From 25cf266e99714ac5d428e66b40ce272325c91dd8 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期六, 14 六月 2025 15:01:11 +0800
Subject: [PATCH] 修改管理后台账号和共享session等 屏蔽除出租车外的其他模块
---
ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java | 422 +++++++++++++++++++++++++---------------------------
1 files changed, 203 insertions(+), 219 deletions(-)
diff --git a/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java b/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
index 19c1b21..88c08b7 100644
--- a/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
+++ b/ManagementQYTTravel/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
@@ -1,46 +1,52 @@
package com.stylefeng.guns.modular.system.controller.system;
+import cn.hutool.http.HttpUtil;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.google.code.kaptcha.Constants;
import com.stylefeng.guns.core.base.controller.BaseController;
+import com.stylefeng.guns.core.beetl.ShiroExtUtil;
import com.stylefeng.guns.core.common.exception.InvalidKaptchaException;
import com.stylefeng.guns.core.log.LogManager;
import com.stylefeng.guns.core.log.factory.LogTaskFactory;
import com.stylefeng.guns.core.node.MenuNode;
import com.stylefeng.guns.core.shiro.ShiroKit;
import com.stylefeng.guns.core.shiro.ShiroUser;
+import com.stylefeng.guns.core.shiro.factory.IShiro;
import com.stylefeng.guns.core.util.ApiMenuFilter;
import com.stylefeng.guns.core.util.KaptchaUtil;
-import com.stylefeng.guns.core.util.SinataUtil;
import com.stylefeng.guns.core.util.ToolUtil;
-import com.stylefeng.guns.modular.cloudPayment.example.CusApplicationExample;
-import com.stylefeng.guns.modular.cloudPayment.example.SettleAcctExample;
-import com.stylefeng.guns.modular.system.model.TEnterpriseWithdrawal;
+import com.stylefeng.guns.modular.system.dao.UserMapper;
import com.stylefeng.guns.modular.system.model.User;
import com.stylefeng.guns.modular.system.service.IMenuService;
import com.stylefeng.guns.modular.system.service.ITEnterpriseWithdrawalService;
import com.stylefeng.guns.modular.system.service.IUserService;
import com.stylefeng.guns.modular.system.util.HttpRequestUtil;
import com.stylefeng.guns.modular.system.util.PushURL;
-import com.stylefeng.guns.modular.system.util.RedisUtil;
import com.stylefeng.guns.modular.system.util.ResultUtil;
-import com.unionpay.upyzt.resp.CusApplicationSmsCodeResp;
-import com.unionpay.upyzt.resp.MchApplicationStoreResp;
-import com.unionpay.upyzt.resp.SettleAcctResp;
+import com.stylefeng.guns.modular.system.warpper.LoginUser;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.codec.binary.Base64;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.context.request.RequestContextHolder;
import javax.annotation.Resource;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+import java.io.UnsupportedEncodingException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
+import java.util.concurrent.TimeUnit;
+import java.util.stream.Collectors;
import static com.stylefeng.guns.core.support.HttpKit.getIp;
@@ -50,222 +56,200 @@
* @author fengshuonan
* @Date 2017年1月10日 下午8:25:24
*/
+@Slf4j
@Controller
public class LoginController extends BaseController {
-
- @Autowired
- private IMenuService menuService;
-
- @Autowired
- private IUserService userService;
-
- @Autowired
- private RedisUtil redisUtil;
-
- private Map<String, Long> loginTime = new HashMap<>();
-
- private Map<String, Integer> loginFailures = new HashMap<>();
-
- @Resource
- private ITEnterpriseWithdrawalService enterpriseWithdrawalService;
-
- /**
- * 跳转到主页
- */
- @RequestMapping(value = "/", method = RequestMethod.GET)
- public String index(Model model) {
- //获取菜单列表
- List<Integer> roleList = ShiroKit.getUser().getRoleList();
- if (roleList == null || roleList.size() == 0) {
- ShiroKit.getSubject().logout();
- model.addAttribute("tips", "该用户没有角色,无法登陆");
- return "/login.html";
- }
- List<MenuNode> menus = menuService.getMenusByRoleIds(roleList);
- List<MenuNode> titles = MenuNode.buildTitle(menus);
- titles = ApiMenuFilter.build(titles);
-
-
- Integer id = ShiroKit.getUser().getId();
- User user = userService.selectById(id);
- if (SinataUtil.isEmpty(user)){
- ShiroKit.getSubject().logout();
- model.addAttribute("tips", "请重新登录");
- return "/login.html";
- }
- //设置上级ID
- if (SinataUtil.isNotEmpty(user.getObjectId())){
- ShiroKit.getUser().setObjectId(user.getObjectId());
- }
- //设置角色
- ShiroKit.getUser().setRoleType(user.getRoleType());
-
- model.addAttribute("titles", titles);
-
- //获取用户头像
- String avatar = user.getAvatar();
- model.addAttribute("avatar", avatar);
- model.addAttribute("userName", user.getName());
- model.addAttribute("type", 0);
-
-
- return "/index.html";
- }
-
- /**
- * 跳转到登录页面
- */
- @RequestMapping(value = "/login", method = RequestMethod.GET)
- public String login() {
- if (ShiroKit.isAuthenticated() || ShiroKit.getUser() != null) {
- return REDIRECT + "/";
- } else {
- return "/login.html";
- }
- }
-
- /**
- * 点击登录执行的动作
- */
- @RequestMapping(value = "/login", method = RequestMethod.POST)
- public String loginVali(Model model, String sms_code) {
-
- String username = super.getPara("username").trim();
- String password = super.getPara("password").trim();
- String remember = super.getPara("remember");
-
-
- Integer f = loginFailures.get(username);
- f = f == null ? 0 : f;
- Long t = loginTime.get(username);
- t = null == t ? 0 : t;
- if(System.currentTimeMillis() - t > (30 * 60 * 1000)){
- loginFailures.put(username, f = 1);
- loginTime.put(username, System.currentTimeMillis());
- }else{
- f++;
- loginFailures.put(username, f);
- }
+
+ @Autowired
+ private IMenuService menuService;
+
+ @Autowired
+ private IUserService userService;
+
+ @Autowired
+ private RedisTemplate redisTemplate;
+
+ @Autowired
+ private IShiro shiro;
+
+ @Autowired
+ private UserMapper userMapper;
+
+
+ private Map<String, Long> loginTime = new HashMap<>();
+
+ private Map<String, Integer> loginFailures = new HashMap<>();
+
+ @Resource
+ private ITEnterpriseWithdrawalService enterpriseWithdrawalService;
+
+
+ /**
+ * 跳转到主页
+ */
+ @RequestMapping(value = "/", method = RequestMethod.GET)
+ public String index(Model model, HttpServletRequest request) throws UnsupportedEncodingException {
+ //session中解析用户数据
+ //设置共享session
+ HttpSession session = (HttpSession) redisTemplate.opsForValue().get(request.getSession().getId());
+ if (null != session) {
+ session = request.getSession();
+ redisTemplate.opsForValue().set(request.getSession().getId(), session, 2, TimeUnit.DAYS);
+ }
+ String onconParam = edu.yale.its.tp.cas.client.Util.getOnconParam(session);
+ onconParam = new String(Base64.decodeBase64(onconParam), "UTF-8");
+ LoginUser loginUser = JSON.parseObject(onconParam, LoginUser.class);
+ log.info("登录账号: " + JSON.toJSONString(loginUser));
+
+ //获取菜单列表
+ User user = userMapper.getByAccount(loginUser.getImUser());
+ if (null == user) {
+ logOut();
+ }
+ ShiroUser shiroUser = shiro.shiroUser(user);
+ List<Integer> roleList = shiroUser.getRoleList();
+ if (roleList == null || roleList.size() == 0) {
+ roleList.add(0);
+ }
+
+ List<MenuNode> menus = menuService.getMenusByRoleIds(roleList);
+ List<MenuNode> titles = MenuNode.buildTitle(menus);
+ titles = ApiMenuFilter.build(titles);
+ shiroUser.setMenuIds(titles.stream().map(MenuNode::getUrl).collect(Collectors.toList()));
+
+
+ model.addAttribute("titles", titles);
+ //获取用户头像
+ String avatar = user.getAvatar();
+ model.addAttribute("avatar", avatar);
+ model.addAttribute("userName", user.getName());
+ model.addAttribute("type", 0);
+ String sessionId = RequestContextHolder.currentRequestAttributes().getSessionId();
+ ShiroExtUtil.map.put(sessionId, shiroUser);
+ return "/index.html";
+ }
+
+ /**
+ * 退出登录
+ */
+ @RequestMapping(value = "/logout", method = RequestMethod.GET)
+ public String logOut() {
+ HttpUtil.get("https://testsso1.teamshub.com/logout?logouturl=https%3A%2F%2Fsso.teamshub.com%2Flogout%3F%0Alogoutat%3Dhttp%253A%252F%252F127.0.0.1%253A8010%252F");
+ return REDIRECT + "/";
+ }
+
+ /**
+ * 跳转到登录页面
+ */
+ @RequestMapping(value = "/login", method = RequestMethod.GET)
+ public String login() {
+ if (ShiroKit.isAuthenticated() || ShiroKit.getUser() != null) {
+ return REDIRECT + "/";
+ } else {
+ return "/login.html";
+ }
+ }
+
+ /**
+ * 点击登录执行的动作
+ */
+ @RequestMapping(value = "/login", method = RequestMethod.POST)
+ public String loginVali(Model model, String sms_code) {
+
+ String username = super.getPara("username").trim();
+ String password = super.getPara("password").trim();
+ String remember = super.getPara("remember");
+
+ Integer f = loginFailures.get(username);
+ f = f == null ? 0 : f;
+ Long t = loginTime.get(username);
+ t = null == t ? 0 : t;
+ if (System.currentTimeMillis() - t > (30 * 60 * 1000)) {
+ loginFailures.put(username, f = 1);
+ loginTime.put(username, System.currentTimeMillis());
+ } else {
+ f++;
+ loginFailures.put(username, f);
+ }
// if(f >= 5 && (System.currentTimeMillis() - t) <= (30 * 60 * 1000)){
// model.addAttribute("tips", "登录次数过多,请等30分钟再试!");
// return "/login.html";
// }
-
- //验证短信验证码
- if(ToolUtil.isEmpty(sms_code)){
- model.addAttribute("tips", "无效的验证码");
- return "/login.html";
- }
- User user = userService.getByAccount(username);
- if(!"aaaa".equals(sms_code)){
- String value = redisUtil.getValue(user.getPhone());
- if(ToolUtil.isEmpty(value) || !sms_code.equals(value)){
- model.addAttribute("tips", "无效的验证码");
- return "/login.html";
- }
- }
-
-
- //验证验证码是否正确
- if (KaptchaUtil.getKaptchaOnOff()) {
- String kaptcha = super.getPara("kaptcha").trim();
- String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
- if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
- throw new InvalidKaptchaException();
- }
- }
-
- Subject currentUser = ShiroKit.getSubject();
- UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
-
- if ("on".equals(remember)) {
- token.setRememberMe(true);
- } else {
- token.setRememberMe(false);
- }
-
- currentUser.login(token);
-
- ShiroUser shiroUser = ShiroKit.getUser();
- super.getSession().setAttribute("shiroUser", shiroUser);
- super.getSession().setAttribute("username", shiroUser.getAccount());
-
- LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
-
- ShiroKit.getSession().setAttribute("sessionFlag", true);
-
- return REDIRECT + "/";
- }
-
- /**
- * 退出登录
- */
- @RequestMapping(value = "/logout", method = RequestMethod.GET)
- public String logOut() {
- LogManager.me().executeLog(LogTaskFactory.exitLog(ShiroKit.getUser().getId(), getIp()));
- ShiroKit.getSubject().logout();
- deleteAllCookie();
- return REDIRECT + "/login";
- }
-
-
-
- /**
- * 发送短信验证码
- * @param username
- * @return
- */
- @ResponseBody
- @RequestMapping(value = "/base/sendSMSCode", method = RequestMethod.POST)
- public ResultUtil sendSMSCode(String username){
- User user = userService.getByAccount(username);
- if(null == user){
- return ResultUtil.error("无效的账号");
- }
- if(ToolUtil.isEmpty(user.getPhone())){
- return ResultUtil.error("请联系管理员完善电话号码");
- }
- Map<String,String> map = new HashMap<>();
- map.put("phone", user.getPhone());
- map.put("type", String.valueOf(1));
- String result = HttpRequestUtil.postRequest(PushURL.send_sms_code, map);
- JSONObject jsonObject = JSON.parseObject(result);
- if(200 == jsonObject.getInteger("code")){
- return ResultUtil.success();
- }
- return ResultUtil.error(jsonObject.getString("msg"));
- }
-
-
- @ResponseBody
- @RequestMapping(value = "/base/sendSMSCodeOne", method = RequestMethod.POST)
- public ResultUtil sendSMSCodeOne(String username){
- if(ToolUtil.isEmpty(username)){
- return ResultUtil.error("请完善电话号码");
- }
- try {
- CusApplicationSmsCodeResp cusApplicationSmsCodeResp1 = CusApplicationExample.smsCode(username);
- System.out.println("!!!!!"+cusApplicationSmsCodeResp1.toString()+"!!!!!");
- System.out.println("!!!!!"+cusApplicationSmsCodeResp1+"!!!!!");
- return ResultUtil.success();
- }catch (Exception e){
- e.printStackTrace();
- return ResultUtil.error(e.getMessage());
- }
-
- }
- @ResponseBody
- @RequestMapping(value = "/base/verify", method = RequestMethod.POST)
- public ResultUtil verify(int id,Integer money){
- try {
- TEnterpriseWithdrawal tEnterpriseWithdrawal = enterpriseWithdrawalService.selectById(id);
- SettleAcctResp settleAcctResp = SettleAcctExample.validateBySettleAcctId(tEnterpriseWithdrawal.getSettleAcctId(), money * 100);
- return ResultUtil.success(settleAcctResp);
- }catch (Exception e){
- e.printStackTrace();
- return ResultUtil.error("发送失败");
- }
-
- }
+
+ //验证短信验证码
+ if (ToolUtil.isEmpty(sms_code)) {
+ model.addAttribute("tips", "无效的验证码");
+ return "/login.html";
+ }
+ User user = userService.getByAccount(username);
+ if (!"aaaa".equals(sms_code)) {
+ String value = redisTemplate.opsForValue().get(user.getPhone()).toString();
+ if (ToolUtil.isEmpty(value) || !sms_code.equals(value)) {
+ model.addAttribute("tips", "无效的验证码");
+ return "/login.html";
+ }
+ }
+
+
+ //验证验证码是否正确
+ if (KaptchaUtil.getKaptchaOnOff()) {
+ String kaptcha = super.getPara("kaptcha").trim();
+ String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
+ if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
+ throw new InvalidKaptchaException();
+ }
+ }
+
+ Subject currentUser = ShiroKit.getSubject();
+ UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
+
+ if ("on".equals(remember)) {
+ token.setRememberMe(true);
+ } else {
+ token.setRememberMe(false);
+ }
+
+ currentUser.login(token);
+
+ ShiroUser shiroUser = ShiroKit.getUser();
+ super.getSession().setAttribute("shiroUser", shiroUser);
+ super.getSession().setAttribute("username", shiroUser.getAccount());
+
+ LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
+
+ ShiroKit.getSession().setAttribute("sessionFlag", true);
+
+ return REDIRECT + "/";
+ }
+
+
+ /**
+ * 发送短信验证码
+ *
+ * @param username
+ * @return
+ */
+ @ResponseBody
+ @RequestMapping(value = "/base/sendSMSCode", method = RequestMethod.POST)
+ public ResultUtil sendSMSCode(String username) {
+ User user = userService.getByAccount(username);
+ if (null == user) {
+ return ResultUtil.error("无效的账号");
+ }
+ if (ToolUtil.isEmpty(user.getPhone())) {
+ return ResultUtil.error("请联系管理员完善电话号码");
+ }
+ Map<String, String> map = new HashMap<>();
+ map.put("phone", user.getPhone());
+ map.put("type", String.valueOf(1));
+ String result = HttpRequestUtil.postRequest(PushURL.send_sms_code, map);
+ JSONObject jsonObject = JSON.parseObject(result);
+ if (200 == jsonObject.getInteger("code")) {
+ return ResultUtil.success();
+ }
+ return ResultUtil.error(jsonObject.getString("msg"));
+ }
+
+
}
--
Gitblit v1.7.1