UserCtrl.java
3.53 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
package com.ui.ctrl;
import com.ui.User.MD5Util;
import com.ui.User.UserAuthLocal;
import com.ui.contants.HttpUriContants;
import com.ui.http.HttpRestClient;
import com.ui.model.BaseResponse;
import com.ui.model.req.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("user")
public class UserCtrl {
Logger log = LoggerFactory.getLogger(UserCtrl.class);
@Autowired
HttpRestClient httpRestClient;
@Autowired
UserAuthLocal userAuthLocal;
@RequestMapping("/toLogin")
public ModelAndView toLogin() {
return new ModelAndView("user/login");
}
@RequestMapping("/toupdatePwd")
public ModelAndView toupdatePwd() {
return new ModelAndView("user/modifypwd");
}
@RequestMapping("/login")
public ModelAndView toLogin(User user, HttpSession session, Model model) {
User u = userAuthLocal.getUserByname(user.getName());
if (u == null) {
model.addAttribute("message", "用户名不存在");
return new ModelAndView("user/login");
}
if (u.getPwd().equals(MD5Util.encryption(user.getPwd()))) {
session.setAttribute("user", user.getName());
if("123456".equals(user.getPwd())){
return new ModelAndView("user/modifypwd");
}
return new ModelAndView("dashBoard/dashBoard");
} else {
model.addAttribute("message", "密码错误");
return new ModelAndView("user/login");
}
}
@RequestMapping("/logout")
public ModelAndView toLogin(HttpSession session, Model model) {
session.removeAttribute("user");
return new ModelAndView("user/login");
}
@RequestMapping("/updatePwd")
public ModelAndView updatePwd(String name, String oldpwd, String newpwd, HttpSession session, Model model) {
Object obj = session.getAttribute("user");
String username = String.valueOf(obj);
if ("admin".equals(username) && !"admin".equals(name)) {
User user = userAuthLocal.getUserByname(username);
if (user == null) {
model.addAttribute("message", "当前用户不存在");
return new ModelAndView("user/modifypwd");
}
user.setPwd(MD5Util.encryption(newpwd));
httpRestClient.defaultPost(HttpUriContants.USER_UPDATE_PWD, user, BaseResponse.class);
userAuthLocal.flushUser(name);
return new ModelAndView("dashboard/dashBoard");
} else if (name.equals(username)) {
User user = userAuthLocal.getUserByname(username);
if (!user.getPwd().equals(MD5Util.encryption(oldpwd))) {
model.addAttribute("message", "旧密码错误");
return new ModelAndView("user/modifypwd");
}
user.setPwd(MD5Util.encryption(newpwd));
httpRestClient.defaultPost(HttpUriContants.USER_UPDATE_PWD, user, BaseResponse.class);
session.removeAttribute("user");
userAuthLocal.flushUser(name);
return new ModelAndView("user/login");
} else {
model.addAttribute("message", "无权限修改当前账户");
return new ModelAndView("user/modifypwd");
}
}
}