UserCtrl.java
6.67 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
package com.ui.ctrl;
import com.ui.User.MD5Util;
import com.ui.User.UserAuthLocal;
import com.ui.contants.HttpUriContants;
import com.ui.http.HttpRestClient;
import com.ui.ldaputil.LdapAuthUtil;
import com.ui.model.BaseResponse;
import com.ui.model.req.AuthModule;
import com.ui.model.req.User;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@Controller
@RequestMapping("user")
public class UserCtrl {
Logger log = LoggerFactory.getLogger(UserCtrl.class);
@Autowired
private HttpRestClient httpRestClient;
@Autowired
UserAuthLocal userAuthLocal;
@Autowired
private LdapAuthUtil ldapAuthenticate;
@RequestMapping("/toLogin")
public ModelAndView toLogin(String loginTargetUrl, Model model) {
if(StringUtils.isNotBlank(loginTargetUrl)){
model.addAttribute("loginTargetUrl",loginTargetUrl);
}
return new ModelAndView("user/login");
}
@RequestMapping("/toupdatePwd")
public ModelAndView toupdatePwd() {
return new ModelAndView("user/modifypwd");
}
@RequestMapping("/login")
public ModelAndView toLogin(User user, HttpSession session, Model model, HttpServletResponse response) {
if (StringUtils.isBlank(user.getName())){
if (session.getAttribute("user") == null){
return new ModelAndView("user/login");
}else {
return new ModelAndView("dashBoard/dashBoard");
}
}
boolean ldapFlag=false;
// 给admin留一个后门,防止ldap不能验证
if(!"admin".equals(user.getName())){
BaseResponse ldapFlagResp=httpRestClient.defaultGet(HttpUriContants.USER_LDAP_FLAG,BaseResponse.class);
if(ldapFlagResp!=null&&ldapFlagResp.getCode()==200&&ldapFlagResp.getData()!=null&&"1".equals(String.valueOf(ldapFlagResp.getData()))){
ldapFlag=true;
}
}
User u =null;
if(ldapFlag){
//走ldap统一认证接口
//认证
//认证不通过,提示
if(!ldapAuthenticate.login(user.getName(),user.getPwd())){
model.addAttribute("message", "请使用你的OA账户登陆,登录名或者密码错误");
return new ModelAndView("user/login");
}
//认证通过
u = userAuthLocal.getUserByLdapName(user.getName());
if (u == null) {
//创建默认的用户
model.addAttribute("message", "用户名不存在,如有需要请联系管理员添加用户");
return new ModelAndView("user/login");
}
}else{
u = userAuthLocal.getUserByname(user.getName());
if (u == null) {
model.addAttribute("message", "用户名不存在,如有需要请联系管理员添加用户");
return new ModelAndView("user/login");
}
if (!u.getPwd().equals(MD5Util.encryption(user.getPwd()))) {
model.addAttribute("message", "密码错误");
return new ModelAndView("user/login");
}
}
//用户放到session
session.setAttribute("user", u);
if(StringUtils.isBlank(user.getLoginTargetUrl())){
return new ModelAndView("dashBoard/dashBoard");
}else{
try {
//直接跳转到初始的请求页面
response.sendRedirect(user.getLoginTargetUrl());
} catch (IOException e) {
return new ModelAndView("dashBoard/dashBoard");
}
return null;
}
}
@RequestMapping("/logout")
public ModelAndView toLogin(HttpSession session) {
session.removeAttribute("user");
return new ModelAndView("user/login");
}
@RequestMapping("/updatePwd")
public ModelAndView updatePwd(String name, String oldpwd, String newpwd, HttpSession session, Model model) {
User u = (User) session.getAttribute("user");
String username = u.getName();
if ("admin".equals(username) && !"admin".equals(name)) {
User user = userAuthLocal.getUserByname(name);
if (user == null) {
model.addAttribute("message", "当前用户不存在");
return new ModelAndView("user/modifypwd");
}
user.setPwd(RandomStringUtils.random(8,true,true));
httpRestClient.defaultPost(HttpUriContants.USER_UPDATE_PWD, user, BaseResponse.class);
userAuthLocal.flushUser(name);
return new ModelAndView("dashBoard/dashBoard");
} else if (name.equals(username)) {
User user = userAuthLocal.getUserByname(name);
if (!user.getPwd().equals(MD5Util.encryption(oldpwd))) {
model.addAttribute("message", "旧密码错误");
return new ModelAndView("user/modifypwd");
}
user.setPwd(newpwd);
httpRestClient.defaultPost(HttpUriContants.USER_UPDATE_PWD, user, BaseResponse.class);
session.removeAttribute("user");
userAuthLocal.flushUser(name);
return new ModelAndView("user/login");
} else {
model.addAttribute("message", "无权限修改当前账户");
return new ModelAndView("user/modifypwd");
}
}
@RequestMapping("/getAllModuleAndGroup")
@ResponseBody
public Map getAllModuleAndGroup() {
//加载mudule信息
BaseResponse<List<AuthModule>> moduleResponse = httpRestClient.exchangeForget(HttpUriContants.GET_All_MODULE, new ParameterizedTypeReference<BaseResponse<List<AuthModule>>>() {}, null);
BaseResponse baseResponse = httpRestClient.defaultPost(HttpUriContants.GET_All_MODULEGROUP, null, BaseResponse.class);
if (moduleResponse != null && baseResponse != null){
Map map = new HashMap<>();
map.put("modules",moduleResponse.getData());
map.put("moduleGroups",baseResponse.getData());
return map;
}else {
return null;
}
}
}