| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 |
- package com.usky.controller.login;
- import com.usky.constant.Constant;
- import com.usky.entity.ResponseBean;
- import com.usky.entity.sys.log.SysLogDTO;
- import com.usky.entity.sys.vo.SysUserVO;
- import com.usky.exception.CustomException;
- import com.usky.exception.CustomUnauthorizedException;
- import com.usky.service.log.LogService;
- import com.usky.service.sys.user.LoginService;
- import com.usky.utils.*;
- import com.usky.utils.jwt.AesCipherUtil;
- import com.usky.utils.jwt.JwtUtil;
- import io.swagger.annotations.Api;
- import io.swagger.annotations.ApiImplicitParam;
- import io.swagger.annotations.ApiImplicitParams;
- import io.swagger.annotations.ApiOperation;
- import org.apache.shiro.authz.annotation.Logical;
- import org.apache.shiro.authz.annotation.RequiresPermissions;
- import org.springframework.beans.factory.annotation.Autowired;
- import org.springframework.beans.factory.annotation.Value;
- import org.springframework.context.annotation.PropertySource;
- import org.springframework.http.HttpStatus;
- import org.springframework.web.bind.annotation.*;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import java.sql.Timestamp;
- /**
- * @author laowo
- * @version v1.0
- * @date 2021/8/19 17:09
- * @description TODO
- **/
- @RestController
- @RequestMapping("sys")
- @Api(tags = "登录-退出")
- @PropertySource("classpath:config.properties")
- public class LoginController {
- @Autowired
- private LoginService loginService;
- @Autowired
- private RedisUtil redisUtil;
- @Autowired
- private LogService logService;
- /**
- * RefreshToken过期时间
- */
- @Value("${refreshTokenExpireTime}")
- private String refreshTokenExpireTime;
- @ApiOperation(value = "登录")
- @PostMapping("login")
- @ApiImplicitParams({
- @ApiImplicitParam(name = "loginName", value = "登录名", required = true, paramType = "query"),
- @ApiImplicitParam(name = "passWord", value = "密码", required = true, paramType = "query")
- })
- public Result<?> login(@RequestParam("loginName") String loginName,
- @RequestParam("passWord") String passWord, HttpServletResponse httpServletResponse) {
- SysUserVO user = loginService.findUserByUsername(loginName);
- if (user.getStatus().equals("1")) {
- return Result.error("账户已停用,请联系管理员!");
- }
- String key = AesCipherUtil.deCrypto(user.getPassword());
- if (key.equals(loginName + passWord)) {
- // 清除可能存在的Shiro权限信息缓存
- if (redisUtil.hasKey(Constant.PREFIX_SHIRO_CACHE + loginName)) {
- redisUtil.del(Constant.PREFIX_SHIRO_CACHE + loginName);
- }
- // 设置RefreshToken,时间戳为当前时间戳,直接设置即可(不用先删后设,会覆盖已有的RefreshToken)
- String currentTimeMillis = String.valueOf(System.currentTimeMillis());
- redisUtil.set(Constant.PREFIX_SHIRO_REFRESH_TOKEN + loginName, currentTimeMillis, Integer.parseInt(refreshTokenExpireTime));
- // 从Header中Authorization返回AccessToken,时间戳为当前时间戳
- String token = JwtUtil.sign(loginName, currentTimeMillis);
- httpServletResponse.setHeader("Authorization", token);
- httpServletResponse.setHeader("Access-Control-Expose-Headers", "Authorization");
- SysLogDTO log = new SysLogDTO();
- log.setLogType(1);
- //获取request
- HttpServletRequest request = SpringContextUtils.getHttpServletRequest();
- //请求的参数
- log.setRequestType(request.getMethod());
- //设置IP地址
- log.setIp(IPUtils.getIpAddr(request));
- //获取登录用户信息 TODO 添加用户数据后启用
- log.setUsername(loginName);
- log.setCreateTime(new Timestamp(System.currentTimeMillis()));
- logService.addLog(log);
- return Result.OK("登录成功");
- } else {
- throw new CustomUnauthorizedException("帐号或密码错误(Account or Password Error.)");
- }
- }
- @PostMapping("loginOut")
- @ApiOperation(value = "用户退出")
- public Result<?> loginOut() {
- ShiroUtils.logout();
- return Result.OK("退出成功");
- }
- }
|
