jeecg的登录流程-阿里云开发者社区

jeecg的登录流程

2021-12-07 1085

版权

本文内容由阿里云实名注册用户自发贡献，版权归原作者所有，阿里云开发者社区不拥有其著作权，亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容，填写侵权投诉表单进行举报，一经查实，本社区将立刻删除涉嫌侵权内容。

本文涉及的产品

云数据库 Redis 版，社区版 2GB

简介： jeecg的登录流程

1.前段调用接口

2.后台调用其中用户表为 sys_user

3.后台实现

(1).验证用户信息

1. @RequestMapping(value = "/login", method = RequestMethod.POST)
2.  @ApiOperation("登录接口")
3.  public Result<JSONObject> login(@RequestBody SysLoginModel sysLoginModel) throws Exception {
4.    Result<JSONObject> result = new Result<JSONObject>();
5.    String username = sysLoginModel.getUsername();
6.    String password = sysLoginModel.getPassword();
7.    //update-begin--Author:scott  Date:20190805 for：暂时注释掉密码加密逻辑，有点问题
8.    //前端密码加密，后端进行密码解密
9.    //password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
10.     //update-begin--Author:scott  Date:20190805 for：暂时注释掉密码加密逻辑，有点问题
11. 
12.     //1. 校验用户是否有效
13.     SysUser sysUser = sysUserService.getUserByName(username);
14.     result = sysUserService.checkUserIsEffective(sysUser);
15.     if(!result.isSuccess()) {
16.       return result;
17.     }
18. 
19.     //2. 校验用户名或密码是否正确
20.     String userpassword = PasswordUtil.encrypt(username, password, sysUser.getSalt());
21.     String syspassword = sysUser.getPassword();
22.     if (!syspassword.equals(userpassword)) {
23.       result.error500("用户名或密码错误");
24.       return result;
25.     }
26. 
27.     //用户登录信息
28.     userInfo(sysUser, result);
29.     sysBaseAPI.addLog("用户名: " + username + ",登录成功！", CommonConstant.LOG_TYPE_1, null);
30. 
31.     return result;
32.   }
33. 
34.

(2).放入部门，token ,在之后的调用中需要传入token

其中token放入redis中并在每次调用中取出比对。

1. private Result<JSONObject> userInfo(SysUser sysUser, Result<JSONObject> result) {
2.    String syspassword = sysUser.getPassword();
3.    String username = sysUser.getUsername();
4.    // 生成token
5.    String token = JwtUtil.sign(username, syspassword);
6.    redisUtil.set(CommonConstant.PREFIX_USER_TOKEN + token, token);
7.    // 设置超时时间
8.    redisUtil.expire(CommonConstant.PREFIX_USER_TOKEN + token, JwtUtil.EXPIRE_TIME / 1000);
9. 
10.     // 获取用户部门信息
11.     JSONObject obj = new JSONObject();
12.     List<SysDepart> departs = sysDepartService.queryUserDeparts(sysUser.getId());
13.     obj.put("departs", departs);
14.     if (departs == null || departs.size() == 0) {
15.       obj.put("multi_depart", 0);
16.     } else if (departs.size() == 1) {
17.       sysUserService.updateUserDepart(username, departs.get(0).getOrgCode());
18.       obj.put("multi_depart", 1);
19.     } else {
20.       obj.put("multi_depart", 2);
21.     }
22.     obj.put("token", token);
23.     obj.put("userInfo", sysUser);
24.     result.setResult(obj);
25.     result.success("登录成功");
26.     return result;
27.   }

(3).可以使后台不拦截token 路径eecg-boot-master\jeecg-boot\jeecg-boot-module-system\src\main\java\org\jeecg\config\ShiroConfig.java 在其中配置拦截的路径

1. public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
2.    ShiroFilterFactoryBean shiroFilterFactoryBean = new ShiroFilterFactoryBean();
3.    shiroFilterFactoryBean.setSecurityManager(securityManager);
4.    // 拦截器
5.    Map<String, String> filterChainDefinitionMap = new LinkedHashMap<String, String>();
6.    //cas验证登录
7.    filterChainDefinitionMap.put("/hello/**", "anon");
8.    // 配置不会被拦截的链接 顺序判断
9.    filterChainDefinitionMap.put("/sys/login", "anon"); //登录接口排除
10. 
11.     filterChainDefinitionMap.put("/sys/login", "anon"); //登录接口排除
12.     filterChainDefinitionMap.put("/sys/logout", "anon"); //登出接口排除
13.     filterChainDefinitionMap.put("/sys/getEncryptedString", "anon"); //获取加密串
14.     filterChainDefinitionMap.put("/sys/sms", "anon");//短信验证码
15.     filterChainDefinitionMap.put("/sys/phoneLogin", "anon");//手机登录    
16.     filterChainDefinitionMap.put("/sys/user/checkOnlyUser", "anon");//校验用户是否存在
17.     filterChainDefinitionMap.put("/sys/user/register", "anon");//用户注册
18.     filterChainDefinitionMap.put("/sys/user/querySysUser", "anon");//根据手机号获取用户信息
19.     filterChainDefinitionMap.put("/sys/user/phoneVerification", "anon");//用户忘记密码验证手机号
20.     filterChainDefinitionMap.put("/sys/user/passwordChange", "anon");//用户更改密码
21.     filterChainDefinitionMap.put("/auth/2step-code", "anon");//登录验证码
22.     filterChainDefinitionMap.put("/sys/common/view/**", "anon");//图片预览不限制token
23.     filterChainDefinitionMap.put("/sys/common/download/**", "anon");//文件下载不限制token
24.     filterChainDefinitionMap.put("/sys/common/pdf/**", "anon");//pdf预览
25.     filterChainDefinitionMap.put("/generic/**", "anon");//pdf预览需要文件
26.     filterChainDefinitionMap.put("/", "anon");
27.     filterChainDefinitionMap.put("/doc.html", "anon");
28.     filterChainDefinitionMap.put("/**/*.js", "anon");
29.     filterChainDefinitionMap.put("/**/*.css", "anon");
30.     filterChainDefinitionMap.put("/**/*.html", "anon");
31.     filterChainDefinitionMap.put("/**/*.svg", "anon");
32.     filterChainDefinitionMap.put("/**/*.pdf", "anon");
33.     filterChainDefinitionMap.put("/**/*.jpg", "anon");
34.     filterChainDefinitionMap.put("/**/*.png", "anon");
35.     filterChainDefinitionMap.put("/**/*.ico", "anon");
36. 
37.     // update-begin--Author:sunjianlei Date:20190813 for：排除字体格式的后缀
38.     filterChainDefinitionMap.put("/**/*.ttf", "anon");
39.     filterChainDefinitionMap.put("/**/*.woff", "anon");
40.     // update-begin--Author:sunjianlei Date:20190813 for：排除字体格式的后缀
41. 
42.     filterChainDefinitionMap.put("/druid/**", "anon");
43.     filterChainDefinitionMap.put("/swagger-ui.html", "anon");
44.     filterChainDefinitionMap.put("/swagger**/**", "anon");
45.     filterChainDefinitionMap.put("/webjars/**", "anon");
46.     filterChainDefinitionMap.put("/v2/**", "anon");
47. 
48.     //性能监控
49.     filterChainDefinitionMap.put("/actuator/metrics/**", "anon");
50.     filterChainDefinitionMap.put("/actuator/httptrace/**", "anon");
51.     filterChainDefinitionMap.put("/actuator/redis/**", "anon");
52. 
53. 
54.     filterChainDefinitionMap.put("/test/jeecgDemo/demo3", "anon"); //模板测试
55.     filterChainDefinitionMap.put("/test/jeecgDemo/redisDemo/**", "anon"); //redis测试
56. 
57. 
58. 
59.     //排除Online请求
60.     filterChainDefinitionMap.put("/auto/cgform/**", "anon");
61.     //websocket排除
62.     filterChainDefinitionMap.put("/websocket/**", "anon");
63. 
64. 
65. 
66.     // 添加自己的过滤器并且取名为jwt
67.     Map<String, Filter> filterMap = new HashMap<String, Filter>(1);
68.     filterMap.put("jwt", new JwtFilter());
69.     shiroFilterFactoryBean.setFilters(filterMap);
70.     // <!-- 过滤链定义，从上向下顺序执行，一般将/**放在最为下边
71.     filterChainDefinitionMap.put("/**", "jwt");
72. 
73.     // 未授权界面返回JSON
74.     shiroFilterFactoryBean.setUnauthorizedUrl("/sys/common/403");
75.     shiroFilterFactoryBean.setLoginUrl("/sys/common/403");
76.     shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
77.     return shiroFilterFactoryBean;
78.   }

jeecg的登录流程

热门文章

最新文章

相关课程

相关电子书