1、登录后获取用户信息接口开发
controller层:
//登录后获取用户信息
@RequestMapping(value = "get_user_info.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse getUserInfo(HttpSession session){
User user= (User) session.getAttribute(Const.CURRENT_USER);
if(user!=null){
return ServerResponse.createBySuccess(user);
}
return ServerResponse.createByErrorMessage("用户为未登录,无法获取登录信息");
}
通过session获取当前用户
由于只直接返user对象,所以没有对server层进行操作
接口测试:
1.1.jpg
1.2.jpg
2、忘记密码接口开发
controller层:
//忘记密码
@RequestMapping(value = "forget_get_question.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse forgetGetQuestion(String username){
return iUserService.selectQuestion(username);
}
server层:
//查询问题
ServerResponse selectQuestion(String username);
serverImpl 层:
//忘记密码
public ServerResponse selectQuestion(String username){
ServerResponse validResponse=this.checkValid(username,Const.USERNAME);
if(validResponse.isSuccess()){
//用户不存在
return ServerResponse.createByErrorMessage("用户不存在");
}
String question =userMapper.selectQuestionByUsername(username);
if(StringUtils.isNotBlank(question)){
return ServerResponse.createBySuccess(question);
}
return ServerResponse.createByErrorMessage("找回密码门的问题是空");
}
先在UserMapper中将接口写好:
String selectQuestionByUsername(String username);
对应mapper.xmlSQL语句:
接口测试
2.1.jpg
3、提示问题和答案(是在用户登录的前提下)接口开发
controller层:
//提交问题答案
@RequestMapping(value = "forget_check_answer.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse forgetCheckAnswer(String username,String question,String answer){
return iUserService.CheckAnswer(username,question,answer);
}
Server:
//校验问题的回答
ServerResponse CheckAnswer(String username,String question,String answer);
serverImpl:
//校验回答是否正确
public ServerResponse CheckAnswer(String username,String question,String answer){
int resultCount=userMapper.checkAnwser(username,question,answer);
if(resultCount>0){
//说明问题及问题答案是这个用户的,并且回答正确
String forgetToken= UUID.randomUUID().toString();
TokenCache.setKey(TokenCache.TOKEN_PREFIX+username,forgetToken);
return ServerResponse.createBySuccess(forgetToken);
}
//说明问题是这个用户,但是回答错误
return ServerResponse.createByErrorMessage("回答错误");
}
校验答案UserMapper:
int checkAnwser(@Param("username") String username, @Param("question") String question, @Param("answer") String answer);
对应功能的UserMapper.xml:
接口测试:
3.1.jpg
4、重置密码接口开发:
controller:
//登录状态的重置密码
@RequestMapping(value = "rest_password.do",method = RequestMethod.POST)
@ResponseBody
public ServerResponse restPassword(HttpSession session, String passwordOld,String passwordNew){
User user= (User) session.getAttribute(Const.CURRENT_USER);
if(user==null){
return ServerResponse.createByErrorMessage("用户未登录");
}
//return ServerResponse.createByErrorMessage("用户已登陆");
return iUserService.resetPassword(passwordOld,passwordNew,user);
}
server:
//登录状态下重置密码
ServerResponse resetPassword(String passwordOld,String passwordNew,User user);
serverImpl:
//登录状态下的密码重置
public ServerResponse resetPassword(String passwordOld,String passwordNew,User user) {
//防止横向越权,要校验一下这个用户的旧密码,一定要指向这个用户。因为我们会查询一个count(1),如果不指定id,那么结果可能就是true count>0
int resultCount = userMapper.checkPassword(MD5Util.MD5EncodeUtf8(passwordOld), user.getId());
if (resultCount == 0) {
return ServerResponse.createByErrorMessage("旧密码错误,修改失败");
}
user.setPassword(MD5Util.MD5EncodeUtf8(passwordNew));
int updateCount = userMapper.updateByPrimaryKeySelective(user);
if (updateCount > 0) {
return ServerResponse.createBySuccessMessage("修改成功");
}
return ServerResponse.createByErrorMessage("密码更新失败");
}
4.1.jpg
对应UserMapper:
int updateByPrimaryKeySelective(User record);
调用的是逆向工程生产的方法,故而不用自己写xml中的SQL
接口测试:
4.2.jpg