Examples with UserDO - cn.dubidubi.model.base.UserDO

Example 1 with UserDO

use of cn.dubidubi.model.base.UserDO in project dubidubi by lzzzz4.

the class LoginRealm method doGetAuthorizationInfo.

// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
    UserDO userDO = (UserDO) principals.getPrimaryPrincipal();
    Integer roleId = userLoginService.getRoleIdByUserId(userDO.getId());
    if (roleId == null) {
        return null;
    }
    List<PermissionDO> list = userLoginService.listPermissionByRoleId(roleId);
    int length = list.size();
    SimpleAuthorizationInfo simpleAuthorizationInfo = new SimpleAuthorizationInfo();
    for (int i = 0; i < length; i++) {
        String temp = list.get(i).getEnabled();
        if (temp.equals("Y")) {
            simpleAuthorizationInfo.addStringPermission(list.get(i).getRemark());
        }
    }
    return simpleAuthorizationInfo;
}

Also used : SimpleAuthorizationInfo(org.apache.shiro.authz.SimpleAuthorizationInfo) UserDO(cn.dubidubi.model.base.UserDO) PermissionDO(cn.dubidubi.model.base.PermissionDO)

Example 2 with UserDO

use of cn.dubidubi.model.base.UserDO in project dubidubi by lzzzz4.

the class LoginController method doLogin.

/**
 * @Description: 直接访问与cookie请求的url
 * @param userLoginDTO
 * @param model
 * @param request
 * @param response
 * @return
 * @throws IOException
 * @throws ClassNotFoundException
 */
@RequestMapping("/doLogin")
public String doLogin(UserLoginDTO userLoginDTO, Model model, HttpServletRequest request, HttpServletResponse response) throws IOException, ClassNotFoundException, AuthorizationException {
    boolean isSavedCookie = false;
    if (userLoginDTO == null || StringUtils.isBlank(userLoginDTO.getAccount()) || StringUtils.isBlank(userLoginDTO.getPassword())) {
        userLoginDTO = loginCookieService.getUserFromCookies(request.getCookies());
        if (userLoginDTO == null) {
            return defeatPath;
        }
        isSavedCookie = true;
    }
    Subject subject = SecurityUtils.getSubject();
    UsernamePasswordToken token = new UsernamePasswordToken(userLoginDTO.getAccount(), userLoginDTO.getPassword());
    try {
        subject.login(token);
    } catch (LockedAccountException e) {
        e.printStackTrace();
        model.addAttribute("locked", "Y");
        return defeatPath;
    } catch (AuthenticationException e) {
        e.printStackTrace();
        model.addAttribute("wrong", "Y");
        return defeatPath;
    }
    UserDO userDO = (UserDO) subject.getPrincipal();
    request.getSession().setAttribute("user", userDO);
    // 将登录信息写入cookie
    if (!isSavedCookie) {
        loginCookieService.addLoginCookie(userLoginDTO, response);
    }
    SavedRequest savedRequest = WebUtils.getSavedRequest(request);
    if (savedRequest == null) {
        return defaultPath;
    }
    String URL = savedRequest.getRequestUrl();
    if (URL != null) {
        int URLStart = URL.indexOf("/", 1);
        String realURL = URL.substring(URLStart, URL.length());
        return "redirect:" + realURL;
    } else {
        return defaultPath;
    }
}

Also used : AuthenticationException(org.apache.shiro.authc.AuthenticationException) UserDO(cn.dubidubi.model.base.UserDO) Subject(org.apache.shiro.subject.Subject) LockedAccountException(org.apache.shiro.authc.LockedAccountException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) SavedRequest(org.apache.shiro.web.util.SavedRequest) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with UserDO

use of cn.dubidubi.model.base.UserDO in project dubidubi by lzzzz4.

the class LoginController method ajaxLogin.

/**
 * @Description: ajax方式访问url
 * 404 认证错误
 * 403 账户被锁定错误
 * 500 无上传对象错误
 * 200 成功
 * @return ajax返回值对象
 * @throws IOException
 */
@RequestMapping(value = "/doLogin", headers = "X-Requested-With=XMLHttpRequest")
@ResponseBody
public AjaxResultDTO ajaxLogin(UserLoginDTO userLoginDTO, HttpServletRequest request, HttpServletResponse response) throws AuthorizationException, IOException {
    AjaxResultDTO ajaxResultDTO = new AjaxResultDTO();
    Subject subject = SecurityUtils.getSubject();
    if (StringUtils.isNotBlank(userLoginDTO.getAccount()) && StringUtils.isNotBlank(userLoginDTO.getPassword())) {
        UsernamePasswordToken token = new UsernamePasswordToken(userLoginDTO.getAccount(), userLoginDTO.getPassword());
        // 调取realm
        try {
            subject.login(token);
        } catch (LockedAccountException e) {
            // 账户被锁定
            ajaxResultDTO.setCode(403);
            e.printStackTrace();
            return ajaxResultDTO;
        } catch (AuthenticationException e) {
            // 认证错误
            ajaxResultDTO.setCode(404);
            e.printStackTrace();
            return ajaxResultDTO;
        }
    } else {
        // 无上传数值错误
        ajaxResultDTO.setCode(500);
    }
    // 往session中放入用户数据
    UserDO userDO = (UserDO) subject.getPrincipal();
    request.getSession().setAttribute("user", userDO);
    // 设置状态为成功
    ajaxResultDTO.setCode(200);
    // 设置cookie
    loginCookieService.addLoginCookie(userLoginDTO, response);
    // 得到跳转前的url
    SavedRequest savedRequest = WebUtils.getSavedRequest(request);
    // 当savedrequest对象为空
    if (savedRequest == null) {
        ajaxResultDTO.setUrl(defaultPath);
    }
    String URL = savedRequest.getRequestUrl();
    // 判断url是否为空
    if (URL != null) {
        int URLStart = URL.indexOf("/", 1);
        String realURL = URL.substring(URLStart, URL.length());
        ajaxResultDTO.setUrl(realURL);
    } else {
        ajaxResultDTO.setUrl(defaultPath);
    }
    return ajaxResultDTO;
}

Also used : AuthenticationException(org.apache.shiro.authc.AuthenticationException) UserDO(cn.dubidubi.model.base.UserDO) AjaxResultDTO(cn.dubidubi.model.base.dto.AjaxResultDTO) Subject(org.apache.shiro.subject.Subject) LockedAccountException(org.apache.shiro.authc.LockedAccountException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) SavedRequest(org.apache.shiro.web.util.SavedRequest) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 4 with UserDO

use of cn.dubidubi.model.base.UserDO in project dubidubi by lzzzz4.

the class LoginRealm method doGetAuthenticationInfo.

// 认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    String account = (String) token.getPrincipal();
    String dbpassword = userLoginService.getPasswordByAccount(account);
    if (dbpassword == null) {
        return null;
    }
    UserDO userDO = userLoginService.getUserDOToSessionByAccount(account);
    if (!userDO.getEnabled().equals("Y")) {
        throw new LockedAccountException();
    }
    userDO.setAccount(account);
    return new SimpleAuthenticationInfo(userDO, dbpassword, ByteSource.Util.bytes(userDO.getSalt()), this.getName());
}

Also used : SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) UserDO(cn.dubidubi.model.base.UserDO) LockedAccountException(org.apache.shiro.authc.LockedAccountException)

Aggregations

UserDO (cn.dubidubi.model.base.UserDO)4 LockedAccountException (org.apache.shiro.authc.LockedAccountException)3 AuthenticationException (org.apache.shiro.authc.AuthenticationException)2 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)2 Subject (org.apache.shiro.subject.Subject)2 SavedRequest (org.apache.shiro.web.util.SavedRequest)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 PermissionDO (cn.dubidubi.model.base.PermissionDO)1 AjaxResultDTO (cn.dubidubi.model.base.dto.AjaxResultDTO)1 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)1 SimpleAuthorizationInfo (org.apache.shiro.authz.SimpleAuthorizationInfo)1 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1