igor/org.ccalm.jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'main' of https://git.istt.kz/locust/org.ccalm.jwt

Browse Source
This commit is contained in:
igor
2024-12-26 21:20:15 +06:00
parent 5dd4c37a25 467c18221b
commit 17cc63fbec
9 changed files with 440 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/main/java/org/ccalm/jwt/MainController.java
+247 -207
View File
@@ -127,19 +127,27 @@ public class MainController implements ServletContextAware {
public String createStrJSONError(int code, String message, String setting, String marker) {
JSONObject json = new JSONObject();
json.put("error_code", code);
json.put("error_message", Arrays.asList(message));
json.put("error_setting", Arrays.asList(setting));
json.put("error_marker", marker);
try {
json.put("error_code", code);
json.put("error_message", Arrays.asList(message));
json.put("error_setting", Arrays.asList(setting));
json.put("error_marker", marker);
} catch (JSONException e) {
return "{}";
}
return json.toString();
}
public JSONObject createJSONError(int code, String message, String setting, String marker) {
JSONObject json = new JSONObject();
json.put("error_code", code);
json.put("error_message", Arrays.asList(message));
json.put("error_setting", Arrays.asList(setting));
json.put("error_marker", Arrays.asList(setting));
try {
json.put("error_code", code);
json.put("error_message", Arrays.asList(message));
json.put("error_setting", Arrays.asList(setting));
json.put("error_marker", Arrays.asList(setting));
} catch (JSONException e) {
logger.error(e);
}
return json;
}
@@ -266,27 +274,31 @@ public class MainController implements ServletContextAware {
@ResponseBody
public String index(Model model,@RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
json.put("error_marker",(String)null);
String buildDate="";
//String buildVersion="";
try {
InputStream inputStream = MainController.class.getClassLoader().getResourceAsStream("META-INF/build-info.properties");
if (inputStream != null) {
Properties properties = new Properties();
properties.load(inputStream);
buildDate = properties.getProperty("build.time");
//buildVersion = properties.getProperty("build.version");
json.put("error_code",0);
json.put("error_message","");
json.put("error_marker",(String)null);
String buildDate="";
//String buildVersion="";
try {
InputStream inputStream = MainController.class.getClassLoader().getResourceAsStream("META-INF/build-info.properties");
if (inputStream != null) {
Properties properties = new Properties();
properties.load(inputStream);
buildDate = properties.getProperty("build.time");
//buildVersion = properties.getProperty("build.version");
}
} catch (Exception e) {
e.printStackTrace();
}
} catch (Exception e) {
e.printStackTrace();
json.put("build_date",buildDate);
//json.put("build_version",buildVersion);
json.put("name",application_name);
//json.put("active_connections",dataSource.getHikariPoolMXBean().getActiveConnections());
//json.put("idle_connections",dataSource.getHikariPoolMXBean().getIdleConnections());
} catch (JSONException e) {
throw new RuntimeException(e);
}
json.put("build_date",buildDate);
//json.put("build_version",buildVersion);
json.put("name",application_name);
//json.put("active_connections",dataSource.getHikariPoolMXBean().getActiveConnections());
//json.put("idle_connections",dataSource.getHikariPoolMXBean().getIdleConnections());
return json.toString();
}
/*
@@ -299,13 +311,14 @@ public class MainController implements ServletContextAware {
public String get_settings(@CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
try{
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
throw new CustomException(10000, trt.trt("Please_send_a_valid_JWT_token"),null);
throw new CustomException(10000, trt.trt("Please_log_in"),null);
}
//Проверяю подпись токена
Jws<Claims> claims = null;
@@ -355,13 +368,14 @@ public class MainController implements ServletContextAware {
public String set_settings(SettingModel setting, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
try{
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
throw new CustomException(10000, trt.trt("Please_send_a_valid_JWT_token"),null);
throw new CustomException(10000, trt.trt("Please_log_in"),null);
}
//Проверяю подпись токена
Jws<Claims> claims = null;
@@ -423,56 +437,60 @@ public class MainController implements ServletContextAware {
public String access(Model model, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a,@Nullable @RequestBody ActionName action_name,@CookieValue(value = "lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
String result=createStrJSONError(10000,trt.trt("Request_not_processed"), (String)null, (String)null);
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
result=createStrJSONError(10000,trt.trt("Please_send_a_valid_JWT_token"), (String)null, (String)null);
return result;
}
//Connection conn = getConnection();
//Проверяю подпись токена
Jws<Claims> claims = null;
//SecretKey key_a = new SecretKeySpec(Base64.getDecoder().decode(key_a_txt), "HmacSHA256");
try {
claims = Jwts.parserBuilder()
.setSigningKey(getPublicKey()) //.setSigningKey(key_a)
.build()
.parseClaimsJws(jwt_a);
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
result=createStrJSONError(10000,trt.trt("Please_log_in"), (String)null, (String)null);
return result;
}
//Connection conn = getConnection();
//Проверяю подпись токена
Jws<Claims> claims = null;
//SecretKey key_a = new SecretKeySpec(Base64.getDecoder().decode(key_a_txt), "HmacSHA256");
try {
claims = Jwts.parserBuilder()
.setSigningKey(getPublicKey()) //.setSigningKey(key_a)
.build()
.parseClaimsJws(jwt_a);
} catch (Exception e) {
return createStrJSONError(10000, trt.trt("JWT_token_verification_error"),(String)null,(String)null);
}
String sql = """
select
name
from
main.get_access_list(:user_id)
where
allow=true
and (:action_name::text is null or name ilike '%'|| :action_name::text ||'%')
order by name
""";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id"));
if(action_name == null)
parameters.addValue("action_name", null);
else
parameters.addValue("action_name", action_name.getActionName());
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
JSONObject json = new JSONObject();
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
JSONArray data = new JSONArray();
for (int i = 0; i < ret.size(); i++) {
data.put((new JSONObject(ret.get(i))).getString("name"));
}
json.put("data",data);
result = json.toString();
} catch (Exception e) {
return createStrJSONError(10000, trt.trt("JWT_token_verification_error"),(String)null,(String)null);
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
result=createStrJSONError(10000,trt.trt("Internal_Server_Error"), (String)null, uuid);
}
String sql = """
select
name
from
main.get_access_list(:user_id)
where
allow=true
and (:action_name::text is null or name ilike '%'|| :action_name::text ||'%')
order by name
""";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("user_id", claims.getBody().get("user_id"));
if(action_name == null)
parameters.addValue("action_name", null);
else
parameters.addValue("action_name", action_name.getActionName());
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
JSONObject json = new JSONObject();
json.put("error_code",0);
//json.put("error_message","");
//json.put("error_marker",(String)null);
JSONArray data = new JSONArray();
for (int i = 0; i < ret.size(); i++) {
data.put((new JSONObject(ret.get(i))).getString("name"));
}
json.put("data",data);
result = json.toString();
return result;
}
@@ -481,9 +499,10 @@ public class MainController implements ServletContextAware {
public String captcha(Model model, @RequestBody EmailModel email_model, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try{
json.put("error_code",0);
json.put("error_message","");
//Генерю Captcha
ImageCaptcha imageCaptcha = new ImageCaptcha.Builder(400, 100)
.addContent(new LatinContentProducer(7),
@@ -532,9 +551,10 @@ public class MainController implements ServletContextAware {
public String create(@RequestBody NewUserModel newUserModel,@RequestParam(required=false,name="lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try{
json.put("error_code",0);
json.put("error_message","");
if(newUserModel.getName().length()<3) {
throw new CustomException(10000, trt.trt("The_name_field_is_empty"),null);
}
@@ -665,12 +685,13 @@ public class MainController implements ServletContextAware {
public String info(Model model, @CookieValue(value = "jwt_a", defaultValue = "") String jwt_a, @CookieValue(value = "lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try {
json.put("error_code",0);
json.put("error_message","");
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
throw new CustomException(10000, trt.trt("Please_send_a_valid_JWT_token"),null);
throw new CustomException(10000, trt.trt("Please_log_in"),null);
}
//Проверяю подпись токена
Jws<Claims> claims = null;
@@ -733,9 +754,10 @@ public class MainController implements ServletContextAware {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try {
json.put("error_code",0);
json.put("error_message","");
if(loginModel.getLogin().isEmpty())
throw new CustomException(10000,trt.trt("The_login_field_is_empty"),null);
if(!Tools.isValidEmail(loginModel.getLogin()))
@@ -1032,6 +1054,10 @@ public class MainController implements ServletContextAware {
java.lang.String uuid = UUID.randomUUID().toString();
logger.error("Error executing SQL query", uuid, ex);
throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid);
}catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
throw new CustomException(10000, trt.trt("Internal_Server_Error"),uuid);
}
Map<String, Integer> result = new HashMap<>();
@@ -1047,9 +1073,10 @@ public class MainController implements ServletContextAware {
public String newtotp(HttpServletRequest request, @RequestBody LoginModel loginModel, @RequestParam(required=false,name="lng",defaultValue="1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try {
json.put("error_code",0);
json.put("error_message","");
if(loginModel.getLogin().isEmpty())
throw new CustomException(10000,trt.trt("The_login_field_is_empty"),null);
if(!Tools.isValidEmail(loginModel.getLogin()))
@@ -1219,14 +1246,14 @@ public class MainController implements ServletContextAware {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try {
json.put("error_code",0);
json.put("error_message","");
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2 || jwt_r.equals("") || countOccurrences(jwt_r, '.')!=2 )
{
logout(response,request);
throw new CustomException(10000, trt.trt("Please_send_a_valid_JWT_token"),null);
throw new CustomException(10000, trt.trt("Please_log_in"),null);
}
//Разбираю токен без проверки, чтобы выбрать email
@@ -1317,50 +1344,53 @@ public class MainController implements ServletContextAware {
Translation trt = new Translation(language_id,jdbcTemplate);
String result=createHTMLError(1,trt.trt("Request_not_processed"));
try {
int index = token.indexOf(".");
if (index < 0)
return createHTMLError(10000, trt.trt("Please_send_a_valid_token"));
int index = token.indexOf(".");
if(index<0)
return createHTMLError(10000,trt.trt("Please_send_a_valid_token"));
String payload = token.substring(0, index);
String signature1 = token.substring(index + 1);
String payload = token.substring(0, index);
String signature1 = token.substring(index+1);
String signature2 = Tools.generateSignature(captchaKey, payload);
if (!signature1.equals(signature2)) {
return createHTMLError(1, trt.trt("The_signature_did_not_match"));
}
String signature2 = Tools.generateSignature(captchaKey,payload);
if(! signature1.equals(signature2))
{
return createHTMLError(1,trt.trt("The_signature_did_not_match"));
//расшифровываю
JSONObject jToken = new JSONObject(Tools.decryptText(captchaKey, payload));
if (jToken == null)
return createHTMLError(10000, trt.trt("Please_send_a_valid_JSON_string_in_your_token"));
if (jToken.getLong("exp") < Instant.now().getEpochSecond()) {
return createHTMLError(10000, trt.trt("Captcha_is_outdated"));
}
if (!Tools.isValidEmail(jToken.getString("email"))) {
return createHTMLError(10000, trt.trt("The_email_field_is_incorrect"));
}
//Проверяю на то что не нажали много раз на востановление пароля
long id = 0;
String sql = "select id from main._users where del=false and password_new=:password_new and email=:email";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("password_new", jToken.getString("password"));
parameters.addValue("email", jToken.getString("email"));
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) {
id = (new JSONObject(ret.get(i))).getLong("id");
}
if (id == 0)
return createHTMLError(10000, trt.trt("The_password_update_request_has_expired"));
//Теперь обновляем пароль в базе
sql = "update main._users set password=crypt(password_new, gen_salt('bf')),password_new = null,expiration='1970-01-01' where password_new is not null and email=:email";
parameters = new MapSqlParameterSource();
parameters.addValue("email", jToken.getString("email"));
int cnt = jdbcTemplate.update(sql, parameters);
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
return createHTMLError(10000,trt.trt("Internal_Server_Error"));
}
//расшифровываю
JSONObject jToken = new JSONObject(Tools.decryptText(captchaKey,payload));
if(jToken==null)
return createHTMLError(10000,trt.trt("Please_send_a_valid_JSON_string_in_your_token"));
if(jToken.getLong("exp")<Instant.now().getEpochSecond()){
return createHTMLError(10000,trt.trt("Captcha_is_outdated"));
}
if (!Tools.isValidEmail(jToken.getString("email"))) {
return createHTMLError(10000,trt.trt("The_email_field_is_incorrect"));
}
//Проверяю на то что не нажали много раз на востановление пароля
long id=0;
String sql = "select id from main._users where del=false and password_new=:password_new and email=:email";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("password_new", jToken.getString("password"));
parameters.addValue("email", jToken.getString("email"));
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) {
id = (new JSONObject(ret.get(i))).getLong("id");
}
if(id==0)
return createHTMLError(10000, trt.trt("The_password_update_request_has_expired"));
//Теперь обновляем пароль в базе
sql = "update main._users set password=crypt(password_new, gen_salt('bf')),password_new = null,expiration='1970-01-01' where password_new is not null and email=:email";
parameters = new MapSqlParameterSource();
parameters.addValue("email", jToken.getString("email"));
int cnt = jdbcTemplate.update(sql, parameters);
return createHTMLError(0,trt.trt("The_password_has_been_changed_and_you_will_be_redirected_to_the_main_page"));
}
@@ -1369,91 +1399,96 @@ public class MainController implements ServletContextAware {
public String restore(Model model, @RequestBody RestoreModel restore, @RequestParam(required=false,name="lng",defaultValue = "1") String language_id) {
Translation trt = new Translation(language_id,jdbcTemplate);
String result=createStrJSONError(10000,trt.trt("Request_not_processed"), (String)null, (String)null);
//Connection conn = getConnection();
try{
//Connection conn = getConnection();
int index = restore.getToken().indexOf(".");
String payload = restore.getToken().substring(0, index);
String signature1 = restore.getToken().substring(index+1);
int index = restore.getToken().indexOf(".");
String payload = restore.getToken().substring(0, index);
String signature1 = restore.getToken().substring(index+1);
System.out.println("signature1: " + signature1);
System.out.println("payload: " + payload);
System.out.println("signature1: " + signature1);
System.out.println("payload: " + payload);
String signature2 = Tools.generateSignature(captchaKey,payload);
if(! signature1.equals(signature2))
{
result=createStrJSONError(10000,trt.trt("The_signature_did_not_match"), (String)null, (String)null);
}
String signature2 = Tools.generateSignature(captchaKey,payload);
if(! signature1.equals(signature2))
{
result=createStrJSONError(10000,trt.trt("The_signature_did_not_match"), (String)null, (String)null);
}
System.out.println("signature2: " + signature2);
System.out.println("signature2: " + signature2);
//расшифровываю
JSONObject token = new JSONObject(Tools.decryptText(captchaKey,payload));
//расшифровываю
JSONObject token = new JSONObject(Tools.decryptText(captchaKey,payload));
if(token==null)
return createStrJSONError(10000,trt.trt("Please_send_a_valid_JSON_string_in_your_token"), (String)null,(String)null);
if(!restore.getCode().equals(token.getString("code"))){
return createStrJSONError(10000,trt.trt("The_code_did_not_match"),(String)null,(String)null);
}
if(token==null)
return createStrJSONError(10000,trt.trt("Please_send_a_valid_JSON_string_in_your_token"), (String)null,(String)null);
if(!restore.getCode().equals(token.getString("code"))){
return createStrJSONError(10000,trt.trt("The_code_did_not_match"),(String)null,(String)null);
}
if(token.getLong("exp")<Instant.now().getEpochSecond()){
return createStrJSONError(10000,trt.trt("Captcha_is_outdated"),(String)null,(String)null);
}
if (!Tools.isValidEmail(token.getString("email"))) {
return createStrJSONError(10000,trt.trt("The_email_field_is_incorrect"),(String)null,(String)null);
}
if(token.getLong("exp")<Instant.now().getEpochSecond()){
return createStrJSONError(10000,trt.trt("Captcha_is_outdated"),(String)null,(String)null);
}
if (!Tools.isValidEmail(token.getString("email"))) {
return createStrJSONError(10000,trt.trt("The_email_field_is_incorrect"),(String)null,(String)null);
}
//Проверяю есть ли в базе пользователь если есть отправляю ему почту для востановления
long id=0;
String sql = "select id from main._users where del=false and email=:email";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("email", token.getString("email"));
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) {
id = (new JSONObject(ret.get(i))).getLong("id");
}
if(id==0)
return createStrJSONError(10000, trt.trt("User_with_this_email_was_not_found"),(String)null,(String)null);
//Проверяю есть ли в базе пользователь если есть отправляю ему почту для востановления
long id=0;
String sql = "select id from main._users where del=false and email=:email";
MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("email", token.getString("email"));
List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) {
id = (new JSONObject(ret.get(i))).getLong("id");
}
if(id==0)
return createStrJSONError(10000, trt.trt("User_with_this_email_was_not_found"),(String)null,(String)null);
String password_new = Tools.generatePassword(6);
String password_new = Tools.generatePassword(6);
sql = "update main._users set password_new=:password_new where email=:email";
parameters = new MapSqlParameterSource();
parameters.addValue("password_new", password_new);
parameters.addValue("email", token.getString("email"));
int cnt = jdbcTemplate.update(sql, parameters);
sql = "update main._users set password_new=:password_new where email=:email";
parameters = new MapSqlParameterSource();
parameters.addValue("password_new", password_new);
parameters.addValue("email", token.getString("email"));
int cnt = jdbcTemplate.update(sql, parameters);
//Создаю новый токен, кодирую, шифрую, подписываю и затем отправляю на почту
JSONObject jTokenNew = new JSONObject();
jTokenNew.put("exp", Instant.now().getEpochSecond()+(60*60)); //+60 минут
jTokenNew.put("password",password_new);
jTokenNew.put("email",token.getString("email"));
String token_new = jTokenNew.toString();
token_new = Tools.encryptText(captchaKey,token_new);
token_new = token_new+"."+Tools.generateSignature(captchaKey, token_new); //Подпись для как бы токена
//Создаю новый токен, кодирую, шифрую, подписываю и затем отправляю на почту
JSONObject jTokenNew = new JSONObject();
jTokenNew.put("exp", Instant.now().getEpochSecond()+(60*60)); //+60 минут
jTokenNew.put("password",password_new);
jTokenNew.put("email",token.getString("email"));
String token_new = jTokenNew.toString();
token_new = Tools.encryptText(captchaKey,token_new);
token_new = token_new+"."+Tools.generateSignature(captchaKey, token_new); //Подпись для как бы токена
//token_new = token_new.replace("+", "-")
// .replace("/", "_")
// .replace("=", "^"); //Убираем спец символы для передачи через URL
try {
token_new = URLEncoder.encode(token_new, StandardCharsets.UTF_8.toString());
} catch (UnsupportedEncodingException e) {
return createStrJSONError(10000, trt.trt("Internal_Server_Error"), (String)null, (String)null);
}
//token_new = token_new.replace("+", "-")
// .replace("/", "_")
// .replace("=", "^"); //Убираем спец символы для передачи через URL
try {
token_new = URLEncoder.encode(token_new, StandardCharsets.UTF_8.toString());
} catch (UnsupportedEncodingException e) {
return createStrJSONError(10000, trt.trt("Internal_Server_Error"), (String)null, (String)null);
}
//Формирую ссылку для отправки на почту для сброса пароля
String html = "<html><head><title>"+trt.trt("Password_recovery")+"</title></head><body>";
html += "<h1>"+trt.trt("To_reset_your_password_click_on_the_link")+":</h1>";
html += "<a href=\""+url_reset+"?token=" + token_new + "\">"+trt.trt("Reset_the_password")+"</a><br><br>";
html += trt.trt("After_clicking_on_the_link_the_new_password_will_be")+": \"<b>" + password_new + "</b>\"";
html += "</body></html>";
try {
EmailUtility.sendEmail(mail_host, mail_port, mail_login, mail_password, token.getString("email"), trt.trt("Password_recovery"), html);
} catch (Exception ex) {
//Формирую ссылку для отправки на почту для сброса пароля
String html = "<html><head><title>"+trt.trt("Password_recovery")+"</title></head><body>";
html += "<h1>"+trt.trt("To_reset_your_password_click_on_the_link")+":</h1>";
html += "<a href=\""+url_reset+"?token=" + token_new + "\">"+trt.trt("Reset_the_password")+"</a><br><br>";
html += trt.trt("After_clicking_on_the_link_the_new_password_will_be")+": \"<b>" + password_new + "</b>\"";
html += "</body></html>";
try {
EmailUtility.sendEmail(mail_host, mail_port, mail_login, mail_password, token.getString("email"), trt.trt("Password_recovery"), html);
} catch (Exception ex) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, ex);
return createStrJSONError(10000,trt.trt("Failed_send_mail_to_s"), token.getString("email"),uuid);
}
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid, ex);
return createStrJSONError(10000,trt.trt("Failed_send_mail_to_s"), token.getString("email"),uuid);
logger.error(uuid,e);
return createStrJSONError(10000,trt.trt("Internal_Server_Error"), (String)null,uuid);
}
return createStrJSONError(0, trt.trt("A_recovery_link_has_been_sent_to_your_email"),(String)null,(String)null);
}
@@ -1464,9 +1499,10 @@ public class MainController implements ServletContextAware {
Translation trt = new Translation(language_id,jdbcTemplate);
JSONObject json = new JSONObject();
json.put("error_code",0);
json.put("error_message","");
try {
json.put("error_code",0);
json.put("error_message","");
if(update==null)
throw new CustomException(10000,trt.trt("Please_send_a_valid_JSON_string_in_your_request"),null);
if(update.getLogin().equals(""))
@@ -1547,6 +1583,10 @@ public class MainController implements ServletContextAware {
} catch (CustomException e) {
json = e.getJson();
} catch (Exception e) {
String uuid = UUID.randomUUID().toString();
logger.error(uuid,e);
return createStrJSONError(10000,trt.trt("Internal_Server_Error"), (String)null,uuid);
} finally {
}
return json.toString();
@@ -1560,7 +1600,7 @@ public class MainController implements ServletContextAware {
if(jwt_a.equals("") || countOccurrences(jwt_a, '.')!=2)
{
return createStrJSONError(10000,trt.trt("Please_send_a_valid_JWT_token"),(String)null,(String)null);
return createStrJSONError(10000,trt.trt("Please_log_in"),(String)null,(String)null);
}
//Connection conn = getConnection();
//Checking the token signature
src/main/java/org/ccalm/jwt/tools/CustomException.java
+12 -4
View File
@@ -1,11 +1,15 @@
package org.ccalm.jwt.tools;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.json.JSONException;
import org.json.JSONObject;
import java.util.Arrays;
import java.util.List;
public class CustomException extends Exception {
private static final Logger logger = LogManager.getLogger(CustomException.class);
private int errorCode;
private String marker;
private List<String> errorMessages;
@@ -59,10 +63,14 @@ public class CustomException extends Exception {
public JSONObject getJson() {
JSONObject json = new JSONObject();
json.put("error_code", this.getErrorCode());
json.put("error_message", this.getErrorMessages());
json.put("error_setting", this.getErrorSettings());
json.put("error_marker", this.getErrorMarker());
try {
json.put("error_code", this.getErrorCode());
json.put("error_message", this.getErrorMessages());
json.put("error_setting", this.getErrorSettings());
json.put("error_marker", this.getErrorMarker());
} catch (JSONException e) {
logger.error("Error", e);
}
return json;
}
}
src/main/java/org/ccalm/jwt/tools/Storage.java
+2
View File
@@ -80,6 +80,8 @@ public class Storage implements AutoCloseable {
}
} catch (SQLException e) {
logger.error("An error occurred", e);
} catch (Exception e) {
logger.error("An error occurred", e);
}
return result;
}
src/main/resources/logback-spring.xml
+3 -1
View File
@@ -25,9 +25,11 @@
</encoder>
</appender>
<root level="info">
<!--root level="info"-->
<root level="warn">
<appender-ref ref="FILE" />
<appender-ref ref="CONSOLE" />
</root>
</configuration>