扫码登录(简易版)
为了方便测试,将token放在了session,但建议存入redis
<!DOCTYPE html>
<head>
<meta charset="UTF-8">
<title>Title</title>
<link rel="stylesheet" href="/css/layer.css" />
<link rel="stylesheet" href="/css/layui.css" />
</head>
<body>
<div class="box">
<div class="inbox">
<div class="title">扫码登录</div>
<div id="qrcode" class="ma"></div>
</div>
</div>
</body>
<script src="/js/jquery-1.12.4.js"></script>
<script src="/js/qrcode.js"></script>
<script src="/js/layer.js" ></script>
<script src="/js/layui.js" ></script>
<script >
var flag = 0;
var qrToken = "";
//二维码
var qrcode = new QRCode("qrcode", {
// text: 'your content',
width: 140,
height: 140,
colorDark: "#000000",
colorLight: "#ffffff",
correctLevel: QRCode.CorrectLevel.H
});
//二维码数据填充
function refreshQr() {
clearInterval(flag);
$.ajax({
type: "get",
url: "/refreshCode",
success: function (r) {
console.log(r);
qrcode.clear();
qrcode.makeCode(r);
qrToken = r;
flag = self.setInterval("loginJudge('" + r + "')", 2000);
},
error: function (e) {
layer.msg(e);
}
});
}
refreshQr();
//确认是否登录
function loginJudge(msg) {
$.ajax({
type: "get",
url: "/loginJudge",
data: {qrToken: msg},
success: function (r) {
if(r == 'scan_success'){
clearInterval(flag);
layer.msg("扫码成功");
}else if(r == 'login_success'){
clearInterval(flag);
layer.msg("登陸成功");
parent.location.href = '/loginQr?qrToken='+qrToken;
}
},
error: function (e) {
clearInterval(flag);
console.log(e);
}
});
}
</script>
</html>
package com.example.demo.shiro;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpServletRequest;
import java.util.UUID;
@Controller
public class QRLoginController {
private final Logger logger = LoggerFactory.getLogger(this.getClass());
//获取扫码Token
@GetMapping("/refreshCode")
@ResponseBody
String refreshCode(HttpServletRequest request) {
String qrToken = UUID.randomUUID().toString().replace("-", "");
request.getSession().setAttribute("qrToken","0");
return qrToken;
}
//校验是否登录
@GetMapping("/loginJudge")
@ResponseBody
String loginJudge(HttpServletRequest request,String qrToken) {
String suc = (String) request.getSession().getAttribute(qrToken);
if ("1".equals(suc)) {
return "scan_success";
}
if ("2".equals(suc)) {
return "login_success";
}
return "error";
}
//登录
@GetMapping("/loginQr")
String loginQr(String username, String password,String qrToken,HttpServletRequest request) {
System.out.println(qrToken);
request.getSession().removeAttribute(qrToken);
//shiro登录
UsernamePasswordToken token = new UsernamePasswordToken("admin", "123456");
Subject subject = SecurityUtils.getSubject();
subject.login(token);
return "index";
}
//测试app扫码成功
@GetMapping("/apploginQr")
@ResponseBody
String apploginQr(HttpServletRequest request,String token) {
request.getSession().setAttribute(token,"1");
return "success";
}
//测试app登录成功
@GetMapping("/apploginQr2")
@ResponseBody
String apploginQr2(HttpServletRequest request,String token) {
request.getSession().setAttribute(token,"2");
return "success";
}
}