package com.stylefeng.guns.modular.system.controller.system;
|
|
import com.alibaba.fastjson.JSON;
|
import com.baomidou.mybatisplus.mapper.EntityWrapper;
|
import com.google.code.kaptcha.Constants;
|
import com.stylefeng.guns.core.base.controller.BaseController;
|
import com.stylefeng.guns.core.common.constant.Const;
|
import com.stylefeng.guns.core.common.exception.InvalidKaptchaException;
|
import com.stylefeng.guns.core.log.LogManager;
|
import com.stylefeng.guns.core.log.factory.LogTaskFactory;
|
import com.stylefeng.guns.core.node.MenuNode;
|
import com.stylefeng.guns.core.shiro.ShiroKit;
|
import com.stylefeng.guns.core.shiro.ShiroUser;
|
import com.stylefeng.guns.core.shiro.factory.IShiro;
|
import com.stylefeng.guns.core.shiro.factory.ShiroFactroy;
|
import com.stylefeng.guns.core.util.ApiMenuFilter;
|
import com.stylefeng.guns.core.util.KaptchaUtil;
|
import com.stylefeng.guns.core.util.SinataUtil;
|
import com.stylefeng.guns.core.util.ToolUtil;
|
import com.stylefeng.guns.modular.system.dao.UserMapper;
|
import com.stylefeng.guns.modular.system.model.Menu;
|
import com.stylefeng.guns.modular.system.model.Relation;
|
import com.stylefeng.guns.modular.system.model.User;
|
import com.stylefeng.guns.modular.system.service.IMenuService;
|
import com.stylefeng.guns.modular.system.service.IRelationService;
|
import com.stylefeng.guns.modular.system.service.IUserService;
|
import com.stylefeng.guns.modular.system.util.AESUtil;
|
import com.stylefeng.guns.modular.system.util.AESUtils;
|
import com.stylefeng.guns.modular.system.util.RedisUtil;
|
import com.stylefeng.guns.modular.system.warpper.LoginUser;
|
import lombok.extern.slf4j.Slf4j;
|
import org.apache.commons.codec.binary.Base64;
|
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.subject.Subject;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.server.ServerHttpRequest;
|
import org.springframework.stereotype.Controller;
|
import org.springframework.ui.Model;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpSession;
|
import java.io.UnsupportedEncodingException;
|
import java.util.*;
|
import java.util.stream.Collectors;
|
|
import static com.stylefeng.guns.core.support.HttpKit.getIp;
|
|
/**
|
* 登录控制器
|
*
|
* @author fengshuonan
|
* @Date 2017年1月10日 下午8:25:24
|
*/
|
@Slf4j
|
@Controller
|
public class LoginController extends BaseController {
|
|
@Autowired
|
private IMenuService menuService;
|
|
@Autowired
|
private IUserService userService;
|
@Autowired
|
private RedisUtil redisUtil;
|
|
@Autowired
|
private IShiro shiro;
|
|
@Autowired
|
private UserMapper userMapper;
|
|
private Map<String, Integer> loginFailures = new HashMap<>();
|
|
@Autowired
|
private IRelationService relationService;
|
|
|
|
|
/**
|
* 跳转到主页
|
*/
|
@RequestMapping(value = "/", method = RequestMethod.GET)
|
public String index(Model model, HttpServletRequest request) throws UnsupportedEncodingException {
|
//session中解析用户数据
|
HttpSession session = request.getSession();
|
String onconParam = edu.yale.its.tp.cas.client.Util.getOnconParam(session);
|
onconParam = new String(Base64.decodeBase64(onconParam), "UTF-8");
|
LoginUser loginUser = JSON.parseObject(onconParam, LoginUser.class);
|
log.info("session解析结果:" + JSON.toJSONString(loginUser));
|
//获取菜单列表
|
User user = userMapper.getByAccount(loginUser.getImUser());
|
if (null == user) {
|
log.info("用户不存在");
|
return null;
|
}
|
ShiroUser shiroUser = shiro.shiroUser(user);
|
List<Integer> roleList = shiroUser.getRoleList();
|
if (roleList == null || roleList.size() == 0) {
|
roleList.add(0);
|
}
|
|
List<Relation> relations = relationService.selectList(new EntityWrapper<Relation>().in("roleid", roleList));
|
Set<Long> collect = relations.stream().map(Relation::getMenuid).collect(Collectors.toSet());
|
List<Menu> menuList = menuService.selectBatchIds(collect);
|
List<MenuNode> menus = menuService.getMenusByRoleIds(roleList);
|
List<MenuNode> titles = MenuNode.buildTitle(menus);
|
titles = ApiMenuFilter.build(titles);
|
shiroUser.setMenuIds(menuList.stream().map(Menu::getUrl).collect(Collectors.toList()));
|
|
model.addAttribute("titles", titles);
|
|
//获取用户头像
|
String avatar = user.getAvatar();
|
model.addAttribute("avatar", avatar);
|
model.addAttribute("userName", user.getName());
|
model.addAttribute("type", 0);
|
model.addAttribute("passwordHint",
|
null == user.getPassWordUpdate()
|
|| user.getPassWordUpdate().getTime() + 7776000000L <= System.currentTimeMillis()
|
? "您的密码已经90天未更换了,请及时更换密码!!!" : "");
|
return "/index.html";
|
}
|
|
/**
|
* 跳转到登录页面
|
*/
|
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
public String login(Model model) {
|
model.addAttribute("number",0);
|
if (ShiroKit.isAuthenticated() || shiroExtUtil.getUser() != null) {
|
return REDIRECT + "/";
|
} else {
|
return "/login.html";
|
}
|
}
|
|
/**
|
* 点击登录执行的动作
|
*/
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
public String loginVali(String username, String password,String sms_code, String remember, Model model, HttpServletRequest request) {
|
password = AESUtil.decrypt(password);
|
Integer f = loginFailures.get(username);
|
f = f == null ? 0 : f;
|
// 校验账号,密码是否正确,如果错误,对次数进行加1
|
IShiro shiroFactory = ShiroFactroy.me();
|
User user = userService.getByAccount(username);
|
if(null == user){
|
f++;
|
loginFailures.put(username, f);
|
}else {
|
// 校验密码
|
ShiroUser shiroUser1 = shiroFactory.shiroUser(user);
|
SimpleAuthenticationInfo info = shiroFactory.info(shiroUser1, user, username);
|
String pass = ShiroKit.md5(password, user.getSalt());
|
if(!info.getCredentials().equals(pass)){
|
f++;
|
loginFailures.put(username, f);
|
if(f<5){
|
model.addAttribute("number", "3");
|
}
|
if(f==5){
|
model.addAttribute("number", "5");
|
}
|
model.addAttribute("tips","账号或密码错误!");
|
return "/login.html";
|
}
|
}
|
|
// if(!"aaaa".equals(sms_code)){
|
// String value = redisUtil.getValue(user.getPhone());
|
// if(ToolUtil.isEmpty(value) || !sms_code.equals(value)){
|
// model.addAttribute("tips", "无效的验证码");
|
// return "/login.html";
|
// }
|
// }
|
|
|
//验证验证码是否正确
|
if (KaptchaUtil.getKaptchaOnOff()) {
|
String kaptcha = super.getPara("kaptcha").trim();
|
String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
|
if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
|
throw new InvalidKaptchaException();
|
}
|
}
|
|
model.addAttribute("number", "3");
|
Subject currentUser = ShiroKit.getSubject();
|
UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
|
|
// if ("on".equals(remember)) {
|
// token.setRememberMe(true);
|
// } else {
|
// token.setRememberMe(false);
|
// }
|
token.setRememberMe(false);//关闭记住我功能
|
currentUser.login(token);
|
|
// 登录成功,错误次数值改0
|
loginFailures.put(username, 0);
|
|
ShiroUser shiroUser = shiroExtUtil.getUser();
|
super.getSession().setAttribute("shiroUser", shiroUser);
|
super.getSession().setAttribute("username", shiroUser.getAccount());
|
|
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
|
|
ShiroKit.getSession().setAttribute("sessionFlag", true);
|
return REDIRECT + "/";
|
}
|
|
/**
|
* 退出登录
|
*/
|
@RequestMapping(value = "/logout", method = RequestMethod.GET)
|
public String logOut() {
|
return REDIRECT + "/";
|
}
|
}
|
