控制器
package com.sundablog.controller.backend.login;import java.io.IOException;import javax.servlet.http.Cookie;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import javax.servlet.http.HttpSession;import org.apache.shiro.SecurityUtils;import org.apache.shiro.authc.AuthenticationException;import org.apache.shiro.authc.AuthenticationToken;import org.apache.shiro.authc.DisabledAccountException;import org.apache.shiro.authc.UsernamePasswordToken;import org.apache.shiro.session.Session;import org.apache.shiro.subject.Subject;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody;import com.sundablog.pojo.AdminUser;import com.sundablog.result.BaseResult;import com.sundablog.service.backend.system.upms.user.UserService;import com.sundablog.utlis.CaptchaUtil;import com.sundablog.utlis.RedisUtil;import cn.hutool.core.util.StrUtil;import cn.hutool.crypto.digest.DigestUtil;/** * 登录控制器 * @ClassName: LoginController * @Description:登录控制器 * @author: 哒哒 * @date: 2018年3月18日 下午12:45:41 * * @Copyright: 2018 www.sundablog.com Inc. All rights reserved. */@Controllerpublic class LoginController { @Autowired private UserService userService; /** * 登入界面显示 * @Title: login * @Description: TODO(这里用一句话描述这个方法的作用) * @param: @return * @return: String * @throws */ @RequestMapping(value= {"/","/login"}) public String login() { return "/login/login"; } /** * 验证码 * @Title: code * @Description: TODO(这里用一句话描述这个方法的作用) * @param: @param request * @param: @param response * @param: @param session * @param: @throws IOException * @return: void * @throws */ @RequestMapping("/captcha") public void code(HttpServletRequest request, HttpServletResponse response) throws IOException { // 设置响应的类型格式为图片格式 response.setContentType("image/jpeg"); response.setHeader("Pragma", "no-cache"); response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expires", 0); // 自定义参数 CaptchaUtil code = new CaptchaUtil(156, 38, 4, 4); request.getSession().setAttribute("validateCode", code.getCode()); code.write(response.getOutputStream()); System.err.println(request); } /** * 登录 * @Title: loginClick * @Description: TODO(这里用一句话描述这个方法的作用) * @param: @param userName * @param: @param password * @param: @param verificationCode * @param: @return * @param: @throws DisabledAccountException * @return: BaseResult * @throws */ @RequestMapping("/loginClick") @ResponseBody public BaseResult loginClick(String userName, String password, String verificationCode,HttpServletRequest request) throws DisabledAccountException { String captcha = (String)request.getSession().getAttribute("validateCode"); if (StrUtil.isEmpty(verificationCode)) { return BaseResult.build(209, "验证码错误"); } else { if (captcha.equals(verificationCode)) { /** * 获得当前用户对象,状态为“未认证” */ Subject subject = SecurityUtils.getSubject(); AdminUser adminUser = userService.selectAdminUserByUserName(userName); if (1 == adminUser.getLocked().intValue()) { return BaseResult.build(202, "账户以及被锁定"); } AuthenticationToken token = new UsernamePasswordToken(userName, DigestUtil.md5Hex(password + adminUser.getSalt()));// 创建用户名密码令牌对象 try { subject.login(token); return BaseResult.ok(); } catch (AuthenticationException e) { return BaseResult.build(203, "用户名密码错误"); } } else { //验证码错误 return BaseResult.build(204, "验证码错误"); } } } /** * 退出 * @Title: quit * @Description: TODO(这里用一句话描述这个方法的作用) * @param: @return * @return: BaseResult * @throws */ @RequestMapping("/quit") @ResponseBody public BaseResult quit() { Subject subject = SecurityUtils.getSubject(); try { subject.logout(); return BaseResult.ok(); } catch (Exception e) { return BaseResult.build(201, "退出失败"); } } } posted on 2018-04-02 23:40 阅读( ...) 评论( ...)