public HttpHeaders menu() throws JsonProcessingException { HttpServletRequest request = ServletActionContext.getRequest(); List<NavMenuVO> menus = menuService.authUserMenu( AuthContextHolder.getAuthUserDetails().getAuthorities(), request.getContextPath()); request.setAttribute("rootMenus", menus); request.setAttribute("menuJsonData", mapper.writeValueAsString(menus)); return new DefaultHttpHeaders("/layout/menu").disableCaching(); }
/** * Sets modifying and creating auditioner. Creating auditioner is only set on new auditables. * * @param auditable * @return */ private String touchAuditor(final DefaultAuditable<String, ?> auditable, boolean isNew) { String auditor = AuthContextHolder.getAuthUserDisplay(); if (isNew) { auditable.setCreatedBy(auditor); if (!modifyOnCreation) { return auditor; } } auditable.setLastModifiedBy(auditor); auditable.setDataGroup(DATA_GROUP.get()); return auditor; }
public HttpHeaders doPasswd() { AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails(); Assert.notNull(authUserDetails); HttpServletRequest request = ServletActionContext.getRequest(); String oldpasswd = request.getParameter("oldpasswd"); String newpasswd = request.getParameter("newpasswd"); Assert.isTrue(StringUtils.isNotBlank(oldpasswd)); Assert.isTrue(StringUtils.isNotBlank(newpasswd)); User user = userService.findByUid(authUserDetails.getUid()); String encodedPasswd = userService.encodeUserPasswd(user, oldpasswd); if (!encodedPasswd.equals(user.getPassword())) { setModel(OperationResult.buildFailureResult("原密码不正确,请重新输入")); } else { userService.save(user, newpasswd); setModel(OperationResult.buildSuccessResult("密码修改成功,请在下次登录使用新密码")); } return new DefaultHttpHeaders().disableCaching(); }
public AuthUserDetails getAuthUserDetails() { return AuthContextHolder.getAuthUserDetails(); }
/** 重写父类方法,当登录成功后,重置失败标志 */ @Override protected boolean onLoginSuccess( AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception { HttpServletResponse httpServletResponse = (HttpServletResponse) response; HttpServletRequest httpServletRequest = (HttpServletRequest) request; SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); Date now = DateUtils.currentDate(); // 更新Access Token,并设置半年后过期 if (StringUtils.isBlank(authAccount.getAccessToken()) || authAccount.getAccessTokenExpireTime().before(now)) { authAccount.setAccessToken(UUID.randomUUID().toString()); authAccount.setAccessTokenExpireTime( new DateTime(DateUtils.currentDate()).plusMonths(6).toDate()); userService.save(authAccount); } // 写入登入记录信息 UserLogonLog userLogonLog = new UserLogonLog(); userLogonLog.setLogonTime(DateUtils.currentDate()); userLogonLog.setLogonYearMonthDay(DateUtils.formatDate(userLogonLog.getLogoutTime())); userLogonLog.setRemoteAddr(httpServletRequest.getRemoteAddr()); userLogonLog.setRemoteHost(httpServletRequest.getRemoteHost()); userLogonLog.setRemotePort(httpServletRequest.getRemotePort()); userLogonLog.setLocalAddr(httpServletRequest.getLocalAddr()); userLogonLog.setLocalName(httpServletRequest.getLocalName()); userLogonLog.setLocalPort(httpServletRequest.getLocalPort()); userLogonLog.setServerIP(IPAddrFetcher.getGuessUniqueIP()); userLogonLog.setHttpSessionId(httpServletRequest.getSession().getId()); userLogonLog.setUserAgent(httpServletRequest.getHeader("User-Agent")); userLogonLog.setXforwardFor(IPAddrFetcher.getRemoteIpAddress(httpServletRequest)); userLogonLog.setAuthType(authAccount.getAuthType()); userLogonLog.setAuthUid(authAccount.getAuthUid()); userLogonLog.setAuthGuid(authAccount.getAuthGuid()); userService.userLogonLog(authAccount, userLogonLog); if (isMobileAppAccess(request)) { return true; } else { // 根据不同登录类型转向不同成功界面 AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails(); // 判断密码是否已到期,如果是则转向密码修改界面 Date credentialsExpireTime = authAccount.getCredentialsExpireTime(); if (credentialsExpireTime != null && credentialsExpireTime.before(DateUtils.currentDate())) { httpServletResponse.sendRedirect( httpServletRequest.getContextPath() + authUserDetails.getUrlPrefixBySource() + "/profile/credentials-expire"); return false; } // 如果是强制转向指定successUrl则清空SavedRequest if (forceSuccessUrl) { WebUtils.getAndClearSavedRequest(httpServletRequest); } return super.onLoginSuccess(token, subject, request, httpServletResponse); } }