@ResponseBody
@RequestMapping("/login/check.htm")
public String checkLogin(
String userName,
String password,
String captcha,
String adminLogin,
HttpServletRequest request) {
assert userName != null;
assert password != null;
assert captcha != null;
Provider provider = null;
if ("1".equals(adminLogin)) {
Admin loginAdmin = adminMapper.selectByName(userName);
provider = newProviderByAdmin(loginAdmin);
} else {
provider = providerService.findByUserName(userName);
}
password = CookieHelper.md5(password);
if (provider == null) {
return "用户名不存在!";
}
if (!provider.getPassword().equals(password)) {
return "密码有误!";
}
if (!validateCaptcha(captcha, request)) {
return "验证码有误!";
}
Boolean loginStatus = provider.getProviderStatus();
if (loginStatus != null && loginStatus.booleanValue()) {
return "账号被锁定,不能登录!";
}
// 登录合作方式校验
// if (!"1".equals(adminLogin)) {
// Integer coopId = provider.getProviderCooperation();
// if (coopId == null || coopId.intValue() != 4) {
// return "不是第三方直发供应商,不能登录!";
// }
// }
return "success";
}
private boolean doLogin(
Provider provider, String password, boolean pwdEncoded, HttpServletRequest request) {
// validate user status
if (Boolean.TRUE.equals(provider.getProviderStatus())) {
LOGGER.debug("provider [{0}] is locked", provider.getUserName());
return false;
}
// validate password
String dbPassword = provider.getPassword();
if (pwdEncoded) {
dbPassword = CookieHelper.md5(dbPassword);
}
if (!password.equals(dbPassword)) {
LOGGER.debug("login password [{0}] error", password);
return false;
}
// save to session
SessionHelper.setProvider(provider, request);
return true;
}
