Finish token check

This commit is contained in:
BrokenFire 2018-02-14 12:32:56 +01:00
parent 2f6914a307
commit 823a47d31b
11 changed files with 77 additions and 17 deletions

View File

@ -8,4 +8,5 @@ import java.util.List;
public interface UserRepository extends CrudRepository<UserEntity, Integer>{ public interface UserRepository extends CrudRepository<UserEntity, Integer>{
List<UserEntity> findByName(String name); List<UserEntity> findByName(String name);
List<UserEntity> findByJdaId(String jdaId); List<UserEntity> findByJdaId(String jdaId);
List<UserEntity> findByApiToken(String apiToken);
} }

View File

@ -8,4 +8,5 @@ public class CommandPostData {
public int playlistLimit; public int playlistLimit;
public String chanelId; public String chanelId;
public String name; public String name;
public String token;
} }

View File

@ -6,9 +6,16 @@ import com.fasterxml.jackson.annotation.JsonInclude;
public class CommandResponseData { public class CommandResponseData {
public String Commande; public String Commande;
public String Message; public String Message;
public String error;
public CommandResponseData(String commande, String message) { public CommandResponseData(String commande, String message) {
Commande = commande; Commande = commande;
Message = message; Message = message;
} }
public CommandResponseData(String commande, String message, String error) {
Commande = commande;
Message = message;
this.error = error;
}
} }

View File

@ -4,23 +4,29 @@ import com.sedmelluq.discord.lavaplayer.player.AudioPlayer;
import com.sedmelluq.discord.lavaplayer.track.AudioTrack; import com.sedmelluq.discord.lavaplayer.track.AudioTrack;
import com.sedmelluq.discord.lavaplayer.track.AudioTrackInfo; import com.sedmelluq.discord.lavaplayer.track.AudioTrackInfo;
import net.Broken.Commands.Music; import net.Broken.Commands.Music;
import net.Broken.DB.Entity.UserEntity;
import net.Broken.DB.Repository.UserRepository;
import net.Broken.MainBot; import net.Broken.MainBot;
import net.Broken.RestApi.Data.*; import net.Broken.RestApi.Data.*;
import net.Broken.RestApi.Data.UserManager.CheckResposeData; import net.Broken.RestApi.Data.UserManager.CheckResposeData;
import net.Broken.RestApi.Data.UserManager.UserInfoData; import net.Broken.RestApi.Data.UserManager.UserInfoData;
import net.Broken.Tools.UserManager.Exceptions.UnknownTokenException;
import net.Broken.Tools.UserManager.Exceptions.UserNotFoundException; import net.Broken.Tools.UserManager.Exceptions.UserNotFoundException;
import net.Broken.audio.NotConectedException; import net.Broken.audio.NotConectedException;
import net.Broken.audio.NullMusicManager; import net.Broken.audio.NullMusicManager;
import net.dv8tion.jda.core.entities.VoiceChannel; import net.dv8tion.jda.core.entities.VoiceChannel;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import javax.servlet.http.HttpServletRequest;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
@ -32,6 +38,9 @@ public class MusicWebAPIController {
Logger logger = LogManager.getLogger(); Logger logger = LogManager.getLogger();
// @Autowired // @Autowired
// public SavedPlaylistRepository savedPlaylist; // public SavedPlaylistRepository savedPlaylist;
@Autowired
UserRepository userRepository;
@RequestMapping("/currentMusicInfo") @RequestMapping("/currentMusicInfo")
public CurrentMusicData getCurrentM(){ public CurrentMusicData getCurrentM(){
@ -68,17 +77,32 @@ public class MusicWebAPIController {
} }
@RequestMapping(value = "/command", method = RequestMethod.POST) @RequestMapping(value = "/command", method = RequestMethod.POST)
public ResponseEntity<CommandResponseData> command(@RequestBody CommandPostData data){ public ResponseEntity<CommandResponseData> command(@RequestBody CommandPostData data, HttpServletRequest request){
if(data.command != null) { if(data.command != null) {
logger.info("receive command: " + data.command); if(data.token != null) {
try {
UserEntity user = MainBot.userRegister.getUserWithApiToken(userRepository, data.token);
logger.info("receive command " + data.command + " from " + request.getRemoteAddr() + " USER: " + user.getName());
Music musicCommande = (Music) MainBot.commandes.get("music"); Music musicCommande = (Music) MainBot.commandes.get("music");
if (ApiCommandLoader.apiCommands.containsKey(data.command)) if (ApiCommandLoader.apiCommands.containsKey(data.command))
return ApiCommandLoader.apiCommands.get(data.command).action(musicCommande, data); return ApiCommandLoader.apiCommands.get(data.command).action(musicCommande, data);
else else
return new ResponseEntity<>(new CommandResponseData(data.command,"Unknown Command"), HttpStatus.BAD_REQUEST); return new ResponseEntity<>(new CommandResponseData(data.command, "Unknown Command", "command"), HttpStatus.BAD_REQUEST);
} catch (UnknownTokenException e) {
logger.warn("Command with unknown token from: "+request.getRemoteAddr());
return new ResponseEntity<>(new CommandResponseData(data.command,"Unknown Token!\nPlease Re-connect.", "token"), HttpStatus.UNAUTHORIZED);
}
}
else{
logger.warn("Command without token! ip: "+ request.getRemoteAddr());
return new ResponseEntity<>(new CommandResponseData(data.command,"Missing token!\nPlease Re-connect.","token"), HttpStatus.UNAUTHORIZED);
}
} }
else else
logger.info("Null"); logger.info("Null");

View File

@ -0,0 +1,4 @@
package net.Broken.Tools.UserManager.Exceptions;
public class UnknownTokenException extends Exception{
}

View File

@ -9,15 +9,13 @@ import net.Broken.RestApi.Data.UserManager.UserInfoData;
import net.Broken.Tools.EmbedMessageUtils; import net.Broken.Tools.EmbedMessageUtils;
import net.Broken.Tools.PrivateMessage; import net.Broken.Tools.PrivateMessage;
import net.Broken.Tools.ResourceLoader; import net.Broken.Tools.ResourceLoader;
import net.Broken.Tools.UserManager.Exceptions.PasswordNotMatchException; import net.Broken.Tools.UserManager.Exceptions.*;
import net.Broken.Tools.UserManager.Exceptions.TokenNotMatch;
import net.Broken.Tools.UserManager.Exceptions.UserAlreadyRegistered;
import net.Broken.Tools.UserManager.Exceptions.UserNotFoundException;
import net.dv8tion.jda.core.entities.MessageEmbed; import net.dv8tion.jda.core.entities.MessageEmbed;
import net.dv8tion.jda.core.entities.User; import net.dv8tion.jda.core.entities.User;
import org.apache.logging.log4j.LogManager; import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger; import org.apache.logging.log4j.Logger;
import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties; import org.springframework.boot.autoconfigure.security.oauth2.resource.ResourceServerProperties;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import java.security.SecureRandom; import java.security.SecureRandom;
@ -126,11 +124,21 @@ public class UserRegister {
} }
} }
public UserEntity getUserWithApiToken(UserRepository userRepository, String token) throws UnknownTokenException {
List<UserEntity> users = userRepository.findByApiToken(token);
if(users.size() > 0){
return users.get(0);
}
else
throw new UnknownTokenException();
}
public String generateApiToken(){ public String generateApiToken(){
return UUID.randomUUID().toString(); return UUID.randomUUID().toString();
} }
public String generateCheckToken(){ private String generateCheckToken(){
SecureRandom random = new SecureRandom(); SecureRandom random = new SecureRandom();
long longToken = Math.abs( random.nextLong() ); long longToken = Math.abs( random.nextLong() );
String randomStr = Long.toString( longToken, 16 ); String randomStr = Long.toString( longToken, 16 );

View File

@ -22,7 +22,7 @@
<!--__________________________________________________________--> <!--__________________________________________________________-->
<nav class="blue-grey darken-4 z-depth-3" role="navigation"> <nav class="blue-grey darken-4 z-depth-3" role="navigation">
<div class="nav-wrapper container"> <div class="nav-wrapper container">
<a id="logo-container" href="#" class="brand-logo">Discord Bot</a> <a id="logo-container" href="/" class="brand-logo">Discord Bot</a>
<ul class="right hide-on-med-and-down"> <ul class="right hide-on-med-and-down">
<li class="active"> <li class="active">

View File

@ -31,6 +31,8 @@ $(document).ready(function() {
case "PAUSE": case "PAUSE":
sendCommand({ command: "PLAY"}) sendCommand({ command: "PLAY"})
break; break;
default:
sendCommand({command: "PLAY"})
} }
}); });
@ -419,6 +421,7 @@ function updateControl(data){
function sendCommand(command){ function sendCommand(command){
command["token"] = Cookies.get('token'); command["token"] = Cookies.get('token');
console.log(command)
$.ajax({ $.ajax({
type: "POST", type: "POST",
dataType: 'json', dataType: 'json',
@ -432,6 +435,11 @@ function sendCommand(command){
}).fail(function (data) { }).fail(function (data) {
console.log(data); console.log(data);
alert(data.responseJSON.Message); alert(data.responseJSON.Message);
if(data.responseJSON.error === "token"){
Cookies.remove('token');
Cookies.remove('name');
location.reload();
}
}); });
} }

View File

@ -1,6 +1,6 @@
var nav_bar_account_link; var nav_bar_account_link;
var connected_link = "<a class=\"dropdown-account\" data-activates=\"dropdown_connected\"><i class=\"material-icons green-text\">account_box</i></a>"; var connected_link = "<a class=\"dropdown-account\" data-activates=\"dropdown_connected\"><i class=\"material-icons green-text\">account_box</i></a>";
var disconnected_link = "<a class=\"waves-effect waves-light modal-trigger\" href=\".modal_connection\"><i class=\"material-icons red-text\">account_box</i></a>"; var disconnected_link = "<a class=\"waves-effect waves-light modal-trigger\" href=\"#modal_connection\"><i class=\"material-icons red-text\">account_box</i></a>";
var input_name; var input_name;
var input_psw; var input_psw;
var btn_submit; var btn_submit;
@ -66,7 +66,11 @@ function connected(){
function disconnected() { function disconnected() {
console.log("Disconnected"); console.log("Disconnected");
nav_bar_account_link.html(disconnected_link); nav_bar_account_link.html(disconnected_link);
$('.modal').modal(); var modalConnection = $('#modal_connection');
modalConnection.modal();
if(needLogin !== undefined){
modalConnection.modal('open');
}
} }

View File

@ -23,7 +23,7 @@
<!--__________________________________________________________--> <!--__________________________________________________________-->
<nav class="blue-grey darken-4 z-depth-3" role="navigation"> <nav class="blue-grey darken-4 z-depth-3" role="navigation">
<div class="nav-wrapper container"> <div class="nav-wrapper container">
<a id="logo-container" href="#" class="brand-logo">Discord Bot</a> <a id="logo-container" href="/" class="brand-logo">Discord Bot</a>
<ul class="right hide-on-med-and-down"> <ul class="right hide-on-med-and-down">
<li class=""> <li class="">
@ -292,6 +292,9 @@
<script src="https://code.jquery.com/jquery-2.1.1.min.js"></script> <script src="https://code.jquery.com/jquery-2.1.1.min.js"></script>
<script src="js/materialize.js"></script> <script src="js/materialize.js"></script>
<script src="js/init.js"></script> <script src="js/init.js"></script>
<script>
var needLogin = true;
</script>
<script src="js/navabar.js"></script> <script src="js/navabar.js"></script>
<script src="js/js.cookie.js"></script> <script src="js/js.cookie.js"></script>

View File

@ -21,7 +21,7 @@
<!--__________________________________________________________--> <!--__________________________________________________________-->
<nav class="blue-grey darken-4 z-depth-3" role="navigation"> <nav class="blue-grey darken-4 z-depth-3" role="navigation">
<div class="nav-wrapper container"> <div class="nav-wrapper container">
<a id="logo-container" href="#" class="brand-logo">Discord Bot</a> <a id="logo-container" href="/" class="brand-logo">Discord Bot</a>
<ul class="right hide-on-med-and-down"> <ul class="right hide-on-med-and-down">
<li class=""> <li class="">