实现登录验证、权限验证、缓存存储提高查询效率等功能,主要看思路而不是跑通,这是我配置的真实的项目实例
思路:1登录首先经过过滤器类RequestFilter - 2登录控制器LoginController -3AuthRealm 登录认证 - 4认证成功登录主页(认证缓存)
main.js 加载菜单数据需要请求MenuController 中的方法(利用到自定义缓存)
这里权限认证没有给出,有时间跟大家分享,登录表结构设计以及shiro权限认证的前后台实现思路
spring-mvc.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
xmlns:aop="http://www.springframework.org/schema/aop" xmlns:mvc="http://www.springframework.org/schema/mvc"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/context
http://www.springframework.org/schema/context/spring-context.xsd
http://www.springframework.org/schema/tx
http://www.springframework.org/schema/tx/spring-tx.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/mvc
http://www.springframework.org/schema/mvc/spring-mvc.xsd">
<mvc:annotation-driven validator="validator"/>
<!-- 国际化配置注入 -->
<bean class="org.springframework.context.support.ResourceBundleMessageSource">
<property name="basename" value="messages" />
<property name="useCodeAsDefaultMessage" value="true" />
</bean>
<bean class="com.qkkj.hardwaremgmt.framework.exception.CustomHandlerExceptionResolver" />
<!-- 配置事务管理器 -->
<bean id="transactionManager" class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
<property name="dataSource" ref="dataSource" />
</bean>
<!-- 拦截器方式配置事物 -->
<tx:advice id="transactionAdvice" transaction-manager="transactionManager">
<tx:attributes>
<tx:method name="add*" propagation="REQUIRED" rollback-for="java.lang.RuntimeException" />
<tx:method name="update*" propagation="REQUIRED" rollback-for="java.lang.RuntimeException" />
<tx:method name="save*" propagation="REQUIRED" rollback-for="java.lang.RuntimeException" />
<tx:method name="delete*" propagation="REQUIRED" rollback-for="java.lang.Exception" />
<tx:method name="get*" propagation="SUPPORTS" read-only="true" />
</tx:attributes>
</tx:advice>
<!-- Spring aop事务管理 -->
<aop:config proxy-target-class="true">
<aop:pointcut id="transactionPointcut" expression="execution(* com.qkkj.hardwaremgmt.database.service.impl.*Impl.*(..))" />
<aop:advisor pointcut-ref="transactionPointcut" advice-ref="transactionAdvice" />
</aop:config>
<aop:aspectj-autoproxy proxy-target-class="true" />
<context:annotation-config />
<!-- 扫描所有的controller 但是不扫描service -->
<context:component-scan base-package="com.qkkj.hardwaremgmt">
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Controller" />
</context:component-scan>
<context:component-scan base-package="com.qkkj.hardwaremgmt">
<context:include-filter type="annotation" expression="org.springframework.stereotype.Controller" />
<context:exclude-filter type="annotation" expression="org.springframework.stereotype.Service" />
</context:component-scan>
<!-- 启动SpringMVC的注解功能,完成请求和注解POJO的映射 -->
<bean class="org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter">
<property name="messageConverters">
<list>
<bean class="org.springframework.http.converter.StringHttpMessageConverter">
<property name="defaultCharset" value="UTF-8"/>
<property name="supportedMediaTypes">
<list>
<value>application/json;charset=UTF-8</value>
<value>text/html;charset=UTF-8</value>
<value>text/json;charset=UTF-8</value>
</list>
</property>
</bean>
<bean class="org.springframework.http.converter.json.MappingJackson2HttpMessageConverter">
<property name="supportedMediaTypes">
<list>
<value>application/json;charset=UTF-8</value>
<value>text/html;charset=UTF-8</value>
<value>text/json;charset=UTF-8</value>
</list>
</property>
</bean>
</list>
</property>
</bean>
<!-- 配置校验器 -->
<bean id="messageSource" class="org.springframework.context.support.ReloadableResourceBundleMessageSource">
<property name="basename" value="classpath:messages_zh_CN"/>
<property name="fileEncodings" value="utf-8"/>
<property name="cacheSeconds" value="120"/>
</bean>
<!-- 以下 validator ConversionService在使用 mvc:annotation-driven 会 自动注册 -->
<bean id="validator" class="org.springframework.validation.beanvalidation.LocalValidatorFactoryBean">
<property name="providerClass" value="org.hibernate.validator.HibernateValidator" />
<property name="validationMessageSource" ref="messageSource" />
</bean>
<!-- 配置文件上传类型解析器 multipartResolver-->
<bean id="multipartResolver" class="org.springframework.web.multipart.commons.CommonsMultipartResolver">
<!-- 默认编码 -->
<property name="defaultEncoding" value="utf-8" />
<!-- 文件大小最大值 -->
<property name="maxUploadSize" value="10485760000" />
<!-- 内存中的最大值 -->
<property name="maxInMemorySize" value="40960" />
</bean>
<import resource="spring-mybatis.xml"/>
<import resource="spring-shiro.xml" />
</beans>
spring-shiro.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:p="http://www.springframework.org/schema/p"
xmlns:aop="http://www.springframework.org/schema/aop"
xmlns:cache="http://www.springframework.org/schema/cache"
xsi:schemaLocation="http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/aop
http://www.springframework.org/schema/aop/spring-aop.xsd
http://www.springframework.org/schema/cache
http://www.springframework.org/schema/cache/spring-cache.xsd ">
<!-- 继承自AuthorizingRealm的自定义Realm,即指定Shiro验证用户登录的类为自定义的ShiroDbRealm.java -->
<bean id="authRealm" class="com.qkkj.hardwaremgmt.framework.security.AuthRealm">
<property name="credentialsMatcher" ref="credentialsMatcher" />
<property name="authenticationCachingEnabled" value="true" />
<property name="authenticationCacheName" value="bos" />
<property name="cachingEnabled" value="true" />
<property name="authorizationCachingEnabled" value="true" />
<property name="authorizationCacheName" value="standard" />
</bean>
<bean id="credentialsMatcher" class="org.apache.shiro.authc.credential.HashedCredentialsMatcher">
<property name="hashAlgorithmName" value="MD5"></property>
<property name="hashIterations" value="1"></property>
</bean>
<!-- 自定义的单Realm应用 -->
<bean id="securityManager" class="org.apache.shiro.web.mgt.DefaultWebSecurityManager">
<property name="realm" ref="authRealm" />
<!-- 注入缓存管理器-->
<property name="cacheManager" ref="shiroCacheManager" />
</bean>
<!-- 注入缓存管理器-->
<bean id="shiroCacheManager" class="org.apache.shiro.cache.ehcache.EhCacheManager">
<property name="cacheManager" ref="ehCacheManager"/>
</bean>
<bean id="ehCacheManager" class ="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<property name="configLocation" value="classpath:ehcache-shiro.xml" />
<property name="shared" value="true"></property>
</bean>
<bean id="shiroFilter" class="org.apache.shiro.spring.web.ShiroFilterFactoryBean">
<!-- 权限管理器 -->
<property name="securityManager" ref="securityManager"/>
</bean>
<bean id="lifecycleBeanPostProcessor" class="org.apache.shiro.spring.LifecycleBeanPostProcessor"/>
<!-- 开启Shiro的注解进行安全逻辑验证 -->
<bean class="org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator" depends-on="lifecycleBeanPostProcessor">
<property name="proxyTargetClass" value="true"/>
</bean>
<bean class="org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor">
<property name="securityManager" ref="securityManager" />
</bean>
<bean id="springCacheManager"
class="org.springframework.cache.ehcache.EhCacheCacheManager">
<property name="cacheManager" ref="ehCacheManager" />
</bean>
<!-- 激活spring 缓存注解 -->
<cache:annotation-driven cache-manager="springCacheManager"/>
</beans>
ehcache-shiro.xml
<ehcache xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://ehcache.org/ehcache.xsd" updateCheck="false">
<diskStore path="D://ehcache"/>
<!-- 默认缓存区 -->
<defaultCache
maxElementsInMemory="10000"
eternal="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
maxElementsOnDisk="10000000"
diskExpiryThreadIntervalSeconds="120"
memoryStoreEvictionPolicy="LRU">
<persistence strategy="localTempSwap"/>
</defaultCache>
<!-- 自定义缓存区 -->
<cache name="bos"
maxElementsInMemory="10000"
eternal="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
maxElementsOnDisk="10000000"
diskExpiryThreadIntervalSeconds="120"
memoryStoreEvictionPolicy="LRU">
<persistence strategy="localTempSwap"/>
</cache>
<!-- 自定义缓存区 -->
<cache name="standard"
maxElementsInMemory="10000"
eternal="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
maxElementsOnDisk="10000000"
diskExpiryThreadIntervalSeconds="120"
memoryStoreEvictionPolicy="LRU">
<persistence strategy="localTempSwap"/>
</cache>
<!-- 自定义缓存区 -->
<cache name="loginUser"
maxElementsInMemory="10000"
eternal="false"
timeToIdleSeconds="120"
timeToLiveSeconds="120"
maxElementsOnDisk="10000000"
diskExpiryThreadIntervalSeconds="120"
memoryStoreEvictionPolicy="LRU">
<persistence strategy="localTempSwap"/>
</cache>
</ehcache>
pom.xml
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>qkkjhardwaremgmt</groupId>
<artifactId>qkkjhardwaremgmt</artifactId>
<packaging>war</packaging>
<version>1.0.0</version>
<name>硬件管理平台</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<encoding>UTF-8</encoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
<!-- spring版本号 -->
<spring.version>5.0.2.RELEASE</spring.version>
<jackson.version>2.9.2</jackson.version>
<!-- mybatis版本号 -->
<mybatis.version>3.4.1</mybatis.version>
<!-- log4j日志文件管理包版本 -->
<slf4j.version>1.7.21</slf4j.version>
<log4j.version>1.2.17</log4j.version>
<!-- shiro版本 -->
<shiro.version>1.4.0</shiro.version>
</properties>
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<!-- 表示开发的时候引入,发布的时候不会加载此包 -->
<scope>test</scope>
</dependency>
<!-- spring核心包外部依赖 log4j-->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-oxm</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-tx</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-jdbc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-webmvc</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-aop</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-context-support</artifactId>
<version>${spring.version}</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-test</artifactId>
<version>${spring.version}</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjweaver</artifactId>
<version>1.8.11</version>
</dependency>
<!-- mybatis核心包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis</artifactId>
<version>${mybatis.version}</version>
</dependency>
<!-- 分页插件 -->
<dependency>
<groupId>com.github.pagehelper</groupId>
<artifactId>pagehelper</artifactId>
<version>5.0.0</version>
</dependency>
<!-- mybatis/spring包 -->
<dependency>
<groupId>org.mybatis</groupId>
<artifactId>mybatis-spring</artifactId>
<version>1.3.0</version>
</dependency>
<!-- 导入javaee jar包 -->
<dependency>
<groupId>javax</groupId>
<artifactId>javaee-api</artifactId>
<version>8.0</version>
</dependency>
<!-- 导入Mysql数据库链接jar包 -->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.44</version>
</dependency>
<!-- 数据源 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.5</version>
</dependency>
<!-- 日志文件管理包 -->
<!-- log start -->
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>${log4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>${slf4j.version}</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
<version>${slf4j.version}</version>
</dependency>
<!-- log end -->
<!-- 格式化对象,方便输出日志 -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>fastjson</artifactId>
<version>1.2.31</version>
</dependency>
<!-- 映入JSON-->
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${jackson.version}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>2.9.0</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${jackson.version}</version>
</dependency>
<!-- excel 导入导出 jar包 start-->
<dependency>
<groupId>org.apache.xmlbeans</groupId>
<artifactId>xmlbeans</artifactId>
<version>2.6.0</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi</artifactId>
<version>3.17</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml</artifactId>
<version>3.17</version>
</dependency>
<dependency>
<groupId>org.apache.poi</groupId>
<artifactId>poi-ooxml-schemas</artifactId>
<version>3.17</version>
</dependency>
<dependency>
<groupId>net.sf.ehcache</groupId>
<artifactId>ehcache-core</artifactId>
<version>2.6.11</version>
</dependency>
<!-- excel 导入导出 jar包 end-->
<!-- shiro核心接口 -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-core</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-web</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>${shiro.version}</version>
</dependency>
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-ehcache</artifactId>
<version>${shiro.version}</version>
</dependency>
<!-- 上传组件包 -->
<dependency>
<groupId>commons-lang</groupId>
<artifactId>commons-lang</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>commons-fileupload</groupId>
<artifactId>commons-fileupload</artifactId>
<version>1.3.2</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.6</version>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.11</version>
</dependency>
<dependency>
<groupId>org.hibernate</groupId>
<artifactId>hibernate-validator</artifactId>
<version>5.4.0.Final</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<version>1.16.16</version>
<scope>provided</scope>
</dependency>
</dependencies>
<build>
<finalName>qkkjhardwaremgmt</finalName>
<resources>
<!-- 指定非class文件 打包到war文件中 start -->
<resource>
<directory>src/main/resources</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>false</filtering><!--这里是false,用true会报 数据库连接 错误 -->
</resource>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.properties</include>
<include>**/*.xml</include>
</includes>
<filtering>false</filtering>
</resource>
<!-- 指定非class文件 打包到war文件中 end -->
</resources>
</build>
</project>
AuthRealm
package com.qkkj.hardwaremgmt.framework.security;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.StringUtils;
import com.qkkj.hardwaremgmt.database.beans.SysUser;
import com.qkkj.hardwaremgmt.database.service.IMenuService;
import com.qkkj.hardwaremgmt.database.service.ISysUserService;
import com.qkkj.hardwaremgmt.framework.config.SysConstants;
import com.qkkj.hardwaremgmt.framework.util.EmptyUtil;
import com.qkkj.hardwaremgmt.framework.util.MySimpleByteSource;
/**
* @Title: AuthRealm.java
* @Package com.qkkj.usrmgmt.framework.security
* @Description: shiro安全认证
* @author fuxin
* @date 2018年2月25日 上午11:16:38
* @version V1.0
*/
public class AuthRealm extends AuthorizingRealm {
@Autowired
private ISysUserService sysUserService;
@Autowired
private IMenuService menuService;
/*
* 权限认证
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//获取登录时输入的用户名
String accountName=(String) principals.fromRealm(getName()).iterator().next();
//从缓存中获取权限认证信息
Cache<Object, AuthorizationInfo> AuthorizationInfoCache = getAuthorizationCache();
if (null != AuthorizationInfoCache) {
AuthorizationInfo AuthorizationInfoResult = AuthorizationInfoCache.get(accountName);
if (null != AuthorizationInfoResult) {
return AuthorizationInfoResult;
}
}
//到数据库查是否有此对象
Map<String,Object> param = new HashMap<String,Object>();
param.put("userAccount", accountName);
param.put("applicationId", SysConstants.HARDWARE_APPLICATION_ID);
//根据登录名 、应用id查询用户信息
SysUser sysUser = sysUserService.selectSysUserByParam(param);
if(!StringUtils.isEmpty(sysUser)){
//权限信息对象info,用来存放查出的用户的所有的角色(role)及权限(permission)
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
param.put("userId", sysUser.getUserId());
//查询
Map<String, List<String>> result = menuService.selectRolesAndFuncsCodes(param);
List<String> roles = result.get("roles");
List<String> permissions = result.get("permissions");
if (null != roles && roles.size() > 0) {
info.addRoles(roles);
}
if (null != permissions && permissions.size() > 0) {
info.addStringPermissions(permissions);
}
// 将权限认证信息存入缓存
if (null != AuthorizationInfoCache) {
AuthorizationInfoCache.put(accountName, info);
}
return info;
}
return null;
}
/*
* 登录验证
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
Subject currentUser = SecurityUtils.getSubject();
// 判断是否已经登录
if(!currentUser.isAuthenticated()) {
//令牌——基于用户名和密码的令牌
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
//令牌中可以取出用户名
String accountName = token.getUsername();
//让shiro框架去验证账号密码
if(!StringUtils.isEmpty(accountName)) {
//从缓存中获取登录验证信息
Cache<Object, AuthenticationInfo> AuthenTicationInfoCache = this.getAuthenticationCache();
if (null != AuthenTicationInfoCache) {
AuthenticationInfo AuthenticationInfoResult = AuthenTicationInfoCache.get(accountName);
if (null != AuthenticationInfoResult) {
return AuthenTicationInfoCache.get(accountName);
}
}
Map<String,Object> param = new HashMap<String,Object>();
param.put("userAccount", accountName);
param.put("applicationId", SysConstants.HARDWARE_APPLICATION_ID);
//根据登录名 、应用id查询用户信息
SysUser sysUser = sysUserService.selectSysUserByParam(param);
if(EmptyUtil.isNotEmpty(sysUser)) {
if(EmptyUtil.isEmpty(sysUser.getUserState()) || sysUser.getUserState().compareTo(SysConstants.USER_STATE_ENABLE) == 0) {
throw new LockedAccountException();
}
else {
AuthenticationInfo result = new SimpleAuthenticationInfo(sysUser.getUserAccount(), sysUser.getPassword(), new MySimpleByteSource(sysUser.getUserAccount().getBytes()), getName());
//将登录验证信息放入缓存
if (null != AuthenTicationInfoCache) {
AuthenTicationInfoCache.put(accountName, result);
}
return result;
}
}
}
}
return null;
}
//清除缓存
public void clearCached() {
PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
super.clearCache(principals);
}
}
package com.qkkj.hardwaremgmt.framework.filter;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.apache.commons.lang.StringUtils;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.filter.OncePerRequestFilter;
/**
* @Title: RequestFilter.java
* @Package com.qkkj.hardwaremgmt.framework.filter
* @Description: 拦截处理
* @author fuxin
* @date 2018年5月15日 上午9:17:34
* @version V1.0
*/
@ControllerAdvice
public class RequestFilter extends OncePerRequestFilter {
/*
* 拦截请求
*/
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
String urlStr = request.getRequestURI();
if(null != SecurityUtils.getSubject()) {//只允许一个用户登录同一个浏览器窗口
String htmlUserAccount = request.getParameter("userAccount");
Subject currentUser = SecurityUtils.getSubject();
String sessionUserAccount = (String) currentUser.getSession().getAttribute("userAccount");
if(StringUtils.isNotBlank(htmlUserAccount)&&StringUtils.isNotBlank(sessionUserAccount)) {
if(!StringUtils.equals(htmlUserAccount, sessionUserAccount)) {
response.addHeader("sessionstatus", "timeOut");
return;
}
}
}
if(urlStr.equals("/main")) {
Subject currentUser = SecurityUtils.getSubject();
if(currentUser.isAuthenticated()) {
request.getRequestDispatcher("/qkkjapp/views/main.html").forward(request, response);
}
else {
response.sendRedirect("/");
}
}else if (urlStr.equals("/loginController/login")) {
Subject currentUser = SecurityUtils.getSubject();
if(null != currentUser) {
currentUser.logout();
}
filterChain.doFilter(request, response);
}
else {
filterChain.doFilter(request, response);
}
}
}
LoginController
package com.qkkj.hardwaremgmt.web.controller;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.Date;
import javax.validation.Valid;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.qkkj.hardwaremgmt.database.beans.SysUser;
import com.qkkj.hardwaremgmt.database.service.CodeService;
import com.qkkj.hardwaremgmt.database.service.IMenuService;
import com.qkkj.hardwaremgmt.database.service.ISysUserService;
import com.qkkj.hardwaremgmt.framework.base.BaseController;
import com.qkkj.hardwaremgmt.framework.config.SysConstants;
import com.qkkj.hardwaremgmt.framework.enums.TablePrefixEnum;
import com.qkkj.hardwaremgmt.framework.util.AuthUtil;
import com.qkkj.hardwaremgmt.framework.util.CommonUtil;
import com.qkkj.hardwaremgmt.framework.util.EmptyUtil;
import com.qkkj.hardwaremgmt.framework.util.KeyGenerator;
import com.qkkj.hardwaremgmt.web.condition.LoginVO;
import com.qkkj.hardwaremgmt.web.condition.SetPasswordVO;
import com.qkkj.hardwaremgmt.web.util.ApiResult;
/**
*
* @Title: LoginController.java
* @Package com.qkkj.usrmgmt.web.controller
* @Description: 用户登录
* @author wangfudong
* @date 2018年5月23日 上午11:06:26
* @version V1.0
*/
@Controller
@RequestMapping("/loginController")
public class LoginController extends BaseController {
@Autowired
private IMenuService menuService;
@Autowired
private ISysUserService ISysUserService;
@Autowired
private CodeService CodeService;
/**
* 用户登录
*
* @param sysUser
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
@ResponseBody
public ApiResult<String> login(@Valid @RequestBody LoginVO loginVO, BindingResult result) {
// 校验信息
String errorStr = CommonUtil.validError(result);
if (EmptyUtil.isNotEmpty(errorStr)) {
return ApiResult.error(errorStr);
}
Subject currentUser = SecurityUtils.getSubject();
if (!currentUser.isAuthenticated()) {
UsernamePasswordToken token = new UsernamePasswordToken(loginVO.getUserAccount(), loginVO.getPassword());
token.setRememberMe(true);
try {
currentUser.login(token);
currentUser.getSession().setAttribute("userAccount", token.getUsername());
menuService.putIntoCache(token.getUsername());
return ApiResult.success();
}
// 没有指定的账户
catch (UnknownAccountException uae) {
return ApiResult.error(getMessage("loginController.checkUserAccount.error"));
}
// 密码不匹配
catch (IncorrectCredentialsException ice) {
return ApiResult.error(getMessage("loginController.checkUserAccount.error"));
}
// 用户被锁定
catch (LockedAccountException lae) {
return ApiResult.error(getMessage("loginController.checkUserAccountState.error"));
}
// 所有认证时异常的父类
catch (AuthenticationException ae) {
return ApiResult.error(getMessage("loginController.loginException.error"));
} finally {
// 登录不成功,清除token
if (!currentUser.isAuthenticated()) {
token.clear();
}
}
}
return ApiResult.success();
}
@RequestMapping(value = "/getcode", method = RequestMethod.POST)
@ResponseBody
public ApiResult<String> getcode(SetPasswordVO loginVO) {
String code = KeyGenerator.getCheckCode();
loginVO.setCheckCode(code);
loginVO.setCheck_code_id(KeyGenerator.getId(TablePrefixEnum.TB0000015.getCode()));
SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date now = new Date();
loginVO.setCreate_date(df.format(now));
Date afterDate = new Date(now.getTime() + 300000);
loginVO.setExpire_date(df.format(afterDate));
Boolean f = CodeService.insertcode(loginVO);
if (!f) {
return ApiResult.error(getMessage("data.error"));
}
return ApiResult.success();
}
@SuppressWarnings("unused")
@RequestMapping(value = "/setpass", method = RequestMethod.POST)
@ResponseBody
public ApiResult<String> setpass(SetPasswordVO loginVO) throws ParseException {
SysUser UserAccount =ISysUserService.getuserbyname(loginVO.getUserAccount());
if(UserAccount==null) {
return ApiResult.error("no find user or user lock");
}
SetPasswordVO user = CodeService.getcodebymobile(loginVO.getMobile());
if (user == null) {
return ApiResult.error("no find Mobile or code use");
}
DateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
Date now = new Date();
Date Expiredate = df.parse(user.getExpire_date());
if (user.getCheckCode().equals(loginVO.getCheckCode())) {
if (now.getTime() < Expiredate.getTime()) {
if (loginVO.getPassword().equals(loginVO.getComfirePassword())) {
loginVO.setPassword(AuthUtil.shiroMd5(loginVO.getPassword(), loginVO.getUserAccount()).toString());
Boolean f = ISysUserService.updatepass(loginVO.getPassword(), loginVO.getUserAccount());
Boolean fl = CodeService.updatecodestate(SysConstants.UNUSABLE, df.format(now), user.getCreate_date());
} else {
return ApiResult.error(getMessage("ComfirePassword out !!!"));
}
} else {
return ApiResult.error(getMessage("time out !!!"));
}
} else {
return ApiResult.error(getMessage("code error !!!"));
}
return ApiResult.success();
}
}
MenuController
package com.qkkj.hardwaremgmt.web.controller;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.apache.commons.lang.StringUtils;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import com.qkkj.hardwaremgmt.database.beans.SysUser;
import com.qkkj.hardwaremgmt.database.resultmap.SysFuncOperatePermissionResult;
import com.qkkj.hardwaremgmt.database.resultmap.SysMenuTreeResultMap;
import com.qkkj.hardwaremgmt.database.service.IMenuService;
import com.qkkj.hardwaremgmt.database.service.ISysUserService;
import com.qkkj.hardwaremgmt.framework.config.SysConstants;
import com.qkkj.hardwaremgmt.web.util.ApiResult;
/**
*
* @Title: MenuController.java
* @Package com.qkkj.hardwaremgmt.web.controller
* @Description: TODO(用一句话描述该文件做什么)
* @author wangfudong
* @date 2018年5月23日 下午5:29:54
* @version V1.0
*/
@Controller
@RequestMapping("/menuController")
public class MenuController {
@Autowired
private IMenuService menuService;
@Autowired
private ISysUserService sysUserService;
@Autowired
private EhCacheManager ehCacheManager;
/**
* 登录成功后加载菜单
* @author wangfd
* @param params
* @return
*/
@RequestMapping(value = "/selectMenuTree",method = RequestMethod.POST)
@ResponseBody
@SuppressWarnings("unchecked")
public ApiResult<Map<String,Object>> selectMenuTree(@RequestBody Map<String,Object> requset) {
Map<String,Object> menuUser = new HashMap<String,Object>();
Subject currentUser = SecurityUtils.getSubject();
String userAccount = (String) currentUser.getSession().getAttribute("userAccount");
if (null == userAccount) {
return ApiResult.error("用户名为空!!");
}
// 从缓存中获取组织树数据返回
Cache<Object, Object> userCache = ehCacheManager.getCache("loginUser");
if (null != userCache.get(userAccount)) {
Map<String, Object> userDetail = (Map<String, Object>) userCache.get(userAccount);
List<SysMenuTreeResultMap> menuTreeCache = (List<SysMenuTreeResultMap>) userDetail.get("menuInfo");
if (null != menuTreeCache && menuTreeCache.size() > 0) {
menuUser.put("userAccount", userAccount);
menuUser.put("menuTree", menuTreeCache);
return ApiResult.success(menuUser);
}
}
Map<String, Object> param = new HashMap<String, Object>();
param.put("userAccount", userAccount);
param.put("applicationId", SysConstants.HARDWARE_APPLICATION_ID);
// 根据登录名 、应用id查询用户信息
SysUser sysUser = sysUserService.selectSysUserByParam(param);
if (null == sysUser || StringUtils.isBlank(sysUser.getUserId())) {
return ApiResult.error("用户名不存在!!");
}
// 根据用户id 查询该用户所有的菜单权限id组成list集合
String userId = sysUser.getUserId();
param.put("userId", userId);
param.put("permissionType", SysConstants.PERMISSION_TYPE_MENU);
List<String> list = menuService.selectPermissionIds(param);
if (null == list || list.size() == 0) {
return ApiResult.error("当前用户还没有添加任何菜单权限!!");
}
// 根据权限id、应用id 查询菜单树返回页面
param.put("list", list);
List<SysMenuTreeResultMap> menuTree = menuService.selectMenuTree(param);
menuUser.put("userAccount", userAccount);
menuUser.put("menuTree", menuTree);
return ApiResult.success(menuUser);
}
/**
* 根据用户userId查询 全部拥有操作权限的按钮 function_operate_code
* 字段组成list集合返回页面,用于控制页面显示隐藏。
* @author wangfd
* @param params
* @return
*/
@RequestMapping(value = "/selectPermissionFuncs",method = RequestMethod.POST)
@ResponseBody
@SuppressWarnings("unchecked")
public ApiResult<List<SysFuncOperatePermissionResult>> selectPermissionFuncs(@RequestBody Map<String,Object> requset) {
Subject currentUser = SecurityUtils.getSubject();
String userAccount = (String) currentUser.getSession().getAttribute("userAccount");
if (null == userAccount || null == requset.get("menuId")) {
return ApiResult.error("用户名或者菜单id为空!!");
}
String menuId = requset.get("menuId").toString();
// 从缓存中获取组织树数据返回
Cache<Object, Object> userCache = ehCacheManager.getCache("loginUser");
if (null != userCache.get(userAccount)) {
Map<String, Object> userDetail = (Map<String, Object>) userCache.get(userAccount);
Map<String, List<SysFuncOperatePermissionResult>> funcsInfoCache = (Map<String, List<SysFuncOperatePermissionResult>>) userDetail.get("funcsInfo");
if (null != funcsInfoCache && funcsInfoCache.size() > 0) {
for (int i = 0; i < funcsInfoCache.size(); i++) {
if (funcsInfoCache.containsKey(menuId)) {
List<SysFuncOperatePermissionResult> listCache = funcsInfoCache.get(menuId);
if (null != listCache && listCache.size() > 0) {
return ApiResult.success(getLastPartList(listCache));
}
}
}
}
}
Map<String, Object> param = new HashMap<String, Object>();
param.put("userAccount", userAccount);
param.put("applicationId", SysConstants.HARDWARE_APPLICATION_ID);
// 根据登录名 、应用id查询用户信息
SysUser sysUser = sysUserService.selectSysUserByParam(param);
if (null == sysUser || StringUtils.isBlank(sysUser.getUserId())) {
return ApiResult.error("用户名不存在!!");
}
// 根据用户id 查询该用户所有的功能按钮权限id组成list集合
String userId = sysUser.getUserId();
param.put("userId", userId);
param.put("permissionType", SysConstants.PERMISSION_TYPE_FUNCS);
List<String> listPermission = menuService.selectPermissionIds(param);
if (null == listPermission || listPermission.size() == 0) {
return ApiResult.error("当前用户还没有添加任何菜单权限!!");
}
// 根据功能按钮权限集合 菜单id查询功能按钮权限集合
param.put("list", listPermission);
param.put("menuId", menuId);
List<SysFuncOperatePermissionResult> list = menuService.selectFuncsPermissionByMenuId(param);
return ApiResult.success(getLastPartList(list));
}
public List<SysFuncOperatePermissionResult> getLastPartList(List<SysFuncOperatePermissionResult> list){
for(int i = 0 ; i < list.size() ; i++) {
SysFuncOperatePermissionResult item = list.get(i);
String funcsCode = item.getFuncOperateCode();
String [] arrayItem = funcsCode.split(":");
String lastPartItem = arrayItem[arrayItem.length-1];//获取:号后半部分的值返回页面
item.setFuncOperateCode(lastPartItem);
list.set(i, item);
}
return list;
}
}
main.js 主页js
/**
* Created by Administrator on 2017/12/13.
*/
$(function () {
// get menu
function menuInit(id) {
var data = null;
$.ajax({
url: requestMapping.MENU_TREE,
data:JSON.stringify({}),
type: "POST",
async:true,
success: function(result) {
if(result.code == resultCode.SUCCESS) {
data = result.data.menuTree;
$("#main_userAccount_id").val(result.data.userAccount);
$("#userAccount_id").html(result.data.userAccount);
if(!data) {
data = [];
}
for(var i in data) {
// 重组url
if(data[i].menuUrl) {
data[i].menuUrl = data[i].menuUrl;
}
// 添加子节点标记
if(data[i].children.length > 0) {
data[i]["childflag"] = true;
$.each(data[i].children, function(n, citem) {
// 重组url
if(citem.menuUrl) {
citem.menuUrl = citem.menuUrl;
}
});
}
else {
data[i]["childflag"] = false;
}
}
// compile our template
var template = Handlebars.compile($("#menu-template").html());
$("#" + id).html(template(data));
mainMenuClickFunc();
refreshPage();
}
}
});
}
// click menu
function mainMenuClickFunc() {
$("#pk-menu a").click(function() {
if($(this).parents("li").hasClass("treeview")) {
$( ".sidebar-menu .treeview li").removeClass("active");
if(!$(this).parents(".treeview").hasClass("active")){
$( ".sidebar-menu li").removeClass("active");
$(this).parents(".treeview").addClass("active");
}
}
else {
$( ".sidebar-menu li").removeClass("active");
$( ".sidebar-menu li").removeClass("menu-open");
}
$($(this).parent("li")).addClass("active");
var dataUrl = $(this).attr("data-url");
var menuIdli = $(this).attr("id");
if(dataUrl) {
storeDatas(dataUrl, dataUrl, { menuId:menuIdli});
}
});
}
// store message
function storeDatas(menuUrl, pageUrl, params) {
if(menuUrl) {
sessionStorage.setItem("menuUrl", menuUrl);
}
if(pageUrl) {
sessionStorage.setItem("pageUrl", pageUrl);
}
if(params) {
//根据菜单主键、从缓存中查询权限集合
$.ajax({
url: requestMapping.PERMISSION_FUNCS,
data:JSON.stringify(params),
type: "POST",
async:false,
success: function(result) {
if(result.code == resultCode.SUCCESS) {
sessionStorage.setItem("pageParams", JSON.stringify({"permissions":result.data}));
$("#qk-content").html("");
$("#qk-content").load(pageUrl);
}else{//查询权限失败
window.open("/qkkjapp/views/login.html","_self");
}
}
});
}
else {
sessionStorage.removeItem("pageParams");
$("#qk-content").html("");
$("#qk-content").load(pageUrl);
}
}
// refresh page
function refreshPage() {
var menuUrl = sessionStorage.getItem("menuUrl");
var pageUrl = sessionStorage.getItem("pageUrl");
if(menuUrl) {
$("#pk-menu").find("a").each(function(index, item) {
if(menuUrl.trim() == $(item).attr("data-url").trim()) {
$($(this).parent("li")).addClass("active");
$(this).parents(".treeview").addClass("active").addClass("menu-open");
return false;
}
});
}
if(pageUrl) {
$("#qk-content").load(pageUrl);
}
}
menuInit("pk-menu");
});