package com.ld.igds.web;
|
|
import com.bstek.bdf2.core.context.ContextHolder;
|
import com.bstek.bdf2.core.model.DefaultUser;
|
import com.bstek.dorado.core.Configure;
|
import com.google.code.kaptcha.Constants;
|
import com.ld.igds.constant.BizType;
|
import com.ld.igds.io.constant.OrderRespEnum;
|
import com.ld.igds.io.notify.NotifyWebInvoker;
|
import com.ld.igds.log.service.HLogLoginService;
|
import com.ld.igds.sys.service.SysUserService;
|
import com.ld.igds.util.ContextUtil;
|
import com.ld.igds.util.FilesUtil;
|
import lombok.extern.slf4j.Slf4j;
|
import org.apache.commons.lang3.StringUtils;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.security.web.WebAttributes;
|
import org.springframework.stereotype.Controller;
|
import org.springframework.web.bind.annotation.PostMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestParam;
|
import org.springframework.web.servlet.ModelAndView;
|
|
import javax.annotation.Resource;
|
import javax.servlet.http.HttpServletRequest;
|
|
/**
|
* 登录接口
|
*
|
* @author Andy
|
*/
|
@Slf4j
|
@Controller
|
@RequestMapping
|
public class LoginController {
|
|
@Autowired
|
private SysUserService sysUserService;
|
@Autowired
|
private NotifyWebInvoker notifyWebInvoker;
|
@Resource
|
private HLogLoginService loginService;
|
|
/**
|
* 登录验证入口
|
*
|
* @param username
|
* @param password
|
* @param captcha
|
* @return
|
*/
|
@PostMapping("/login-check")
|
public String login(HttpServletRequest request,
|
@RequestParam(name = "username_") String username,
|
@RequestParam(name = "password_") String password,
|
@RequestParam(name = "captcha_") String captcha) {
|
|
if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
|
return "redirect:/login?tag=01&username=" + username;
|
}
|
|
boolean tag = Configure.getBoolean("bdf2.useCaptchaForLogin");
|
if (tag) {
|
if (StringUtils.isEmpty(captcha)) {
|
return "redirect:/login?tag=02&username=" + username;
|
}
|
String sessionCaptcha = (String) ContextHolder.getHttpSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
|
if (StringUtils.isEmpty(sessionCaptcha)) {
|
return "redirect:/login?tag=03&username=" + username;
|
}
|
if (!captcha.equals(sessionCaptcha)) {
|
return "redirect:/login?tag=04&username=" + username;
|
}
|
}
|
|
|
//判断限制登陆
|
int num = loginService.checkLoginLimit(request, username);
|
if (num >= 3) {
|
return "redirect:/login?tag=11&username=" + username;
|
}
|
|
DefaultUser user = sysUserService.loadUser(username);
|
if (null == user) {
|
num = loginService.addNoUser(request, username);
|
if (num >= 3) {
|
return "redirect:/login?tag=12&username=" + username;
|
}
|
return "redirect:/login?tag=05&username=" + username;
|
}
|
|
if (!user.isEnabled()) {//用户离职
|
return "redirect:/login?tag=07&username=" + username;
|
}
|
|
tag = sysUserService.checkPassword(username, password, user);
|
if (!tag) {
|
num = loginService.addPwdError(request, user);
|
if (num >= 3) {
|
return "redirect:/login?tag=11&username=" + username;
|
}
|
return "redirect:/login?tag=06&username=" + username;
|
}
|
|
String subDeptId = ContextUtil.subDeptId(user);
|
|
//添加通知原登录人员被踢
|
notifyWebInvoker.notifyWeb(user.getCompanyId(), subDeptId, user.getUsername(), OrderRespEnum.LOGOUT, BizType.SYS, "您的账号在其他地方登录,被迫下线");
|
|
loginService.addLoginInfo(request, user);
|
|
//直接定向到系统验证方法
|
return "forward:/security_check_?username_=" + username + "&password_=" + password + "&captcha_=" + captcha;
|
}
|
|
/**
|
* 登录页面
|
*
|
* @return
|
*/
|
@RequestMapping("/login")
|
public ModelAndView login(
|
@RequestParam(name = "tag", required = false) String tag,
|
@RequestParam(name = "username", required = false) String username) {
|
|
ModelAndView view = new ModelAndView();
|
|
// 设置logo-title
|
String logName = FilesUtil.getLogoTitleByCompanyId(ContextUtil.getDefaultCompanyId());
|
view.addObject("logoTitle", "./static/img/" + logName);
|
|
if (StringUtils.isNotEmpty(tag)) {
|
if ("01".equals(tag)) {
|
tag = "用户名和密码不能为空";
|
}
|
if ("02".equals(tag)) {
|
tag = "验证码不能为空";
|
}
|
if ("03".equals(tag)) {
|
tag = "验证码过期,请重新输入";
|
}
|
if ("04".equals(tag)) {
|
tag = "验证码不正确";
|
}
|
if ("05".equals(tag)) {
|
tag = "系统不存在当前用户";
|
}
|
if ("06".equals(tag)) {
|
tag = "用户密码错误";
|
}
|
if ("07".equals(tag)) {
|
tag = "当前用户已离职";
|
}
|
if ("10".equals(tag)) {
|
tag = "您的账号在其他地方登录,被迫下线";
|
}
|
if ("11".equals(tag)) {
|
tag = "连续3次错误,限制登陆10分钟";
|
}
|
if ("12".equals(tag)) {
|
tag = "连续3次输入不存在账号,限制登陆10分钟";
|
}
|
view.addObject("TAG", tag);
|
view.addObject("USERNAME", username);
|
}
|
|
// 调整使用系统异常信息
|
Exception exp = (Exception) ContextHolder.getHttpSession()
|
.getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION);
|
|
if (null == exp) {
|
exp = (Exception) ContextHolder.getRequest().getAttribute(
|
WebAttributes.AUTHENTICATION_EXCEPTION);
|
}
|
if (null != exp) {
|
|
log.error("===登陆异常原因==={}", exp);
|
|
if ("Bad credentials".equals(exp.getMessage())) {
|
view.addObject("TAG", "用户名和密码错误!!");
|
} else if ("The password is invalid".equals(exp.getMessage())) {
|
view.addObject("TAG", "密码错误!!");
|
} else {
|
view.addObject("TAG", "登陆验证异常,请重新尝试");
|
}
|
}
|
|
view.setViewName("admin/login/login");
|
return view;
|
}
|
|
/**
|
* 登出
|
*
|
* @return
|
*/
|
@RequestMapping("/log-out")
|
public String logOut() {
|
log.info("======用户退出系统========{}", ContextUtil.getLoginUserCName());
|
ContextHolder.getHttpSession().removeAttribute(ContextHolder.LOGIN_USER_SESSION_KEY);
|
return "redirect:/login";
|
}
|
|
}
|
