#controller
@GetMapping("/login")
public String toLogin() {
return "login";
}
@ResponseBody
@PostMapping(value = "/login")
public String login(@RequestBody User user) {
log.info("在执行用户认证时调用了数据库,原因不明");
//获取当前用户
Subject currentUser = SecurityUtils.getSubject();
UsernamePasswordToken token =
new UsernamePasswordToken(user.getName(), user.getPassword());
try {
currentUser.login(token);
//如果登入成功,返回0通过ajax判断重定向
return "0";
} catch (UnknownAccountException e) {
System.out.println("用户名错误");
return "用户名错误";
} catch (IncorrectCredentialsException e) {
System.out.println("密码错误");
return "密码错误";
}
}
ajax
function login() {
var name = $("input[name='name']").val();
var psw = $("input[name='password']").val();
$.ajax({
type: "post",
url:"[[@{/login}]]",
data: JSON.stringify({"name": name, "password": psw}),
contentType:"application/json;charset=UTF-8",
success:function (result) {
if (result==0){
location.href="[[@{/index}]]";
}else{
alert(result);
}
}
});
}
dao
@Select("SELECT * FROM t_user WHERE name =#{username}")
@Results({
@Result(property = "uId",column = "u_id",id = true),
@Result(property = "roles",column = "u_id",
many = @Many(select = "com.chz.mapper.RoleMapper.queryRole",fetchType = FetchType.LAZY))
})
User queryUser(@Param("username") String username);
@Select("SELECT * FROM t_role WHERE r_id IN (SELECT r_id FROM t_u_r WHERE u_id = #{u_id})")
@Results({
@Result(property = "rId", column = "r_id"),
@Result(property = "perms",column = "r_id",
many =@Many(select = "com.chz.mapper.PermMapper.queryPerms",fetchType = FetchType.LAZY))
})
Role queryRole(@Param("u_id") Integer uid);
@Select("SELECT * FROM t_perm WHERE p_id IN (SELECT p_id FROM t_r_p WHERE r_id = #{r_id})")
List<Perm> queryPerms(@Param("r_id") Integer rId);
日志
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@8451ac9] was not registered for synchronization because synchronization is not active
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@445fd708] will not be managed by Spring
Original SQL: SELECT * FROM t_user WHERE name =?
parser sql: SELECT * FROM t_user WHERE name = ?
==> Preparing: SELECT * FROM t_user WHERE name = ?
==> Parameters: null
<== Total: 0
Closing non transactional SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@8451ac9]
2020-05-04 17:45:53.057 INFO 12384 --- [nio-8080-exec-4] com.chz.controller.UserController : 在执行用户认证前调用了数据库,原因不明
Creating a new SqlSession
SqlSession [org.apache.ibatis.session.defaults.DefaultSqlSession@2bd71b9] was not registered for synchronization because synchronization is not active
JDBC Connection [com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl@445fd708] will not be managed by Spring
Original SQL: SELECT * FROM t_user WHERE name =?
parser sql: SELECT * FROM t_user WHERE name = ?
==> Preparing: SELECT * FROM t_user WHERE name = ?
==> Parameters: fas(String)
<== Columns: u_id, name, password
<== Row: 11, fas, ae6b5430544e4d4b8afcbad1f1f2b55b
<== Total: 1
shiro的Realm
public class CustomizeRealm extends AuthorizingRealm {
@Autowired
private IUserService userService;
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
if (ObjectUtils.isEmpty(principals)){
throw new UnknownAccountException();
}
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
String username = principals.getPrimaryPrincipal().toString();
User user = userService.queryUser(username);
for (Role role : user.getRoles()) {
info.addRole(role.getRole());
for (Perm perm : role.getPerms()) {
info.addStringPermission(perm.getPerm());
}
}
return info;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
UsernamePasswordToken usernamePasswordToken = (UsernamePasswordToken) token;
String username = usernamePasswordToken.getUsername();
User user = userService.queryUser(username);
if (ObjectUtils.isEmpty(user)) {
throw new UnknownAccountException();
}
String password = user.getPassword();
ByteSource salt = ByteSource.Util.bytes(username);
//principal,hashedcredentials,salt,realName
SimpleAuthenticationInfo info =
new SimpleAuthenticationInfo(username,
password,
salt,
getName());
return info;
}
}