}
#### []( )SysLoginController.java
这里重新链接一下要使用的登录验证函数
@Autowired
private ILoginService LoginService;
/**
* 登录方法
*
* @param loginBody 登录信息
* @return 结果
* @throws Exception
*/
@PostMapping("/login")
public AjaxResult login(@RequestBody LoginBody loginBody) throws Exception
{
AjaxResult ajax = AjaxResult.success();
//注意此处调用了LoginService.loginByMobile,需要自己添加
String token = LoginService.loginByMobile(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
loginBody.getUuid());
ajax.put(Constants.TOKEN, token);
return ajax;
}
#### []( )ILoginService.java
package com.ruoyi.framework.web.service;
/**
-
@DESCRIPTION 手机号关于登录接口
-
@author cy
-
@date 2021-11-3 19:56
*/
public interface ILoginService {
String loginByMobile(String username, String password, String code, String uuid) throws Exception;
}
#### []( )LoginServiceImpl.java
此文件是实现的关键
package com.ruoyi.framework.web.service;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.domain.entity.SysUser;
import com.ruoyi.common.core.domain.model.LoginUser;
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.exception.CustomException;
import com.ruoyi.common.exception.user.CaptchaException;
import com.ruoyi.common.exception.user.CaptchaExpireException;
import com.ruoyi.common.exception.user.UserPasswordNotMatchException;
import com.ruoyi.common.utils.MessageUtils;
import com.ruoyi.common.utils.StringUtils;
import com.ruoyi.framework.manager.AsyncManager;
import com.ruoyi.framework.manager.factory.AsyncFactory;
import com.ruoyi.system.service.ISysUserService;
import com.ruoyi.web.controller.tool.AESForNodejs;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Service;
import javax.annotation.Resource;
/**
-
@description: 手机号关于登录接口
-
@author: cy
-
@date: 2021-11-03 20:12
*/
@Service
public class LoginServiceImpl implements ILoginService {
private static final Logger log = LoggerFactory.getLogger(UserDetailsServiceImpl.class);
@Autowired
private TokenService tokenService;
@Resource
private AuthenticationManager authenticationManager;
@Autowired
private ISysUserService userService;
@Autowired
private RedisCache redisCache;
/**
* 免密常量
*/
public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";
/**
* @Description 手机号+密码登录
* @author cy
* @date 2021-11-03 20:32
* @return java.lang.String
* @throws Exception
*/
public String loginByMobile(String account, String password, String code, String uuid) throws Exception{
String verifyKey = Constants.CAPTCHA_CODE_KEY + uuid;
String captcha = redisCache.getCacheObject(verifyKey);
redisCache.deleteObject(verifyKey);
//校验验证码是否正确
if (captcha == null)
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
throw new CaptchaExpireException();
}
if (!code.equalsIgnoreCase(captcha))
{
AsyncManager.me().execute(AsyncFactory.recordLogininfor(account, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
throw new CaptchaException();
}
//通过手机号或许数据库中储存的用户信息
SysUser user = userService.selectUserByAccount(account);
if (StringUtils.isNull(user))
{
log.info("登录用户:{} 不存在.", account);
return loginVerify(account,Constants.LOGIN_FAIL);
}
//解密,判断与数据库中储存的密码是否相同,此处使用AES进行加密解密
String db_password = AESForNodejs.decrypt(user.getPassword());
if(!db_password.equals(password)) {
log.info("登录用户:{} 密码错误.", account);
return loginVerify(account,Constants.LOGIN_FAIL);
}
//TODO 2、用户验证
return loginVerify(account,Constants.CUSTOM_LOGIN_SMS);
}
/**
* @Description 登录验证
* @author cy
* @date 2021-11-03 20:45
* @param userName 用户名
* @param passWord 密码
* @return java.lang.String
*/
private String loginVerify(String userName,String passWord) {
//TODO 1、用户验证
Authentication authentication = null;
try {
//TODO 1.1该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(userName, passWord));
} catch (Exception e) {
if (e instanceof BadCredentialsException) {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
throw new UserPasswordNotMatchException();
} else {
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_FAIL, e.getMessage()));
throw new CustomException(e.getMessage());
}
}
AsyncManager.me().execute(AsyncFactory.recordLogininfor(userName, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
LoginUser loginUser = (LoginUser) authentication.getPrincipal();
//TODO 2、生成token
return tokenService.createToken(loginUser);
}
}
①由于在LoginServiceImpl.java文件中定义了免密常量,所以需要在Constants文件中增加免密常量
/**
* 免密常量
*/
public static final String CUSTOM_LOGIN_SMS = "CUSTOM_LOGIN_SMS";
②由于在LoginServiceImpl.java文件中使用了自定义的AES解密方式,所以需要定义该类
#### []( )AESForNodejs.java
package com.ruoyi.web.controller.tool;
import java.security.MessageDigest;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
/**
-
AES加密,与Nodejs 保持一致
-
@author lmiky
-
@date 2014-2-25
*/
public class AESForNodejs {
public static final String DEFAULT_CODING = "utf-8";
/**
* 解密
* @author lmiky
* @date 2014-2-25
* @param encrypted
* @param seed
* @return
* @throws Exception
*/
public static String decrypt(String encrypted) throws Exception {
String seed = "1234567887654321";
byte[] keyb = seed.getBytes(DEFAULT_CODING);
MessageDigest md = MessageDigest.getInstance("MD5");
byte[] thedigest = md.digest(keyb);
SecretKeySpec skey = new SecretKeySpec(thedigest, "AES");
Cipher dcipher = Cipher.getInstance("AES");
dcipher.init(Cipher.DECRYPT_MODE, skey);
byte[] clearbyte = dcipher.doFinal(toByte(encrypted));
return new String(clearbyte);
}
