首页>代码>springboot+mybatis+Maven+jsp+Quartz整合实战林业厅项目>/ah_lyt/src/main/java/com/ct/ring/action/LoginAction.java
package com.ct.ring.action; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.servlet.ModelAndView; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import org.springframework.web.servlet.view.InternalResourceViewResolver; import javax.servlet.http.HttpServletRequest; @Controller @EnableAutoConfiguration public class LoginAction { protected static Logger logger = LoggerFactory.getLogger( LoginAction.class ); @RequestMapping(value = "/login", method = RequestMethod.GET) public ModelAndView loginGet ( HttpServletRequest request ) { ModelAndView mv = new ModelAndView( "login" ); return mv; } @RequestMapping(value = "/login", method = RequestMethod.POST) public String loginPost ( HttpServletRequest request ) { String resultPageURL = InternalResourceViewResolver.FORWARD_URL_PREFIX + "/"; String username = request.getParameter("username"); String password = request.getParameter("password"); UsernamePasswordToken token = new UsernamePasswordToken(username, password); token.setRememberMe(true); // 获取当前的Subject Subject currentUser = SecurityUtils.getSubject(); try { currentUser.login(token); resultPageURL = "index"; } catch (UnknownAccountException uae) { System.out.println("对用户[" + username + "]进行登录验证..验证未通过,未知账户"); request.setAttribute("message_login", "未知账户"); resultPageURL = "login"; } catch (IncorrectCredentialsException ice) { System.out.println("对用户[" + username + "]进行登录验证..验证未通过,错误的凭证"); request.setAttribute("message_login", "密码不正确"); resultPageURL = "login"; } catch (LockedAccountException lae) { System.out.println("对用户[" + username + "]进行登录验证..验证未通过,账户已禁用"); request.setAttribute("message_login", "账户已禁用"); resultPageURL = "login"; } catch (ExcessiveAttemptsException eae) { System.out.println("对用户[" + username + "]进行登录验证..验证未通过,错误次数过多"); request.setAttribute("message_login", "用户名或密码错误次数过多"); resultPageURL = "login"; } catch (AuthenticationException ae) { // 通过处理Shiro的运行时AuthenticationException就可以控制用户登录失败或密码错误时的情景 System.out.println("对用户[" + username + "]进行登录验证..验证未通过,堆栈轨迹如下"); ae.printStackTrace(); request.setAttribute("message_login", "用户名或密码不正确"); resultPageURL = "login"; } // 验证是否登录成功 if (currentUser.isAuthenticated()) { System.out.println("用户[" + username + "]登录认证通过(这里可以进行一些认证通过后的一些系统参数初始化操作)"); } else { token.clear(); } return resultPageURL; } /** * 用户登出 */ @RequestMapping(value = "/logout", method = RequestMethod.GET) public String logout(RedirectAttributes redirectAttributes) { // 使用权限管理工具进行用户的退出,跳出登录,给出提示信息 SecurityUtils.getSubject().logout(); redirectAttributes.addFlashAttribute("message", "您已安全退出"); return "redirect:/login"; } }