后台登录
密码不正确
不同角色登录及菜单内容权限
<%@ page language="java" pageEncoding="UTF-8"%>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
<spring:message code="label.app.title"/>
登录
欢迎登录
Form表单要点:配置name属性
package com.moofen.cube.controller.ume.login;
import javax.annotation.Resource;
import javax.servlet.http.HttpSession;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.moofen.core.constant.AuthConstant;
import com.moofen.core.constant.SessionConstant;
import com.moofen.core.entity.sys.um.RoleBase;
import com.moofen.core.mvc.controller.BaseController;
import com.moofen.core.mvc.view.BaseResult;
import com.moofen.cube.service.ume.login.LoginService;
@Controller
@RequestMapping("/user")
public class LoginController extends BaseController {
@Resource(name = "loginService")
private LoginService loginService;
@ResponseBody
@PostMapping("/login")
public JSONObject login(@RequestParam(name = "loginName", required = true) String loginName,
@RequestParam(name = "password", required = true) String password) {
JSONObject result = loginService.login(loginName, password);
BaseResult baseResult = JSON.parseObject(result.toJSONString(), BaseResult.class);
// session中存储账号
if (baseResult.isSuccess()) {
// 设定Session变量
JSONObject data = result.getJSONObject("data");
// 当前身份
RoleBase roldBase = JSON.parseObject(data.getString(SessionConstant.CURR_USER_ROLE), RoleBase.class);
if (roldBase != null) {
// 当前用户
getRequest().getSession().setAttribute(SessionConstant.USER_CODE, data.get(SessionConstant.USER_CODE));
// 当前角色
getRequest().getSession().setAttribute(SessionConstant.CURR_USER_ROLE,
data.get(SessionConstant.CURR_USER_ROLE));
// 当前系统
getRequest().getSession().setAttribute(AuthConstant.SYS_CODE_CUBE, AuthConstant.SYS_CODE_CUBE);
}
}
return result;
}
/**
* 退出系统
*
* @param session
* Session
* @return
* @throws Exception
*/
@GetMapping(value = "/logout")
public String logout(HttpSession session) throws Exception {
// 清除Session
session.invalidate();
return "redirect:../login.html";
}
}
要点:在session里放登录用户信息
package com.moofen.cube.controller.ume.login;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.filter.OncePerRequestFilter;
import com.moofen.core.constant.SessionConstant;
public class SessionFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// 不过滤的uri
String[] notFilter = new String[] { "login", "sign_in1", "cube_resetpw", "frameworks", "assets" };
// 请求的uri
String uri = request.getRequestURI();
// 是否过滤
boolean doFilter = true;
for (String s : notFilter) {
if (uri.indexOf(s) != -1) {
// 如果uri中包含不过滤的uri,则不进行过滤
doFilter = false;
break;
}
}
if (doFilter) {
// 执行过滤
// 从session中获取登录者实体
Object obj = request.getSession().getAttribute(SessionConstant.USER_CODE);
if (null == obj) {
String loginUrl = request.getContextPath() + "/sign_in1.html";
response.sendRedirect(loginUrl);
} else {
// 如果session中存在登录者实体,则继续
filterChain.doFilter(request, response);
}
} else {
// 如果不执行过滤,则继续
filterChain.doFilter(request, response);
}
}
}
Moofen Cube Web
contextConfigLocation
classpath:config/spring/applicationContext*.xml
org.springframework.web.context.ContextLoaderListener
org.apache.logging.log4j.web.Log4jServletContextListener
log4jServletFilter
org.apache.logging.log4j.web.Log4jServletFilter
log4jServletFilter
/
REQUEST
FORWARD
INCLUDE
ERROR
encodingFilter
org.springframework.web.filter.CharacterEncodingFilter
encoding
UTF-8
forceEncoding
true
encodingFilter
/
sessionFilter
com.moofen.cube.controller.ume.login.SessionFilter
sessionFilter
/*
spring
org.springframework.web.servlet.DispatcherServlet
contextConfigLocation
1
spring
/
sign_in1.html
/error
配置登录过滤,除了个别页面,其它所有页面需要登录成功后才有权限访问
角色列表页面
<%@ page language="java" pageEncoding="UTF-8"%>
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
登录
选择登录者身份
package com.moofen.cube.controller.ume.sys.um;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.moofen.core.constant.SessionConstant;
import com.moofen.core.entity.sys.um.RoleBase;
import com.moofen.core.mvc.controller.BaseController;
import com.moofen.cube.service.ume.sys.um.RoleBaseService;
@Controller
@RequestMapping("/ume/sys/um/roles")
public class RoleController extends BaseController{
@Resource(name = "roleBaseService")
private RoleBaseService roleBaseService;
@ResponseBody
@GetMapping("/list")
public JSONObject listRoles(HttpServletRequest request) {
String userCode = (String)request.getSession().getAttribute(SessionConstant.USER_CODE);
return roleBaseService.listRoles(userCode);
}
@ResponseBody
@GetMapping("/select")
public JSONObject select(HttpServletRequest request) {
String roleId=request.getParameter("roleCode");
JSONObject obj = roleBaseService.getRole(roleId);
JSONObject result = obj.getJSONObject("data");
RoleBase roleBase = JSON.parseObject(result.toJSONString(),RoleBase.class);
request.getSession().setAttribute(SessionConstant.CURR_USER_ROLE, roleBase);
return obj;
}
}
<%@ page language="java" pageEncoding="UTF-8"%>
cube首页
package com.moofen.cube.controller.ume.sys.um;
import java.util.HashMap;
import java.util.Map;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import com.alibaba.fastjson.JSONObject;
import com.moofen.core.constant.AuthConstant;
import com.moofen.core.mvc.controller.BaseController;
import com.moofen.cube.service.ume.sys.um.UserAuthorizationService;
@Controller
@RequestMapping("/ume/sys/um/userAuthorization")
public class UserAuthorizationController extends BaseController{
@Resource(name = "userAuthorizationService")
private UserAuthorizationService userAuthorizationService;
@ResponseBody
@GetMapping("/listMenus")
public JSONObject listMenus(HttpServletRequest request) {
Map params = new HashMap();
String sysCode = (String)request.getSession().getAttribute(AuthConstant.SYS_CODE_CUBE);
params.put("roleId", request.getParameter("roleCode"));
params.put("sysCode", sysCode);
JSONObject json = userAuthorizationService.listMenus(params);
return json;
}
@ResponseBody
@GetMapping("/listSchools")
public JSONObject listSchools(HttpServletRequest request) {
Map params = new HashMap();
params.put("roleId", request.getParameter("roleCode"));
return userAuthorizationService.listSchools(params);
}
}