@RequestMapping(value = "/search*.jspx", method = RequestMethod.GET)
public String index(HttpServletRequest request, HttpServletResponse response, ModelMap model) {
CmsSite site = CmsUtils.getSite(request);
// 将request中所有参数保存至model中。
model.putAll(RequestUtils.getQueryParams(request));
FrontUtils.frontData(request, model, site);
FrontUtils.frontPageData(request, model);
String q = RequestUtils.getQueryParam(request, "q");
if (q.equals("?") || q.equals("*")) {
return FrontUtils.getTplPath(request, site.getSolutionPath(), TPLDIR_SPECIAL, SEARCH_ERROR);
}
if (q.startsWith("?") || q.startsWith("*")) {
model.addAttribute("oldq", q);
q = q.substring(1);
// 替换关键词
model.addAttribute("q", q);
}
String channelId = RequestUtils.getQueryParam(request, "channelId");
if (StringUtils.isBlank(q) && StringUtils.isBlank(channelId)) {
model.remove("q");
model.remove("channelId");
return FrontUtils.getTplPath(request, site.getSolutionPath(), TPLDIR_SPECIAL, SEARCH_INPUT);
} else {
return FrontUtils.getTplPath(request, site.getSolutionPath(), TPLDIR_SPECIAL, SEARCH_RESULT);
}
}
@RequestMapping(value = {"/{login:login;?.*}"})
// spring3.2.2 bug see http://jinnianshilongnian.iteye.com/blog/1831408
public String loginForm(HttpServletRequest request, ModelMap model) {
// 表示退出
if (!StringUtils.isEmpty(request.getParameter("logout"))) {
model.addAttribute(
Constants.MESSAGE, messageSource.getMessage("user.logout.success", null, null));
}
// 表示用户删除了 @see org.apache.shiro.web.filter.user.SysUserFilter
if (!StringUtils.isEmpty(request.getParameter("notfound"))) {
model.addAttribute(Constants.ERROR, messageSource.getMessage("user.notfound", null, null));
}
// 表示用户被管理员强制退出
if (!StringUtils.isEmpty(request.getParameter("forcelogout"))) {
model.addAttribute(Constants.ERROR, messageSource.getMessage("user.forcelogout", null, null));
}
// 表示用户输入的验证码错误
if (!StringUtils.isEmpty(request.getParameter("jcaptchaError"))) {
model.addAttribute(
Constants.ERROR, messageSource.getMessage("jcaptcha.validate.error", null, null));
}
// 表示用户锁定了 @see org.apache.shiro.web.filter.user.SysUserFilter
if (!StringUtils.isEmpty(request.getParameter("blocked"))) {
User user = (User) request.getAttribute(Constants.CURRENT_USER);
String reason = userStatusHistoryService.getLastReason(user);
model.addAttribute(
Constants.ERROR, messageSource.getMessage("user.blocked", new Object[] {reason}, null));
}
if (!StringUtils.isEmpty(request.getParameter("unknown"))) {
model.addAttribute(
Constants.ERROR, messageSource.getMessage("user.unknown.error", null, null));
}
// 登录失败了 提取错误消息
Exception shiroLoginFailureEx =
(Exception) request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
if (shiroLoginFailureEx != null) {
model.addAttribute(Constants.ERROR, shiroLoginFailureEx.getMessage());
}
// 如果用户直接到登录页面 先退出一下
// 原因:isAccessAllowed实现是subject.isAuthenticated()---->即如果用户验证通过 就允许访问
// 这样会导致登录一直死循环
Subject subject = SecurityUtils.getSubject();
if ((subject != null) && subject.isAuthenticated()) {
subject.logout();
}
// 如果同时存在错误消息 和 普通消息 只保留错误消息
if (model.containsAttribute(Constants.ERROR)) {
model.remove(Constants.MESSAGE);
}
return "front/login";
}