springboot thymeleaf和shiro 整合第四篇持久层+控制器+html

package com.ruiguang.entity;

import java.io.Serializable;
import java.util.List;

import javax.persistence.Column;
import javax.persistence.FetchType;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;

public class UserInfo implements Serializable{

private Integer uid;
private String username;//帐号
private String name;//名称（昵称或者真实姓名，不同系统不同定义）
private String password; //密码;
private String salt;//加密密码的盐随机码
private byte state;//用户状态,0:创建未认证（比如没有激活，没有输入验证码等等）--等待验证的用户 , 1:正常状态,2：用户被锁定.
private List<SysRole> roleList;// 一个用户具有多个角色

/*public UserInfo(Integer uid, String username, String name, String password, String salt, byte state) {
super();
this.uid = uid;
this.username = username;
this.name = name;
this.password = password;
this.salt = salt;
this.state = state;
}
public UserInfo(String username, String password, String salt) {
super();
this.username = username;
this.password = password;
this.salt = salt;
}
public UserInfo(String username, String password) {
super();
this.username = username;
this.password = password;
}*/
public Integer getUid() {
return uid;
}
public void setUid(Integer uid) {
this.uid = uid;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getSalt() {
return salt;
}
public void setSalt(String salt) {
this.salt = salt;
}
public byte getState() {
return state;
}
public void setState(byte state) {
this.state = state;
}
public List<SysRole> getRoleList() {
return roleList;
}
public void setRoleList(List<SysRole> roleList) {
this.roleList = roleList;
}
/**
* 密码盐.
* @return
*/
public String getCredentialsSalt(){
String string = this.username+this.salt;
System.out.println("getCredentialsSalt--->"+string);
return this.username+this.salt;
}
//重新对盐重新进行了定义，用户名+salt，这样就更加不容易被破解

}

dao接口

package com.ruiguang.dao;

import org.apache.ibatis.annotations.Mapper;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;

import com.ruiguang.entity.UserInfo;

@Mapper
public interface UserDao {

//查询用户
@Select(value = { "select * from user_info where username=#{username}" })
public UserInfo findByUsername(@Param("username")String username);

//创建新用户
//INSERT INTO `user_info` (`uid`,`username`,`name`,`password`,`salt`,`state`) VALUES ('1', 'admin', '管理员', 'd3c59d25033dbf980d29554025c23a75', '8d78869f470951332959580424d4bf4f', 0);
@Select(value={"INSERT INTO `user_info` (`username`,`password`,`salt`,`state`) VALUES "
+ "(#{username},#{password},#{salt},#{state})"})
//@Param("username") String username,@Param("password")String password,@Param("salt")String salt,@Param("state")String state
public UserInfo createUser(@Param("username") String username,@Param("password")String password,@Param("salt")String salt,@Param("state")String state);

}

控制器

package com.ruiguang.controller;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

@Controller
public class HomeController {
@RequestMapping({"/","/index"})
public String index(){
return"/index";
}

@RequestMapping("/login")
public String login(HttpServletRequest request, Map<String, Object> map) throws Exception{
System.out.println("HomeController.login()");
// 登录失败从request中获取shiro处理的异常信息。
// shiroLoginFailure:就是shiro异常类的全类名.
String exception = (String) request.getAttribute("shiroLoginFailure");
System.out.println("exception=" + exception);
String msg = "";
if (exception != null) {
if (UnknownAccountException.class.getName().equals(exception)) {
System.out.println("UnknownAccountException -- > 账号不存在：");
msg = "UnknownAccountException -- > 账号不存在：";
} else if (IncorrectCredentialsException.class.getName().equals(exception)) {
System.out.println("IncorrectCredentialsException -- > 密码不正确：");
msg = "IncorrectCredentialsException -- > 密码不正确：";
} else if ("kaptchaValidateFailed".equals(exception)) {
System.out.println("kaptchaValidateFailed -- > 验证码错误");
msg = "kaptchaValidateFailed -- > 验证码错误";
} else {
msg = "else >> "+exception;
System.out.println("else -- >" + exception);
}
}
map.put("msg", msg);
// 此方法不处理登录成功,由shiro进行处理
return "/login";
}

@RequestMapping("/403")
public String unauthorizedRole(){
System.out.println("------没有权限-------");
return "403";
}
}

html

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Login</title>
</head>
<body>
错误信息：<h4 th:text="${msg}"></h4>
<form action="" method="post">
<p>账号：<input type="text" name="username" value="tom"/></p>
<p>密码：<input type="text" name="password" value="123456"/></p>
<p><input type="submit" value="登录"/></p>
</form>
</body>
</html>

springboot thymeleaf和shiro 整合 第四篇 持久层+控制器+html

猜你喜欢

springboot thymeleaf和shiro 整合第四篇持久层+控制器+html