You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
176 lines
4.4 KiB
C++
176 lines
4.4 KiB
C++
#include "QUserDB.h"
|
|
#include <QtCore\quuid.h>
|
|
#include <QtCore\qcryptographichash.h>
|
|
|
|
#pragma execution_character_set("utf-8")
|
|
|
|
#define _TP_SQLITE_CRETAE_USERS_TABLE \
|
|
"CREATE TABLE IF NOT EXISTS user(id VARCHAR(255) \
|
|
, salt BLOB \
|
|
, password BLOB \
|
|
, level INT(32) \
|
|
, about VARCHAR(255)\
|
|
, stamp TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP \
|
|
, PRIMARY KEY(id))"
|
|
|
|
#define _TP_QSQLITE_REPLACE_USER "REPLACE INTO user(id, salt, password, level) VALUES('%1', :data_salt, :data_password, '%2')"
|
|
#define _TP_QSQLITE_SELECT_ALL "SELECT id, level FROM user"
|
|
#define _TP_QSQLITE_SELECT_ALLINFO "SELECT id, level, password FROM user"
|
|
#define _TP_QSQLITE_SELECT_USERS_BY_LEVEL "SELECT id, level FROM user WHERE level >= '%1'"
|
|
#define _TP_QSQLITE_SELECT_USER "SELECT id, level, salt, password FROM user WHERE id = '%1'"
|
|
#define _TP_QSQLITE_DELETE_USER "DELETE FROM user WHERE id='%1'"
|
|
|
|
#define _DB_USER "user"
|
|
#define _DB_PS "hzleaper_administrator"
|
|
|
|
QUserDB::QUserDB(const QString& dbPath)
|
|
: QZkDbSqlite(dbPath + "usersInfo.db", _DB_USER, _DB_PS)
|
|
, m_strCurUser(NO_USER_NAME)
|
|
, m_nCurLevel(USER_LEVEL_NOUSER)
|
|
{
|
|
|
|
}
|
|
|
|
QUserDB::~QUserDB()
|
|
{
|
|
|
|
}
|
|
|
|
bool QUserDB::CreateTable()
|
|
{
|
|
if (!isOpen() && !open())
|
|
{
|
|
return false;
|
|
}
|
|
QSqlQuery sql = exec(_TP_SQLITE_CRETAE_USERS_TABLE);
|
|
if (QSqlError::NoError != lastError().type())
|
|
{
|
|
return false;
|
|
}
|
|
//Replace("root", "hzleaper");
|
|
return true;
|
|
}
|
|
|
|
bool QUserDB::Replace(const QString& user, const QString& password, int level /*= 0*/)
|
|
{
|
|
QByteArray ps = password.toUtf8();
|
|
QByteArray salt;
|
|
for (int i = 0; i < 10; ++i)
|
|
{
|
|
salt.append(QUuid::createUuid().toRfc4122());
|
|
}
|
|
std::string s =salt.toStdString();
|
|
//ps.append(salt);
|
|
|
|
//ps = QCryptographicHash::hash(ps, QCryptographicHash::Sha3_512);
|
|
|
|
QString strCmd(_TP_QSQLITE_REPLACE_USER);
|
|
strCmd = strCmd.arg(user, QString::number(level));
|
|
QSqlQuery sql(*this);
|
|
sql.prepare(strCmd);
|
|
sql.bindValue(":data_salt", salt, QSql::In);
|
|
sql.bindValue(":data_password", ps.toBase64()/*ps*/, QSql::In);
|
|
return sql.exec();
|
|
}
|
|
|
|
QStringList QUserDB::Users(int nLevel)
|
|
{
|
|
QStringList idList;
|
|
QSqlQuery sql;
|
|
if (nLevel < 0)
|
|
{
|
|
sql = exec(_TP_QSQLITE_SELECT_ALL);
|
|
}
|
|
else
|
|
{
|
|
sql = exec(QString(_TP_QSQLITE_SELECT_USERS_BY_LEVEL).arg(QString::number(nLevel)));
|
|
}
|
|
while (sql.next())
|
|
{
|
|
idList.append(sql.value("id").toString());
|
|
}
|
|
return idList;
|
|
}
|
|
|
|
map_userInfos QUserDB::getAllUserInfos()
|
|
{
|
|
QSqlQuery sql;
|
|
map_userInfos rltInfos;
|
|
sql = exec(_TP_QSQLITE_SELECT_ALLINFO);
|
|
int nIndex = 0;
|
|
while (sql.next())
|
|
{
|
|
UserInfo itemInfo;
|
|
itemInfo.strName = sql.value("id").toString();
|
|
itemInfo.mLevel = sql.value("level").toInt();
|
|
QByteArray mArray = sql.value("password").toByteArray();
|
|
itemInfo.passwd = QString(QByteArray::fromBase64(mArray));
|
|
rltInfos[nIndex] = itemInfo;
|
|
nIndex++;
|
|
}
|
|
return rltInfos;
|
|
}
|
|
|
|
bool QUserDB::Login(const QString& user, const QString& password, int& level)
|
|
{
|
|
QString strCmd(_TP_QSQLITE_SELECT_USER);
|
|
strCmd = strCmd.arg(user);
|
|
QSqlQuery sql = exec(strCmd);
|
|
if (QSqlError::NoError != lastError().type() || !sql.next())
|
|
{
|
|
return false;
|
|
}
|
|
QByteArray salt = sql.value("salt").toByteArray();
|
|
QByteArray ps = sql.value("password").toByteArray();
|
|
//QString str = QString(QByteArray::fromBase64(ps));
|
|
//
|
|
//QByteArray origin = password.toUtf8();
|
|
QByteArray origin = password.toUtf8().toBase64();
|
|
//origin.append(salt);
|
|
// origin = QCryptographicHash::hash(origin, QCryptographicHash::Sha3_512);
|
|
if (!qtByteArrayEqual(origin, ps))
|
|
{
|
|
return false;
|
|
}
|
|
|
|
level = sql.value("level").toInt();
|
|
|
|
m_strCurUser = user;
|
|
m_nCurLevel = level;
|
|
return true;
|
|
}
|
|
|
|
void QUserDB::Logout()
|
|
{
|
|
m_strCurUser = NO_USER_NAME;
|
|
m_nCurLevel = USER_LEVEL_NOUSER;
|
|
}
|
|
|
|
|
|
bool QUserDB::Delete(const QString& user)
|
|
{
|
|
QString strCmd(_TP_QSQLITE_DELETE_USER);
|
|
strCmd = strCmd.arg(user);
|
|
QSqlQuery sql = exec(strCmd);
|
|
if (QSqlError::NoError != lastError().type())
|
|
{
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
int QUserDB::UserLevel(const QString& user)
|
|
{
|
|
QString strCmd = "SELECT level FROM user WHERE id = '%1'";
|
|
strCmd = strCmd.arg(user);
|
|
QSqlQuery sql = exec(strCmd);
|
|
if (QSqlError::NoError != lastError().type()) {
|
|
return false;
|
|
}
|
|
while (sql.next()) {
|
|
return sql.value("level").toInt();
|
|
}
|
|
return -1;
|
|
}
|