Search in sources :

Example 1 with InvalidAccountException

use of org.apache.shiro.biz.authc.exception.InvalidAccountException in project spring-boot-starter-samples by vindell.

the class AuthzPrincipalRepositoryImpl method getAuthenticationInfo.

@Override
public AuthenticationInfo getAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    UsernamePasswordToken upToken = (UsernamePasswordToken) token;
    if (!StringUtils.hasText(upToken.getUsername()) || upToken.getPassword() == null) {
        throw new UnknownAccountException("Username or password is required.");
    }
    // 密码加密
    // Base64.encodeBase64String(new String(upToken.getPassword()).getBytes());
    String pwd = new String(upToken.getPassword());
    // 账号状态
    Map<String, String> statusMap = getAuthzLoginDao().getAccountStatus(upToken.getUsername(), pwd);
    // 账号不存在 或 用户名或密码不正确
    if ("0".equals(statusMap.get("num_1")) || "0".equals(statusMap.get("num_2"))) {
        throw new InvalidAccountException("Username or password is incorrect, please re-enter.");
    } else // 账号被禁用
    if ("0".equals(statusMap.get("num_4"))) {
        throw new DisabledAccountException("Account is disabled.");
    } else // 用户无所属角色
    if ("0".equals(statusMap.get("num_3"))) {
        throw new NoneRoleException();
    }
    // 用户主体对象
    AuthzLoginModel model = getAuthzLoginDao().getAccount(upToken.getUsername(), pwd);
    // 用户角色ID集合
    List<String> roles = getAuthzUserDao().getRoles(model.getUserid());
    model.setRoles(Sets.newHashSet(roles.iterator()));
    model.setRoleid(roles.get(0));
    // 用户权限标记集合
    Set<String> perms = Sets.newHashSet();
    for (String roleid : model.getRoles()) {
        perms.addAll(getAuthzRolePermsDao().getPermissions(roleid));
    }
    model.setPerms(perms);
    // 认证信息
    return new SimpleAuthenticationInfo(model, upToken.getPassword(), "login");
}
Also used : DisabledAccountException(org.apache.shiro.authc.DisabledAccountException) AuthzLoginModel(net.jeebiz.boot.demo.dao.entities.AuthzLoginModel) SimpleAuthenticationInfo(org.apache.shiro.authc.SimpleAuthenticationInfo) UnknownAccountException(org.apache.shiro.authc.UnknownAccountException) UsernamePasswordToken(org.apache.shiro.authc.UsernamePasswordToken) InvalidAccountException(org.apache.shiro.biz.authc.exception.InvalidAccountException) NoneRoleException(org.apache.shiro.biz.authc.exception.NoneRoleException)

Aggregations

AuthzLoginModel (net.jeebiz.boot.demo.dao.entities.AuthzLoginModel)1 DisabledAccountException (org.apache.shiro.authc.DisabledAccountException)1 SimpleAuthenticationInfo (org.apache.shiro.authc.SimpleAuthenticationInfo)1 UnknownAccountException (org.apache.shiro.authc.UnknownAccountException)1 UsernamePasswordToken (org.apache.shiro.authc.UsernamePasswordToken)1 InvalidAccountException (org.apache.shiro.biz.authc.exception.InvalidAccountException)1 NoneRoleException (org.apache.shiro.biz.authc.exception.NoneRoleException)1