Examples with InvalidAccountException org.apache.shiro.biz.authc.exception.InvalidAccountException used on opensource projects

Example 1 with InvalidAccountException

use of org.apache.shiro.biz.authc.exception.InvalidAccountException in project spring-boot-starter-samples by vindell.

the class AuthzPrincipalRepositoryImpl method getAuthenticationInfo.

@Override
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    if (!StringUtils.hasText(upToken.getUsername()) || upToken.getPassword() == null) {
        throw new UnknownAccountException("Username or password is required.");
    }
    // 密码加密
    // Base64.encodeBase64String(new String(upToken.getPassword()).getBytes());
    String pwd = new String(upToken.getPassword());
    // 账号状态
    Map<String, String> statusMap = getAuthzLoginDao().getAccountStatus(upToken.getUsername(), pwd);
    // 账号不存在 或 用户名或密码不正确
    if ("0".equals(statusMap.get("num_1")) || "0".equals(statusMap.get("num_2"))) {
        throw new InvalidAccountException("Username or password is incorrect, please re-enter.");
    } else // 账号被禁用
    if ("0".equals(statusMap.get("num_4"))) {
        throw new DisabledAccountException("Account is disabled.");
    } else // 用户无所属角色
    if ("0".equals(statusMap.get("num_3"))) {
        throw new NoneRoleException();
    }
    // 用户主体对象
    AuthzLoginModel model = getAuthzLoginDao().getAccount(upToken.getUsername(), pwd);
    // 用户角色ID集合
    List<String> roles = getAuthzUserDao().getRoles(model.getUserid());
    model.setRoles(Sets.newHashSet(roles.iterator()));
    model.setRoleid(roles.get(0));
    // 用户权限标记集合
    Set<String> perms = Sets.newHashSet();
    for (String roleid : model.getRoles()) {
        perms.addAll(getAuthzRolePermsDao().getPermissions(roleid));
    }
    model.setPerms(perms);
    // 认证信息
    return new SimpleAuthenticationInfo(model, upToken.getPassword(), "login");
}