package com.stylefeng.guns.modular.system.controller;
|
|
import com.baomidou.mybatisplus.mapper.EntityWrapper;
|
import com.google.code.kaptcha.Constants;
|
import com.stylefeng.guns.core.base.controller.BaseController;
|
import com.stylefeng.guns.core.common.exception.InvalidKaptchaException;
|
import com.stylefeng.guns.core.log.LogManager;
|
import com.stylefeng.guns.core.log.factory.LogTaskFactory;
|
import com.stylefeng.guns.core.mutidatasource.annotion.DataSource;
|
import com.stylefeng.guns.core.node.MenuNode;
|
import com.stylefeng.guns.core.shiro.ShiroKit;
|
import com.stylefeng.guns.core.shiro.ShiroUser;
|
import com.stylefeng.guns.core.util.ApiMenuFilter;
|
import com.stylefeng.guns.core.util.KaptchaUtil;
|
import com.stylefeng.guns.core.util.ToolUtil;
|
import com.stylefeng.guns.modular.system.model.User;
|
import com.stylefeng.guns.modular.system.service.IMenuService;
|
import com.stylefeng.guns.modular.system.service.IUserService;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.subject.Subject;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.stereotype.Controller;
|
import org.springframework.ui.Model;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
import java.util.Date;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
|
import static com.stylefeng.guns.core.support.HttpKit.getIp;
|
|
/**
|
* 登录控制器
|
*
|
* @author fengshuonan
|
* @Date 2017年1月10日 下午8:25:24
|
*/
|
@Controller
|
public class LoginController extends BaseController {
|
|
@Autowired
|
private IMenuService menuService;
|
|
@Autowired
|
private IUserService userService;
|
|
private Map<String, Long> loginTime = new HashMap<>();
|
|
private Map<String, Integer> loginFailures = new HashMap<>();
|
|
|
|
/**
|
* 跳转到主页
|
*/
|
@DataSource(name = "dataSourceGuns")
|
@RequestMapping(value = "/", method = RequestMethod.GET)
|
public String index(Model model) {
|
//获取菜单列表
|
List<Integer> roleList = ShiroKit.getUser().getRoleList();
|
if (roleList == null || roleList.size() == 0) {
|
ShiroKit.getSubject().logout();
|
model.addAttribute("tips", "该用户没有角色,无法登录");
|
return "/login.html";
|
}
|
List<MenuNode> menus = menuService.getMenusByRoleIds(roleList);
|
List<MenuNode> titles = MenuNode.buildTitle(menus);
|
titles = ApiMenuFilter.build(titles);
|
|
model.addAttribute("titles", titles);
|
|
//获取用户头像
|
Integer id = ShiroKit.getUser().getId();
|
User user = userService.selectById(id);
|
String avatar = user.getAvatar();
|
model.addAttribute("avatar", avatar);
|
|
return "/index.html";
|
}
|
|
/**
|
* 跳转到登录页面
|
*/
|
@RequestMapping(value = "/login", method = RequestMethod.GET)
|
public String login(Model model) {
|
model.addAttribute("updatePaw", false);
|
if (ShiroKit.isAuthenticated() || ShiroKit.getUser() != null) {
|
return REDIRECT + "/";
|
} else {
|
return "/login.html";
|
}
|
}
|
|
/**
|
* 点击登录执行的动作
|
*/
|
@RequestMapping(value = "/login", method = RequestMethod.POST)
|
public String loginVali(Model model) {
|
model.addAttribute("updatePaw", false);
|
String username = super.getPara("username").trim();
|
String password = super.getPara("password").trim();
|
|
//验证验证码是否正确
|
// if (KaptchaUtil.getKaptchaOnOff()) {
|
// String kaptcha = super.getPara("kaptcha").trim();
|
// String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
|
// if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
|
// model.addAttribute("tips", "验证码错误");
|
// return "/login.html";
|
// }
|
// }
|
|
User user = userService.selectOne(new EntityWrapper<User>().eq("account", username).ne("status", 3));
|
if(null == user){
|
model.addAttribute("tips", "用户名或密码无效");
|
return "/login.html";
|
}
|
if(2 == user.getStatus()){
|
model.addAttribute("tips", "账户已被冻结,请联系管理员");
|
return "/login.html";
|
}
|
// if(null == user.getUpdatePasswordTime() || (user.getUpdatePasswordTime().getTime() + 7776000000L) <= System.currentTimeMillis()){
|
// model.addAttribute("tips", "密码已经90天没更新了,请先修改密码!");
|
// model.addAttribute("updatePaw", true);
|
// return "/login.html";
|
// }
|
|
|
// Long t = loginTime.get(username);
|
// t = null == t ? 0 : t;
|
// //超过30分钟初始化
|
// if(System.currentTimeMillis() - t > (30 * 60 * 1000)){
|
// loginFailures.put(username, 0);
|
// loginTime.put(username, System.currentTimeMillis());
|
// }
|
//
|
// Integer f = loginFailures.get(username);
|
// f = f == null ? 0 : f;
|
//密码错误开始记录
|
// if(!user.getPassword().equals(ShiroKit.md5(password, user.getSalt()))){
|
// f++;
|
// loginFailures.put(username, f);
|
// }
|
// if(f > 5 && (System.currentTimeMillis() - t) <= (30 * 60 * 1000)){
|
// model.addAttribute("tips", "错误次数过多,请等30分钟再试!");
|
// return "/login.html";
|
// }
|
|
|
if(!user.getPassword().equals(ShiroKit.md5(password, user.getSalt()))){
|
model.addAttribute("tips", "账号密码错误");
|
return "/login.html";
|
}
|
|
Subject currentUser = ShiroKit.getSubject();
|
UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
|
token.setRememberMe(false);
|
currentUser.login(token);
|
|
ShiroUser shiroUser = ShiroKit.getUser();
|
super.getSession().setAttribute("shiroUser", shiroUser);
|
super.getSession().setAttribute("username", shiroUser.getAccount());
|
|
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
|
|
ShiroKit.getSession().setAttribute("sessionFlag", true);
|
|
return REDIRECT + "/";
|
}
|
|
/**
|
* 退出登录
|
*/
|
@RequestMapping(value = "/logout", method = RequestMethod.GET)
|
public String logOut() {
|
LogManager.me().executeLog(LogTaskFactory.exitLog(ShiroKit.getUser().getId(), getIp()));
|
ShiroKit.getSubject().logout();
|
deleteAllCookie();
|
return REDIRECT + "/login";
|
}
|
|
|
/**
|
* 跳转到面修改页
|
* @return
|
*/
|
@RequestMapping(value = "/updatepwdpage", method = RequestMethod.GET)
|
public String updatepwdpage(){
|
return "/updatePass.html";
|
}
|
|
|
|
/**
|
* 修改密码
|
* @param model
|
* @return
|
*/
|
@RequestMapping(value = "/updatepwd", method = RequestMethod.POST)
|
public String updatepwd(Model model){
|
String username = super.getPara("username").trim();
|
String oldPassword = super.getPara("oldPassword").trim();
|
String newPassword = super.getPara("newPassword").trim();
|
String rePassword = super.getPara("rePassword");
|
if(ToolUtil.isEmpty(username)){
|
model.addAttribute("tips", "用户名不能为空");
|
return "/updatePass.html";
|
}
|
if(ToolUtil.isEmpty(oldPassword)){
|
model.addAttribute("tips", "原始密码不能为空");
|
return "/updatePass.html";
|
}
|
if(ToolUtil.isEmpty(newPassword)){
|
model.addAttribute("tips", "新密码不能为空");
|
return "/updatePass.html";
|
}
|
if(ToolUtil.isEmpty(rePassword)){
|
model.addAttribute("tips", "确认密码不能为空");
|
return "/updatePass.html";
|
}
|
if(!newPassword.equals(rePassword)){
|
model.addAttribute("tips", "两次密码不一致");
|
return "/updatePass.html";
|
}
|
|
User user = userService.selectOne(new EntityWrapper<User>().eq("account", username).ne("status", 3));
|
if(null == user){
|
model.addAttribute("tips", "用户名或密码无效");
|
return "/updatePass.html";
|
}
|
if(2 == user.getStatus()){
|
model.addAttribute("tips", "账户已被冻结,请联系管理员");
|
return "/updatePass.html";
|
}
|
if(!user.getPassword().equals(ShiroKit.md5(oldPassword, user.getSalt()))){
|
model.addAttribute("tips", "用户名或密码无效");
|
return "/updatePass.html";
|
}
|
user.setPassword(ShiroKit.md5(newPassword, user.getSalt()));
|
user.setUpdatePasswordTime(new Date());
|
userService.updateById(user);
|
return REDIRECT + "/login";
|
}
|
}
|
