UserLoginController.java:
@Controller
@RequestMapping("admin")
public class UserLoginController {
static Logger logger = LoggerFactory.getLogger(UserLoginController.class);
private Map<String, Object> resultMap = new LinkedHashMap<>();
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ResponseBody
public Map<String, Object> login(HttpServletRequest request) {
String username = request.getParameter("username");
String pwd = request.getParameter("password");
resultMap.put("status", 500);
if(StringUtils.isEmpty(username) || StringUtils.isEmpty(pwd)){
resultMap.put("message", "用户名或密码为空!");
return resultMap;
}
UsernamePasswordToken token = new UsernamePasswordToken(username, pwd);
token.setRememberMe(false);
// 获取当前的Subject
Subject currentUser = SecurityUtils.getSubject();
try {
AuthManager authManager = AppContext.getBean(AuthManager.class);
// 校验用户,密码错误则返回user为空
User user = authManager.verifyAuth(username, pwd);
if (user == null) {
resultMap.put("message", "密码错误!");
return resultMap;
}
currentUser.login(token);
resultMap.put("status", 200);
HttpSession sess = request.getSession();
sess.setAttribute(AuthUtils.SEC_USER, user);
} catch (Exception e) {
logger.error("登录异常!", e.getMessage());
}
// 验证是否登录成功
if (!currentUser.isAuthenticated()) {
token.clear();
}
//jsp显示“欢迎XXX登录“
HttpSession session = request.getSession();
User user = (User) session.getAttribute(SEC_USER);
session.setAttribute("userName",user.getUserName());
return resultMap;
}
/*
* 退出登录
*/
@RequestMapping(value = "/logout", method =RequestMethod.GET)
@ResponseBody
public Map<String, Object> logout(HttpServletRequest request) {
try {
Subject subject = SecurityUtils.getSubject();
subject.logout();
// 销毁和用户关联的session对象
request.getSession().invalidate();
resultMap.put("status", 200);
} catch (Exception e) {
resultMap.put("status", 500);
logger.error("logout error:" + e.getMessage());
}
return resultMap;
}
}
login.jsp:
<form id="form" action="../../admin/login.do" method="post">
<input name="username" id="username" class="form-control" type="text" placeholder="请输入账户">
<input name="password" id="psd" class="form-control" type="password" placeholder="请输入密码">
<input type="button" id="login" class="btn btn-primary btn-block btn-flat submit" value="登录"></input>
<div class="error"><span>+</span></div>
</form>
<script type="text/javascript">
jQuery(document).ready(function () {
document.onkeydown = function (ev) {
var event = ev || event
if (event.keyCode == 13) {
$("#login").click();
}
};
// 登录操作
$("#login").click(function () {
debugger
var username = $('#username').val();
var password = $('#psd').val();
$.ajax({
url: "../../admin/login.do",
type: "post",
data: {
username: username,
password: password
},
dataType: "json",
success: function(result){
if (result && result.status != 200) {
layer.msg(result.message, function () {
});
$('password').val('');
return;
} else {
setTimeout(function () {
// 登录返回
window.location.href = "../../page/admin/index.jsp";
}, 500)
}
},
error: function (e) {
console.log(e, e.message);
}
});
});
});
</script>
退出登录:
index.jsp:
···
<li class="dropdown">
<a href="javascript:void(0);" class="dropdown-toggle" data-toggle="dropdown" id="dropdownMenu1">欢迎[<%=session.getAttribute("userName")%>]登陆</a>
<ul class="dropdown-menu" style="background-color: #f6f6f6 !important; text-align: center" id="dropDownCur">
<li><a href="javascript:changePsw()">修改密码</a></li>
<a href="javascript:void(0);" class="dropdown-toggle" οnclick="logout()">退出登录</a>
</ul>
</li>
···
<script>
function logout() {
$.getJSON('../../admin/logout.do',{},function (result) {
if (result && result.status == 200) {
layer.msg("退出成功!");
window.location.href = "../../page/admin/login.jsp";
} else {
layer.msg("退出失败,请重试!");
}
});
}
</script>