Merge branch 'main' into main

Author: lglglglgy

.DS_Store

@@ -1,9 +1,12 @@
-#include "jwt_controller.h"
 #include <iostream>
+#include <drogon/drogon.h>
 #include <jwt-cpp/jwt.h>
 #include <cstring>
 #include <chrono>
+#include "jwt_controller.h"
+
 using namespace jwt;
+
 std::string jwtGen(const Json::Value& req_json)
 {
     auto now = std::chrono::system_clock::now();
@@ -16,11 +19,6 @@ std::string jwtGen(const Json::Value& req_json)
     .sign(jwt::algorithm::hs256{"secret"});
     return std::string(token);
 }
-// std::string jwtDecode(const std::string& token)
-// {
-//     auto decoded_token = jwt::decode(token);
-//     return decoded_token.get_payload_claim("name").as_string();
-// }
 
 std::string jwtDecrypt(const std::string& token)
 {
@@ -35,4 +33,21 @@ std::string jwtDecrypt(const std::string& token)
         std::cout<<"Failed to decrypt JWT: " + std::string(e.what())<<std::endl;
         throw std::runtime_error("Failed to decrypt JWT");
     }
+}
+
+bool jwtVerify(const drogon::HttpRequestPtr &req){
+    std::string authHeader = req->getHeader("Authorization");
+    if (authHeader.substr(0, 7) == "Bearer ") {
+        std::string bearerToken = authHeader.substr(7);
+        try {
+            std::string sender = jwtDecrypt(bearerToken);
+            return true;
+        } catch (const std::exception &e) {
+            std::cout << "Wrong token" << std::endl;
+            return false;
+        }
+    } else {
+        std::cout << "No Authorization" << std::endl;
+        return false;
+    }
 }

jwt_controller.cc

@@ -1,7 +1,12 @@
 #ifndef _JWT_CONTROLLER_H_
 #define _JWT_CONTROLLER_H_
+
+#include <drogon/drogon.h>
 #include <json/json.h>
 #include <cstring>
+
 std::string jwtGen(const Json::Value& req_json);
 std::string jwtDecrypt(const std::string& token);
+bool jwtVerify(const drogon::HttpRequestPtr &req);
+
 #endif

jwt_controller.h

@@ -30,8 +30,13 @@ int main() {
       drogon::app().registerHandler("/api/info", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
         info(req, std::move(callback));
     });
+
     drogon::app().registerHandler("/api/file/tree", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
         genTree(req, std::move(callback));
+    });  
+      drogon::app().registerHandler("/api/avatar", [](const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
+        avatar(req, std::move(callback));
+
     });
     drogon::app().run();
     return 0;

main.cc

@@ -1,182 +1,111 @@
-#include "msg_controller.h"
-
 #include <drogon/drogon.h>
 #include <json/json.h>
-
 #include "jwt_controller.h"
+#include "msg_controller.h"
 #include "mysql.h"
+
 using namespace drogon;
-void chat(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
-{
+
+// send a message
+void chat(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
     auto body = req->getBody();
     Json::Value req_json, res_json;
     Json::Reader reader;
     std::string bodyStr(body);
-    if (!reader.parse(bodyStr, req_json))
-    {
+    if (!reader.parse(bodyStr, req_json)) {
         callback(HttpResponse::newHttpResponse());
         return;
     }
     Json::FastWriter writer;
-    std::string authHeader = req->getHeader("Authorization");
-    if (authHeader.substr(0, 7) == "Bearer ")
-    {
-        std::string bearerToken = authHeader.substr(7);
-        // 在此处使用Bearer Token进行身份验证
-        try
-        {
-            std::string sender = jwtDecrypt(bearerToken);
-            std::string content = req_json["content"].asString();
-            std::string receiver = req_json["receiver"].asString();
-            std::cout << "Connect success: " << sender << std::endl;
-            sql_addhistory(sender, receiver, content, "0");
-        }
-        catch (const std::exception &e)
-        {
-            std::cerr << e.what() << '\n';
-            std::cout << "Wrong token" << std::endl;
-        }
-    }
-    else
-    {
-        // 连接没有Authorization头部Bearer Token
-        std::cout << "No Authorization" << std::endl;
-    }
-    std::string msg = req_json["content"].asString();
-    auto output = writer.write(res_json);
     auto res = HttpResponse::newHttpResponse();
     res->addHeader("Access-Control-Allow-Origin", "*");
-    res->setBody(output);
+    if (jwtVerify(req)) {
+        std::string sender = jwtDecrypt(req->getHeader("Authorization").substr(7));
+        std::string content = req_json["content"].asString();
+        std::string receiver = req_json["receiver"].asString();
+        sql_addhistory(sender, receiver, content, "0");
+        std::string msg = req_json["content"].asString();
+        auto output = writer.write(res_json);
+        res->setBody(output);
+    } else {
+        res->setBody("No Authorization");
+    }
     callback(res);
 }
-void check(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
-{
+// get message history
+void check(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
     Json::Value res_json;
     Json::Reader reader;
     std::string me;
     Json::FastWriter writer;
-    std::string authHeader = req->getHeader("Authorization");
-    if (authHeader.substr(0, 7) == "Bearer ")
-    {
-        std::string bearerToken = authHeader.substr(7);
-        // 在此处使用Bearer Token进行身份验证
-        try
-        {
-            me = jwtDecrypt(bearerToken);
-        }
-        catch (const std::exception &e)
-        {
-            std::cerr << e.what() << '\n';
-            std::cout << "Wrong token" << std::endl;
-        }
-    }
-    else
-    {
-        // 连接没有Authorization头部Bearer Token
-        std::cout << "No Authorization" << std::endl;
-    }
-
     auto res = HttpResponse::newHttpResponse();
     res->addHeader("Access-Control-Allow-Origin", "*");
-    auto output = writer.write(sql_find_my_msg(me));
-    res->setBody(output);
+    if (jwtVerify(req)) {
+        me = jwtDecrypt(req->getHeader("Authorization").substr(7));
+        auto output = writer.write(sql_find_my_msg(me));
+        res->setBody(output);
+    } else {
+        res->setBody("No Authorization");
+    }
     callback(res);
 }
-
-void friend_operation(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
-{
-    std::string authHeader = req->getHeader("Authorization");
-    if (authHeader.substr(0, 7) == "Bearer ")
-    {
-        std::string bearerToken = authHeader.substr(7);
-        // 在此处使用Bearer Token进行身份验证
-        try
-        {
-            std::string sender = jwtDecrypt(bearerToken);
-            std::string receiver = req->getParameter("username");
-            std::string operation = req->getParameter("operation");
-            if(operation=="add")
+// request new friend or cancel request
+void friend_operation(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
+    auto res = HttpResponse::newHttpResponse();
+    res->addHeader("Access-Control-Allow-Origin", "*");
+    if (jwtVerify(req)) {
+        std::string sender = jwtDecrypt(req->getHeader("Authorization").substr(7));
+        std::string receiver = req->getParameter("username");
+        std::string operation = req->getParameter("operation");
+        if (operation == "add")
             sql_addrequest(sender, receiver);
-            else sql_delete_operation(sender,receiver);
-        }
-        catch (const std::exception &e)
-        {
-            std::cerr << e.what() << '\n';
-            std::cout << "Wrong token" << std::endl;
-        }
+        else
+            sql_delete_operation(sender, receiver);
+        res->setBody("Success");
+    } else {
+        res->setBody("No Authorization");
     }
-    auto res = HttpResponse::newHttpResponse();
-    res->setBody("Success");
     callback(res);
 }
-void request_processing(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
-{
-    std::string authHeader = req->getHeader("Authorization");
-    if (authHeader.substr(0, 7) == "Bearer ")
-    {
-        std::string bearerToken = authHeader.substr(7);
-        // 在此处使用Bearer Token进行身份验证
-        try
-        {
-            std::string receiver = jwtDecrypt(bearerToken);
-            std::string sender = req->getParameter("username");
-            std::string attitude = req->getParameter("info");
-            sql_process_request(sender, receiver, attitude);
-        }
-        catch (const std::exception &e)
-        {
-            std::cerr << e.what() << '\n';
-            std::cout << "Wrong token" << std::endl;
-        }
-    }
+// handle new friend request
+void request_processing(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
     auto res = HttpResponse::newHttpResponse();
-    res->setBody("Success");
+    res->addHeader("Access-Control-Allow-Origin", "*");
+    if (jwtVerify(req)) {
+        std::string receiver = jwtDecrypt(req->getHeader("Authorization").substr(7));
+        std::string sender = req->getParameter("username");
+        std::string attitude = req->getParameter("info");
+        sql_process_request(sender, receiver, attitude);
+        res->setBody("Success");
+    } else {
+        res->setBody("No Authorization");
+    }
+    callback(res);
 }
-void info(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback)
-{
+// get chat info
+void info(const HttpRequestPtr &req, std::function<void(const HttpResponsePtr &)> &&callback) {
     auto body = req->getBody();
     Json::Value req_json, res_json;
     Json::Reader reader;
     std::string bodyStr(body);
-    if (!reader.parse(bodyStr, req_json))
-    {
+    if (!reader.parse(bodyStr, req_json)) {
         callback(HttpResponse::newHttpResponse());
         return;
     }
     std::string me, who_send_me;
     Json::FastWriter writer;
-    std::string authHeader = req->getHeader("Authorization");
-    if (authHeader.substr(0, 7) == "Bearer ")
-    {
-        std::string bearerToken = authHeader.substr(7);
-        // 在此处使用Bearer Token进行身份验证
-        try
-        {
-            me = jwtDecrypt(bearerToken);
-        }
-        catch (const std::exception &e)
-        {
-            std::cerr << e.what() << '\n';
-            std::cout << "Wrong token" << std::endl;
-        }
-    }
-    else
-    {
-        // 连接没有Authorization头部Bearer Token
-        std::cout << "No Authorization" << std::endl;
-    }
-
     auto res = HttpResponse::newHttpResponse();
     res->addHeader("Access-Control-Allow-Origin", "*");
-    if (req_json["person"].asString() == "")
-    {
-        res->setBody(writer.write(get_chat_info(me, "")));
-        callback(res);
-    }
-    else
-    {
-        who_send_me = req_json["person"].asString();
-        res->setBody(writer.write(get_chat_info(me, who_send_me)));
-        callback(res);
+    if (jwtVerify(req)) {
+        me = jwtDecrypt(req->getHeader("Authorization").substr(7));
+        if (req_json["person"].asString() == "") {
+            res->setBody(writer.write(get_chat_info(me, "")));
+        } else {
+            who_send_me = req_json["person"].asString();
+            res->setBody(writer.write(get_chat_info(me, who_send_me)));
+        }
+    } else {
+        res->setBody("No Authorization");
     }
+    callback(res);
 }