package com.whyc.service;
|
|
import com.whyc.dto.Response;
|
import com.whyc.util.ShiroUtil;
|
import org.apache.shiro.SecurityUtils;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.subject.Subject;
|
import org.springframework.stereotype.Service;
|
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpSession;
|
|
@Service
|
public class LoginService {
|
|
public Response login(String userName, String password, HttpServletRequest request) {
|
UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password);
|
Subject subject = SecurityUtils.getSubject();
|
try {
|
subject.login(userToken);
|
}catch (Exception e){
|
String message = e.getMessage();
|
if(message.contains("did not match the expected credentials")){
|
return new Response<>().set(1,false,"密码错误");
|
}
|
return new Response<>().set(1,false,message);
|
}
|
if (subject.isAuthenticated()){
|
//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
|
//同一个账号,后面登录的,会挤掉之前登录的SessionId
|
System.out.println("全局存储中当前SessionId为:"+request.getSession().getId());
|
request.getServletContext().setAttribute(userName,request.getSession().getId());
|
//uKey和人脸识别 TODO
|
return new Response<>().set(1,true,"登录成功");
|
}
|
return new Response<>().set(1,false,"密码错误");
|
}
|
|
public void logout() {
|
Subject subject = SecurityUtils.getSubject();
|
subject.logout();
|
}
|
}
|
