Esempio n. 1
0
  /**
   * 用户登录POST提交
   *
   * @param user
   * @param model
   * @param session 自动注入的Session对象
   */
  @RequestMapping(
      value = {"/login"},
      method = RequestMethod.POST)
  public String submitLogin(
      @ModelAttribute("user") User user,
      Model model,
      HttpSession session,
      HttpServletRequest request,
      RedirectAttributes redirectAttributes,
      HttpServletResponse response) {
    // 保存页面显示信息的map
    Map<String, String> msgMap = new HashMap<String, String>();
    request.setAttribute(MSG_NAME, msgMap);

    // 是否验证通过
    boolean flag = true;
    if (user.getEmail() == null || user.getEmail().trim().length() == 0) {
      flag = false;
    }
    if (user.getPassword() == null
        || user.getPassword().trim().length() == 0
        || user.getPassword().length() != 32) {
      flag = false;
    }
    // 当验证失败时,跳转回登录界面
    if (!flag) {
      // 非法请求
      msgMap.put(EMAIL_NAME, "非法请求");
      return LOGIN_INPUT;
    }

    // 根据此email查询出用户
    User trueUser = userService.findByEmail(user.getEmail());
    // 当查询出来的user不为空时
    if (trueUser != null && user.getPassword().equals(trueUser.getPassword())) {
      session.setAttribute("user", trueUser);
      redirectAttributes.addFlashAttribute("info", "登录成功");

      return "redirect:/";
    } else {
      // 邮箱或者密码错误
      msgMap.put(EMAIL_NAME, "用户名或者密码错误");
      request.setAttribute(EMAIL_NAME, user.getEmail());
      return LOGIN_INPUT;
    }
  }
Esempio n. 2
0
  /**
   * 用户注册POST提交
   *
   * @param user User对象
   * @param model
   * @param re_password 用户重复输入的密码, 应为md5值
   * @param password_md5 客户端js自动生成的密码md5值, 用以验证非法提交
   */
  @RequestMapping(
      value = {"/regist"},
      method = RequestMethod.POST)
  public String submitReg(
      @ModelAttribute User user,
      @RequestParam(TOKEN_NAME) String token,
      Model model,
      @RequestParam(required = true, value = "password_re") String passwordRe,
      HttpServletRequest request,
      RedirectAttributes redirectAttributes) {
    Map<String, String> msgMap = new HashMap<String, String>();
    request.setAttribute(MSG_NAME, msgMap);
    Object tokenInSession = request.getSession().getAttribute(TOKEN_NAME);
    if (null != tokenInSession && null != token && !token.equals(tokenInSession)) {
      msgMap.put(TOKEN_NAME, "验证码不正确");
      return REG_INPUT;
    } else {
      request.getSession().removeAttribute(TOKEN_NAME);
    }

    // 没有md5加密
    if (user.getPassword().length() != 32 || !user.getPassword().equals(passwordRe)) {
      msgMap.put(EMAIL_NAME, "非法请求");
      return REG_INPUT;
    }

    // 用户注册日期
    user.setRegDate(new Date());
    try {
      userService.save(user);
    } catch (DBException e) {
      logger.info("已经存在此邮箱" + e);
      // 已经存在此邮箱,抛出异常
      msgMap.put(EMAIL_NAME, e.getMessage());
      return REG_INPUT;
    }
    redirectAttributes.addFlashAttribute("info", "您已成功注册");
    return "redirect:" + LOGIN_INPUT;
  }
Esempio n. 3
0
 @RequestMapping(value = "/edit", method = RequestMethod.GET)
 public String changePwdForm(
     HttpServletRequest request, Model model, RedirectAttributes redirectAttributes) {
   Object user = request.getSession().getAttribute("user");
   if (user == null) {
     redirectAttributes.addFlashAttribute("info", "非法请求");
     return "redirect:" + LOGIN_INPUT;
   }
   model.addAttribute("user", user);
   User u = (User) user;
   List<Social> socials = socialService.listByUserId(u.getId());
   socials.forEach(
       social -> {
         Arrays.asList(Social.TYPES)
             .forEach(
                 t -> {
                   if (social.getType().equals(t)) {
                     model.addAttribute(t, social);
                   }
                 });
       });
   return "user/edit";
 }
Esempio n. 4
0
  @RequestMapping(value = "/edit", method = RequestMethod.POST)
  public String changePwdSubmit(
      HttpServletRequest request,
      Model model,
      RedirectAttributes redirectAttributes,
      @RequestParam(required = true, value = "password_re") String passwordRe,
      @RequestParam(required = true, value = "password_old") String passwordOld) {
    Object user = request.getSession().getAttribute("user");
    if (user == null) {
      redirectAttributes.addFlashAttribute("info", "非法请求");
      return "redirect:" + LOGIN_INPUT;
    }

    if (((User) user).getPassword().equals(passwordOld)) {
      ((User) user).setPassword(passwordRe);
      userService.update((User) user);
      redirectAttributes.addFlashAttribute(MSG_NAME, "更新密码成功");
      return "redirect:edit";
    } else {
      redirectAttributes.addFlashAttribute(MSG_NAME, "原密码错误");
      return "redirect:edit";
    }
  }