|
|
package com.xkl.controller.uspih;
|
|
|
|
|
|
import com.wordnik.swagger.annotations.Api;
|
|
|
import com.wordnik.swagger.annotations.ApiImplicitParam;
|
|
|
import com.wordnik.swagger.annotations.ApiImplicitParams;
|
|
|
import com.wordnik.swagger.annotations.ApiOperation;
|
|
|
import com.xkl.authorization.annotation.Authorization;
|
|
|
import com.xkl.authorization.annotation.CurrentAdmin;
|
|
|
import com.xkl.authorization.manager.ITokenManager;
|
|
|
import com.xkl.authorization.model.TokenModel;
|
|
|
import com.xkl.config.Constants;
|
|
|
import com.xkl.config.ResultStatus;
|
|
|
import com.xkl.domain.XklAdminEntity;
|
|
|
import com.xkl.model.ResultModel;
|
|
|
import com.xkl.repository.AMPMachineRepository;
|
|
|
import com.xkl.repository.AdminRepository;
|
|
|
import com.xkl.security.AntiXSS;
|
|
|
import com.xkl.security.SecurityTool;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.http.HttpStatus;
|
|
|
import org.springframework.http.ResponseEntity;
|
|
|
import org.springframework.util.Assert;
|
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
|
import org.springframework.web.bind.annotation.RequestParam;
|
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
|
|
/**
|
|
|
* USPIH软件登录及退出接口
|
|
|
* 获取和删除token的请求地址,在Restful设计中其实就对应着登录和退出登录的资源映射
|
|
|
*/
|
|
|
@RestController
|
|
|
@Api("USPIH admin account login and logout")
|
|
|
@RequestMapping("/uspih/account")
|
|
|
public class AdminAccountController {
|
|
|
|
|
|
@Autowired
|
|
|
private AdminRepository adminRepository;
|
|
|
|
|
|
@Autowired
|
|
|
private ITokenManager tokenManager;
|
|
|
|
|
|
public static final String USPIH_TOKEN_PREFIX = "USPIHTOKEN";
|
|
|
|
|
|
|
|
|
@AntiXSS
|
|
|
@RequestMapping(method = RequestMethod.POST)
|
|
|
@ApiOperation(value = "USPIH Login", notes = "login")
|
|
|
public ResponseEntity<ResultModel> login(@RequestParam String account, @RequestParam String password) {
|
|
|
Assert.notNull(account, "account can not be empty");
|
|
|
Assert.notNull(password, "password can not be empty");
|
|
|
|
|
|
|
|
|
XklAdminEntity admin = adminRepository.findByAccountAndStatus(account, Constants.STATUS_OK);
|
|
|
//未注册
|
|
|
if (admin == null) {
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
|
|
|
}
|
|
|
String salt = admin.getSalt();
|
|
|
String pass_in_db = admin.getPwd();
|
|
|
String calcuPass = SecurityTool.getPassword(account, password, salt);
|
|
|
if (!calcuPass.equals(pass_in_db) ||//密码错误
|
|
|
admin.getStatus() != 1) {//用户无效
|
|
|
//提示用户名或密码错误
|
|
|
return new ResponseEntity<>(ResultModel.error(ResultStatus.USERNAME_OR_PASSWORD_ERROR), HttpStatus.NOT_FOUND);
|
|
|
}
|
|
|
|
|
|
//生成一个token,保存用户登录状态
|
|
|
TokenModel model = tokenManager.createToken(USPIH_TOKEN_PREFIX + admin.getId());
|
|
|
return new ResponseEntity<>(ResultModel.ok(model), HttpStatus.OK);
|
|
|
}
|
|
|
|
|
|
@RequestMapping(method = RequestMethod.DELETE)
|
|
|
@Authorization
|
|
|
@ApiOperation(value = "USPIH logout")
|
|
|
@ApiImplicitParams({
|
|
|
@ApiImplicitParam(name = "authorization", value = "Input id and login token: userId_tokens", required = true, dataType = "string", paramType = "header"),
|
|
|
})
|
|
|
public ResponseEntity<ResultModel> logout(@CurrentAdmin XklAdminEntity admin) {
|
|
|
tokenManager.deleteToken(USPIH_TOKEN_PREFIX + admin.getId());
|
|
|
return new ResponseEntity<>(ResultModel.ok(), HttpStatus.OK);
|
|
|
}
|
|
|
} |
...
|
...
|
|