控制器
package com.sundablog.controller.backend.login;
import java.io.IOException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.sundablog.pojo.AdminUser;
import com.sundablog.result.BaseResult;
import com.sundablog.service.backend.system.upms.user.UserService;
import com.sundablog.utlis.CaptchaUtil;
import com.sundablog.utlis.RedisUtil;
import cn.hutool.core.util.StrUtil;
import cn.hutool.crypto.digest.DigestUtil;
/**
* 登录控制器
* @ClassName: LoginController
* @Description:登录控制器
* @author: 哒哒
* @date: 2018年3月18日 下午12:45:41
*
* @Copyright: 2018 www.sundablog.com Inc. All rights reserved.
*/
@Controller
public class LoginController {
@Autowired
private UserService userService;
/**
* 登入界面显示
* @Title: login
* @Description: TODO(这里用一句话描述这个方法的作用)
* @param: @return
* @return: String
* @throws
*/
@RequestMapping(value= {"/","/login"})
public String login() {
return "/login/login";
}
/**
* 验证码
* @Title: code
* @Description: TODO(这里用一句话描述这个方法的作用)
* @param: @param request
* @param: @param response
* @param: @param session
* @param: @throws IOException
* @return: void
* @throws
*/
@RequestMapping("/captcha")
public void code(HttpServletRequest request, HttpServletResponse response) throws IOException {
// 设置响应的类型格式为图片格式
response.setContentType("image/jpeg");
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
// 自定义参数
CaptchaUtil code = new CaptchaUtil(156, 38, 4, 4);
request.getSession().setAttribute("validateCode", code.getCode());
code.write(response.getOutputStream());
System.err.println(request);
}
/**
* 登录
* @Title: loginClick
* @Description: TODO(这里用一句话描述这个方法的作用)
* @param: @param userName
* @param: @param password
* @param: @param verificationCode
* @param: @return
* @param: @throws DisabledAccountException
* @return: BaseResult
* @throws
*/
@RequestMapping("/loginClick")
@ResponseBody
public BaseResult loginClick(String userName, String password, String verificationCode,HttpServletRequest request)
throws DisabledAccountException {
String captcha = (String)request.getSession().getAttribute("validateCode");
if (StrUtil.isEmpty(verificationCode)) {
return BaseResult.build(209, "验证码错误");
} else {
if (captcha.equals(verificationCode)) {
/**
* 获得当前用户对象,状态为“未认证”
*/
Subject subject = SecurityUtils.getSubject();
AdminUser adminUser = userService.selectAdminUserByUserName(userName);
if (1 == adminUser.getLocked().intValue()) {
return BaseResult.build(202, "账户以及被锁定");
}
AuthenticationToken token = new UsernamePasswordToken(userName,
DigestUtil.md5Hex(password + adminUser.getSalt()));// 创建用户名密码令牌对象
try {
subject.login(token);
return BaseResult.ok();
} catch (AuthenticationException e) {
return BaseResult.build(203, "用户名密码错误");
}
} else {
//验证码错误
return BaseResult.build(204, "验证码错误");
}
}
}
/**
* 退出
* @Title: quit
* @Description: TODO(这里用一句话描述这个方法的作用)
* @param: @return
* @return: BaseResult
* @throws
*/
@RequestMapping("/quit")
@ResponseBody
public BaseResult quit() {
Subject subject = SecurityUtils.getSubject();
try {
subject.logout();
return BaseResult.ok();
} catch (Exception e) {
return BaseResult.build(201, "退出失败");
}
}
}
