1.登录controller
@Autowired
private RoleServiceImp roleServiceImp;
@RequestMapping("login")
@ResponseBody
public Object login(String rolename,String password){
Subject subject = SecurityUtils.getSubject();
Role role = null;
role = this.roleServiceImp.simpleLogin(rolename,password);
role = this.roleServiceImp.select(role.getId());
if(!subject.isAuthenticated()){
//根据角色身份识别字段,分别登录不用角色
if(role.getRoleClass()==1){
subject.login(new SimpleToken(new SimpleToken.Admin(role.getId()), ""));
}else if(role.getRoleClass()==2){
subject.login(new SimpleToken(new SimpleToken.Shop(role.getId()), ""));
}
}
return new Message();
}
2.登录service
@Transactional
public Role simpleLogin(String rolename, String password) {
List<Role> roleList = this.roleMapper.selectByExample(new RoleExample() {{
this.createCriteria()
.andRoleNameEqualTo(rolename)
.andDelFlagEqualTo(false);
}});
if(roleList == null||roleList.size() == 0){
throw new SimpleException("该角色未注册");
}
Role role = roleList.get(0);
System.out.println("手动获取密码:"+this.passwordDigest(role.getId(),password));
if(!role.getPassword().equals(this.passwordDigest(role.getId(),password))){
throw new SimpleException("密码输入错误");
}
return role;
}
//MD5加密
private String passwordDigest(Integer id,String password){
System.out.println(DigestUtils.sha1Hex(String.format("%s:%s:%s",id,password,Role.Type.SIMPLE.ordinal())));
return DigestUtils.sha1Hex(String.format("%s:%s:%s",id,password,Role.Type.SIMPLE.ordinal()));
}
public Role select(Integer id) {
return this.roleMapper.selectByPrimaryKey(id);
}
//买一送一的注册
public Integer register(String roleName, String password, Integer roleClass) {
List<Role> roleNames = roleMapper.selectByExample(new RoleExample() {{
this.createCriteria()
.andRoleNameEqualTo(roleName)
.andDelFlagEqualTo(false);
}});
if(roleNames == null||roleNames.size() == 0){
Role role = new Role();
role.setRoleName(roleName)
.setRoleClass(roleClass)
.setDelFlag(false)
.setCreateTime(new Date())
.setUpdateTime(new Date());
this.roleMapper.insertSelective(role);
role.setPassword(this.passwordDigest(role.getId(),password));
return this.roleMapper.updateByExampleSelective(role,new RoleExample(){{
this.createCriteria()
.andIdEqualTo(role.getId())
.andDelFlagEqualTo(false);
}});
}else{
throw new SimpleException("此账户名已存在");
}
}
3.给已登录角色分配操作权限(以admin为例)
(1)controller层
给每一个方法上面,加这样一个注释
@RequiresRoles("admin")
(2)在service层,加入这样的判断方法
if(SecurityUtils.getSubject().hasRole("admin")){
//权限下可以执行的代码
}else{
throw new SimpleException("该角色没有权限");
}
(3)在index目录页面,加入这样的标签
<%@ taglib prefix="s" uri="http://shiro.apache.org/tags" %>
<s:hasRole name="admin">
<%--仅admin可见并且可操作的标签--%>
</s:hasRole>
4.设置注销
如果只是关闭网页,shiro中的角色并没有真正注销,这样会影响下一个登录的角色的权限,因袭需要写一个注销的方法
<li><a href="logout">退出</a></li>
@RequestMapping("/")
public String index(){
return "login";
}
@RequestMapping("/logout")
public String logout(){
Subject subject = SecurityUtils.getSubject();
subject.logout();
//重定向到登录页面
return "redirect:/";
}
到此,只是完成了简单的功能块的权限设置,如果要做更精细的功能权限,需要设置
<s:hasPermission name="admin"></s:hasPermission>
相应的就会涉及到权限五张表,后续更新会写到
欢迎大家补充更正
ps: