| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 |
- package com.iamberry.wechat.handles.admin;
- import com.iamberry.sys.Admin;
- import com.iamberry.wechat.face.mq.MQSerivce;
- import com.iamberry.wechat.face.sys.SysService;
- import com.iamberry.wechat.realm.IamberryRealm;
- import com.iamberry.wechat.tools.ResponseJson;
- import com.iamberry.wechat.utils.AdminUtils;
- import com.iamberry.wechat.utils.VerifyCodeUtil;
- import org.apache.shiro.SecurityUtils;
- import org.apache.shiro.authc.LockedAccountException;
- import org.apache.shiro.authc.UnknownAccountException;
- import org.apache.shiro.authc.UsernamePasswordToken;
- import org.apache.shiro.subject.Subject;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.stereotype.Controller;
- import org.springframework.web.bind.annotation.RequestMapping;
- import org.springframework.web.bind.annotation.RequestParam;
- import org.springframework.web.bind.annotation.ResponseBody;
- import org.springframework.web.servlet.ModelAndView;
- import javax.imageio.ImageIO;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.awt.*;
- import java.awt.image.BufferedImage;
- import java.io.IOException;
- import java.util.Random;
- /**
- * @author 献
- * @company 深圳爱贝源科技有限公司
- * @website www.iamberry.com
- * @tel 18271840547
- * @date 2017/5/12
- */
- @Controller
- public class LoginController {
- private static Logger logger = LoggerFactory.getLogger(LoginController.class);
- @Autowired
- private SysService sysService;
- @Autowired
- private IamberryRealm iamberryRealm;
- @RequestMapping("/_login")
- public ModelAndView loginUI(HttpServletRequest request) {
- // 判断用户是否登录,如果已经登录,则跳转
- Subject currentUser = SecurityUtils.getSubject();
- if (!currentUser.isAuthenticated()) {
- // 判断是否已经记住过密码
- Admin admin = AdminUtils.getAdminCookie(request);
- if (admin == null) {
- return new ModelAndView("login");
- }
- try {
- // 执行登录.
- currentUser.login(new UsernamePasswordToken(admin.getAdminAccount(), admin.getAdminPassword().toUpperCase()));
- } catch (Exception e) {
- logger.error("", e);
- return new ModelAndView("login");
- }
- }
- // 已登陆
- return new ModelAndView("redirect:/admin/sys/_index");
- }
- @ResponseBody
- @RequestMapping("/get_salt")
- public ResponseJson getSalt(@RequestParam("login_name") String login_name) {
- // 获取用户的盐值
- String salt = sysService.getSaltByLoginName(login_name);
- if (salt == null || "".equals(salt)) {
- return new ResponseJson(200, "SUCCESS", 400);
- }
- return new ResponseJson(200, "SUCCESS", 200).addResponseKeyValue("salt", salt);
- }
- @ResponseBody
- @RequestMapping("/loginShiro")
- public ResponseJson loginShiro(HttpServletRequest request,
- HttpServletResponse response,
- @RequestParam("login_name") String loginName,
- @RequestParam("login_pwd") String loginPwd,
- @RequestParam("login_code") String loginCode,
- @RequestParam(value = "remember_me", required = false, defaultValue = "false") String rememberMe) {
- // 判断 验证码是否有误
- Object temp = request.getSession().getAttribute("login_code");
- if (temp == null || !loginCode.equalsIgnoreCase(temp.toString())) {
- return new ResponseJson(200, "VERIFY_CODE_ERROR", 400);
- }
- // 调用Shiro登录
- Subject currentUser = SecurityUtils.getSubject();
- if (!currentUser.isAuthenticated()) {
- try {
- // 执行登录.
- currentUser.login(new UsernamePasswordToken(loginName, loginPwd.toUpperCase()));
- }
- catch (UnknownAccountException ue) {
- // 没有这个用户
- return new ResponseJson(200, "NOT_ADMIN", 404);
- }
- catch (LockedAccountException le) {
- // 账户被锁定
- return new ResponseJson(200, "ADMIN_LOCKED", 403);
- }
- catch (Exception ae) {
- // 所有认证时异常的父类.
- return new ResponseJson(200, "LOGIN_ERROR", 500);
- }
- }
- // 是否需要记住密码
- if ("true".equals(rememberMe)) {
- AdminUtils.saveAdminToCookie(AdminUtils.getLoginAdminId(), loginName, loginPwd.toUpperCase(), response);
- }
- // 登录成功
- return new ResponseJson(200, "SUCCESS", 200);
- }
- /**
- * 验证码
- * @param response
- * @param request
- * @throws IOException
- */
- @RequestMapping(value = "/security_code")
- public void securityCode(HttpServletResponse response, HttpServletRequest request,
- @RequestParam(value = "len", required = false, defaultValue = "6") Integer len) throws IOException {
- // 生成随机的验证码
- String verifyCode = VerifyCodeUtil.generateTextCode(3, len, null);
- // 保存
- request.getSession().setAttribute("login_code", verifyCode);
- // 输出到Response
- response.setContentType("image/jpeg");
- BufferedImage bufferedImage = VerifyCodeUtil.generateImageCode(verifyCode, 130, 40, new Random().nextInt(50), true, Color.WHITE, Color.BLACK, null);
- // 使用ServletOutputStream,要比PrintWrite快
- ImageIO.write(bufferedImage, "JPEG", response.getOutputStream());
- }
- @RequestMapping("/_exit")
- public ModelAndView exit(HttpServletRequest request) {
- // Shiro退出
- Subject subject = SecurityUtils.getSubject();
- if (subject.isAuthenticated()) {
- // 清空缓存的权限
- iamberryRealm.getAuthorizationCache().remove(subject);
- subject.logout();
- }
- // 返回Login页面
- return new ModelAndView("login");
- }
- }
|
