• shiro+token登陆验证

    导入相应的类

    import org.apache.shiro.SecurityUtils;
    import org.apache.shiro.authc.AuthenticationException;
    import org.apache.shiro.authc.IncorrectCredentialsException;
    import org.apache.shiro.authc.UnknownAccountException;
    import org.apache.shiro.authc.UsernamePasswordToken;
    import org.apache.shiro.session.Session;
    import org.apache.shiro.subject.Subject;

    /**
    * 用户登录
    * 。
    *
    * @param userName
    * @param passWord
    * @param validateCode
    * @param userType
    * @param session
    * @return
    * @throws Exception
    */
    @SystemControllerLog(description="用户登录")
    @ResponseBody()
    @RequestMapping(value = "userLogin",method = RequestMethod.POST)
    public Object userLogin(
    @RequestParam(value="userName",required=true,defaultValue="") String userName,
    @RequestParam(value="passWord",required=true,defaultValue="") String passWord,
    @RequestParam(value="validateCode",required=false,defaultValue="") String validateCode,
    @RequestParam(value="userType",required=true,defaultValue="") String userType,
    HttpSession session,
    HttpServletRequest request
    ) throws Exception{
    String error=null;

    Subject subject = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(userName, passWord);
    try {
    subject.login(token);
    } catch (UnknownAccountException e) {
    error = "用户名/密码错误";
    } catch (IncorrectCredentialsException e) {
    error = "用户名/密码错误";
    } catch (AuthenticationException e) {
    //其他错误,比如锁定,如果想单独处理请单独catch处理
    error = "其他错误:" + e.getMessage();
    }

    Map<Object, Object> result = new HashMap<Object, Object>();
    if(error != null ){
    result.put("success", false);
    result.put("message", error);
    }else{
    UserDto userDto = this.authoxManagerService.getUserInfoByUserName(userName);
    if(userDto.getAccount().getIsEnterprise()==1){
    result.put("message", "登录失败");
    result.put("success", false);
    }else{
    Session sessions = subject.getSession();
    sessions.setAttribute("userDto",userDto );
    result.put("success", true);
    }

    }

    return result;
    }





    /**
    * 用户注销
    * @return
    * @throws Exception
    */
    @SystemControllerLog(description="用户注销")
    @RequestMapping(value = "userLogout")
    public Object userLogout(
    HttpServletRequest request,HttpServletResponse response
    ) throws Exception{

    Subject subject = SecurityUtils.getSubject();
    subject.logout();

    ModelAndView mView = new ModelAndView("login");

    return mView;
    }

    --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

    附TokenAPI

    package cn.xydata.ots.api.v1;

    import java.util.HashMap;
    import java.util.Map;

    import javax.annotation.Resource;

    import org.springframework.stereotype.Controller;
    import org.springframework.web.bind.annotation.RequestMapping;
    import org.springframework.web.bind.annotation.RequestMethod;
    import org.springframework.web.bind.annotation.RequestParam;
    import org.springframework.web.bind.annotation.ResponseBody;

    import cn.xydata.ots.service.system.SystemTokenService;

    @Controller
    @RequestMapping(value="api/v1/token")
    public class TokenAPI {

    @Resource
    private SystemTokenService systemTokenService;

    @RequestMapping(value="get",method = RequestMethod.GET)
    @ResponseBody
    public Object doGetToken(
    @RequestParam(value="corpcode")String corpCode,
    @RequestParam(value="corpsecret")String corpSecret
    ){
    Map<String,Object> result = new HashMap<String,Object>();

    try {
    String token = systemTokenService.GenerateToken();
    result.put("access_token", token);
    result.put("expires_in", "7200");
    } catch (Exception e) {
    if("1001".equals(e.getMessage())){
    result.put("errcode", 1001);
    result.put("errmsg", "invalid corpcode");
    }
    else if("1002".equals(e.getMessage())){
    result.put("errcode", 1002);
    result.put("errmsg", "invalid corpsecret");
    }
    else{
    result.put("errcode", 4001);
    result.put("errmsg", "internal error");
    }
    }
    return result;
    }

    @RequestMapping(value="extend",method = RequestMethod.GET)
    @ResponseBody
    public Object doExtendToken(
    @RequestParam(value="access_token")String accessToken
    ){
    Map<String,Object> result = new HashMap<String,Object>();
    boolean isValid = false;
    try {
    isValid = systemTokenService.CheckToken(accessToken);
    if(!isValid){
    result.put("errcode", 1004);
    result.put("errmsg", "invalid access_token");
    return result;
    }
    } catch (Exception e) {
    result.put("errcode", 1004);
    result.put("errmsg", "invalid access_token");
    return result;
    }
    try {
    boolean ret = systemTokenService.ExtendToken(accessToken);
    if(ret){
    result.put("errcode", 0);
    result.put("errmsg", "ok");
    return result;
    }

    } catch (Exception e) {
    e.printStackTrace();
    }
    result.put("errcode", 4001);
    result.put("errmsg", "internal error");
    return result;
    }

    }

    -------------------------------------------------------

    业务逻辑层

    package cn.xydata.ots.service.impl.system;

    import java.util.Date;
    import java.util.List;
    import java.util.UUID;

    import javax.annotation.Resource;

    import org.springframework.stereotype.Service;
    import org.springframework.transaction.annotation.Transactional;

    import cn.xydata.ots.dao.system.SystemTokenDao;
    import cn.xydata.ots.model.system.SystemToken;
    import cn.xydata.ots.service.system.SystemTokenService;

    @Service(value="systemTokenService")
    @Transactional(rollbackFor = Exception.class)
    public class SystemTokenServiceImpl implements SystemTokenService {

    @Resource
    private SystemTokenDao systemTokenDao;

    @Override
    public String GenerateToken()
    throws Exception {

    SystemToken st = new SystemToken();
    String token = UUID.randomUUID().toString().replaceAll("-", "");
    st.setAccessToken(token);
    st.setAccessCount(0);
    st.setCorpCode("NA");
    st.setCreateTime(new Date());
    st.setUpdateTime(new Date());
    st.setCorpSecret("NA");
    systemTokenDao.add(st);
    return token;
    }

    @Override
    public boolean CheckToken(String accessToken) throws Exception {
    List<SystemToken> stList =systemTokenDao.findByToken(accessToken);
    if(stList.size()>0){
    SystemToken st = stList.get(0);
    if(Math.abs(st.getUpdateTime().getTime()/1000 - new Date().getTime()/1000)<7200){
    return true;
    }else{
    systemTokenDao.delete(st);
    }
    }
    return false;
    }

    @Override
    public boolean ExtendToken(String accessToken) throws Exception {
    List<SystemToken> stList =systemTokenDao.findByToken(accessToken);
    if(stList.size()>0){
    SystemToken st = stList.get(0);
    if(Math.abs(st.getUpdateTime().getTime()/1000 - new Date().getTime()/1000)<7200){
    st.setUpdateTime(new Date());
    if(Math.abs(st.getUpdateTime().getTime()/1000 - new Date().getTime()/1000)<300){
    st.setAccessCount(st.getAccessCount()+1);
    }
    systemTokenDao.edit(st);
    return true;
    }
    }
    return false;
    }

    }

    当能力支撑不了野心时,就该静下心来学习!
  • 相关阅读:
    LRu Cache算法原理
    c# 哈希表
    c# 获取二维数组的行数和列数
    Linq
    DataTable使用
    Wpf学习
    数据库配置
    js 数字保留两位小树
    平面数据转换为树形结构
    mysql操作
  • 原文地址:https://www.cnblogs.com/1234cjq/p/7442787.html
Copyright © 2020-2023  润新知