@ResponseBody @RequestMapping("/password.htm") public String password( ModelMap modelMap, String oldPassword, String newPassword, HttpServletRequest request) { Provider provider = SessionHelper.getProvider(request); oldPassword = CookieHelper.md5(oldPassword); if (!provider.getPassword().equals(oldPassword)) { return "旧密码错误,请重新输入!"; } else { String newPwd = CookieHelper.md5(newPassword); Provider newProvider = new Provider(); newProvider.setProviderId(provider.getProviderId()); newProvider.setPassword(newPwd); try { providerService.update(newProvider); // recordEditAccountLog(); } catch (Exception e) { LOGGER.error("修改供应商密码失败!", e); return "修改密码失败!"; } // 更新SESSION provider.setPassword(newPwd); SessionHelper.setProvider(provider, request); } return "success"; }
private boolean manualLogin(HttpServletRequest request, HttpServletResponse response) { String userName = request.getParameter("userName"); String password = request.getParameter("password"); String captcha = request.getParameter("captcha"); if (userName == null || password == null || !validateCaptcha(captcha, request)) { return false; } String adminLogin = request.getParameter("adminLogin"); Provider provider = null; if ("1".equals(adminLogin)) { Admin loginAdmin = adminMapper.selectByName(userName); if (loginAdmin == null) { LOGGER.warn("not found admin user from database by name [{0}]", userName); return false; } provider = newProviderByAdmin(loginAdmin); } else { provider = providerService.findByUserName(userName); if (provider == null) { LOGGER.debug("not found provider user from database by name [{0}]", userName); return false; } provider.setUserName(userName); } // 设置配送区域 provider.setDeliveryArea(genProviderDeliveryArea(provider)); password = CookieHelper.md5(password); boolean login = doLogin(provider, password, false, request); if (login) { int cookieMaxAge = -1; // cookies auto-expire if (Boolean.parseBoolean(request.getParameter("autoLogin"))) { cookieMaxAge = Integer.parseInt(getProperty(COOKIE_MAX_AGE)); CookieHelper.addCookies( provider.getProviderId().toString(), password, adminLogin, cookieMaxAge, request, response); } } return login; }
@ResponseBody @RequestMapping("/login/check.htm") public String checkLogin( String userName, String password, String captcha, String adminLogin, HttpServletRequest request) { assert userName != null; assert password != null; assert captcha != null; Provider provider = null; if ("1".equals(adminLogin)) { Admin loginAdmin = adminMapper.selectByName(userName); provider = newProviderByAdmin(loginAdmin); } else { provider = providerService.findByUserName(userName); } password = CookieHelper.md5(password); if (provider == null) { return "用户名不存在!"; } if (!provider.getPassword().equals(password)) { return "密码有误!"; } if (!validateCaptcha(captcha, request)) { return "验证码有误!"; } Boolean loginStatus = provider.getProviderStatus(); if (loginStatus != null && loginStatus.booleanValue()) { return "账号被锁定,不能登录!"; } // 登录合作方式校验 // if (!"1".equals(adminLogin)) { // Integer coopId = provider.getProviderCooperation(); // if (coopId == null || coopId.intValue() != 4) { // return "不是第三方直发供应商,不能登录!"; // } // } return "success"; }
private boolean doLogin( Provider provider, String password, boolean pwdEncoded, HttpServletRequest request) { // validate user status if (Boolean.TRUE.equals(provider.getProviderStatus())) { LOGGER.debug("provider [{0}] is locked", provider.getUserName()); return false; } // validate password String dbPassword = provider.getPassword(); if (pwdEncoded) { dbPassword = CookieHelper.md5(dbPassword); } if (!password.equals(dbPassword)) { LOGGER.debug("login password [{0}] error", password); return false; } // save to session SessionHelper.setProvider(provider, request); return true; }