Example 66 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project vip by guangdada.
the class LoginController method loginVali.
/**
* 点击登录执行的动作
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String loginVali() {
String username = super.getPara("username").trim();
String password = super.getPara("password").trim();
// 验证验证码是否正确
if (ToolUtil.getKaptchaOnOff()) {
String kaptcha = super.getPara("kaptcha").trim();
String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equals(code)) {
throw new InvalidKaptchaException();
}
}
Subject currentUser = ShiroKit.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
token.setRememberMe(true);
currentUser.login(token);
ShiroUser shiroUser = ShiroKit.getUser();
super.getSession().setAttribute("shiroUser", shiroUser);
super.getSession().setAttribute("username", shiroUser.getAccount());
LogManager.me().executeLog(LogTaskFactory.loginLog(shiroUser.getId(), getIp()));
ShiroKit.getSession().setAttribute("sessionFlag", true);
return REDIRECT + "/";
}
Also used :
InvalidKaptchaException(com.ikoori.vip.common.exception.InvalidKaptchaException)
ShiroUser(com.ikoori.vip.server.core.shiro.ShiroUser)
Subject(org.apache.shiro.subject.Subject)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 67 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project moon by gentoo111.
the class RestfulFilter method isAccessAllowed.
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
String loginToken = getToken(request);
if (StringUtils.isBlank(loginToken)) {
// 非Restful方式
return super.isAccessAllowed(request, response, mappedValue);
}
TokenManager tokenManager = SpringUtil.getBean(TokenManager.class);
UsernamePasswordToken token = tokenManager.getToken(loginToken);
if (token != null) {
try {
Subject subject = getSubject(request, response);
if (subject.getPrincipal() == null) {
subject.login(token);
}
return true;
} catch (Exception e) {
e.printStackTrace();
}
}
return false;
}
Also used :
TokenManager(com.moon.admin.service.TokenManager)
Subject(org.apache.shiro.subject.Subject)
IOException(java.io.IOException)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Example 68 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project moon by gentoo111.
the class LoginController method restfulLogin.
@LogAnnotation
@ApiOperation(value = "restful登录方式,前后端分离时的接口")
@PostMapping("/sys/login/restful")
public Token restfulLogin(String username, String password) {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password);
SecurityUtils.getSubject().login(usernamePasswordToken);
return tokenManeger.saveToken(usernamePasswordToken);
}
Also used :
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
LogAnnotation(com.moon.admin.common.utils.LogAnnotation)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
ApiOperation(io.swagger.annotations.ApiOperation)
Example 69 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project moon by gentoo111.
the class LoginController method login.
@LogAnnotation
@ApiOperation(value = "web端登陆")
@PostMapping("/sys/login")
public void login(String username, String password) {
UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(username, password);
SecurityUtils.getSubject().login(usernamePasswordToken);
}
Also used :
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
LogAnnotation(com.moon.admin.common.utils.LogAnnotation)
PostMapping(org.springframework.web.bind.annotation.PostMapping)
ApiOperation(io.swagger.annotations.ApiOperation)
Example 70 with UsernamePasswordToken
use of org.apache.shiro.authc.UsernamePasswordToken in project moon by gentoo111.
the class EhCacheTokenManager method saveToken.
@Override
public Token saveToken(UsernamePasswordToken usernamePasswordToken) {
Cache cache = cacheManager.getCacheManager().getCache("login_user_tokens");
String key = UUID.randomUUID().toString();
Element element = new Element(key, usernamePasswordToken);
element.setTimeToLive(expireSeconds);
cache.put(element);
return new Token(key, DateUtils.addSeconds(new Date(), expireSeconds));
}
Also used :
Element(net.sf.ehcache.Element)
Token(com.moon.admin.vo.Token)
UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken)
Date(java.util.Date)
Cache(net.sf.ehcache.Cache)
Aggregations
UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)118
Subject (org.apache.shiro.subject.Subject)52
Test (org.junit.Test)30
AuthenticationException (org.apache.shiro.authc.AuthenticationException)28
AuthenticationToken (org.apache.shiro.authc.AuthenticationToken)28
SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)19
AuthenticationInfo (org.apache.shiro.authc.AuthenticationInfo)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)11
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)11
Test (org.testng.annotations.Test)11
LockedAccountException (org.apache.shiro.authc.LockedAccountException)10
IncorrectCredentialsException (org.apache.shiro.authc.IncorrectCredentialsException)9
UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)9
HttpServletResponse (javax.servlet.http.HttpServletResponse)8
DelegatingSubject (org.apache.shiro.subject.support.DelegatingSubject)7
Session (org.apache.shiro.session.Session)6
SimplePrincipalCollection (org.apache.shiro.subject.SimplePrincipalCollection)6
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)6
DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)4
AuthorizationInfo (org.apache.shiro.authz.AuthorizationInfo)4
