//==================================验证码=====controller
@CrossOrigin
@ResponseBody
@GetMapping("/code")
@ApiOperation(value = "验证码", notes = "jpg,Junit_CK_Key,Junit_CK_Value值")
public String getCheckCode(HttpServletRequest request, HttpServletResponse response) {
try {
CheckCodeVo checkCodeVo = checkCodeService.getCheckCode();
response.setHeader("content-type", "application/x-javascript; charset=utf8");
// forbid the cache pic
response.setHeader("Pragma", "no-cache");
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expires", 0);
response.setContentType("image/jpeg");
// gen code
String codeKey = checkCodeService.setCheckCode(checkCodeVo.getCode());
String codeValue = checkCodeService.getCheckCode(codeKey.trim());
// set cookie
Cookie cookie = new Cookie(JunConstantsUtil.RES_CK_KEY,codeKey);
cookie.setPath(JunConstantsUtil.DOMAIN_ROOT);
cookie.setMaxAge(JunConstantsUtil.MAX_AGE);
cookie.setHttpOnly(false);
Cookie cookie2 = new Cookie(JunConstantsUtil.RES_CK_VALUE,checkCodeVo.getCode());
cookie2.setPath(JunConstantsUtil.DOMAIN_ROOT);
cookie2.setMaxAge(JunConstantsUtil.MAX_AGE);
// set res
response.setHeader(JunConstantsUtil.RES_CK_KEY,codeKey);
response.setHeader(JunConstantsUtil.RES_CK_VALUE,checkCodeVo.getCode());
response.addCookie(cookie);
response.addCookie(cookie2);
// set out
ImageIO.write(checkCodeVo.getBImage(), JunConstantsUtil.PIC_JPG, response.getOutputStream());
request.getSession().setAttribute(JunConstantsUtil.CHECK_CODE, checkCodeVo.getCode());
response.getOutputStream().print(JunConstantsUtil.RES_HTML_COOKIE);
return checkCodeVo.getCode().toString();
} catch (Exception e) {
return "";
}
}
/**
* 生成二维码
* @param res
*/
@GetMapping("/tCode.jun")
public void genQTCode(HttpServletResponse res){
QrConfig config = new QrConfig(300, 300);
// 高纠错级别
config.setErrorCorrection(ErrorCorrectionLevel.H);
// 设置边距,既二维码和背景之间的边距
config.setMargin(3);
// 设置前景色,既二维码颜色
config.setForeColor(Color.WHITE.getRGB());
// 设置背景色
config.setBackColor(Color.BLACK.getRGB());
// 生成二维码到文件,写入流
try {
QrCodeUtil.generate("Lu.Li.Junit", config, "jpg",res.getOutputStream());
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}//===============================登录处理===============
@RestController
@CrossOrigin
@Api(value = "登录" ,tags = "登录")
public class SysLoginController extends BaseController{
@Autowired
private AuthenticationManager authenticationManager;
@Autowired
protected UserDetailsService userDetailsService;
@Autowired
private CheckCodeService checkCodeService;
protected Logger logger = LoggerFactory.getLogger(this.getClass());
private Integer alertCode;
@ConsoleLog(object = "登录", module = "用户登录", description = "用户登录")
@PostMapping(value = "/auth")
@ApiOperation(value = "用户登录",notes = "用户登录")
public Response login(String username, String password, String checkKey,String checkCode,
String language, Device device) {
Response response = new Response();
/**************************************
*@Desc: check user protocol and security Code
*@Author: Lu.Li.Junit
***************************************/
// if(StringUtils.isBlank(checkCode) && StringUtils.isBlank(checkKey)){
// response.put("code","4002");
// response.put("msg","验证码无效");
// return response;
// }
//
// String codeValue = checkCodeService.getCheckCode(checkKey.trim());
// if(!checkCode.equalsIgnoreCase(codeValue)){
// response.put("code","4002");
// response.put("msg","验证码错误,请重新输入");
// return response;
// }
/*********************** END *************/
Cookie cookie = new Cookie("username",username);
logger.info("into the login.username:"+username +" pwd:"+password);
Locale locale = LocaleContextHolder.getLocale();
if (language.equals("en_US"))
{
locale = locale.US;
}else {
locale = locale.SIMPLIFIED_CHINESE;
}
Md5PasswordEncoder md5 = new Md5PasswordEncoder();
String result = md5.encodePassword(password, "Startimes");
/**************************************
*@Desc: 重新处理
*@Author: Lu.Li.Junit
***************************************/
User domain = userService.findUserByNameAndPwd(username,password);
if (null != domain){
/**
* 获取当前用户状态
*/
/**
* 正常用户
*/
final Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(username, domain.getPassword())
);
SecurityContextHolder.getContext().setAuthentication(authentication);
logger.info("|Login|User authentication={}", authentication);
JwtUser user = null;
logger.info("|Login|User request {} by DB ", username+" and "+password);
// 加载用户信息,生成token
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
final String token = jwtTokenUtil.generateToken(userDetails, device);
response = Response.ok().put("token", token);
user = (JwtUser) userDetails;
try {
userService.updateLastLoginDate(user.getId());
} catch (Exception e) {
logger.error("Update user lastLoginDate error ", e);
}
logger.info("|Login|User {} response {}", username+" and "+password, response);
return response;
} else {
alertCode = 401;
Response.error(401, messageSource.getMessage("login.usernameEmpty", null, locale));
logger.info("Not found user.", username+" and "+password, response);
}
return response;
/********************** END ************/
/*
//1.获取超级管理员的信息
//2.判断随机密码日期是否超时5分钟
//3.未超时,则判断登录用户信息
//4.如果登录用户是超级管理员,则分别判断随机密码和password
User userdto = userService.getUser(1L);
if (userdto.getUsername().equals(username))
{
SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
String randomTime = simpleDateFormat.format(userdto.getLastPasswordResetDate());
String nowTime = simpleDateFormat.format(new Date());
Long randomTimeL = String2Timestamp(randomTime);
Long nowTimeL = String2Timestamp(nowTime);
if (nowTimeL < randomTimeL + 299999)
{
if (userdto.getSalt().equals(password))
{
// 用随机密码登录成功
final Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(
username,
userdto.getPassword()
)
);
SecurityContextHolder.getContext().setAuthentication(authentication);
logger.info("|Login|User authentication={}", authentication);
JwtUser user = null;
logger.info("|Login|User request {} by DB ", username+" and "+password);
// 加载用户信息,生成token
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
final String token = jwtTokenUtil.generateToken(userDetails, device);
response = Response.ok().put("token", token);
user = (JwtUser) userDetails;
try {
userService.updateLastLoginDate(user.getId());
} catch (Exception e) {
logger.error("Update user lastLoginDate error ", e);
}
logger.info("|Login|User {} response {}", username+" and "+password, response);
return response;
}else {
try {
final Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(username, result));
SecurityContextHolder.getContext().setAuthentication(authentication);
logger.info("|Login|User authentication={}", authentication);
JwtUser user = null;
logger.info("|Login|User request {} by DB ", username+" and "+password);
// 加载用户信息,生成token
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
final String token = jwtTokenUtil.generateToken(userDetails, device);
response = Response.ok().put("token", token);
user = (JwtUser) userDetails;
try {
userService.updateLastLoginDate(user.getId());
} catch (Exception e) {
logger.error("Update user lastLoginDate error ", e);
}
} catch (UsernameNotFoundException e) {
logger.error("|Login|User {} is not found", username, e);
alertCode = 401;
response = Response.error(401, messageSource.getMessage("login.usernameEmpty", null, locale));
} catch (BadCredentialsException e) {
logger.error("|Login|User {} password error", username, e);
if (username.equals("startimesterminal")){
alertCode = 402;
response = Response.error(402, messageSource.getMessage("login.superUserPasswordError", null, locale));
}else {
boolean usernameIsTrue = judgeIsUsername(username);
if (usernameIsTrue){
alertCode = 4020;
response = Response.error(4020, messageSource.getMessage("login.userPasswordError", null, locale));
}else {
alertCode = 4021;
response = Response.error(4021, messageSource.getMessage("login.usernameError", null, locale));
}
}
} catch (DisabledException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(403, "帐号被停用");
} catch (LockedException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(404, "帐号被停用");
} catch (AuthenticationCredentialsNotFoundException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(405, "该用户不允许登录运营控系统");
} catch (Exception e) {
logger.error("|Login|User {} login error", username, e);
response = Response.error(500, "未知错误,请联系管理员");
}
logger.info("|Login|User {} response {}", username+" and "+password, response);
return response;
}
}else {
try {
final Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(
username,
result
)
);
SecurityContextHolder.getContext().setAuthentication(authentication);
logger.info("|Login|User authentication={}", authentication);
JwtUser user = null;
logger.info("|Login|User request {} by DB ", username+" and "+password);
// 加载用户信息,生成token
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
final String token = jwtTokenUtil.generateToken(userDetails, device);
response = Response.ok().put("token", token);
user = (JwtUser) userDetails;
try {
userService.updateLastLoginDate(user.getId());
} catch (Exception e) {
logger.error("Update user lastLoginDate error ", e);
}
} catch (UsernameNotFoundException e) {
logger.error("|Login|User {} is not found", username, e);
alertCode = 401;
response = Response.error(401, messageSource.getMessage("login.usernameEmpty", null, locale));
} catch (BadCredentialsException e) {
logger.error("|Login|User {} password error", username, e);
if (username.equals("startimesterminal")){
alertCode = 402;
response = Response.error(402, messageSource.getMessage("login.superUserPasswordError", null, locale));
}else {
boolean usernameIsTrue = judgeIsUsername(username);
if (usernameIsTrue){
alertCode = 4020;
response = Response.error(4020, messageSource.getMessage("login.userPasswordError", null, locale));
}else {
alertCode = 4021;
response = Response.error(4021, messageSource.getMessage("login.usernameError", null, locale));
}
}
} catch (DisabledException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(403, "帐号被停用");
} catch (LockedException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(404, "帐号被停用");
} catch (AuthenticationCredentialsNotFoundException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(405, "该用户不允许登录运营控系统");
} catch (Exception e) {
logger.error("|Login|User {} login error", username, e);
response = Response.error(500, "未知错误,请联系管理员");
}
logger.info("|Login|User {} response {}", username+" and "+password, response);
return response;
}
}
try {
final Authentication authentication = authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(username, result));
SecurityContextHolder.getContext().setAuthentication(authentication);
logger.info("|Login|User authentication={}", authentication);
JwtUser user = null;
logger.info("|Login|User request {} by DB ", username+" and "+password);
// 加载用户信息,生成token
final UserDetails userDetails = userDetailsService.loadUserByUsername(username);
final String token = jwtTokenUtil.generateToken(userDetails, device);
response = Response.ok().put("token", token);
user = (JwtUser) userDetails;
try {
userService.updateLastLoginDate(user.getId());
} catch (Exception e) {
logger.error("Update user lastLoginDate error ", e);
}
} catch (UsernameNotFoundException e) {
logger.error("|Login|User {} is not found", username, e);
alertCode = 401;
response = Response.error(401, messageSource.getMessage("login.usernameEmpty", null, locale));
} catch (BadCredentialsException e) {
logger.error("|Login|User {} password error", username, e);
if (username.equals("startimesterminal")){
alertCode = 402;
response = Response.error(402, messageSource.getMessage("login.superUserPasswordError", null, locale));
}else {
boolean usernameIsTrue = judgeIsUsername(username);
if (usernameIsTrue){
alertCode = 4020;
response = Response.error(4020, messageSource.getMessage("login.userPasswordError", null, locale));
}else {
alertCode = 4021;
response = Response.error(4021, messageSource.getMessage("login.usernameError", null, locale));
}
}
} catch (DisabledException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(403, "帐号被停用");
} catch (LockedException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(404, "帐号被停用");
} catch (AuthenticationCredentialsNotFoundException e) {
logger.error("|Login|User {} password error", username, e);
response = Response.error(405, "该用户不允许登录运营控系统");
} catch (Exception e) {
logger.error("|Login|User {} login error", username, e);
response = Response.error(500, "未知错误,请联系管理员");
}
logger.info("|Login|User {} response {}", username+" and "+password, response);
return response;
*/
}
@RequestMapping(value = "${jwt.route.authentication.refresh}", method = RequestMethod.GET)
@ApiOperation(value = "Token认证",notes = "Token认证")
public Response refreshAndGetAuthenticationToken(HttpServletRequest request) {
Response response = new Response();
String token = request.getHeader(tokenHeader);
Long userId = jwtTokenUtil.getUserIdFromToken(token);
logger.info("refreshAndGetAuthenticationToken userId " + userId);
String userName = jwtTokenUtil.getUsernameFromToken(token);
logger.info("refreshAndGetAuthenticationToken userName " + userName);
User user = userService.getUser(userName);
//JwtUser user = (JwtUser)userService.loadUserById(userId);
/* if (jwtTokenUtil.canTokenBeRefreshed(token, user.getLastPasswordResetDate())) {
String refreshedToken = jwtTokenUtil.refreshToken(token);
response = Response.ok().put("token", refreshedToken);
} else {
response.put("code", 400);
}*/
logger.info("|RefreshToken|Response={}", response);
return response;
}
private Long String2Timestamp(String time) {
DateFormat format = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
long timestamp = 0;
if (StringUtils.isNotBlank(time)) {
try {
Date date = format.parse(time);
timestamp = date.getTime(); // milliseconds
} catch (ParseException e) {
e.printStackTrace();
}
return timestamp;
} else {
return null;
}
}
private Boolean judgeIsUsername(String username){
List<String> list=userService.findAllUser();
for (String name:list) {
if (name.equals(username)) {
return true;
}
}
return false;
}
@ConsoleLog(object = "切换语言", module = "切换语言", description = "切换语言")
@RequestMapping(value = "/auth/languageChange", method = RequestMethod.GET)
@ApiOperation(value = "切换语言",notes = "切换语言")
public Response languageChange(Long id) {
Locale locale = LocaleContextHolder.getLocale();
Response response = new Response();
if (id == 1)
{
locale = locale.US;
}else {
locale = locale.SIMPLIFIED_CHINESE;
}
if (alertCode == 401){
response = Response.error(401, messageSource.getMessage("login.usernameEmpty", null, locale));
}else if (alertCode == 402){
response = Response.error(402, messageSource.getMessage("login.superUserPasswordError", null, locale));
}else if (alertCode == 4020){
response = Response.error(4020, messageSource.getMessage("login.userPasswordError", null, locale));
}else if (alertCode == 4021){
response = Response.error(4021, messageSource.getMessage("login.usernameError", null, locale));
}else {
response = Response.error(402, messageSource.getMessage("login.superUserPasswordError", null, locale));
}
return response;
}
}
版权声明:本文为weixin_46843610原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。