/** Handles request for saving / updating account */
@RequestMapping(value = "/insert", method = RequestMethod.POST)
public @ResponseBody void insert(
@RequestParam(value = "username", required = true) String username,
@RequestParam(value = "name", required = false) String name,
@RequestParam(value = "surname", required = false) String surname,
@RequestParam(value = "telephoneNumber", required = true) String telephoneNumber,
@RequestParam(value = "verificationText", required = true) String verificationText,
HttpServletRequest request,
HttpServletResponse response) {
logger.debug("Received a request to insert an account");
// validate captcha
Boolean isResponseCorrect = false;
String sessionId = request.getSession().getId();
// Call the Service method
try {
isResponseCorrect = captchaService.validateResponseForID(sessionId, verificationText);
if (isResponseCorrect == false) {
response.sendError(500, "Provided captcha text was wrong.");
return;
}
} catch (Exception e) {
e.printStackTrace();
return;
}
accountService.insert(new Account(username, name, surname, telephoneNumber));
}
/** ��֤�ص�����, ��¼ʱ����. */
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
throws AuthenticationException {
CaptchaUsernamePasswordToken token = (CaptchaUsernamePasswordToken) authcToken;
String parm = token.getCaptcha();
try {
if (!imageCaptchaService.validateResponseForID(
SecurityUtils.getSubject().getSession().getId().toString(), parm)) {
throw new IncorrectCaptchaException("��֤�����");
}
} catch (Exception e) {
throw new IncorrectCaptchaException("��֤�����");
}
String username = token.getUsername();
if (username == null) {
throw new AccountException("Null usernames are not allowed by this realm.");
}
Connection conn = null;
AuthenticationInfo info = null;
try {
conn = dataSource.getConnection();
String password = getPasswordForUser(conn, username);
if (password == null) {
throw new UnknownAccountException("No account found for user [" + username + "]");
}
SimpleAuthenticationInfo simpleAuthenticationInfo =
new SimpleAuthenticationInfo(username, password, getName());
simpleAuthenticationInfo.setCredentialsSalt(ByteSource.Util.bytes(username));
info = simpleAuthenticationInfo;
} catch (SQLException e) {
final String message = "There was a SQL error while authenticating user [" + username + "]";
if (log.isErrorEnabled()) {
log.error(message, e);
}
throw new AuthenticationException(message, e);
} finally {
JdbcUtils.closeConnection(conn);
}
return info;
}
/**
* 1:验证码是否为null 2:验证码 是否正确 3:用户是否为NUll 4:密码是否为NUll 5:用户是否正确 6密码是否正确 Md5 纯生Md5 放进Session
* 跳转ReturnUrl
*
* @param buyer
* @param captcha
* @param returnUrl
* @return
*/
@RequestMapping(value = "/shopping/login.shtml", method = RequestMethod.POST)
public String login(
Buyer buyer, String captcha, String returnUrl, ModelMap model, HttpServletRequest request) {
// 验证码是否为null
if (StringUtils.isNotBlank(captcha)) {
// 1:JSESSIONID
// 2验证码
if (imageCaptchaService.validateResponseForID(
sessionProvider.getSessionId(request), captcha)) {
if (null != buyer && StringUtils.isNotBlank(buyer.getUsername())) {
if (StringUtils.isNotBlank(buyer.getPassword())) {
Buyer b = buyerService.getBuyerByKey(buyer.getUsername());
if (null != b) {
//
if (b.getPassword().equals(md5Pwd.encode(buyer.getPassword()))) {
// 把用户对象放在Session
sessionProvider.setAttribute(request, Constants.BUYER_SESSION, b);
if (StringUtils.isNotBlank(returnUrl)) {
return "redirect:" + returnUrl;
} else {
// 个人中心
return "redirect:/buyer/index.shtml";
}
} else {
model.addAttribute("error", "密码错误");
}
} else {
model.addAttribute("error", "用户名输入错误");
}
} else {
model.addAttribute("error", "请输入密码");
}
} else {
model.addAttribute("error", "请输入用户名");
}
} else {
model.addAttribute("error", "验证码输入错误");
}
} else {
model.addAttribute("error", "请填写验证码");
}
return "buyer/login";
}
@POST
@Path("resolve")
@Produces("application/json")
public Response resolve(@FormParam("token") String token, @FormParam("answer") String answer) {
Map<String, String> ret = new HashMap<String, String>();
boolean validated = false;
try {
validated = imageCaptchaService.validateResponseForID(token, answer);
} catch (Exception e) {
ret.put("exception", e.getMessage());
e.printStackTrace();
}
ret.put("answer", answer);
ret.put("token", token);
ret.put("validated", "" + validated);
return Response.status(Status.OK).entity(ret).build();
}
/**
* 校验验证码
*
* @return 是否正确
*/
public boolean validateCaptcha() {
HttpServletRequest request = ServletActionContext.getRequest();
try {
// log.info(this.captchaCode);
if (!imageCaptchaService.validateResponseForID(
request.getSession().getId(), this.captchaCode.trim())) {
this.addActionError("验证码不正确");
if (this.log.isInfoEnabled()) {
this.log.info("验证码不正确");
}
return false;
}
} catch (CaptchaServiceException e) {
this.addActionError("验证码验证出错");
log.warn("验证码验证出错", e);
return false;
} catch (Exception e) {
this.addActionError("验证码验证出错");
log.error("验证码验证出错");
return false;
}
return true;
}
