|
|
|
|
@ -24,10 +24,8 @@ import com.jfinal.plugin.activerecord.Record;
|
|
|
|
|
|
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
import java.io.File;
|
|
|
|
|
import java.util.HashMap;
|
|
|
|
|
import java.util.List;
|
|
|
|
|
import java.util.Map;
|
|
|
|
|
import java.util.UUID;
|
|
|
|
|
import java.util.*;
|
|
|
|
|
import java.util.stream.Collectors;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public class LoginPersonController extends Controller {
|
|
|
|
|
@ -41,9 +39,10 @@ public class LoginPersonController extends Controller {
|
|
|
|
|
* @param username
|
|
|
|
|
* @param password
|
|
|
|
|
* @param captcha
|
|
|
|
|
* @param roles 只能roles中的角色登录
|
|
|
|
|
*/
|
|
|
|
|
@Before({POST.class})
|
|
|
|
|
public void doLogin(String username, String password, String captcha) {
|
|
|
|
|
public void doLogin(String username, String password, String captcha, String roles) {
|
|
|
|
|
JSONObject resultJson = new JSONObject();
|
|
|
|
|
if (StrKit.isBlank(captcha)) {
|
|
|
|
|
resultJson.put("success", false);
|
|
|
|
|
@ -178,6 +177,28 @@ public class LoginPersonController extends Controller {
|
|
|
|
|
renderJson(resultJson);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//如果前台指定必须具备某些角色才能使用这个登录口的话
|
|
|
|
|
if (!StrKit.isBlank(roles)) {
|
|
|
|
|
//1、需要具备的角色
|
|
|
|
|
List<Integer> roleList = Arrays.stream(roles.split(","))
|
|
|
|
|
.map(Integer::parseInt) // 将字符串转换为整数
|
|
|
|
|
.collect(Collectors.toList()); // 收集成列表
|
|
|
|
|
//2、人员已有的角色
|
|
|
|
|
List<Integer> existRole = new ArrayList<>();
|
|
|
|
|
for (Record record : list) {
|
|
|
|
|
existRole.add(record.getInt("duties_id"));
|
|
|
|
|
}
|
|
|
|
|
//3、求交集
|
|
|
|
|
roleList.retainAll(existRole);
|
|
|
|
|
if (roleList.isEmpty()) {
|
|
|
|
|
resultJson.put("success", false);
|
|
|
|
|
resultJson.put("redirect", true);
|
|
|
|
|
resultJson.put("msg", "登录失败,当前登录页面要求指定角色人员才能登录成功!");
|
|
|
|
|
renderJson(resultJson);
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//防止用户攻击修改Cookie
|
|
|
|
|
|
