System Overview
This article presents a secure and user-friendly auction management system designed to simplify the process of finding and managing auction items. The system focuses on providing a streamlined experience for users while maintaining robust administrative capabilities. Built using Java with the SpringBoot framework and MySQL database, the application addresses the complexity challenges inherent in traditional auction management.
The architecture encompasses two primary roles: administrators and regular users. Administrators maintain system data and oversee all operations, while users can browse items, participate in auctions, and manage their personal profiles. This dual-role approach ensures efficient system management and a responsive user experience.
Technology Stack
- Backend Framework: SpringBoot
- Programming Language: Java
- Frontend Technologies: Vue.js, JavaScript, CSS3
- Database: MySQL 5.7/8.0
- Development Environment: IntelliJ IDEA / Eclipse / Visual Studio Code
- Database Management: phpStudy / Navicat
- Java Version: JDK 1.8
- Build Tool: Apache Maven 3.8.1
System Architecture
The SpringBoot framework serves as the core of this application, providing rapid development capabilities and simplified configuration. The framework significantly reduces development time while improving application responsiveness. The overall system structure includes frontend presentation layer, backend business logic layer, and data persistence layer.
Frontend Functionality
Homepage
When visitors access the system URL, they encounter the homepage displaying the navigation menu with sections for home, product listings, announcements, message board, and backend access. The homepage serves as the entry point for all system features.
User Authentication
Users can register for a new account or log in with existing credentials. The registration process requires completing a form with necessary information. Upon successful authentication, users gain access to personalized features and capabilities.
Product Listings
The product information module allows users to search for items using product codes or names. Each product displays comprehensive details including category, specifications, images, listing date, view count, current price, starting bid, bid increment, and buy-now price. Users can place bids or save items to their favorites.
Message Board
The message board functionality enables direct communication between users and administrators. Users can submit feedback, report issues, or share concerns through this feature, facilitating improved service delivery and issue resolution.
Personal Center
Authenticated users can access their personal dashboard to update profile information, manage orders, saved addresses, favorite items, and auction participation history. This centralized hub provides complete control over personal account activities.
Backend Administration
Administrator Authentication
Administrators access the system through a dedicated login interface, selecting their role and providing valid credentials. The authentication process validates user identity before granting administrative privileges.
Administrative Dashboard
Upon successful login, administrators access a comprehensive dashboard featuring modules for user management, product category management, product information management, purchase requests, message board administration, system conifguration, and order management.
User Management
Administrators maintain user accounts by performing operations such as viewing, adding, and removing user records. The user management interface displays account details including username, name, gender, contact information, and profile pictures.
Category Administration
Product categories can be created, queried, and removed through the category management interface. This functionality ensures proper organization and classification of auction items.
Product Management
The product information module enables administrators to handle auction items comprehensively. Operations include viewing product details, adding new listings, and removing discontinued items. Each product record contains identification codes, names, categories, specifications, images, listing timestamps, view statistics, pricing information, starting bids, increment amounts, and buy-now prices.
Purchase Request Handling
Administrators review and process purchase requests submitted by users. The management interface provides access to request identifiers, product names, categories, request timestamps, and user account information.
h3>Message Board Administration The message board module allows administrators to review user-submitted messages and provide responses. The interface displays usernames, message content, attached images, replies, and reply attachments. Administrators can search through messages and remove inappropriate content.
System Configuration
System management features enable administrators to configure various aspects including about us information, carousel images, system descriptions, and announcements. These settings control the overall user experience and informational content.
Order Administration
Order management capabilities cover various order states including cancelled orders, refunded orders, unpaid orders, shipped orders, paid orders, and completed orders. Administrators can query and manage order records as needed.
User Backend Functionality
Regular users access backend features through the management interface after authentication. The user dashboard provides access to system overview, personal profile management, purcahse request handling, and other user-specific functions.
Core Implementation Example
The following code demonstrates the authentication controller handling user login, registration, and account management operations:
/**
* Account authentication and management controller
*/
@RestController
@RequestMapping("accounts")
public class AccountController {
@Autowired
private AccountService accountService;
@Autowired
private TokenService tokenService;
/**
* Authenticate user credentials
*/
@IgnoreAuth
@PostMapping(value = "/authenticate")
public ResponseEntity<?> authenticate(String username, String password, String captcha, HttpServletRequest request) {
AccountEntity account = accountService.selectOne(new EntityWrapper<AccountEntity>().eq("username", username));
if(account == null || !account.getPassword().equals(password)) {
return ResponseEntity.status(401).body("Invalid credentials");
}
String token = tokenService.generateToken(account.getId(), username, "accounts", account.getRole());
Map<String, Object> response = new HashMap<>();
response.put("token", token);
response.put("role", account.getRole());
response.put("accountId", account.getId());
return ResponseEntity.ok(response);
}
/**
* Create new user account
*/
@IgnoreAuth
@PostMapping(value = "/create")
public ResponseEntity<?> register(@RequestBody AccountEntity account) {
if(accountService.selectOne(new EntityWrapper<AccountEntity>().eq("username", account.getUsername())) != null) {
return ResponseEntity.status(400).body("Username already exists");
}
accountService.insert(account);
return ResponseEntity.ok("Registration successful");
}
/**
* Terminate current session
*/
@GetMapping(value = "terminate")
public ResponseEntity<?> logout(HttpServletRequest request) {
request.getSession().invalidate();
return ResponseEntity.ok("Logout successful");
}
/**
* Change account password
*/
@GetMapping(value = "/changePassword")
public ResponseEntity<?> changePassword(String currentPassword, String newPassword, HttpServletRequest request) {
AccountEntity account = accountService.selectById((Integer) request.getSession().getAttribute("accountId"));
if(newPassword == null) {
return ResponseEntity.badRequest().body("New password required");
}
if(!currentPassword.equals(account.getPassword())) {
return ResponseEntity.status(403).body("Current password incorrect");
}
if(currentPassword.equals(newPassword)) {
return ResponseEntity.badRequest().body("New password must differ");
}
account.setPassword(newPassword);
accountService.updateById(account);
return ResponseEntity.ok("Password updated");
}
/**
* Reset account password to default
*/
@IgnoreAuth
@RequestMapping(value = "/resetPassword")
public ResponseEntity<?> resetPassword(String username, HttpServletRequest request) {
AccountEntity account = accountService.selectOne(new EntityWrapper<AccountEntity>().eq("username", username));
if(account == null) {
return ResponseEntity.status(404).body("Account not found");
}
account.setPassword("default123");
accountService.update(account, null);
return ResponseEntity.ok("Password reset to: default123");
}
/**
* Retrieve paginated account list
*/
@RequestMapping("/listing")
public ResponseEntity<?> getPageList(@RequestParam Map<String, Object> parameters, AccountEntity account) {
EntityWrapper<AccountEntity> conditions = new EntityWrapper<AccountEntity>();
PageUtils pageResult = accountService.queryPage(parameters, MPUtil.sort(MPUtil.between(MPUtil.allLike(conditions, account), parameters), parameters));
return ResponseEntity.ok().body(pageResult);
}
/**
* Retrieve account collection
*/
@RequestMapping("/collection")
public ResponseEntity<?> getList(AccountEntity account) {
EntityWrapper<AccountEntity> conditions = new EntityWrapper<AccountEntity>();
conditions.allEq(MPUtil.allEQMapPre(account, "account"));
return ResponseEntity.ok().body(accountService.selectListView(conditions));
}
/**
* Fetch account details by identifier
*/
@RequestMapping("/details/{id}")
public ResponseEntity<?> getInfo(@PathVariable("id") String id) {
AccountEntity account = accountService.selectById(id);
return ResponseEntity.ok().body(account);
}
/**
* Retrieve authenticated account session information
*/
@RequestMapping("/session")
public ResponseEntity<?> getCurrentAccount(HttpServletRequest request) {
Integer id = (Integer) request.getSession().getAttribute("accountId");
AccountEntity account = accountService.selectById(id);
return ResponseEntity.ok().body(account);
}
/**
* Create new account record
*/
@PostMapping("/establish")
public ResponseEntity<?> save(@RequestBody AccountEntity account) {
if(accountService.selectOne(new EntityWrapper<AccountEntity>().eq("username", account.getUsername())) != null) {
return ResponseEntity.status(400).body("Username already exists");
}
accountService.insert(account);
return ResponseEntity.ok("Account created");
}
/**
* Update existing account information
*/
@RequestMapping("/modify")
public ResponseEntity<?> update(@RequestBody AccountEntity account) {
accountService.updateById(account);
return ResponseEntity.ok("Account updated");
}
/**
* Remove account records in batch
*/
@RequestMapping("/remove")
public ResponseEntity<?> delete(@RequestBody Long[] identifiers) {
List<AccountEntity> accounts = accountService.selectList(null);
if(accounts.size() > 1) {
accountService.deleteBatchIds(Arrays.asList(identifiers));
} else {
return ResponseEntity.status(400).body("At least one administrator account required");
}
return ResponseEntity.ok("Accounts removed");
}
}