@At("/active/mail")
@POST
public Object activeMail(@Attr(scope=Scope.SESSION, value="me")int userId,
HttpServletRequest req) {
NutMap re = new NutMap();
UserProfile profile = get(userId);
if (Strings.isBlank(profile.getEmail())) {
return re.setv("ok", false).setv("msg", "你还没有填邮箱啊!");
}
String token = String.format("%s,%s,%s", userId, profile.getEmail(), System.currentTimeMillis());
token = Toolkit._3DES_encode(emailKEY, token.getBytes());//3DES加密
String url = req.getRequestURL() + "?token=" + token;
String html = "<div>如果无法点击,请拷贝一下链接到浏览器中打开<p/>验证链接 %s</div>";
html = String.format(html, url, url);//format---格式
try {
//send(String to/*发送到*/, String subject/*标题*/, String html/*内容*/)
boolean ok = emailService.send(profile.getEmail(), "XXX 验证邮件 by Nutzbook", html);
if (!ok) {
return re.setv("ok", false).setv("msg", "发送失败");
}
} catch (Throwable e) {
log.debug("发送邮件失败", e);
return re.setv("ok", false).setv("msg", "发送失败");
}
return re.setv("ok", true);
}
@Filters // 不需要先登录,很明显...
@At("/active/mail")
@GET
@Ok("raw") // 为了简单起见,这里直接显示验证结果就好了
public String activeMailCallback(@Param("token")String token, HttpSession session) {
if (Strings.isBlank(token)) {
return "请不要直接访问这个链接!!!";
}
if (token.length() < 10) {
return "非法token";
}
try {
token = Toolkit._3DES_decode(emailKEY, Toolkit.hexstr2bytearray(token));
if (token == null)
return "非法token";
String[] tmp = token.split(",", 3);
if (tmp.length != 3 || tmp[0].length() == 0 || tmp[1].length() == 0 || tmp[2].length() == 0)
return "非法token";
long time = Long.parseLong(tmp[2]);
if (System.currentTimeMillis() - time > 10*60*1000) {
return "该验证链接已经超时";
}
int userId = Integer.parseInt(tmp[0]);
Cnd cnd = Cnd.where("userId", "=", userId).and("email", "=", tmp[1]);
int re = dao.update(UserProfile.class, Chain.make("emailChecked", true), cnd);
if (re == 1) {
return "验证成功";
}
return "验证失败!!请重新验证!!";
} catch (Throwable e) {
log.debug("检查token时出错", e);
return "非法token";
}
}
问答
为什么发送验证邮件的方法和返回验证结果的方法 入口都是@At("/active/mail")
标签:
无
5 回复
添加回复
请先登陆