From a422e0c11790e3fefcd4fcbc67fe765e83793de2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E9=99=88=E8=BE=89?= <1101635162@qq.com>
Date: Tue, 29 Oct 2024 14:28:51 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BD=BF=E7=94=A8apiKey=E7=99=BB=E5=BD=95Web?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../symphony/processor/ApiProcessor.java      | 21 +++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/src/main/java/org/b3log/symphony/processor/ApiProcessor.java b/src/main/java/org/b3log/symphony/processor/ApiProcessor.java
index bb519d63..148dc1bb 100644
--- a/src/main/java/org/b3log/symphony/processor/ApiProcessor.java
+++ b/src/main/java/org/b3log/symphony/processor/ApiProcessor.java
@@ -128,7 +128,28 @@ public static void register() {
         final RewardQueryService rewardQueryService = beanManager.getReference(RewardQueryService.class);
         Dispatcher.get("/api/article/reward/senders/{aId}", rewardQueryService::rewardedSenders);
         Dispatcher.post(Symphonys.get("callback.url"), apiProcessor::callbackFromQiNiu);
+
         Dispatcher.get("/loginWebInApiKey", apiProcessor::loginWebInApiKey);
+        Dispatcher.get("/getApiKeyInWeb", apiProcessor::getApiKeyInWeb, loginCheck::handle);
+    }
+
+    public void getApiKeyInWeb(final RequestContext context) {
+        JSONObject currentUser = Sessions.getUser();
+        try {
+            currentUser = ApiProcessor.getUserByKey(context.param("apiKey"));
+        } catch (NullPointerException ignored) {
+        }
+        String userId = currentUser.optString(Keys.OBJECT_ID);
+        final String userPassword = currentUser.optString(User.USER_PASSWORD);
+
+        final JSONObject cookieJSONObject = new JSONObject();
+        cookieJSONObject.put(Keys.OBJECT_ID, userId);
+
+        final String random = RandomStringUtils.randomAlphanumeric(16);
+        cookieJSONObject.put(Keys.TOKEN, userPassword + COOKIE_ITEM_SEPARATOR + random);
+        final String key = Crypts.encryptByAES(cookieJSONObject.toString(), Symphonys.COOKIE_SECRET);
+
+        context.renderJSON(StatusCodes.SUCC).renderJSON(new JSONObject().put("apiKey", key));
     }
 
     public void loginWebInApiKey(final RequestContext context) {