package xxx.controllers;
import java.io.IOException;
import java.security.SecureRandom;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import xxx.UserDTO;
import xxx.UserService;
@Controller
@RequestMapping("/user/")
public class UserController {
// 日志记录类
private static final Log logger = LogFactory.getLog(UserController.class);
@Autowired
private UserService userService;
/**
* 登录
*/
@RequestMapping("/login")
@ResponseBody
public Map<String, Object> login(UserDTO user, HttpServletRequest request) {
Map<String, Object> map = new HashMap<>();
UserDTO dbUser = userService.validateUser(user);
if (logger.isDebugEnabled()) {
logger.debug("user " + user + "start to login");
}
if (dbUser != null) {
HttpSession session = request.getSession(true);
session.setAttribute("dbUserInfo", dbUser);
if (logger.isDebugEnabled()) {
logger.debug("user " + user + "login success");
}
} else {
if (logger.isInfoEnabled()) {
logger.info("user " + user + "login failed. reqeust ip is " + request.getRemoteAddr());
}
map.put("resultCode", "0");
}
return map;
}
/**
* 退出
*/
@RequestMapping("/logout")
public String logout(HttpServletRequest req, HttpServletResponse response) {
HttpSession session = req.getSession(true);
logger.debug("User " + session.getAttribute("LOGIN_USERNAME") + " logout.");
session.removeAttribute("dbUserInfo");// 退出
String path = req.getContextPath();
String basePath = req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort() + path + "/";
try {
response.sendRedirect(basePath);
} catch (IOException e) {
e.printStackTrace();
}
return null;
}
/**
* 修改密码
*/
@RequestMapping("/updatePwd")
@ResponseBody
public Map<String, Object> updatePwd(UserDTO user, HttpServletRequest request,
@RequestParam(value = "newPwd") String newPwd) {
Map<String, Object> map = new HashMap<>();
user.setUserPwd(user.getOldPwd());//
UserDTO dbUser = userService.validateUser(user);
if (dbUser != null) {
if (dbUser.getUserName().equals(user.getUserName())) {
String saltValue = pwdRandom();// 生成密码随机码 4702623066698509
user.setUserPwd(newPwd + saltValue);// 111 + 4702623066698509
user.setSalt(saltValue);
user.setUserName(dbUser.getUserName());
user.setUserId(dbUser.getUserId());
try {
userService.updatePwd(user);
map.put("smg", "0000");
} catch (Exception e) {
logger.error("密码修改失败", e);
map.put("smg", "1111");
}
}
} else {
map.put("smg", "1111");
}
return map;
}
/**
* 获取用户信息
*
* @param request
* @return
*/
@RequestMapping("/getUserInfo")
@ResponseBody
public Map<String, Object> getUserInfo(HttpServletRequest request) {
Map<String, Object> map = new HashMap<>();
UserDTO dbUser = (UserDTO) request.getSession().getAttribute("dbUserInfo");
map.put("dbUserInfo", dbUser);
return map;
}
/**
* 生成密码随机码
*
* @param pwd
* @return
*/
public static String pwdRandom() {
SecureRandom secureRandom = new SecureRandom();
StringBuilder sb = new StringBuilder(16);
sb.append(secureRandom.nextInt(99999999)).append(secureRandom.nextInt(99999999));
int len = sb.length();
if (len < 16) {
for (int i = 0; i < 16 - len; i++) {
sb.append("0");
}
}
return sb.toString();
}
}
