From d9ef502c09aa305152c7949540753daedf99edd7 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期四, 24 十一月 2022 15:33:30 +0800
Subject: [PATCH] 1
---
src/main/java/com/lf/server/controller/data/MetaController.java | 11 ++++++++++-
src/main/java/com/lf/server/service/data/DownloadService.java | 28 ++++++++++++++++++++++++++++
2 files changed, 38 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/lf/server/controller/data/MetaController.java b/src/main/java/com/lf/server/controller/data/MetaController.java
index 1076f54..12985ef 100644
--- a/src/main/java/com/lf/server/controller/data/MetaController.java
+++ b/src/main/java/com/lf/server/controller/data/MetaController.java
@@ -8,6 +8,8 @@
import com.lf.server.entity.data.DownloadEntity;
import com.lf.server.entity.data.MetaEntity;
import com.lf.server.entity.sys.UserEntity;
+import com.lf.server.helper.Md5Helper;
+import com.lf.server.helper.RsaHelper;
import com.lf.server.helper.StringHelper;
import com.lf.server.helper.WebHelper;
import com.lf.server.service.data.DownloadService;
@@ -238,6 +240,10 @@
if (null == reqEntity.getIds() || reqEntity.getIds().isEmpty()) {
return fail("璇烽�夋嫨瑕佷笅杞界殑鏂囦欢");
}
+ if (!downloadService.validatePwd(reqEntity)) {
+ return fail("瀵嗙爜涓嶇鍚堣姹�");
+ }
+
return success(true);
} catch (Exception ex) {
@@ -262,13 +268,16 @@
return;
}
- UserEntity ue = tokenService.getCurrentUser(req);
DownloadEntity de = downloadService.selectByGuid(reqEntity.getGuid());
if (null == de) {
WebHelper.writeInfo(HttpStatus.NOT_FOUND, "鏂囦欢涓嶅瓨鍦�", res);
return;
}
+ if (!StringHelper.isNull(de.getPwd()) && !Md5Helper.validatePassword(reqEntity.getPwd(), de.getPwd())) {
+ WebHelper.writeInfo(HttpStatus.UNAUTHORIZED, "瀵嗙爜涓嶆纭�", res);
+ }
+ UserEntity ue = tokenService.getCurrentUser(req);
de.setDcount(de.getDcount() + 1);
de.setDownloadUser(ue.getId());
int rows = downloadService.update(de);
diff --git a/src/main/java/com/lf/server/service/data/DownloadService.java b/src/main/java/com/lf/server/service/data/DownloadService.java
index 3872a74..10ec12b 100644
--- a/src/main/java/com/lf/server/service/data/DownloadService.java
+++ b/src/main/java/com/lf/server/service/data/DownloadService.java
@@ -1,9 +1,13 @@
package com.lf.server.service.data;
+import com.lf.server.entity.ctrl.DownloadReqEntity;
import com.lf.server.entity.data.DownloadEntity;
import com.lf.server.helper.PathHelper;
+import com.lf.server.helper.RsaHelper;
import com.lf.server.helper.StringHelper;
import com.lf.server.mapper.data.DownloadMapper;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@@ -21,6 +25,8 @@
@Autowired
DownloadMapper downloadMapper;
+
+ private final static Log log = LogFactory.getLog(DownloadService.class);
@Override
public Integer selectCount(String name) {
@@ -104,4 +110,26 @@
public String getDownloadFilePath(DownloadEntity de) {
return pathHelper.getConfig().getDownloadPath() + File.separator + de.getUrl();
}
+
+ /**
+ * 鏍¢獙瀵嗙爜鏈夋晥鎬�
+ *
+ * @param reqEntity 璇锋眰涓嬭浇瀹炰綋绫�
+ * @return 鏄�/鍚︽湁鏁�
+ */
+ public boolean validatePwd(DownloadReqEntity reqEntity) {
+ try {
+ String pwd = RsaHelper.decrypt(reqEntity.getPwd());
+ if (StringHelper.isEmpty(pwd) || !StringHelper.checkPwdValid(pwd)) {
+ return false;
+ }
+
+ reqEntity.setPwd(pwd);
+
+ return true;
+ } catch (Exception ex) {
+ log.error(ex.getMessage(), ex);
+ return false;
+ }
+ }
}
--
Gitblit v1.9.3