
referer_config.allow_empty_referer = 0;
/* 添加Referer白名单。Referer参数支持通配符星号(*)和问号(?)。*/
resp_status = oss_put_bucket_referer(oss_client_options, &bucket, &referer_config, &resp_headers);
if (aos_status_is_ok(resp_status)) {
printf("put bucket referer succeeded\n");
} else {
printf("put bucket referer failed\n");
}
/* 释放内存池,相当于释放了请求过程中各资源分配的内存。*/
aos_pool_destroy(pool);
/* 释放之前分配的全局资源。*/
aos_http_io_deinitialize();
return 0;
}
获取防盗链信息
以下代码用于获取防盗链信息:
#include "oss_api.h"
#include "aos_http_io.h"
const char *endpoint = "<yourEndpoint>";
const char *access_key_id = "<yourAccessKeyId>";
const char *access_key_secret = "<yourAccessKeySecret>";
const char *bucket_name = "<yourBucketName>";
void init_options(oss_request_options_t *options)
{
options->config = oss_config_create(options->pool);
/* 用char*类型的字符串初始化aos_string_t类型。*/
aos_str_set(&options->config->endpoint, endpoint);
aos_str_set(&options->config->access_key_id, access_key_id);
aos_str_set(&options->config->access_key_secret, access_key_secret);
/* 是否使用了CNAME。0表示不使用。*/
options->config->is_cname = 0;
/* 设置网络相关参数,比如超时时间等。*/
options->ctl = aos_http_controller_create(options->pool, 0);
}
int main(int argc, char *argv[])
{
/* 在程序入口调用aos_http_io_initialize方法来初始化网络、内存等全局资源。*/
if (aos_http_io_initialize(NULL, 0) != AOSE_OK) {
exit(1);
}
/* 用于内存管理的内存池(pool),等价于apr_pool_t。其实现代码在apr库中。*/
aos_pool_t *pool;
/* 重新创建一个内存池,第二个参数是NULL,表示没有继承其它内存池。*/
aos_pool_create(&pool, NULL);
/* 创建并初始化options,该参数包括endpoint、access_key_id、acces_key_secret、is_cname、curl等全局配置信息。*/
oss_request_options_t *oss_client_options;
/* 在内存池中分配内存给options。*/
oss_client_options = oss_request_options_create(pool);
/* 初始化Client的选项oss_client_options。*/
init_options(oss_client_options);
/* 初始化参数。*/
aos_string_t bucket;
aos_table_t *resp_headers = NULL;
aos_status_t *resp_status = NULL;
oss_referer_config_t referer_config;
oss_referer_t *referer;
aos_str_set(&bucket, bucket_name);
aos_list_init(&referer_config.referer_list);
/* 获取Referer白名单列表。*/
resp_status = oss_get_bucket_referer(oss_client_options, &bucket, &referer_config, &resp_headers);
if (aos_status_is_ok(resp_status)) {
printf("get bucket referer succeeded\n");
aos_list_for_each_entry(oss_referer_t, referer, &referer_config.referer_list, node) {
printf("get referer %s\n", referer->referer.data);
}
} else {
printf("get bucket referer failed\n");
}
/* 释放内存池,相当于释放了请求过程中各资源分配的内存。*/
aos_pool_destroy(pool);
/* 释放之前分配的全局资源。*/
aos_http_io_deinitialize();
return 0;
}
清空防盗链
以下代码用于清空防盗链:
#include "oss_api.h"
#include "aos_http_io.h"
const char *endpoint = "<yourEndpoint>";
const char *access_key_id = "<yourAccessKeyId>";
const char *access_key_secret = "<yourAccessKeySecret>";
const char *bucket_name = "<yourBucketName>";
void init_options(oss_request_options_t *options)
{
options->config = oss_config_create(options->pool);
/* 用char*类型的字符串初始化aos_string_t类型。*/
aos_str_set(&options->config->endpoint, endpoint);
aos_str_set(&options->config->access_key_id, access_key_id);
aos_str_set(&options->config->access_key_secret, access_key_secret);
/* 是否使用了CNAME。0表示不使用。*/
options->config->is_cname = 0;
/* 设置网络相关参数,比如超时时间等。*/
options->ctl = aos_http_controller_create(options->pool, 0);
}
int main(int argc, char *argv[])
{
/* 在程序入口调用aos_http_io_initialize方法来初始化网络、内存等全局资源。*/
if (aos_http_io_initialize(NULL, 0) != AOSE_OK) {
exit(1);
}
/* 用于内存管理的内存池(pool),等价于apr_pool_t。其实现代码在apr库中。*/
aos_pool_t *pool;
/* 重新创建一个内存池,第二个参数是NULL,表示没有继承其它内存池。*/
aos_pool_create(&pool, NULL);
/* 创建并初始化options,该参数包括endpoint、access_key_id、acces_key_secret、is_cname、curl等全局配置信息。*/
oss_request_options_t *oss_client_options;
/* 在内存池中分配内存给options。*/
oss_client_options = oss_request_options_create(pool);
/* 初始化Client的选项oss_client_options。*/
init_options(oss_client_options);
/* 初始化参数。*/
aos_string_t bucket;
aos_table_t *resp_headers = NULL;
aos_status_t *resp_status = NULL;
oss_referer_config_t referer_config;
aos_str_set(&bucket, bucket_name);
aos_list_init(&referer_config.referer_list);
referer_config.allow_empty_referer = 1;
/* 防盗链不能直接清空,需要新建一个允许空Referer的规则来覆盖之前的规则。*/
resp_status = oss_put_bucket_referer(oss_client_options, &bucket, &referer_config, &resp_headers);
if (aos_status_is_ok(resp_status)) {
printf("delete bucket referer succeeded\n");
} else {
printf("delete bucket referer failed\n");
}
/* 释放内存池,相当于释放了请求过程中各资源分配的内存。*/
aos_pool_destroy(pool);
/* 释放之前分配的全局资源。*/
aos_http_io_deinitialize();
return 0;
}
四、明天的计划
今天看了防盗链,代码还没有能完全实现就不贴自己的代码了明天把防盗链和图片头像上传整合到项目中,然后准备做总结和提交任务
返回列表
评论