package com.miv.shiro.login.controller;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
import com.miv.agencyportal.menu.home.service.AgencyHomeService;
import com.miv.common.constant.AgencyModules;
import com.miv.common.constant.CallCenterModules;
import com.miv.common.constant.UserModules;
import com.miv.common.utils.APSysLogger;
import com.miv.common.utils.CPSysLogger;
import com.miv.common.utils.UPSysLogger;
import com.miv.core.constant.DatabaseConstants;
import com.miv.core.controller.WebBaseController;
import com.miv.core.json.JsonResponse;
import com.miv.core.utils.MessageUtils;
import com.miv.entity.User;
import com.miv.form.LoginView;
import com.miv.shiro.common.ShiroEncryption;
import com.miv.shiro.login.service.LoginService;
@RequestMapping("/login")
@Controller
public class LoginController extends WebBaseController {
final Logger logger = LoggerFactory.getLogger(LoginController.class);
@Autowired
private LoginService loginService;
@Autowired
private AgencyHomeService agencyHomeService;
@Autowired
private APSysLogger apSysLogger;
@Autowired
private CPSysLogger cpSysLogger;
@Autowired
private UPSysLogger upSysLogger;
/**
* 返回地址
*/
public String getLoaction(Integer ROLE, String role_code) throws Exception {
Subject subject = SecurityUtils.getSubject();
if (subject.getPrincipal() != null) {// 记住我功能
String loginName = subject.getPrincipal().toString();
boolean flag = loginService.checkDisableStatus(loginName) || loginService.checkPassword(loginName);// 密码修改返回true,否则false;
if (flag) {// 修改密码后
return ShiroEncryption.decryptionURL(ROLE, ShiroEncryption.FAILURE);
} else if (subject.hasRole(role_code)) {// 普通用户
if (ROLE.equals(DatabaseConstants.ROLE_CODE_AGENCY)) {
apSysLogger.log(MessageUtils.getMessage("log_ap_login"), getSessionSubject().getId(),
AgencyModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { loginName, role_code, true }));
}
if (ROLE.equals(DatabaseConstants.ROLE_CODE_CALL_CENTER)) {
cpSysLogger.log(MessageUtils.getMessage("log_cp_login"), getSessionSubject().getId(),
CallCenterModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { loginName, role_code, true }));
}
if (ROLE.equals(DatabaseConstants.ROLE_CODE_USER)) {
upSysLogger.log(MessageUtils.getMessage("log_up_login"), getSessionSubject().getId(),
UserModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { loginName, role_code, true }));
}
return ShiroEncryption.decryptionURL(ROLE, ShiroEncryption.SUCCESS);
} else {// 其他
return ShiroEncryption.decryptionURL(ROLE, ShiroEncryption.FAILURE);
}
} else {// 未记住我
return ShiroEncryption.decryptionURL(ROLE, ShiroEncryption.FAILURE);
}
}
/**
* 判定权限不足时跳转对应登录页
*
* @param role_code
* @return
*/
@RequestMapping("/init")
public String init(HttpServletRequest request) throws Exception {
String[] role_code = (String[]) SecurityUtils.getSubject().getSession().getAttribute("role_code");
if (role_code == null || role_code[0].trim().equals("")) {// 非法进来的就普通用户
request.setAttribute("_cmd", ShiroEncryption.encryption(DatabaseConstants.ROLE_CODE_USER));
return ShiroEncryption.decryptionURL(DatabaseConstants.ROLE_CODE_USER, ShiroEncryption.FAILURE);
}
Integer ROLE_CODE = ShiroEncryption.decryption(role_code[0]);
request.setAttribute("_cmd", ShiroEncryption.encryption(ROLE_CODE));
return ShiroEncryption.decryptionURL(ROLE_CODE, ShiroEncryption.FAILURE);
}
/**
* 登录处理普通用户登录地址
*
* @param ModelMap
* @param HttpServletRequest
* @return String
* @throws Exception
*/
@RequestMapping("/user")
public String user(ModelMap map, HttpServletRequest request) throws Exception {
request.setAttribute("_cmd", ShiroEncryption.encryption(DatabaseConstants.ROLE_CODE_USER));
return this.getLoaction(DatabaseConstants.ROLE_CODE_USER, "user");
}
/**
* 登录处理经销商登录地址
*
* @param ModelMap
* @param HttpServletRequest
* @return String
* @throws Exception
*/
@RequestMapping("/agency")
public String agency(ModelMap map, HttpServletRequest request, HttpServletResponse response, HttpSession session)
throws Exception {
request.setAttribute("_cmd", ShiroEncryption.encryption(DatabaseConstants.ROLE_CODE_AGENCY));
String returnHome = this.getLoaction(DatabaseConstants.ROLE_CODE_AGENCY, "agency");
String successHome = ShiroEncryption.decryptionURL(DatabaseConstants.ROLE_CODE_AGENCY, ShiroEncryption.SUCCESS);
if (returnHome.equalsIgnoreCase(successHome)) {
Map<String, String> urlM = agencyHomeService.findPlots(super.getSessionSubject(), response, session);
request.setAttribute("urlM", urlM);
}
return returnHome;
}
/**
* 登录处理客户中心登录地址
*
* @param ModelMap
* @param HttpServletRequest
* @return String
* @throws Exception
*/
@RequestMapping("/call")
public String call(ModelMap map, HttpServletRequest request) throws Exception {
request.setAttribute("_cmd", ShiroEncryption.encryption(DatabaseConstants.ROLE_CODE_CALL_CENTER));
return this.getLoaction(DatabaseConstants.ROLE_CODE_CALL_CENTER, "callCenter");
}
/**
* 登录处理mapping
*
* @param Model
* @param BindingResult
* @return String
* @throws Exception
*/
@ResponseBody
@RequestMapping(value = "/index")
public JsonResponse login(LoginView user, String _cmd, HttpServletRequest request) throws Exception {
JsonResponse jsonResponse = null;
user.setLoginName(user.getLoginName().trim());// 去除前后空格
boolean remember = false;
if (user.getRememberMe() != null && (!user.getRememberMe().trim().equals(""))) {
remember = true;
} else {
remember = false;
}
user.set_cmd(_cmd);
jsonResponse = loginService.findLogin(remember, user);
if (jsonResponse.isSuccess()) {
Integer ROLE_CODE = ShiroEncryption.decryption(user.get_cmd());
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_AGENCY)) {
apSysLogger.log(MessageUtils.getMessage("log_ap_login"), getSessionSubject().getId(),
AgencyModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { user.getLoginName(), _cmd, false }));
}
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_CALL_CENTER)) {
cpSysLogger.log(MessageUtils.getMessage("log_cp_login"), getSessionSubject().getId(),
CallCenterModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { user.getLoginName(), _cmd, false }));
}
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_USER)) {
upSysLogger.log(MessageUtils.getMessage("log_up_login"), getSessionSubject().getId(),
UserModules.Login.loginManage,
MessageUtils.getMessage("log_login_data", new Object[] { user.getLoginName(), _cmd, false }));
}
}
return jsonResponse;
}
/**
* 登出处理
*
* @param ModelMap
* @param BindingResult
* @return
* @throws Exception
*/
@RequestMapping("/logout/{roleCode}")
public String logout(@PathVariable String roleCode, ModelMap map, RedirectAttributes redirectAttributes,
HttpServletRequest request) throws Exception {
Integer ROLE_CODE = ShiroEncryption.decryption(roleCode);
request.setAttribute("_cmd", ShiroEncryption.encryption(ROLE_CODE));
User user = null;
try {
user = super.getSessionSubject();
} catch (Exception e) {
return ShiroEncryption.decryptionURL(ROLE_CODE, ShiroEncryption.FAILURE);
}
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_AGENCY)) {
apSysLogger.log(MessageUtils.getMessage("log_ap_loginout"), getSessionSubject().getId(),
AgencyModules.Login.loginManage,
MessageUtils.getMessage("log_loginout_data", new Object[] { user.getLoginName() }));
}
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_CALL_CENTER)) {
cpSysLogger.log(MessageUtils.getMessage("log_cp_loginout"), getSessionSubject().getId(),
CallCenterModules.Login.loginManage,
MessageUtils.getMessage("log_loginout_data", new Object[] { user.getLoginName() }));
}
if (ROLE_CODE.equals(DatabaseConstants.ROLE_CODE_USER)) {
upSysLogger.log(MessageUtils.getMessage("log_up_loginout"), getSessionSubject().getId(),
UserModules.Login.loginManage,
MessageUtils.getMessage("log_loginout_data", new Object[] { user.getLoginName() }));
}
try {
SecurityUtils.getSubject().logout();
} catch (Exception e) {
logger.warn("Session失效注销");
}
return ShiroEncryption.decryptionURL(ROLE_CODE, ShiroEncryption.FAILURE);
}
@RequestMapping("/home")
public String loginHome(HttpServletRequest request) throws Exception {
Subject subject = SecurityUtils.getSubject();
String url = ShiroEncryption.decryptionURL(DatabaseConstants.ROLE_CODE_USER, ShiroEncryption.FAILURE);
if (subject.isAuthenticated()) {
User user = loginService.findAllByLoginName(subject.getPrincipal().toString());
url = "login/login_goto";
request.setAttribute("url",
ShiroEncryption.decryptionURL(Integer.valueOf(user.getRole().getId().toString())));
}
request.setAttribute("_cmd", ShiroEncryption.encryption(DatabaseConstants.ROLE_CODE_USER));
return url;
}
/**** 找回密码 *****/
/**
* 提交申请转向JSP
*
* @return
*/
@RequestMapping("/applyPasswordJsp")
public String applyPassword() {
return "login/apply_password";
}
/**
* 获得申请key,并发送邮件
*
* @param loginName
* @param email
* @return
* @throws Exception
*/
@ResponseBody
@RequestMapping("/applyPassword")
public JsonResponse applyPassword(String loginName, String email) throws Exception {
JsonResponse jsonResponse = null;
boolean flag = loginService.insertApplyPassword(loginName, email);
jsonResponse = ajaxSuccess(flag);
return jsonResponse;
}
/**
* 登录找回密码JSP
*
* @param request
* @param applyKey
* @return
*/
@RequestMapping("/retrievePasswordJsp/{applyKey}")
public String retrievePassword(HttpServletRequest request, @PathVariable String applyKey) {
String url = "";
boolean refresh = request.getSession().getAttribute("applyPassword") != null
&& ("REFRESH").equals(request.getSession().getAttribute("applyPassword").toString());
if (refresh) {
url = "login/retrieve_password";
return url;
}
boolean flag = loginService.updateApplyPassword(applyKey);
if (!flag) {
request.getSession().setAttribute("applyPassword", "NO");
url = "login/apply_key_error";
} else {
request.getSession().setAttribute("applyPassword", "REFRESH");
url = "login/retrieve_password";
}
return url;
}
/**
* 找回密码--新密码更改操作
*
* @param applyKey
* @return
*/
@ResponseBody
@RequestMapping("/retrievePassword")
public JsonResponse retrievePassword(String applyKey, String newPassword, String confirmPassword) {
JsonResponse jsonResponse = null;
if (!newPassword.equals(confirmPassword)) {
jsonResponse = ajaxFailure("确认密码与新密码不一致");
return jsonResponse;
}
boolean flag = loginService.updateApplyPassword(applyKey, newPassword);
if (flag) {
jsonResponse = ajaxSuccess();
User user = loginService.findUserByApplyKey(applyKey);
upSysLogger.log(MessageUtils.getMessage("log_up_changePassword"), user.getId(),
UserModules.MyInfo.CHANGE_PASSWORD,
MessageUtils.getMessage("log_up_changePassword_data", new Object[] { user.getLoginName() }));
} else {
jsonResponse = ajaxFailure("修改失败");
}
return jsonResponse;
}
/**
* 此为测试JSP
* */
@RequestMapping("/test/{jsp}")
public String test(@PathVariable String jsp, ModelMap map, RedirectAttributes redirectAttributes,
HttpServletRequest request) throws Exception {
// System.out.println(jsp);
return "sections/" + jsp;
}
}