package com.fzzy.sys.controller; import com.fzzy.sys.service.LoginService; import com.ruoyi.common.config.FrameworkConfig; import com.ruoyi.common.core.controller.BaseController; import com.ruoyi.common.core.domain.AjaxResult; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.redis.RedisCache; import com.ruoyi.common.core.text.Convert; import com.ruoyi.common.utils.ServletUtils; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.framework.shiro.token.PhoneToken; import com.ruoyi.framework.web.service.ConfigService; import com.ruoyi.system.service.ISysUserService; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.ResponseBody; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * 登录验证 * * @author ruoyi */ @Controller public class SysLoginController extends BaseController { /** * 是否开启记住我功能 */ @Value("${shiro.rememberMe.enabled: false}") private boolean rememberMe; @Autowired private ConfigService configService; @Resource private ISysUserService userService; @Resource private LoginService loginService; @Resource private RedisCache redisCache; @GetMapping("/login") public String login(HttpServletRequest request, HttpServletResponse response, ModelMap mmap) { // 如果是Ajax请求,返回Json字符串。 if (ServletUtils.isAjaxRequest(request)) { return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}"); } // 是否开启记住我 mmap.put("isRemembered", rememberMe); // 是否开启用户注册 String companyId = FrameworkConfig.getCompanyId(); mmap.put("isAllowRegister", Convert.toBool(configService.getKey("sys.account.registerUser", companyId), false)); mmap.put("isAllowRegister", true); return "login_new"; } @PostMapping("/login") @ResponseBody public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe) { UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe); Subject subject = SecurityUtils.getSubject(); try { subject.login(token); return success(); } catch (AuthenticationException e) { String msg = "用户或密码错误"; if (StringUtils.isNotEmpty(e.getMessage())) { msg = e.getMessage(); } return error(msg); } } //获取验证码 @GetMapping("/login/sendMessageCode") @ResponseBody public AjaxResult sendMessageCode(@RequestParam("phoneNumber")String phoneNumber) { if (StringUtils.isEmpty(phoneNumber)) { return error("手机号不能为空"); } //判断手机号是否注册 SysUser sysUser = userService.selectUserByPhoneNumber(phoneNumber); if(sysUser == null){ return error("手机号未注册"); } //获取验证码 loginService.getCode(phoneNumber); return success(); } @PostMapping("/messageLogin") @ResponseBody public AjaxResult messageLogin(String phoneNumber, String validateCode) { PhoneToken token = new PhoneToken(phoneNumber, validateCode,false,null); Subject subject = SecurityUtils.getSubject(); SysUser sysUser = userService.selectUserByPhoneNumber(phoneNumber); if(sysUser == null){ return error("手机号未注册"); } String redisCode = redisCache.getCacheObject("smsCode_" + phoneNumber); if(!validateCode.equals(redisCode)){ return error("验证码不正确"); } try { subject.login(token); return success(); } catch (AuthenticationException e) { String msg = "手机号或验证码错误"; if (StringUtils.isNotEmpty(e.getMessage())) { msg = e.getMessage(); } return error(msg); } } @GetMapping("/unauth") public String unauth() { return "error/unauth"; } }