use of org.nutz.integration.shiro.SimpleShiroToken in project nutzboot by nutzam.
the class UserModule method login.
@Ok("json")
@Fail("http:500")
@POST
@At("/login")
public boolean login(@Param("username") String username, @Param("password") String password, HttpSession session) {
User user = dao.fetch(User.class, username);
if (user == null)
return false;
Sha256Hash hash = new Sha256Hash(password, user.getSalt());
if (!hash.toHex().equals(user.getPassword())) {
return false;
}
Subject subject = SecurityUtils.getSubject();
subject.login(new SimpleShiroToken(user.getId()));
return true;
}
use of org.nutz.integration.shiro.SimpleShiroToken in project nutzboot by nutzam.
the class SimpleAuthorizingRealm method doGetAuthenticationInfo.
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
SimpleShiroToken upToken = (SimpleShiroToken) token;
User user = dao().fetch(User.class, (Long) upToken.getPrincipal());
if (user == null)
return null;
return new SimpleAccount(user.getId(), user.getPassword(), getName());
}
Aggregations