Commit e4e3a521 authored by Alina Habibulina's avatar Alina Habibulina

+ set password api

parent 34d25663
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry kind="src" path="src"/>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.7">
<attributes>
<attribute name="owner.project.facets" value="java"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.web.container"/>
<classpathentry kind="con" path="org.eclipse.jst.j2ee.internal.module.container"/>
<classpathentry kind="output" path="build/classes"/>
</classpath>
<?xml version="1.0" encoding="UTF-8"?>
<projectDescription>
<name>synergy-api-proxy</name>
<comment></comment>
<projects>
</projects>
<buildSpec>
<buildCommand>
<name>org.eclipse.jdt.core.javabuilder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.common.project.facet.core.builder</name>
<arguments>
</arguments>
</buildCommand>
<buildCommand>
<name>org.eclipse.wst.validation.validationbuilder</name>
<arguments>
</arguments>
</buildCommand>
</buildSpec>
<natures>
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
<nature>org.eclipse.jdt.core.javanature</nature>
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
</natures>
</projectDescription>
<?xml version="1.0" encoding="UTF-8"?>
<classpath>
<classpathentry excluding="**/bower_components/*|**/node_modules/*|**/*.min.js" kind="src" path="WebContent"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
<attributes>
<attribute name="hide" value="true"/>
</attributes>
</classpathentry>
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
<classpathentry kind="output" path=""/>
</classpath>
eclipse.preferences.version=1
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.7
org.eclipse.jdt.core.compiler.compliance=1.7
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
org.eclipse.jdt.core.compiler.source=1.7
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
<wb-module deploy-name="synergy-api-proxy">
<wb-resource deploy-path="/" source-path="/WebContent" tag="defaultRootSource"/>
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src"/>
<property name="context-root" value="synergy-api-proxy"/>
<property name="java-output-path" value="/synergy-api-proxy/build/classes"/>
</wb-module>
</project-modules>
<?xml version="1.0" encoding="UTF-8"?>
<faceted-project>
<fixed facet="wst.jsdt.web"/>
<installed facet="java" version="1.7"/>
<installed facet="jst.web" version="3.0"/>
<installed facet="wst.jsdt.web" version="1.0"/>
</faceted-project>
org.eclipse.wst.jsdt.launching.baseBrowserLibrary
\ No newline at end of file
Window
\ No newline at end of file
Manifest-Version: 1.0
Class-Path:
......@@ -21,13 +21,22 @@ public class ClientManager {
private static final Logger LOGGER = LoggerFactory.getLogger(ClientManager.class);
public static void log(Object logItem) {
public static void log(Object logItem, String oldPass, String NewPass, String Login) {
Connection con = null;
try {
con = ConnectionPool.getConnection();
PreparedStatement st = con.prepareStatement("INSERT INTO log(logged, clientid, hostname, extip, localip) VALUES (CURRENT_TIMESTAMP, ?, ?, ?, ?)");
/*
1) Делаем SELECT MD5(old_password)
2) Сравниваем полученный результат с имеющимся в поле password:
- совпадают: идем дальше
- не совпадают: возвращаем ошибку
3) Делаем SELECT MD5(new_password)
4) Делаем UPDATE users SET password= (SELECT MD5(new_password) ) WHERE login = login
*/
PreparedStatement st = con.prepareStatement("INSERT INTO log(logged, clientid, hostname, extip, localip) VALUES (CURRENT_TIMESTAMP, ?, ?, ?, ?)");
// PreparedStatement st = con.prepareStatement("UPDATE users SET password= ");
st.setString(1, "clientId");
st.setString(2, "hostname");
st.setString(3, "extip");
......
......@@ -12,6 +12,16 @@ import org.apache.http.impl.client.HttpClientBuilder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import kz.arta.ext.sap.util.ConnectionPool;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.naming.NamingException;
import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.SQLException;
import java.sql.ResultSet;
import javax.enterprise.context.RequestScoped;
import javax.ws.rs.GET;
import javax.ws.rs.Path;
......@@ -28,11 +38,14 @@ import java.nio.charset.Charset;
* Time: 11:27
*
* REST сервис с методами, которые не требуют авторизации
*
* Modified
* Date: 06.2018
* REST API метод для смены/установки пароля
*/
@Path("/unsecured")
@Path("/uservice")
@RequestScoped
public class UnsecuredProxyService {
private static final Logger LOGGER = LoggerFactory.getLogger(UnsecuredProxyService.class);
@GET
......@@ -41,61 +54,29 @@ public class UnsecuredProxyService {
public String test() {
return "{\"status\":\"working\"}";
}
/**
* Обертка над методом /rest/api/storage/file/get
* Не требует авторизации.
* Обращение к REST API Synergy осуществляется от имени пользователя,
* указанного в настройках (параметры synergy.user.login и synergy.user.password)
*
* @param identifier идентификатор файла в хранилище
* @return inline изображение. Если запрошенный файл не является изображением, то вернется ошибка.
*/
@GET
@Path("/image")
public Response getImage(@QueryParam("identifier") String identifier) {
@GET
@Path("/set_password")
@Produces(MediaType.APPLICATION_JSON + "; charset=utf-8")
public String setPassword(@QueryParam("login") String login, @QueryParam("new_password") String new_pass){
Connection con = null;
try {
con = ConnectionPool.getConnection();
/*PreparedStatement encodeNewPassword = con.prepareStatement("SELECT MD5(\"" + new_pass + "\");");
encodeNewPassword.execute();*/
//UPDATE users SET password=MD5("new_pass") WHERE login="mikkio"
String auth = Config.getProperty("synergy.user.login", "1") + ":" + Config.getProperty("synergy.user.password", "1");
byte[] encodedAuth = Base64.encodeBase64(
auth.getBytes(Charset.forName("UTF-8")));
String authHeader = "Basic " + new String(encodedAuth);
CloseableHttpClient client = HttpClientBuilder.create().build();
HttpGet request = new HttpGet(Config.getProperty("synergy.url", "http://127.0.0.1:8080/Synergy") +
"/rest/api/storage/file/get?inline=true&identifier=" + identifier);
request.setHeader(HttpHeaders.AUTHORIZATION, authHeader);
String update_passwordSQL = "UPDATE users SET password=MD5(\"" + new_pass + "\") WHERE login =\"" + login + "\";";
PreparedStatement UpdatePassword = con.prepareStatement(update_passwordSQL);
UpdatePassword.execute();
return "{\"result\":\"success\", \"errorCode\":\"0\"}";
HttpResponse response = client.execute(request);
HttpEntity entity = response.getEntity();
int responseCode = response.getStatusLine().getStatusCode();
LOGGER.info("Request Url: " + request.getURI());
LOGGER.info("Response Code: " + responseCode);
LOGGER.info("Content-Type: " + entity.getContentType().getValue());
if (entity.getContentType().getValue().toLowerCase().startsWith("image/")) {
Response.ResponseBuilder builder = Response.ok();
builder.entity(entity.getContent());
for (Header header : response.getAllHeaders()) {
builder.header(header.getName(), header.getValue());
}
return builder.build();
} else {
return Response.status(Response.Status.BAD_REQUEST).entity("Not an image").build();
}
} catch (IOException e) {
} catch (SQLException | NamingException e) {
LOGGER.error("", e);
return Response.serverError().build();
return "{\"status\":\"something gone wrong\", \"error\":\"" + e + "\", \"errorCode\": \"500\"}";
} finally {
ConnectionPool.close(con);
}
}
}
}
......@@ -8,12 +8,13 @@ import javax.naming.NamingException;
import javax.sql.DataSource;
import java.sql.Connection;
import java.sql.SQLException;
import javax.sql.XAConnection;
import javax.sql.XADataSource;
/**
* Created by val
* Date: 04.10.2015
* Time: 11:13
*
* Пример класса, который отвечает за работу с пулом соединений
*/
public class ConnectionPool {
......@@ -22,7 +23,7 @@ public class ConnectionPool {
public static Connection getConnection() throws SQLException, NamingException {
InitialContext ctx = new InitialContext();
DataSource ds = (DataSource) ctx.lookup("java:jboss/datasources/DefineDS");
DataSource ds = (DataSource) ctx.lookup("java:/jboss/datasources/ml");
return ds.getConnection();
}
......@@ -35,4 +36,4 @@ public class ConnectionPool {
}
}
}
}
}
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment