用户添加和用户登录
添加用户时,随机生成盐值
package com.zzx.customer.controller;
import com.alibaba.fastjson.JSONObject;
import com.zzx.customer.service.UserService;
import com.zzx.customer.util.CommonUtil;
import org.apache.shiro.authz.annotation.Logical;
import org.apache.shiro.authz.annotation.RequiresPermissions;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
@RestController
@RequestMapping("/user")
public class UserController {
@Autowired
private UserService userService;
@RequiresPermissions("user:add")
@PostMapping("/addUser")
public JSONObject addUser(@RequestBody JSONObject requestJson) {
CommonUtil.hasAllRequired(requestJson, "username, password, nickname, roleId");
return userService.addUser(requestJson);
}
/**
* 新增角色
*/
@RequiresPermissions("role:add")
@PostMapping("/addRole")
public JSONObject addRole(@RequestBody JSONObject requestJson) {
CommonUtil.hasAllRequired(requestJson, "roleName,permissions");
return userService.addRole(requestJson);
}
}
userServiceimpl:
package com.zzx.customer.service.impl;
import com.alibaba.fastjson.JSONObject;
import com.zzx.customer.dao.UserDao;
import com.zzx.customer.service.UserService;
import com.zzx.customer.util.CommonUtil;
import com.zzx.customer.util.constants.ErrorEnum;
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
import org.apache.shiro.crypto.hash.SimpleHash;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import java.util.Set;
@Service
public class UserServiceImpl implements UserService {
@Autowired
private UserDao userDao;
/**
* 用户列表
*/
@Override
public JSONObject listUser(JSONObject jsonObject) {
CommonUtil.fillPageParam(jsonObject);
int count = userDao.countUser(jsonObject);
List<JSONObject> list = userDao.listUser(jsonObject);
return CommonUtil.successPage(jsonObject, list, count);
}
/**
* 添加用户
*/
@Override
public JSONObject addUser(JSONObject jsonObject) {
int exist = userDao.queryExistUsername(jsonObject);
if (exist > 0) {
return CommonUtil.errorJson(ErrorEnum.E_10009);
}
String salt1 = jsonObject.getString("username");
String salt2 = new SecureRandomNumberGenerator().nextBytes().toHex();
String password = new SimpleHash("MD5", jsonObject.getString("password"), salt1 + salt2, 1024).toHex();
jsonObject.put("password",password);
jsonObject.put("salt",salt2);
userDao.addUser(jsonObject);
return CommonUtil.successJson();
}
/**
* 添加角色
*/
@Transactional(rollbackFor = Exception.class)
@SuppressWarnings("unchecked")
@Override
public JSONObject addRole(JSONObject jsonObject) {
userDao.insertRole(jsonObject);
userDao.insertRolePermission(jsonObject.getString("roleId"), (List<Integer>) jsonObject.get("permissions"));
return CommonUtil.successJson();
}
}
登录逻辑:
package com.zzx.customer.controller;
import com.alibaba.fastjson.JSONObject;
import com.zzx.customer.service.LoginService;
import com.zzx.customer.util.CommonUtil;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/login")
public class LoginController {
@Autowired
private LoginService loginService;
/**
* 登录
*/
@PostMapping("/auth")
public JSONObject authLogin(@RequestBody JSONObject requestJson) {
CommonUtil.hasAllRequired(requestJson, "username,password");
return loginService.authLogin(requestJson);
}
/**
* 查询当前登录用户的信息
*/
@PostMapping("/getInfo")
public JSONObject getInfo() {
return loginService.getInfo();
}
/**
* 登出
*/
@PostMapping("/logout")
public JSONObject logout() {
return loginService.logout();
}
}
package com.zzx.customer.service.impl;
import com.alibaba.fastjson.JSONObject;
import com.zzx.customer.dao.LoginDao;
import com.zzx.customer.service.LoginService;
import com.zzx.customer.service.PermissionService;
import com.zzx.customer.util.CommonUtil;
import com.zzx.customer.util.constants.Constants;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
@Service
public class LoginServiceImpl implements LoginService {
@Autowired
private LoginDao loginDao;
@Autowired
private PermissionService permissionService;
/**
* 登录表单提交
*/
@Override
public JSONObject authLogin(JSONObject jsonObject) {
String username = jsonObject.getString("username");
String password = jsonObject.getString("password");
JSONObject info = new JSONObject();
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try {
currentUser.login(token);
info.put("result", "success");
} catch (AuthenticationException e) {
info.put("result", "fail");
}
return CommonUtil.successJson(info);
}
/**
* 根据用户名和密码查询对应的用户
*/
@Override
public JSONObject getUser(String username) {
return loginDao.getUser(username);
}
/**
* 查询当前登录用户的权限等信息
*/
@Override
public JSONObject getInfo() {
//从session获取用户信息
Session session = SecurityUtils.getSubject().getSession();
JSONObject userInfo = (JSONObject) session.getAttribute(Constants.SESSION_USER_INFO);
String username = userInfo.getString("username");
JSONObject info = new JSONObject();
JSONObject userPermission = permissionService.getUserPermission(username);
session.setAttribute(Constants.SESSION_USER_PERMISSION, userPermission);
info.put("userPermission", userPermission);
return CommonUtil.successJson(info);
}
/**
* 退出登录
*/
@Override
public JSONObject logout() {
try {
Subject currentUser = SecurityUtils.getSubject();
currentUser.logout();
} catch (Exception e) {
}
return CommonUtil.successJson();
}
}
完整代码可以参考:https://github.com/ZaraBUy/springboot-shiro-vue
觉得还可以麻烦为个赞和星星⭐