@Autowired
private OperaterLogService operaterLogService;
@Autowired
private UserService userService;
@Autowired
private DatabaseBakService databaseBak 《大厂前端面试题解析+Web核心总结学习笔记+企业项目实战源码+最新高清讲解视频》无偿开源 徽信搜索公众号【编程进阶路】 Service;
@Autowired
private StaffService staffService;
@Autowired
private OrderAuthService orderAuthService;
private Logger log = LoggerFactory.getLogger(SystemController.class);
/**
-
登录页面
-
@param model
-
@return
*/
@RequestMapping(value=“/login”,method=RequestMethod.GET)
public String login(Model model){
model.addAttribute(“loginTypes”, LoginType.values());
return “admin/system/login”;
}
/**
-
用户登录提交表单处理方法
-
@param request
-
@param cpacha
-
@return
*/
@RequestMapping(value=“/login”,method=RequestMethod.POST)
@ResponseBody
public Result login(HttpServletRequest request,String username,String password,String cpacha,Integer type){
if(StringUtils.isEmpty(username)){
return Result.error(CodeMsg.ADMIN_USERNAME_EMPTY);
}
if(StringUtils.isEmpty(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_EMPTY);
}
//表示实体信息合法,开始验证验证码是否为空
if(StringUtils.isEmpty(cpacha)){
return Result.error(CodeMsg.CPACHA_EMPTY);
}
//说明验证码不为空,从session里获取验证码
Object attribute = request.getSession().getAttribute(“admin_login”);
if(attribute == null){
return Result.error(CodeMsg.SESSION_EXPIRED);
}
//表示session未失效,进一步判断用户填写的验证码是否正确
if(!cpacha.equalsIgnoreCase(attribute.toString())){
return Result.error(CodeMsg.CPACHA_ERROR);
}
if(type == LoginType.ADMINISTRATOR.getCode()){
//表示验证码正确,开始查询数据库,检验密码是否正确
User findByUsername = userService.findByUsername(username);
//判断是否为空
if(findByUsername == null){
return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
}
//表示用户存在,进一步对比密码是否正确
if(!findByUsername.getPassword().equals(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
}
//表示密码正确,接下来判断用户状态是否可用
if(findByUsername.getStatus() == User.ADMIN_USER_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_UNABLE);
}
//检查用户所属角色状态是否可用
if(findByUsername.getRole() == null || findByUsername.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
}
//检查用户所属角色的权限是否存在
if(findByUsername.getRole().getAuthorities() == null || findByUsername.getRole().getAuthorities().size() == 0){
return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
}
//检查一切符合,可以登录,将用户信息存放至session
request.getSession().setAttribute(SessionConstant.SESSION_USER_LOGIN_KEY, findByUsername);
request.getSession().setAttribute(“loginType”,type);
//销毁session中的验证码
request.getSession().setAttribute(“admin_login”, null);
//将登陆记录写入日志库
operaterLogService.add(“用户【”+username+“】于【” + StringUtil.getFormatterDate(new Date(), “yyyy-MM-dd HH:mm:ss”) + “】登录系统!”);
log.info("用户成功登录,user = " + findByUsername);
}else{
Staff byJobNumber = staffService.findByNameAndIsStatus(username);
//判断是否为空
if(byJobNumber == null){
return Result.error(CodeMsg.ADMIN_USERNAME_NO_EXIST);
}
//表示用户存在,进一步对比密码是否正确
if(!byJobNumber.getPassword().equals(password)){
return Result.error(CodeMsg.ADMIN_PASSWORD_ERROR);
}
//检查用户所属角色状态是否可用
if(byJobNumber.getRole() == null || byJobNumber.getRole().getStatus() == Role.ADMIN_ROLE_STATUS_UNABLE){
return Result.error(CodeMsg.ADMIN_USER_ROLE_UNABLE);
}
//检查用户所属角色的权限是否存在
if(byJobNumber.getRole().getAuthorities() == null || byJobNumber.getRole().getAuthorities().size() == 0){
return Result.error(CodeMsg.ADMIN_USER_ROLE_AUTHORITES_EMPTY);
}
//检查一切符合,可以登录,将用户信息存放至session
request.getSession().setAttribute(SessionConstant.SESSION_STAFF_LOGIN_KEY, byJobNumber);
request.getSession().setAttribute(“loginType”,type);
//销毁session中的验证码
request.getSession().setAttribute(“admin_login”, null);
//将登陆记录写入日志库
operaterLogService.add(“用户【”+username+“】于【” + StringUtil.getFormatterDate(new Date(), “yyyy-MM-dd HH:mm:ss”) + “】登录系统!”);
log.info("员工成功登录,user = " + byJobNumber);
}
return Result.success(true);
}
/**
-
登录成功后的系统主页
-
@param model
-
@return
*/
@RequestMapping(value=“/index”)
public String index(Model model){
model.addAttribute(“operatorLogs”, operaterLogService.findLastestLog(10));
model.addAttribute(“userTotal”, userService.total());
model.addAttribute(“operatorLogTotal”, operaterLogService.total());
model.addAttribute(“databaseBackupTotal”, databaseBakService.total());
model.addAttribute(“onlineUserTotal”, SessionListener.onlineUserCount);
return “admin/system/index”;
}
/**
-
注销登录
-
@return
*/
@RequestMapping(value=“/logout”)
public String logout(){
Integer loginType = (Integer) SessionUtil.get(“loginType”);
if(loginType == LoginType.ADMINISTRATOR.getCode()){
User loginedUser = SessionUtil.getLoginedUser();
if(loginedUser != null){
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, null);
}
}else if(loginType == LoginType.STAFF.getCode()){
Staff loginedStaff = SessionUtil.getLoginedStaff();
if(loginedStaff != null){
SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY,null);
}
}
return “redirect:login”;
}
/**
-
无权限提示页面
-
@return
*/
@RequestMapping(value=“/no_right”)
public String noRight(){
return “admin/system/no_right”;
}
/**
-
修改用户个人信息
-
@return
*/
@RequestMapping(value=“/update_userinfo”,method=RequestMethod.GET)
public String updateUserInfo(){
return “admin/system/update_userinfo”;
}
/**
-
修改个人信息保存
-
@param user
-
@return
*/
@RequestMapping(value=“/update_userinfo”,method=RequestMethod.POST)
public String updateUserInfo(User user){
User loginedUser = SessionUtil.getLoginedUser();
loginedUser.setEmail(user.getEmail());
loginedUser.setMobile(user.getMobile());
loginedUser.setHeadPic(user.getHeadPic());
//首先保存到数据库
userService.save(loginedUser);
//更新session里的值
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
return “redirect:update_userinfo”;
}
/**
-
修改密码页面
-
@return
*/
@RequestMapping(value=“/update_pwd”,method=RequestMethod.GET)
public String updatePwd(){
return “admin/system/update_pwd”;
}
/**
-
修改密码表单提交
-
@param oldPwd
-
@param newPwd
-
@return
*/
@RequestMapping(value=“/update_pwd”,method=RequestMethod.POST)
@ResponseBody
public Result updatePwd(@RequestParam(name=“oldPwd”,required=true)String oldPwd,
@RequestParam(name=“newPwd”,required=true)String newPwd
){
Integer loginType = (Integer) SessionUtil.get(“loginType”);
if(loginType == LoginType.ADMINISTRATOR.getCode()){
User loginedUser = SessionUtil.getLoginedUser();
if(!loginedUser.getPassword().equals(oldPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
}
if(StringUtils.isEmpty(newPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
}
if(newPwd.length()<4 || newPwd.length()>32){
return Result.error(CodeMsg.ADMIN_USER_PWD_LENGTH_ERROR);
}
loginedUser.setPassword(newPwd);
//保存数据库
userService.save(loginedUser);
//更新session
SessionUtil.set(SessionConstant.SESSION_USER_LOGIN_KEY, loginedUser);
}else{
Staff loginedStaff = SessionUtil.getLoginedStaff();
Staff staff = staffService.find(loginedStaff.getId());
if(!staff.getPassword().equals(oldPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_ERROR);
}
if(StringUtils.isEmpty(newPwd)){
return Result.error(CodeMsg.ADMIN_USER_UPDATE_PWD_EMPTY);
}
staff.setPassword(newPwd);
CodeMsg codeMsg = ValidateEntityUtil.validate(staff);
if (codeMsg.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(codeMsg);
}
loginedStaff.setPassword(newPwd);
//保存数据库
staffService.save(loginedStaff);
//更新session
SessionUtil.set(SessionConstant.SESSION_STAFF_LOGIN_KEY, loginedStaff);
}
return Result.success(true);
}
/**
-
日志管理列表
-
@param model
-
@param operaterLog
-
@param pageBean
-
@return
*/
@RequestMapping(value=“/operator_log_list”)
public String operatorLogList(Model model,OperaterLog operaterLog,PageBean pageBean){
model.addAttribute(“pageBean”, operaterLogService.findList(operaterLog, pageBean));
model.addAttribute(“operator”, operaterLog.getOperator());
model.addAttribute(“title”, “日志列表”);
return “admin/system/operator_log_list”;
}
/**
-
验证订单
-
@param orderSn
-
@param phone
-
@return
*/
@RequestMapping(value=“/auth_order”,method=RequestMethod.POST)
@ResponseBody
public Result authOrder(@RequestParam(name=“orderSn”,required=true)String orderSn,@RequestParam(name=“phone”,required=true)String phone){
OrderAuth orderAuth = new OrderAuth();
orderAuth.setMac(StringUtil.getMac());
orderAuth.setOrderSn(orderSn);
orderAuth.setPhone(phone);
orderAuthService.save(orderAuth);
AppConfig.ORDER_AUTH = 1;
return Result.success(true);
}
/**
-
删除操作日志,可删除多个
-
@param ids
-
@return
*/
@RequestMapping(value=“/delete_operator_log”,method=RequestMethod.POST)
@ResponseBody
public Result delete(String ids){
if(!StringUtils.isEmpty(ids)){
String[] splitIds = ids.split(“,”);
for(String id : splitIds){
operaterLogService.delete(Long.valueOf(id));
}
}
return Result.success(true);
}
/**
-
清空整个日志
-
@return
*/
@RequestMapping(value=“/delete_all_operator_log”,method=RequestMethod.POST)
@ResponseBody
public Result deleteAll(){
operaterLogService.deleteAll();
return Result.success(true);
}
}
[](()后台用户管理控制器(查询、新增、修改、删除 用户)业务:
/**
-
后台用户管理控制器
*/
@RequestMapping(“/admin/user”)
@Controller
public class UserController {
@Autowired
private UserService userService;
@Autowired
private RoleService roleService;
@Autowired
private OperaterLogService operaterLogService;
/**
-
用户列表页面
-
@param model
-
@param user
-
@param pageBean
-
@return
*/
@RequestMapping(value=“/list”)
public String list(Model model,User user,PageBean pageBean){
model.addAttribute(“title”, “用户列表”);
model.addAttribute(“username”, user.getUsername());
model.addAttribute(“pageBean”, userService.findList(user, pageBean));
return “admin/user/list”;
}
/**
-
新增用户页面
-
@param model
-
@return
*/
@RequestMapping(value=“/add”,method=RequestMethod.GET)
public String add(Model model){
model.addAttribute(“roles”, roleService.findAll());
return “admin/user/add”;
}
/**
-
用户添加表单提交处理
-
@param user
-
@return
*/
@RequestMapping(value=“/add”,method=RequestMethod.POST)
@ResponseBody
public Result add(User user){
//用统一验证实体方法验证是否合法
CodeMsg validate = ValidateEntityUtil.validate(user);
if(validate.getCode() != CodeMsg.SUCCESS.getCode()){
return Result.error(validate);
}