1.1.1.1. 管理员登录
思路
- 通过管理员名查询密码
- 对比表单与数据库的密码
- 如果成功返回查询的管理员,否则返回null
--页面代码
|
|
--Controller代码
|
/** * 登录管理员 * path:${pageContext.request.contextPath }/admin/loginAdmin.do * @param entity * @return */ @RequestMapping(value="/loginAdmin") public String loginAdmin(@RequestParam Map<String,Object> entity,HttpSession session,HttpServletRequest request) { logger.debug("管理员登录"+entity); try { Map<String, Object> admin = adminService.loginAdmin(entity); if (admin!=null) {
session.setAttribute("admin_info", admin); return "manager/index"; } } catch (Exception e) { e.printStackTrace(); } request.setAttribute("admin_login_msg", "登录失败,请确认用户密码是否正确"); return "forward:/login.jsp";
}
|
--Service代码
|
/** * 管理员登录 * @param admin * @return */ Map<String, Object> loginAdmin(Map<String, Object> admin); |
--ServiceImpl代码
|
@Override public Map<String, Object> loginAdmin(Map<String, Object> admin) { Object accountName = admin.get("admin_account"); //1.通过账号查询管理员信息 Map<String, Object> resultAdmin = adminMapper.findByAccount(accountName); //2.验证密码 if (admin.get("admin_pwd").equals(resultAdmin.get("admin_pwd"))) { return resultAdmin; }
return null; } |
--Mapper代码
|
/** * 通过账号名查询记录 * @param accountName * @return */ @Select(value="SELECT * FROM tb_admin WHERE admin_account = #{accountName}") Map<String, Object> findByAccount(Object accountName); |
1.1.1.2. 管理员注销
--navbar.jsp页面代码
|
|
--AdminController代码
|
/** * 管理员注销 * path:${pageContext.request.contextPath }/admin/undoAdmin.do * @return */ @RequestMapping(value="/undoAdmin") public String undoAdmin(HttpSession session) { Object adminInfo = session.getAttribute("admin_info"); if(adminInfo!=null) { session.removeAttribute("admin_info"); }
return "forward:/login.jsp"; } |
1.1.1.3. 管理员修改密码
--跳转到修改密码页面
|
|
--AdminController增加代码
|
/** * 跳转到修改密码页面 * path:${pageContext.request.contextPath }/admin/toSettingAdmin.do * @return */ @RequestMapping(value="/toSettingAdmin") public String toSettingAdmin() {
return "manager/setting"; }
/** * 修改当前用户密码 * path:${pageContext.request.contextPath }/admin/setAdminPwd.do * @param entity * @param sesssion * @param request * @return */ @SuppressWarnings("unchecked") @RequestMapping(value="/setAdminPwd") public String setAdminPwd(@RequestParam Map<String,Object> entity,HttpSession sesssion,HttpServletRequest request) { logger.debug("-修改当前登录管理员密码-"+entity);
try { Map<String, Object> admin = (Map<String, Object>) sesssion.getAttribute("admin_info"); //1.获得表单的原密码与当前的登录管理员校验是否正确 if(entity.get("source_admin_pwd").equals(admin.get("admin_pwd"))) { //2.新的密码与确认密码是否一致 if(entity.get("new_admin_pwd").equals(entity.get("confirm_admin_pwd"))) { Map<String,Object > params=new HashMap<>(); //根据管理员编号,修改密码 params.put("admin_id", admin.get("admin_id")); params.put("admin_pwd", entity.get("new_admin_pwd")); Map<String, Object> resultAdmin = adminService.editAdminPassword(params); sesssion.setAttribute("admin_info", resultAdmin); request.setAttribute("admin_edit_password_msg", "修改密码成功"); return "manager/setting"; }else { request.setAttribute("admin_edit_password_msg", "修改密码失败,确认密码不一致"); }
}else { request.setAttribute("admin_edit_password_msg", "修改密码失败,原密码密码不正确"); } } catch (Exception e) { request.setAttribute("admin_edit_password_msg", "修改密码失败,出现未知异常,请联系管理员"); e.printStackTrace(); }
return "manager/setting"; } |
--AdminService增加代码
|
/** * 修改管理员密码 * 如果修改成功返回,更新后的管理员 * 如果修改失败,返回null * @param admin 传入的参数必须只能是:admin_pwd 和 admin_id,不能包括其他参数 * @return 返回修改后的管理员信息 */ Map<String, Object> editAdminPassword(Map<String, Object> admin); |
--AdminServiceImpl增加密码
|
@Override public Map<String, Object> editAdminPassword(Map<String, Object> admin) { //注意事项:传入的参数必须只能有,admin_id和admin_pwd int count = adminMapper.updateForNotnull(admin); if (count>0) { //2.如果更新成功,通过admin_id,返回更新后的数据 return adminMapper.findById(admin.get("admin_id"));
} return null; } |
--AdminMapper增加代码
|
/** * 更新非空的字段 * @param entity * @return */ @UpdateProvider(type=AdminProvider.class,method="updateForNotnull") int updateForNotnull(Map<String, Object> entity); |
--AdminProvider增加代码
|
public String updateForNotnull(Map<String, Object> entity) { String sql = "UPDATE tb_admin SET "; StringBuilder builder = new StringBuilder(sql); if (entity.get("admin_name") != null) { builder.append("admin_name=#{admin_name},"); } if (entity.get("admin_account") != null) { builder.append("admin_account=#{admin_account},"); }
if (entity.get("admin_pwd") != null) { builder.append("admin_pwd=#{admin_pwd},"); }
if (entity.get("admin_status") != null) { builder.append("admin_status=#{admin_status},"); }
if (entity.get("role_id") != null) { builder.append("role_id=#{role_id},"); } builder.delete(builder.length() - 1, builder.length()); builder.append("WHERE admin_id=#{admin_id}"); logger.debug("管理员更新:"+builder.toString()); return builder.toString(); } |
1.1.1.4. md5校验支持
--创建一个MD5加密帮助类
|
package cn.lxm.edu.utils;
import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Base64; import java.util.Base64.Encoder;
public class Md5Utils {
private static final String salt="Pwetio!WEW345";
/** * 将密码Md5加密 * @param source * @return */ public static String md5(String source) {
try { //1.获得摘要对象 MessageDigest digest = MessageDigest.getInstance("MD5"); //2.返回的是密文的字节码,转成字符串是乱码 source=source+salt; byte[] result = digest.digest(source.getBytes()); //3.为了避免存储的是乱码,可以使用base64让输出的字符串不是乱码 Encoder encoder = Base64.getEncoder(); return encoder.encodeToString(result); } catch (NoSuchAlgorithmException e) { e.printStackTrace(); } return null; }
public static void main(String[] args) { System.out.println(md5("123456")); } } |
--修改登录加入md5校验
|
|
--修改密码加入md5校验
|
|
