UserInfoController.java 3.61 KB
package com.xkl.controller;

import com.xkl.authorization.annotation.Authorization;
import com.xkl.authorization.annotation.CurrentUser;
import com.xkl.authorization.manager.ITokenManager;
import com.xkl.config.ResultStatus;
import com.xkl.domain.User;
import com.xkl.model.ResultModel;
import com.xkl.repository.UserRepository;
import com.xkl.security.AntiXSS;
import com.wordnik.swagger.annotations.ApiImplicitParam;
import com.wordnik.swagger.annotations.ApiImplicitParams;
import com.wordnik.swagger.annotations.ApiOperation;
import com.xkl.security.SecurityTool;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

/**
 * Created by win7 on 2016/10/19.
 */
@RestController
@RequestMapping("/userInfo")
public class UserInfoController {
    @Autowired
    private UserRepository userRepository;
    @Autowired
    private ITokenManager tokenManager;

    @AntiXSS
    @RequestMapping(method = RequestMethod.POST)
    @ApiOperation(value = "注册")
    public ResponseEntity<ResultModel> register(@RequestParam String username, @RequestParam String password) {
        Assert.notNull(username, "username can not be empty");
        Assert.notNull(password, "password can not be empty");

        User user = userRepository.findByLoginAccount(username);
        if (user != null ) {  //用户已注册
            return new ResponseEntity<>(ResultModel.error(ResultStatus.USER_IS_EXIT), HttpStatus.NOT_FOUND);
        }else{
            String salt= SecurityTool.genSalt();
            String pass=SecurityTool.getPassword(username,password,salt);
            user = new User();
            user.setMemberId(2);
            user.setLoginAccount(username);
            user.setLoginPwd(pass);
            user.setSalt(salt);
            user.setStatus(true);
            userRepository.save(user);
        }
        return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
    }

    @RequestMapping(method = RequestMethod.PUT)
    @Authorization
    @AntiXSS
    @ApiOperation(value = "修改用户密码")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
    })
    public ResponseEntity<ResultModel> modPassword(@CurrentUser User user,@RequestParam String password) {
        Assert.notNull(password, "password can not be empty");
        String salt= SecurityTool.genSalt();
        String pass=SecurityTool.getPassword(user.getLoginAccount(),password,salt);
        user.setLoginPwd(pass);
        user.setSalt(salt);
        userRepository.save(user);
        tokenManager.deleteToken(user.getId());//退出登录
        return new ResponseEntity<>(ResultModel.ok(ResultStatus.USER_LOGOUT), HttpStatus.OK);
    }

    @RequestMapping(method = RequestMethod.GET)
    @Authorization
    @ApiOperation(value = "获取用户昵称")
    @ApiImplicitParams({
            @ApiImplicitParam(name = "authorization", value = "请输入登录返回信息:userId_tokens", required = true, dataType = "string", paramType = "header"),
    })
    public ResponseEntity<ResultModel> getUserNickName(@CurrentUser User user) {
        String dickName=user.getLoginAccount();
        return new ResponseEntity<>(ResultModel.ok(dickName), HttpStatus.OK);
    }

}