|
@@ -91,13 +91,22 @@ public class UserInfoHelper {
|
|
return null;
|
|
return null;
|
|
}
|
|
}
|
|
|
|
|
|
- final PrimaryCipher cipher = ComponentUtil.getPrimaryCipher();
|
|
|
|
- userCode = cipher.encrypt(userCode);
|
|
|
|
|
|
+ userCode = createUserCodeFromUserId(userCode);
|
|
request.setAttribute(Constants.USER_CODE, userCode);
|
|
request.setAttribute(Constants.USER_CODE, userCode);
|
|
deleteUserCodeFromCookie(request);
|
|
deleteUserCodeFromCookie(request);
|
|
return userCode;
|
|
return userCode;
|
|
}
|
|
}
|
|
|
|
|
|
|
|
+ protected String createUserCodeFromUserId(String userCode) {
|
|
|
|
+ final FessConfig fessConfig = ComponentUtil.getFessConfig();
|
|
|
|
+ final PrimaryCipher cipher = ComponentUtil.getPrimaryCipher();
|
|
|
|
+ userCode = cipher.encrypt(userCode);
|
|
|
|
+ if (fessConfig.isValidUserCode(userCode)) {
|
|
|
|
+ return userCode;
|
|
|
|
+ }
|
|
|
|
+ return null;
|
|
|
|
+ }
|
|
|
|
+
|
|
public void deleteUserCodeFromCookie(final HttpServletRequest request) {
|
|
public void deleteUserCodeFromCookie(final HttpServletRequest request) {
|
|
final String cookieValue = getUserCodeFromCookie(request);
|
|
final String cookieValue = getUserCodeFromCookie(request);
|
|
if (cookieValue != null) {
|
|
if (cookieValue != null) {
|
|
@@ -112,12 +121,6 @@ public class UserInfoHelper {
|
|
return null;
|
|
return null;
|
|
}
|
|
}
|
|
|
|
|
|
- final int length = userCode.length();
|
|
|
|
- if (fessConfig.getUserCodeMinLengthAsInteger().intValue() > length
|
|
|
|
- || fessConfig.getUserCodeMaxLengthAsInteger().intValue() < length) {
|
|
|
|
- return null;
|
|
|
|
- }
|
|
|
|
-
|
|
|
|
if (fessConfig.isValidUserCode(userCode)) {
|
|
if (fessConfig.isValidUserCode(userCode)) {
|
|
request.setAttribute(Constants.USER_CODE, userCode);
|
|
request.setAttribute(Constants.USER_CODE, userCode);
|
|
return userCode;
|
|
return userCode;
|
|
@@ -155,10 +158,11 @@ public class UserInfoHelper {
|
|
}
|
|
}
|
|
|
|
|
|
protected String getUserCodeFromCookie(final HttpServletRequest request) {
|
|
protected String getUserCodeFromCookie(final HttpServletRequest request) {
|
|
|
|
+ final FessConfig fessConfig = ComponentUtil.getFessConfig();
|
|
final Cookie[] cookies = request.getCookies();
|
|
final Cookie[] cookies = request.getCookies();
|
|
if (cookies != null) {
|
|
if (cookies != null) {
|
|
for (final Cookie cookie : cookies) {
|
|
for (final Cookie cookie : cookies) {
|
|
- if (cookieName.equals(cookie.getName())) {
|
|
|
|
|
|
+ if (cookieName.equals(cookie.getName()) && fessConfig.isValidUserCode(cookie.getValue())) {
|
|
return cookie.getValue();
|
|
return cookie.getValue();
|
|
}
|
|
}
|
|
}
|
|
}
|