package com.moofen.cube.controller.ume.login;
import javax.annotation.Resource;
import javax.servlet.http.HttpSession;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import com.alibaba.fastjson.JSON;
import com.alibaba.fastjson.JSONObject;
import com.moofen.core.constant.AuthConstant;
import com.moofen.core.constant.SessionConstant;
import com.moofen.core.entity.sys.um.RoleBase;
import com.moofen.core.mvc.controller.BaseController;
import com.moofen.core.mvc.view.BaseResult;
import com.moofen.cube.service.ume.login.LoginService;
@Controller
@RequestMapping("/user")
public class LoginController extends BaseController {
@Resource(name = "loginService")
private LoginService loginService;
@ResponseBody
@PostMapping("/login")
public JSONObject login(@RequestParam(name = "loginName", required = true) String loginName,
@RequestParam(name = "password", required = true) String password) {
JSONObject result = loginService.login(loginName, password);
BaseResult baseResult = JSON.parseObject(result.toJSONString(), BaseResult.class);
// session中存储账号
if (baseResult.isSuccess()) {
// 设定Session变量
JSONObject data = result.getJSONObject("data");
// 当前身份
RoleBase roldBase = JSON.parseObject(data.getString(SessionConstant.CURR_USER_ROLE), RoleBase.class);
if (roldBase != null) {
// 当前用户
getRequest().getSession().setAttribute(SessionConstant.USER_CODE, data.get(SessionConstant.USER_CODE));
// 当前角色
getRequest().getSession().setAttribute(SessionConstant.CURR_USER_ROLE,
data.get(SessionConstant.CURR_USER_ROLE));
// 当前系统
getRequest().getSession().setAttribute(AuthConstant.SYS_CODE_CUBE, AuthConstant.SYS_CODE_CUBE);
}
}
return result;
}
/**
* 退出系统
*
* @param session
* Session
* @return
* @throws Exception
*/
@GetMapping(value = "/logout")
public String logout(HttpSession session) throws Exception {
// 清除Session
session.invalidate();
return "redirect:../sign_in1.html";
}
@ResponseBody
@GetMapping("/timeout")
public JSONObject timeout(HttpSession session) throws Exception {
JSONObject obj = new JSONObject();
String userCode = (String) session.getAttribute(SessionConstant.USER_CODE);
obj.put("data", userCode);
obj.put("code", 0);
obj.put("message", "长时间未操作,身份已过期,请重新登录!");
return obj;
}
}
package com.moofen.cube.controller.ume.login;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.web.filter.OncePerRequestFilter;
import com.moofen.core.constant.SessionConstant;
public class SessionFilter extends OncePerRequestFilter {
@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
// 不过滤的uri
String[] notFilter = new String[] { "login", "sign_in1", "cube_resetpw", "timeout", "frameworks", "assets" };
// 请求的uri
String uri = request.getRequestURI();
// 是否过滤
boolean doFilter = true;
for (String s : notFilter) {
if (uri.indexOf(s) != -1) {
// 如果uri中包含不过滤的uri,则不进行过滤
doFilter = false;
break;
}
}
if (doFilter) {
// 执行过滤
// 从session中获取登录者实体
Object obj = request.getSession().getAttribute(SessionConstant.USER_CODE);
if (null == obj) {
String loginUrl = request.getContextPath() + "/sign_in1.html";
response.sendRedirect(loginUrl);
} else {
// 如果session中存在登录者实体,则继续
filterChain.doFilter(request, response);
}
} else {
// 如果不执行过滤,则继续
filterChain.doFilter(request, response);
}
}
}
/*监听session值有无,如无,则跳转到登录页面*/
window.addEventListener("click", function(){
var datas = {};
$.ajax({
type : "get",
async : false,
url : "../user/timeout",
data : datas,
success : function(s) {
if(s.data == null){
window.location.href="../sign_in1.html";
}
},
error : function(XMLHttpRequest, textStatus, errorThrown) {
datas = XMLHttpRequest.data;
console.error("XMLHttpRequest:", XMLHttpRequest);
console.error("textStatus:", textStatus);
console.error("errorThrown:", errorThrown);
}
});
});
后台判断session是否已将销毁,给前台监听事件返回一个状态,判断是否跳转到登录页面。
