@ResponseBody @RequestMapping("/login/check.htm") public String checkLogin( String userName, String password, String captcha, String adminLogin, HttpServletRequest request) { assert userName != null; assert password != null; assert captcha != null; Provider provider = null; if ("1".equals(adminLogin)) { Admin loginAdmin = adminMapper.selectByName(userName); provider = newProviderByAdmin(loginAdmin); } else { provider = providerService.findByUserName(userName); } password = CookieHelper.md5(password); if (provider == null) { return "用户名不存在!"; } if (!provider.getPassword().equals(password)) { return "密码有误!"; } if (!validateCaptcha(captcha, request)) { return "验证码有误!"; } Boolean loginStatus = provider.getProviderStatus(); if (loginStatus != null && loginStatus.booleanValue()) { return "账号被锁定,不能登录!"; } // 登录合作方式校验 // if (!"1".equals(adminLogin)) { // Integer coopId = provider.getProviderCooperation(); // if (coopId == null || coopId.intValue() != 4) { // return "不是第三方直发供应商,不能登录!"; // } // } return "success"; }
private boolean doLogin( Provider provider, String password, boolean pwdEncoded, HttpServletRequest request) { // validate user status if (Boolean.TRUE.equals(provider.getProviderStatus())) { LOGGER.debug("provider [{0}] is locked", provider.getUserName()); return false; } // validate password String dbPassword = provider.getPassword(); if (pwdEncoded) { dbPassword = CookieHelper.md5(dbPassword); } if (!password.equals(dbPassword)) { LOGGER.debug("login password [{0}] error", password); return false; } // save to session SessionHelper.setProvider(provider, request); return true; }