SHA256
09 12 25
В черновую переделал авторификацию
This commit is contained in:
@@ -5,8 +5,7 @@ import shine.db.entities.ActiveSession;
|
||||
|
||||
import java.sql.*;
|
||||
|
||||
/** Здесь мы хрним данные об активных сессиях пользователя (для wss соединений) */
|
||||
|
||||
/** Здесь мы храним данные об активных сессиях пользователя (для wss соединений). */
|
||||
public final class ActiveSessionsDAO {
|
||||
|
||||
private static volatile ActiveSessionsDAO instance;
|
||||
@@ -30,37 +29,40 @@ public final class ActiveSessionsDAO {
|
||||
String sql = """
|
||||
INSERT INTO active_sessions (
|
||||
sessionId,
|
||||
session_pwd,
|
||||
loginId,
|
||||
time_ms,
|
||||
pubkey_num,
|
||||
session_pwd,
|
||||
storage_pwd,
|
||||
session_created_ms,
|
||||
last_auth_ms,
|
||||
push_endpoint,
|
||||
push_p256dh_key,
|
||||
push_auth_key
|
||||
) VALUES (?, ?, ?, ?, ?, ?, ?, ?)
|
||||
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)
|
||||
""";
|
||||
|
||||
try (PreparedStatement ps = db.getConnection().prepareStatement(sql)) {
|
||||
ps.setLong(1, session.getSessionId());
|
||||
ps.setString(2, session.getSessionPwd());
|
||||
ps.setLong(3, session.getLoginId());
|
||||
ps.setLong(4, session.getTimeMs());
|
||||
ps.setInt(5, session.getPubkeyNum());
|
||||
ps.setString(6, session.getPushEndpoint());
|
||||
ps.setString(7, session.getPushP256dhKey());
|
||||
ps.setString(8, session.getPushAuthKey());
|
||||
ps.setString(1, session.getSessionId());
|
||||
ps.setLong(2, session.getLoginId());
|
||||
ps.setString(3, session.getSessionPwd());
|
||||
ps.setString(4, session.getStoragePwd());
|
||||
ps.setLong(5, session.getSessionCreatedAtMs());
|
||||
ps.setLong(6, session.getLastAuthirificatedAtMs());
|
||||
ps.setString(7, session.getPushEndpoint());
|
||||
ps.setString(8, session.getPushP256dhKey());
|
||||
ps.setString(9, session.getPushAuthKey());
|
||||
ps.executeUpdate();
|
||||
}
|
||||
}
|
||||
|
||||
public ActiveSession getBySessionId(long sessionId) throws SQLException {
|
||||
public ActiveSession getBySessionId(String sessionId) throws SQLException {
|
||||
String sql = """
|
||||
SELECT
|
||||
sessionId,
|
||||
session_pwd,
|
||||
loginId,
|
||||
time_ms,
|
||||
pubkey_num,
|
||||
session_pwd,
|
||||
storage_pwd,
|
||||
session_created_ms,
|
||||
last_auth_ms,
|
||||
push_endpoint,
|
||||
push_p256dh_key,
|
||||
push_auth_key
|
||||
@@ -69,7 +71,7 @@ public final class ActiveSessionsDAO {
|
||||
""";
|
||||
|
||||
try (PreparedStatement ps = db.getConnection().prepareStatement(sql)) {
|
||||
ps.setLong(1, sessionId);
|
||||
ps.setString(1, sessionId);
|
||||
try (ResultSet rs = ps.executeQuery()) {
|
||||
if (!rs.next()) {
|
||||
return null;
|
||||
@@ -83,31 +85,51 @@ public final class ActiveSessionsDAO {
|
||||
* Удаление записи по sessionId.
|
||||
* Если записи нет — просто ничего не удалит (0 строк).
|
||||
*/
|
||||
public void deleteBySessionId(long sessionId) throws SQLException {
|
||||
public void deleteBySessionId(String sessionId) throws SQLException {
|
||||
String sql = "DELETE FROM active_sessions WHERE sessionId = ?";
|
||||
|
||||
try (PreparedStatement ps = db.getConnection().prepareStatement(sql)) {
|
||||
ps.setLong(1, sessionId);
|
||||
ps.setString(1, sessionId);
|
||||
ps.executeUpdate();
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Обновить поле last_auth_ms (lastAuthirificatedAtMs) для конкретной сессии.
|
||||
* Остальные поля записи не меняются.
|
||||
*/
|
||||
public void updateLastAuthirificatedAtMs(String sessionId, long newTimeMs) throws SQLException {
|
||||
String sql = """
|
||||
UPDATE active_sessions
|
||||
SET last_auth_ms = ?
|
||||
WHERE sessionId = ?
|
||||
""";
|
||||
|
||||
try (PreparedStatement ps = db.getConnection().prepareStatement(sql)) {
|
||||
ps.setLong(1, newTimeMs);
|
||||
ps.setString(2, sessionId);
|
||||
ps.executeUpdate();
|
||||
}
|
||||
}
|
||||
|
||||
private ActiveSession mapRow(ResultSet rs) throws SQLException {
|
||||
long sessionId = rs.getLong("sessionId");
|
||||
String sessionPwd = rs.getString("session_pwd");
|
||||
String sessionId = rs.getString("sessionId");
|
||||
long loginId = rs.getLong("loginId");
|
||||
long timeMs = rs.getLong("time_ms");
|
||||
short pubkeyNum = (short) rs.getInt("pubkey_num");
|
||||
String sessionPwd = rs.getString("session_pwd");
|
||||
String storagePwd = rs.getString("storage_pwd");
|
||||
long sessionCreatedMs = rs.getLong("session_created_ms");
|
||||
long lastAuthMs = rs.getLong("last_auth_ms");
|
||||
String pushEndpoint = rs.getString("push_endpoint");
|
||||
String pushP256dhKey = rs.getString("push_p256dh_key");
|
||||
String pushAuthKey = rs.getString("push_auth_key");
|
||||
|
||||
return new ActiveSession(
|
||||
sessionId,
|
||||
sessionPwd,
|
||||
loginId,
|
||||
timeMs,
|
||||
pubkeyNum,
|
||||
sessionPwd,
|
||||
storagePwd,
|
||||
sessionCreatedMs,
|
||||
lastAuthMs,
|
||||
pushEndpoint,
|
||||
pushP256dhKey,
|
||||
pushAuthKey
|
||||
|
||||
@@ -1,12 +1,27 @@
|
||||
package shine.db.entities;
|
||||
|
||||
/**
|
||||
* ActiveSession — запись об активной сессии пользователя.
|
||||
*
|
||||
* Поля:
|
||||
* - sessionId – строка (base64 от 32 байт)
|
||||
* - loginId – long
|
||||
* - sessionPwd – строка (секрет шага 1)
|
||||
* - storagePwd – строка (секрет клиента для хранения данных)
|
||||
* - sessionCreatedAtMs – long (время создания)
|
||||
* - lastAuthirificatedAtMs – long (последнее подтверждение/refresh)
|
||||
* - pushEndpoint – строка (WebPush, пока null/пусто)
|
||||
* - pushP256dhKey – строка (WebPush, пока null/пусто)
|
||||
* - pushAuthKey – строка (WebPush, пока null/пусто)
|
||||
*/
|
||||
public class ActiveSession {
|
||||
|
||||
private long sessionId;
|
||||
private String sessionPwd;
|
||||
private String sessionId;
|
||||
private long loginId;
|
||||
private long timeMs; // время в мс
|
||||
private short pubkeyNum;
|
||||
private String sessionPwd;
|
||||
private String storagePwd;
|
||||
private long sessionCreatedAtMs;
|
||||
private long lastAuthirificatedAtMs;
|
||||
private String pushEndpoint;
|
||||
private String pushP256dhKey;
|
||||
private String pushAuthKey;
|
||||
@@ -14,68 +29,71 @@ public class ActiveSession {
|
||||
public ActiveSession() {
|
||||
}
|
||||
|
||||
public ActiveSession(long sessionId,
|
||||
String sessionPwd,
|
||||
public ActiveSession(String sessionId,
|
||||
long loginId,
|
||||
long timeMs,
|
||||
short pubkeyNum,
|
||||
String sessionPwd,
|
||||
String storagePwd,
|
||||
long sessionCreatedAtMs,
|
||||
long lastAuthirificatedAtMs,
|
||||
String pushEndpoint,
|
||||
String pushP256dhKey,
|
||||
String pushAuthKey) {
|
||||
this.sessionId = sessionId;
|
||||
this.sessionPwd = sessionPwd;
|
||||
this.loginId = loginId;
|
||||
this.timeMs = timeMs;
|
||||
this.pubkeyNum = pubkeyNum;
|
||||
this.sessionPwd = sessionPwd;
|
||||
this.storagePwd = storagePwd;
|
||||
this.sessionCreatedAtMs = sessionCreatedAtMs;
|
||||
this.lastAuthirificatedAtMs = lastAuthirificatedAtMs;
|
||||
this.pushEndpoint = pushEndpoint;
|
||||
this.pushP256dhKey = pushP256dhKey;
|
||||
this.pushAuthKey = pushAuthKey;
|
||||
}
|
||||
|
||||
public long getSessionId() {
|
||||
public String getSessionId() {
|
||||
return sessionId;
|
||||
}
|
||||
|
||||
public void setSessionId(long sessionId) {
|
||||
public void setSessionId(String sessionId) {
|
||||
this.sessionId = sessionId;
|
||||
}
|
||||
|
||||
public String getSessionPwd() {
|
||||
return sessionPwd;
|
||||
}
|
||||
|
||||
public void setSessionPwd(String sessionPwd) {
|
||||
this.sessionPwd = sessionPwd;
|
||||
}
|
||||
|
||||
public long getLoginId() {
|
||||
return loginId;
|
||||
}
|
||||
|
||||
public void setLoginId(long loginId) {
|
||||
this.loginId = loginId;
|
||||
}
|
||||
|
||||
public long getTimeMs() {
|
||||
return timeMs;
|
||||
public String getSessionPwd() {
|
||||
return sessionPwd;
|
||||
}
|
||||
public void setSessionPwd(String sessionPwd) {
|
||||
this.sessionPwd = sessionPwd;
|
||||
}
|
||||
|
||||
public void setTimeMs(long timeMs) {
|
||||
this.timeMs = timeMs;
|
||||
public String getStoragePwd() {
|
||||
return storagePwd;
|
||||
}
|
||||
public void setStoragePwd(String storagePwd) {
|
||||
this.storagePwd = storagePwd;
|
||||
}
|
||||
|
||||
public short getPubkeyNum() {
|
||||
return pubkeyNum;
|
||||
public long getSessionCreatedAtMs() {
|
||||
return sessionCreatedAtMs;
|
||||
}
|
||||
public void setSessionCreatedAtMs(long sessionCreatedAtMs) {
|
||||
this.sessionCreatedAtMs = sessionCreatedAtMs;
|
||||
}
|
||||
|
||||
public void setPubkeyNum(short pubkeyNum) {
|
||||
this.pubkeyNum = pubkeyNum;
|
||||
public long getLastAuthirificatedAtMs() {
|
||||
return lastAuthirificatedAtMs;
|
||||
}
|
||||
public void setLastAuthirificatedAtMs(long lastAuthirificatedAtMs) {
|
||||
this.lastAuthirificatedAtMs = lastAuthirificatedAtMs;
|
||||
}
|
||||
|
||||
public String getPushEndpoint() {
|
||||
return pushEndpoint;
|
||||
}
|
||||
|
||||
public void setPushEndpoint(String pushEndpoint) {
|
||||
this.pushEndpoint = pushEndpoint;
|
||||
}
|
||||
@@ -83,7 +101,6 @@ public class ActiveSession {
|
||||
public String getPushP256dhKey() {
|
||||
return pushP256dhKey;
|
||||
}
|
||||
|
||||
public void setPushP256dhKey(String pushP256dhKey) {
|
||||
this.pushP256dhKey = pushP256dhKey;
|
||||
}
|
||||
@@ -91,7 +108,6 @@ public class ActiveSession {
|
||||
public String getPushAuthKey() {
|
||||
return pushAuthKey;
|
||||
}
|
||||
|
||||
public void setPushAuthKey(String pushAuthKey) {
|
||||
this.pushAuthKey = pushAuthKey;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user