image.png
image.png
将Token写入Cookie服务层做不到,只能由表现层来做.
服务层
package cn.e3mall.sso.service.impl;
import java.util.List;
import java.util.UUID;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.util.DigestUtils;
import cn.e3mall.common.jedis.JedisClient;
import cn.e3mall.common.utils.E3Result;
import cn.e3mall.common.utils.JsonUtils;
import cn.e3mall.mapper.TbUserMapper;
import cn.e3mall.pojo.TbUser;
import cn.e3mall.pojo.TbUserExample;
import cn.e3mall.pojo.TbUserExample.Criteria;
import cn.e3mall.sso.service.LoginService;
@Service
public class LoginServiceImpl implements LoginService {
@Autowired
private TbUserMapper userMapper;
@Autowired
private JedisClient jedisClient;
@Value("${SESSION_EXPIRE}")
private Integer SESSION_EXPIRE;
@Override
public E3Result userLogin(String username, String password) {
// 1、判断用户和密码是否正确
//根据用户名查询用户信息
TbUserExample example = new TbUserExample();
Criteria criteria = example.createCriteria();
criteria.andUsernameEqualTo(username);
//执行查询
List<TbUser> list = userMapper.selectByExample(example);
if (list == null || list.size() == 0) {
//返回登录失败
return E3Result.build(400, "用户名或密码错误");
}
//取用户信息
TbUser user = list.get(0);
//判断密码是否正确
if (!DigestUtils.md5DigestAsHex(password.getBytes()).equals(user.getPassword())) {
// 2、如果不正确,返回登录失败
return E3Result.build(400, "用户名或密码错误");
}
// 3、如果正确生成token。
String token = UUID.randomUUID().toString();
// 4、把用户信息写入redis,key:token value:用户信息
user.setPassword(null);
jedisClient.set("SESSION:" + token, JsonUtils.objectToJson(user));
// 5、设置Session的过期时间
jedisClient.expire("SESSION:" + token, SESSION_EXPIRE);
// 6、把token返回
return E3Result.ok(token);
}
}
表现层
package cn.e3mall.sso.controller;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
/**
* 展示登录页面
* @author Administrator
*
*/
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import cn.e3mall.common.utils.CookieUtils;
import cn.e3mall.common.utils.E3Result;
import cn.e3mall.sso.service.LoginService;
@Controller
public class LoginController {
@Autowired
private LoginService loginService;
@Value("${TOKEN_KEY}")
private String TOKEN_KEY;
@RequestMapping("/page/login")
public String showLogin(){
return "login";
}
@RequestMapping(value="/user/login",method=RequestMethod.POST)
@ResponseBody
public E3Result userLogin(String username,String password,
HttpServletRequest request,HttpServletResponse response){
E3Result result = loginService.userLogin(username, password);
//判断是否登录成功
if(result.getStatus() == 200){
String token = result.getData().toString();
//登录成功把token写入cookie
CookieUtils.setCookie(request, response, TOKEN_KEY, token);
}
return result;
}
}
网友评论