package com.ld.igds.web; import com.bstek.bdf2.core.context.ContextHolder; import com.bstek.bdf2.core.model.DefaultUser; import com.bstek.dorado.core.Configure; import com.google.code.kaptcha.Constants; import com.ld.igds.constant.BizType; import com.ld.igds.io.constant.OrderRespEnum; import com.ld.igds.io.notify.NotifyWebInvoker; import com.ld.igds.log.service.HLogLoginService; import com.ld.igds.sys.service.SysUserService; import com.ld.igds.util.ContextUtil; import com.ld.igds.util.FilesUtil; import lombok.extern.slf4j.Slf4j; import org.apache.commons.lang3.StringUtils; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.web.WebAttributes; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.servlet.ModelAndView; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; /** * 登录接口 * * @author Andy */ @Slf4j @Controller @RequestMapping public class LoginController { @Autowired private SysUserService sysUserService; @Autowired private NotifyWebInvoker notifyWebInvoker; @Resource private HLogLoginService loginService; /** * 登录验证入口 * * @param username * @param password * @param captcha * @return */ @PostMapping("/login-check") public String login(HttpServletRequest request, @RequestParam(name = "username_") String username, @RequestParam(name = "password_") String password, @RequestParam(name = "captcha_") String captcha) { if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) { return "redirect:/login?tag=01&username=" + username; } boolean tag = Configure.getBoolean("bdf2.useCaptchaForLogin"); if (tag) { if (StringUtils.isEmpty(captcha)) { return "redirect:/login?tag=02&username=" + username; } String sessionCaptcha = (String) ContextHolder.getHttpSession().getAttribute(Constants.KAPTCHA_SESSION_KEY); if (StringUtils.isEmpty(sessionCaptcha)) { return "redirect:/login?tag=03&username=" + username; } if (!captcha.equals(sessionCaptcha)) { return "redirect:/login?tag=04&username=" + username; } } //判断限制登陆 int num = loginService.checkLoginLimit(request, username); if (num >= 3) { return "redirect:/login?tag=11&username=" + username; } DefaultUser user = sysUserService.loadUser(username); if (null == user) { num = loginService.addNoUser(request, username); if (num >= 3) { return "redirect:/login?tag=12&username=" + username; } return "redirect:/login?tag=05&username=" + username; } if (!user.isEnabled()) {//用户离职 return "redirect:/login?tag=07&username=" + username; } tag = sysUserService.checkPassword(username, password, user); if (!tag) { num = loginService.addPwdError(request, user); if (num >= 3) { return "redirect:/login?tag=11&username=" + username; } return "redirect:/login?tag=06&username=" + username; } String subDeptId = ContextUtil.subDeptId(user); //添加通知原登录人员被踢 notifyWebInvoker.notifyWeb(user.getCompanyId(), subDeptId, user.getUsername(), OrderRespEnum.LOGOUT, BizType.SYS, "您的账号在其他地方登录,被迫下线"); loginService.addLoginInfo(request, user); //直接定向到系统验证方法 return "forward:/security_check_?username_=" + username + "&password_=" + password + "&captcha_=" + captcha; } /** * 登录页面 * * @return */ @RequestMapping("/login") public ModelAndView login( @RequestParam(name = "tag", required = false) String tag, @RequestParam(name = "username", required = false) String username) { ModelAndView view = new ModelAndView(); // 设置logo-title String logName = FilesUtil.getLogoTitleByCompanyId(ContextUtil.getDefaultCompanyId()); view.addObject("logoTitle", "./static/img/" + logName); if (StringUtils.isNotEmpty(tag)) { if ("01".equals(tag)) { tag = "用户名和密码不能为空"; } if ("02".equals(tag)) { tag = "验证码不能为空"; } if ("03".equals(tag)) { tag = "验证码过期,请重新输入"; } if ("04".equals(tag)) { tag = "验证码不正确"; } if ("05".equals(tag)) { tag = "系统不存在当前用户"; } if ("06".equals(tag)) { tag = "用户密码错误"; } if ("07".equals(tag)) { tag = "当前用户已离职"; } if ("10".equals(tag)) { tag = "您的账号在其他地方登录,被迫下线"; } if ("11".equals(tag)) { tag = "连续3次错误,限制登陆10分钟"; } if ("12".equals(tag)) { tag = "连续3次输入不存在账号,限制登陆10分钟"; } view.addObject("TAG", tag); view.addObject("USERNAME", username); } // 调整使用系统异常信息 Exception exp = (Exception) ContextHolder.getHttpSession() .getAttribute(WebAttributes.AUTHENTICATION_EXCEPTION); if (null == exp) { exp = (Exception) ContextHolder.getRequest().getAttribute( WebAttributes.AUTHENTICATION_EXCEPTION); } if (null != exp) { log.error("===登陆异常原因==={}", exp); if ("Bad credentials".equals(exp.getMessage())) { view.addObject("TAG", "用户名和密码错误!!"); } else if ("The password is invalid".equals(exp.getMessage())) { view.addObject("TAG", "密码错误!!"); } else { view.addObject("TAG", "登陆验证异常,请重新尝试"); } } view.setViewName("admin/login/login"); return view; } /** * 登出 * * @return */ @RequestMapping("/log-out") public String logOut() { log.info("======用户退出系统========{}", ContextUtil.getLoginUserCName()); ContextHolder.getHttpSession().removeAttribute(ContextHolder.LOGIN_USER_SESSION_KEY); return "redirect:/login"; } }