package com.miv.shiro.login.service;
import java.util.Date;
import java.util.List;
import javax.mail.MessagingException;
import javax.mail.internet.MimeMessage;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.LockedAccountException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.javamail.MimeMessageHelper;
import org.springframework.stereotype.Service;
import com.miv.core.constant.DatabaseConstants;
import com.miv.core.json.JsonResponse;
import com.miv.core.utils.CommonUtils;
import com.miv.core.utils.DateUtils;
import com.miv.core.utils.FreeMarkerUtils;
import com.miv.core.utils.PropertiesUtil;
import com.miv.dao.PasswordDao;
import com.miv.dao.UsersDao;
import com.miv.entity.Passwords;
import com.miv.entity.User;
import com.miv.form.LoginView;
import com.miv.shiro.common.MIVshiroToken;
import com.miv.shiro.common.ShiroEncryption;
@Service
public class LoginService {
final Logger logger = LoggerFactory.getLogger(LoginService.class);
@Autowired
private UsersDao userDao;
@Autowired
private PasswordDao passwordDao;
@Autowired
private org.springframework.mail.javamail.JavaMailSenderImpl mailSender;
// 通过username和password登录
public User findUserByUsernameAndPassword(User user) throws Exception {
return userDao.findUserByUsernameAndPassword(user);
}
// 通过username查询属性
public User findUserByUsername(User user) throws Exception {
return userDao.findUserByUsername(user);
}
public User findAllByLoginName(String loginName) throws Exception {
return userDao.getUnique(User.class, "loginName", loginName);
}
// 验证密码修改后登录
public boolean checkPassword(String loginName) throws Exception {
User user = new User();
user.setLoginName(loginName);
userDao.findUserByUsername(user);
if (DatabaseConstants.PASSWORD_STATUS_1.intValue() == user.getPassswordStatus()) {
return true;
} else {
return false;
}
}
// 停用后自动登录
public boolean checkDisableStatus(String loginName) {
User user = new User();
user.setLoginName(loginName);
userDao.findUserByUsername(user);
if (DatabaseConstants.STATUS_2.intValue() == user.getStatus()) {
return true;
} else {
return false;
}
}
public boolean updatePasswordStatus(User user) throws Exception {
if (user.getPassswordStatus() == DatabaseConstants.PASSWORD_STATUS_1.intValue()) {
user.setPassswordStatus(DatabaseConstants.PASSWORD_STATUS_0);
userDao.update(user);
return true;
} else {
return false;
}
}
public JsonResponse findLogin(boolean rememberMe, LoginView user) throws Exception {
JsonResponse jsonResponse = new JsonResponse();
jsonResponse.setSuccess(true);
Subject subject = SecurityUtils.getSubject();
String password = CommonUtils.getMD5(user.getPassword());
Integer ROLE_CODE = ShiroEncryption.decryption(user.get_cmd());
MIVshiroToken token = new MIVshiroToken(user.getLoginName(), password, ROLE_CODE, false);
token.setRememberMe(rememberMe);
try {
subject.login(token);
} catch (UnknownAccountException uae) {
logger.info(String.format("who %s , where %s , warn : %s", token.getUsername(), token.getHost(), uae));
jsonResponse.setSuccess(false);
jsonResponse.setData("用户名或密码错误,请重试。");
} catch (LockedAccountException lae) {
logger.warn(String.format("who %s , where %s , warn : %s", token.getUsername(), token.getHost(), lae));
jsonResponse.setSuccess(false);
jsonResponse.setData("帐号已被停用,请联系管理员!");
} catch (Exception ee) {
logger.info(String.format("who %s , where %s , warn : %s", token.getUsername(), token.getHost(), ee));
jsonResponse.setSuccess(false);
jsonResponse.setData("用户名或密码错误,请重试。");
}
if (jsonResponse.isSuccess()) {
// 默认shiro使用request.getSession
User user_ = this.findAllByLoginName(user.getLoginName());
if (rememberMe) {// 修改密码后成功记住我登陆
user_.setPassswordStatus(DatabaseConstants.PASSWORD_STATUS_0);
this.updatePasswordStatus(user_);
}
subject.getSession(false).setAttribute("principals", user_);
jsonResponse.setSuccess(true);
jsonResponse.setData(ShiroEncryption.decryptionURL(ROLE_CODE, ShiroEncryption.SUCCESS));
}
return jsonResponse;
}
/**
* 第一步:校验用户名与邮箱准确性; 第二步:更新所有以前的找回密码状态为失效 ;第三步:插入新的找回密码
*
* @param loginName
* @param email
* @return
* @throws Exception
*/
public boolean insertApplyPassword(String loginName, String email) throws Exception {
boolean flag = false;
List<User> list = passwordDao.check(loginName, email);// 1
if (list != null && list.size() > 0) {
flag = true;
} else {
return false;
}
flag = passwordDao.updateApplyPassword(loginName, DatabaseConstants.PASSWORD_IS_VALID_0);// 2
if (!flag) {
return false;
}
Passwords password = new Passwords();// 3
Date date = new Date();
password.setCreatedTime(date);
password.setEmail(email);
password.setIndate(org.apache.commons.lang.time.DateUtils.addDays(date, 1));
password.setIsValid(DatabaseConstants.PASSWORD_IS_VALID_1);
password.setLoginName(loginName);
password.setOldPassword(list.get(0).getPassword());
Passwords passwords = (Passwords) passwordDao.save(password);
passwords.setApplyKey(CommonUtils.getMD5(CommonUtils.getMD5(passwords.getId().toString())));
passwordDao.update(passwords);
flag = this.mailSender(loginName, email, passwords);
return flag;
}
/**
* @throws Exception
* @throws MessagingException
*
*/
public boolean mailSender(String loginName, String email, Passwords passwords) {
// 生成HTML
String sourceDir = FreeMarkerUtils.getSourceDir();
String sourceName = "test.ftl";
String targetDir = PropertiesUtil.getProperties("html_file_patch");
String targetName = passwords.getApplyKey() + ".html";
String data = PropertiesUtil.getProperties("http_miv") + passwords.getApplyKey();
try {
FreeMarkerUtils.generateHtml(sourceDir, sourceName, targetDir, targetName, data);
} catch (Exception e1) {
// TODO Auto-generated catch block
e1.printStackTrace();
return false;
}
try {
MimeMessage mailMessage = mailSender.createMimeMessage();
// 设置utf-8或GBK编码,否则邮件会有乱码
MimeMessageHelper messageHelper = new MimeMessageHelper(mailMessage, true, "utf-8");
// 设置收件人,寄件人
messageHelper.setTo(email);
messageHelper.setFrom(mailSender.getUsername());
messageHelper.setSubject("测试HTML邮件!");
// true 表示启动HTML格式的邮件
messageHelper.setText(FreeMarkerUtils.getHtml(targetDir, targetName), true);
// 发送邮件
mailSender.send(mailMessage);
return true;
} catch (MessagingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
return false;
}
}
/**
* 查用户名
*
* @param applyKey
* @return
*/
public boolean updateApplyPassword(String applyKey) {
boolean flag = false;
Date sender = new Date();
Passwords passwords = passwordDao.getUnique(Passwords.class, "applyKey", applyKey);
flag = passwords != null && DateUtils.greaterThan(passwords.getIndate(), sender)
&& (DatabaseConstants.PASSWORD_IS_VALID_1.intValue() == passwords.getIsValid());
if (flag) {
passwords.setIsValid(DatabaseConstants.PASSWORD_IS_VALID_2);
passwords.setRetrieveTime(sender);
passwordDao.update(passwords);
}
return flag;
}
/**
* 校验applyKey,并更改密码
*
* @param applyKey
* @return
*/
public boolean updateApplyPassword(String applyKey, String newPassword) {
boolean flag = false;
Date sender = new Date();
Passwords passwords = passwordDao.getUnique(Passwords.class, "applyKey", applyKey);
flag = passwords != null && DateUtils.greaterThan(passwords.getIndate(), sender)
&& (DatabaseConstants.PASSWORD_IS_VALID_2.intValue() == passwords.getIsValid());
if (flag) {
userDao.updatePassword(passwords.getLoginName(), CommonUtils.getMD5(newPassword));
passwords.setNewPassword(newPassword);
passwords.setIsValid(DatabaseConstants.PASSWORD_IS_VALID_0);
passwords.setRetrieveTime(sender);
passwordDao.update(passwords);
}
return flag;
}
public User findUserByApplyKey(String applyKey) {
Passwords passwords = passwordDao.getUnique(Passwords.class, "applyKey", applyKey);
User user = new User();
user.setLoginName(passwords.getLoginName());
user = userDao.findUserByUsername(user);
return user;
}
}