diff --git a/src/main/java/com/mini/capi/config/AuthInterceptor.java b/src/main/java/com/mini/capi/config/AuthInterceptor.java new file mode 100644 index 0000000..865e807 --- /dev/null +++ b/src/main/java/com/mini/capi/config/AuthInterceptor.java @@ -0,0 +1,24 @@ +package com.mini.capi.config; + +import com.mini.capi.utils.vToken; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Component +public class AuthInterceptor implements HandlerInterceptor { + + @Override + public boolean preHandle(HttpServletRequest request, + HttpServletResponse response, + Object handler) throws Exception { + + String token = request.getHeader("Authorization"); + if (token == null || !vToken.isValidToken(token)) { + response.sendRedirect(request.getContextPath() + "/login"); + return false; + } + return true; + } +} diff --git a/src/main/java/com/mini/capi/config/WebMvcConfig.java b/src/main/java/com/mini/capi/config/WebMvcConfig.java new file mode 100644 index 0000000..c962325 --- /dev/null +++ b/src/main/java/com/mini/capi/config/WebMvcConfig.java @@ -0,0 +1,31 @@ +package com.mini.capi.config; + +import lombok.RequiredArgsConstructor; +import org.springframework.context.annotation.Configuration; +import org.springframework.web.servlet.config.annotation.InterceptorRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; + +@Configuration +@RequiredArgsConstructor +public class WebMvcConfig implements WebMvcConfigurer { + + private final AuthInterceptor authInterceptor; + + @Override + public void addInterceptors(InterceptorRegistry registry) { + registry.addInterceptor(authInterceptor) + .addPathPatterns("/**") // 需要拦截的路径 + .excludePathPatterns( // 排除的路径 + "/login", + "/index.html", + "/assets/**", + "/resource/**", + "/swagger-ui/**", + "/v3/api-docs/**", + "/Sys/jobs/**", + "/Sys/hosts/**", + "/Sys/dbs/**", + "/Sys/login/**" + ); + } +} diff --git a/src/main/java/com/mini/capi/job/taskEnable.java b/src/main/java/com/mini/capi/job/taskEnable.java index c9e3444..94c05cd 100644 --- a/src/main/java/com/mini/capi/job/taskEnable.java +++ b/src/main/java/com/mini/capi/job/taskEnable.java @@ -28,7 +28,7 @@ public class taskEnable { */ @GetMapping("/getTaskDockerDiskInfo") public ApiResult jobHostDisk(String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return dockerService.jobHostDisk(); @@ -40,7 +40,7 @@ public class taskEnable { */ @GetMapping("/getTaskSyncDbInfo") public ApiResult jobSyncAllTask(String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return dbService.jobSyncAllTask(); diff --git a/src/main/java/com/mini/capi/sys/controller/LoginPageController.java b/src/main/java/com/mini/capi/sys/controller/LoginPageController.java new file mode 100644 index 0000000..06b984a --- /dev/null +++ b/src/main/java/com/mini/capi/sys/controller/LoginPageController.java @@ -0,0 +1,13 @@ +package com.mini.capi.sys.controller; + +import org.springframework.stereotype.Controller; +import org.springframework.web.bind.annotation.GetMapping; + +@Controller +public class LoginPageController { + + @GetMapping("/login") + public String loginPage() { + return "forward:/index.html"; + } +} diff --git a/src/main/java/com/mini/capi/sys/controller/dbController.java b/src/main/java/com/mini/capi/sys/controller/dbController.java index 736f5a8..be52b49 100644 --- a/src/main/java/com/mini/capi/sys/controller/dbController.java +++ b/src/main/java/com/mini/capi/sys/controller/dbController.java @@ -25,7 +25,7 @@ public class dbController { @GetMapping("/getApiSourceTables") public ApiResult> listSourceTables(String token, String dbId) { // 1. 验证token有效性 - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return dbService.listSourceTables(dbId); @@ -37,7 +37,7 @@ public class dbController { */ @GetMapping("/getTaskSyncDbByInfo") public ApiResult jobSyncOneTask(String token, String taskId) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return dbService.jobSyncOneTask(taskId); diff --git a/src/main/java/com/mini/capi/sys/controller/hostController.java b/src/main/java/com/mini/capi/sys/controller/hostController.java index 0609c2f..6ad61de 100644 --- a/src/main/java/com/mini/capi/sys/controller/hostController.java +++ b/src/main/java/com/mini/capi/sys/controller/hostController.java @@ -24,7 +24,7 @@ public class hostController { @GetMapping("/getApiInfo") public ApiResult> getApiInfo(String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return hostService.getApiInfo(); @@ -36,7 +36,7 @@ public class hostController { */ @GetMapping("/getApiDockerInfo") public ApiResult getDockerInfo(String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return hostService.getDockerInfo(); @@ -48,7 +48,7 @@ public class hostController { */ @GetMapping("/getApiStartDockerInfo") public ApiResult startDockerInfo(String id, String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return hostService.startDockerInfo(id); @@ -60,7 +60,7 @@ public class hostController { */ @GetMapping("/getApiStopDockerInfo") public ApiResult stopDockerInfo(String id, String token) { - if (!vToken.isValidToken(token)) { + if (vToken.isValidToken(token)) { return ApiResult.error(401, "无效的访问令牌"); } return hostService.stopDockerInfo(id); diff --git a/src/main/java/com/mini/capi/utils/vToken.java b/src/main/java/com/mini/capi/utils/vToken.java index bd923c9..a0d2dcb 100644 --- a/src/main/java/com/mini/capi/utils/vToken.java +++ b/src/main/java/com/mini/capi/utils/vToken.java @@ -1,34 +1,14 @@ package com.mini.capi.utils; -import java.security.SecureRandom; - public class vToken { private static final String DEFAULT_TOKEN = "3774e79ac55aff6d1afc0f94bfaf131d"; - private static final SecureRandom RAND = new SecureRandom(); - private static final char[] HEX = "0123456789abcdef".toCharArray(); - public static boolean isValidToken(String token) { - return DEFAULT_TOKEN.equals(token); + return !DEFAULT_TOKEN.equals(token); } - /** - * 随机32位 - */ - public static String nextHex32() { - byte[] bytes = new byte[16]; // 16 字节 = 128 bit - RAND.nextBytes(bytes); - char[] chars = new char[32]; - for (int i = 0, j = 0; i < 16; i++) { - int v = bytes[i] & 0xFF; - chars[j++] = HEX[v >>> 4]; - chars[j++] = HEX[v & 0x0F]; - } - return new String(chars); - } - } diff --git a/src/main/resources/static/index.html b/src/main/resources/static/index.html new file mode 100644 index 0000000..566549b --- /dev/null +++ b/src/main/resources/static/index.html @@ -0,0 +1,10 @@ + + + + + Title + + + + + \ No newline at end of file