fg重构项目
blame | 历史 | 原始文档
whycxzp
2021-12-03 9d2bd7898a6156a6d6bd732bdb428c418ecf8375 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66

package com.whyc.service;


 


import com.whyc.dto.Response;


import com.whyc.util.ShiroUtil;


import org.apache.shiro.SecurityUtils;


import org.apache.shiro.authc.UsernamePasswordToken;


import org.apache.shiro.subject.Subject;


import org.springframework.stereotype.Service;


 


import javax.servlet.http.HttpServletRequest;


import javax.servlet.http.HttpSession;


 


@Service


public class LoginService {


 


    public Response login(String userName, String password, HttpServletRequest request) {


        UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password);


        Subject subject = SecurityUtils.getSubject();


        try {


            subject.login(userToken);


        }catch (Exception e){


            String message = e.getMessage();


            if(message.contains("did not match the expected credentials")){


                return new Response<>().set(1,false,"密码错误");


            }


            return new Response<>().set(1,false,message);


        }


        if (subject.isAuthenticated()){


            //每个登录的用户都有一个全局变量,里面存着对应的SessionId;


            //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1


            request.getServletContext().setAttribute(userName,request.getSession().getId());


            //Session存储当前用户


            request.getSession().setAttribute("user",subject.getPrincipal());


            return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功");


        }


        return new Response<>().set(1,false,"密码错误");


    }


 


    public Response loginWithUKey(String userName, String password, HttpServletRequest request) {


        UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password);


        Subject subject = SecurityUtils.getSubject();


        try {


            subject.login(userToken);


        }catch (Exception e){


            String message = e.getMessage();


            if(message.contains("did not match the expected credentials")){


                return new Response<>().set(1,false,"密码错误");


            }


            return new Response<>().set(1,false,message);


        }


        if (subject.isAuthenticated()){


            //每个登录的用户都有一个全局变量,里面存着对应的SessionId;


            //同一个账号,后面登录的,会挤掉之前登录的SessionId


            System.out.println("全局存储中当前SessionId为:"+request.getSession().getId());


            request.getServletContext().setAttribute(userName,request.getSession().getId());


            //uKey和人脸识别 TODO


            return new Response<>().set(1,true,"登录成功");


        }


        return new Response<>().set(1,false,"密码错误");


    }


 


    public void logout() {


        Subject subject = SecurityUtils.getSubject();


        subject.logout();


    }


}