/** 请求登录,验证用户 */
@RequestMapping(value = "/login_login", produces = "application/json;charset=UTF-8")
@ResponseBody
public Object login() throws Exception {
Map<String, String> map = new HashMap<String, String>();
PageData pd = new PageData();
pd = this.getPageData();
String errInfo = "";
String KEYDATA[] = pd.getString("KEYDATA").split(",fh,");
if (null != KEYDATA && KEYDATA.length == 3) {
// shiro管理的session
Subject currentUser = SecurityUtils.getSubject();
Session session = currentUser.getSession();
String sessionCode =
(String) session.getAttribute(Const.SESSION_SECURITY_CODE); // 获取session中的验证码
String code = KEYDATA[2];
if (null == code || "".equals(code)) {
errInfo = "nullcode"; // 验证码为空
} else {
String USERNAME = KEYDATA[0];
String PASSWORD = KEYDATA[1];
pd.put("USERNAME", USERNAME);
if (Tools.notEmpty(sessionCode) && sessionCode.equalsIgnoreCase(code)) {
String passwd = new SimpleHash("SHA-1", USERNAME, PASSWORD).toString(); // 密码加密
pd.put("PASSWORD", passwd);
pd = userService.getUserByNameAndPwd(pd);
if (pd != null) {
pd.put("LAST_LOGIN", DateUtil.getTime().toString());
userService.updateLastLogin(pd);
User user = new User();
user.setUSER_ID(pd.getString("USER_ID"));
user.setUSERNAME(pd.getString("USERNAME"));
user.setPASSWORD(pd.getString("PASSWORD"));
user.setNAME(pd.getString("NAME"));
user.setRIGHTS(pd.getString("RIGHTS"));
user.setROLE_ID(pd.getString("ROLE_ID"));
user.setLAST_LOGIN(pd.getString("LAST_LOGIN"));
user.setIP(pd.getString("IP"));
user.setSTATUS(pd.getString("STATUS"));
session.setAttribute(Const.SESSION_USER, user);
session.removeAttribute(Const.SESSION_SECURITY_CODE);
// shiro加入身份验证
Subject subject = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(USERNAME, PASSWORD);
try {
subject.login(token);
} catch (AuthenticationException e) {
errInfo = "身份验证失败!";
}
} else {
errInfo = "usererror"; // 用户名或密码有误
}
} else {
errInfo = "codeerror"; // 验证码输入有误
}
if (Tools.isEmpty(errInfo)) {
errInfo = "success"; // 验证成功
}
}
} else {
errInfo = "error"; // 缺少参数
}
map.put("result", errInfo);
return AppUtil.returnObject(new PageData(), map);
}
/** 访问系统首页 */
@RequestMapping(value = "/main/{changeMenu}")
public ModelAndView login_index(@PathVariable("changeMenu") String changeMenu) {
ModelAndView mv = this.getModelAndView();
PageData pd = new PageData();
pd = this.getPageData();
try {
// shiro管理的session
Subject currentUser = SecurityUtils.getSubject();
Session session = currentUser.getSession();
User user = (User) session.getAttribute(Const.SESSION_USER);
if (user != null) {
User userr = (User) session.getAttribute(Const.SESSION_USERROL);
if (null == userr) {
user = userService.getUserAndRoleById(user.getUSER_ID());
session.setAttribute(Const.SESSION_USERROL, user);
} else {
user = userr;
}
Role role = user.getRole();
String roleRights = role != null ? role.getRIGHTS() : "";
// 避免每次拦截用户操作时查询数据库,以下将用户所属角色权限、用户权限限都存入session
session.setAttribute(Const.SESSION_ROLE_RIGHTS, roleRights); // 将角色权限存入session
session.setAttribute(Const.SESSION_USERNAME, user.getUSERNAME()); // 放入用户名
List<Menu> allmenuList = new ArrayList<Menu>();
if (null == session.getAttribute(Const.SESSION_allmenuList)) {
allmenuList = menuService.listAllMenu();
if (Tools.notEmpty(roleRights)) {
for (Menu menu : allmenuList) {
menu.setHasMenu(RightsHelper.testRights(roleRights, menu.getMENU_ID()));
if (menu.isHasMenu()) {
List<Menu> subMenuList = menu.getSubMenu();
for (Menu sub : subMenuList) {
sub.setHasMenu(RightsHelper.testRights(roleRights, sub.getMENU_ID()));
}
}
}
}
session.setAttribute(Const.SESSION_allmenuList, allmenuList); // 菜单权限放入session中
} else {
allmenuList = (List<Menu>) session.getAttribute(Const.SESSION_allmenuList);
}
// 切换菜单=====
List<Menu> menuList = new ArrayList<Menu>();
// if(null == session.getAttribute(Const.SESSION_menuList) ||
// ("yes".equals(pd.getString("changeMenu")))){
if (null == session.getAttribute(Const.SESSION_menuList) || ("yes".equals(changeMenu))) {
List<Menu> menuList1 = new ArrayList<Menu>();
List<Menu> menuList2 = new ArrayList<Menu>();
// 拆分菜单
for (int i = 0; i < allmenuList.size(); i++) {
Menu menu = allmenuList.get(i);
if ("1".equals(menu.getMENU_TYPE())) {
menuList1.add(menu);
} else {
menuList2.add(menu);
}
}
session.removeAttribute(Const.SESSION_menuList);
if ("2".equals(session.getAttribute("changeMenu"))) {
session.setAttribute(Const.SESSION_menuList, menuList1);
session.removeAttribute("changeMenu");
session.setAttribute("changeMenu", "1");
menuList = menuList1;
} else {
session.setAttribute(Const.SESSION_menuList, menuList2);
session.removeAttribute("changeMenu");
session.setAttribute("changeMenu", "2");
menuList = menuList2;
}
} else {
menuList = (List<Menu>) session.getAttribute(Const.SESSION_menuList);
}
// 切换菜单=====
if (null == session.getAttribute(Const.SESSION_QX)) {
session.setAttribute(Const.SESSION_QX, this.getUQX(session)); // 按钮权限放到session中
}
// FusionCharts 报表
// String strXML = "<graph caption='前12个月订单销量柱状图' xAxisName='月份' yAxisName='值'
// decimalPrecision='0' formatNumberScale='0'><set name='2013-05' value='4'
// color='AFD8F8'/><set name='2013-04' value='0' color='AFD8F8'/><set name='2013-03'
// value='0' color='AFD8F8'/><set name='2013-02' value='0' color='AFD8F8'/><set
// name='2013-01' value='0' color='AFD8F8'/><set name='2012-01' value='0'
// color='AFD8F8'/><set name='2012-11' value='0' color='AFD8F8'/><set name='2012-10'
// value='0' color='AFD8F8'/><set name='2012-09' value='0' color='AFD8F8'/><set
// name='2012-08' value='0' color='AFD8F8'/><set name='2012-07' value='0'
// color='AFD8F8'/><set name='2012-06' value='0' color='AFD8F8'/></graph>" ;
// mv.addObject("strXML", strXML);
// FusionCharts 报表
// 读取websocket配置
String strWEBSOCKET = Tools.readTxtFile(Const.WEBSOCKET); // 读取WEBSOCKET配置
if (null != strWEBSOCKET && !"".equals(strWEBSOCKET)) {
String strIW[] = strWEBSOCKET.split(",fh,");
if (strIW.length == 4) {
pd.put("WIMIP", strIW[0]);
pd.put("WIMPORT", strIW[1]);
pd.put("OLIP", strIW[2]);
pd.put("OLPORT", strIW[3]);
}
}
// 读取websocket配置
mv.setViewName("system/admin/index");
mv.addObject("user", user);
mv.addObject("menuList", menuList);
} else {
mv.setViewName("system/admin/login"); // session失效后跳转登录页面
}
} catch (Exception e) {
mv.setViewName("system/admin/login");
logger.error(e.getMessage(), e);
}
pd.put("SYSNAME", Tools.readTxtFile(Const.SYSNAME)); // 读取系统名称
mv.addObject("pd", pd);
return mv;
}