控制器
package com.sundablog.controller.backend.login;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.sundablog.pojo.AdminUser;
import com.sundablog.result.BaseResult;
import com.sundablog.service.backend.system.upms.user.UserService;
import com.sundablog.utlis.CaptchaUtil;
import com.sundablog.utlis.RedisUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.digest.DigestUtil;
/**
* 登錄控制器
* @ClassName: LoginController
* @Description:登錄控制器
* @author: 噠噠
* @date: 2018年3月18日 下午12:45:41
*
* @Copyright: 2018 www.sundablog.com Inc. All rights reserved.
*/
@Controller
public class LoginController {
@Autowired
private UserService userService;
/**
* 登入界面顯示
* @Title: login
* @Description: TODO(這裏用一句話描述這個方法的作用)
* @param: @return
* @return: String
* @throws
*/
@RequestMapping(value= {"/","/login"})
public String login() {
return "/login/login";
}
/**
* 驗證碼
* @Title: code
* @Description: TODO(這裏用一句話描述這個方法的作用)
* @param: @param request
* @param: @param response
* @param: @param session
* @param: @throws IOException
* @return: void
* @throws
*/
@RequestMapping("/captcha")
public void code(HttpServletRequest request, HttpServletResponse response) throws IOException {
// 設置響應的類型格式爲圖片格式
response.setContentType("image/jpeg");
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
// 自定義參數
CaptchaUtil code = new CaptchaUtil(156, 38, 4, 4);
request.getSession().setAttribute("validateCode", code.getCode());
code.write(response.getOutputStream());
System.err.println(request);
}
/**
* 登錄
* @Title: loginClick
* @Description: TODO(這裏用一句話描述這個方法的作用)
* @param: @param userName
* @param: @param password
* @param: @param verificationCode
* @param: @return
* @param: @throws DisabledAccountException
* @return: BaseResult
* @throws
*/
@RequestMapping("/loginClick")
@ResponseBody
public BaseResult loginClick(String userName, String password, String verificationCode,HttpServletRequest request)
throws DisabledAccountException {
String captcha = (String)request.getSession().getAttribute("validateCode");
if (StrUtil.isEmpty(verificationCode)) {
return BaseResult.build(209, "驗證碼錯誤");
} else {
if (captcha.equals(verificationCode)) {
/**
* 獲得當前用戶對象,狀態爲“未認證”
*/
Subject subject = SecurityUtils.getSubject();
AdminUser adminUser = userService.selectAdminUserByUserName(userName);
if (1 == adminUser.getLocked().intValue()) {
return BaseResult.build(202, "賬戶以及被鎖定");
}
AuthenticationToken token = new UsernamePasswordToken(userName,
DigestUtil.md5Hex(password + adminUser.getSalt()));// 創建用戶名密碼令牌對象
try {
subject.login(token);
return BaseResult.ok();
} catch (AuthenticationException e) {
return BaseResult.build(203, "用戶名密碼錯誤");
}
} else {
//驗證碼錯誤
return BaseResult.build(204, "驗證碼錯誤");
}
}
}
/**
* 退出
* @Title: quit
* @Description: TODO(這裏用一句話描述這個方法的作用)
* @param: @return
* @return: BaseResult
* @throws
*/
@RequestMapping("/quit")
@ResponseBody
public BaseResult quit() {
Subject subject = SecurityUtils.getSubject();
try {
subject.logout();
return BaseResult.ok();
} catch (Exception e) {
return BaseResult.build(201, "退出失敗");
}
}
}
