公开API加密

src/main/java/com/miekir/shibei/controller/api/JsonController.java

@@ -40,24 +40,16 @@ public class JsonController {
      */
     @RequestMapping(value = "/api/getWeather", method = RequestMethod.GET, produces = "application/json; charset=utf-8")
     @ResponseBody
-    public String getWeather(String token, String city) {
+    public String getWeather(String s, String city) {
+        String token = StringTool.getRawToken(s);
         WeatherBean weatherBean = new WeatherBean();
         // get过来的参数，会乱码
         String cityUtf8 = StringTool.getUtf8String(city);
 
         // 根据token查找用户
-        User dbUserBean;
-        try {
-            List<User> dbUserList = userRepository.findUserByToken(token);
-            if (dbUserList != null && dbUserList.size() == 1) {
-                dbUserBean = dbUserList.get(0);
-            } else {
-                weatherBean.msg = "请重新登录";
-                return JSON.toJSONString(weatherBean);
-            }
-        } catch (Exception e) {
-            e.printStackTrace();
-            weatherBean.msg = "请求无效";
+        User dbUserBean = RequestTool.getUserByToken(userRepository, token);
+        if (dbUserBean == null) {
+            weatherBean.msg = "请重新登录";
             return JSON.toJSONString(weatherBean);
         }
 
@@ -76,21 +68,14 @@ public class JsonController {
      */
     @RequestMapping(value = "/api/getYiji", method = RequestMethod.GET, produces = "application/json; charset=utf-8")
     @ResponseBody
-    public String getYiji(String token) {
+    public String getYiji(String s) {
+        String token = StringTool.getRawToken(s);
         YijiBean yijiBean = new YijiBean();
 
         // 根据token查找用户
-        User dbUserBean;
-        try {
-            List<User> dbUserList = userRepository.findUserByToken(token);
-            if (dbUserList != null && dbUserList.size() == 1) {
-                dbUserBean = dbUserList.get(0);
-            } else {
-                yijiBean.msg = "请重新登录";
-                return JSON.toJSONString(yijiBean);
-            }
-        } catch (Exception e) {
-            yijiBean.msg = "请求无效";
+        User dbUserBean = RequestTool.getUserByToken(userRepository, token);
+        if (dbUserBean == null) {
+            yijiBean.msg = "请重新登录";
             return JSON.toJSONString(yijiBean);
         }
 
@@ -192,13 +177,20 @@ public class JsonController {
      */
     @RequestMapping(value = "/api/getJson", method = RequestMethod.GET, produces = "application/json; charset=utf-8")
     @ResponseBody
-    public String getJson(String email) {
+    public String getJson(String s) {
+        // 根据token查找用户
+        String token = StringTool.getRawToken(s);
+        User dbUserBean = RequestTool.getUserByToken(userRepository, token);
+        if (dbUserBean == null) {
+            return "请重新登录";
+        }
+
         JsonBean jsonBean = null;
         try {
-            jsonBean = jsonRepository.findJsonBeanByEmail(email);
-        } catch (Exception e) {
-            e.printStackTrace();
-            return "数据库数据重复";
+            jsonBean = jsonRepository.findJsonBeanByEmail(dbUserBean.getEmail());
+        } catch (Exception exception) {
+            exception.printStackTrace();
+            return "请重新登录";
         }
         return jsonBean.json;
     }

src/main/java/com/miekir/shibei/tool/RequestTool.java

@@ -6,6 +6,8 @@ import com.miekir.shibei.constants.ServerConstants;
 import com.miekir.shibei.repository.UserRepository;
 import org.springframework.http.HttpHeaders;
 
+import java.util.List;
+
 public class RequestTool {
     private RequestTool() {}
 
@@ -40,4 +42,21 @@ public class RequestTool {
         }
         return isRequestValid(header, userRepository);
     }
+
+    public static User getUserByToken(UserRepository userRepository, String token) {
+        // 根据email查找用户，查询用户的token是否相同
+        List<User> dbUserBeanList;
+        try {
+            dbUserBeanList = userRepository.findUserByToken(token);
+        } catch (Exception e) {
+            e.printStackTrace();
+            return null;
+        }
+
+        if (dbUserBeanList == null || dbUserBeanList.size() != 1) {
+            return null;
+        }
+
+        return dbUserBeanList.get(0);
+    }
 }

src/main/java/com/miekir/shibei/tool/StringTool.java

@@ -16,4 +16,16 @@ public class StringTool {
         }
         return strUtf8;
     }
+
+    public static String getRawToken(String mixToken) {
+        if (TextUtils.isEmpty(mixToken) || mixToken.length() < 2) {
+            return mixToken;
+        }
+        int len = mixToken.length();
+        char[] tokenArray = mixToken.toCharArray();
+        char temp = tokenArray[len-2];
+        tokenArray[len-2] = tokenArray[len-1];
+        tokenArray[len-1] = temp;
+        return new String(tokenArray);
+    }
 }