商城项目八、用户模块开发代码实现
1.在controller下创建一个名为portal的包
在此包下新建一个类 UserController
前端请求url /user/login.do在controller添加@Controller 和 @RequestMapping("/user/")
@Controller
@RequestMapping("/user/")
注入 IUserService
@Autowired
private IUserService iUserService;
@RequestMapping(value = "login.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> login(String username, String password, HttpSession session) {
//service-->mybatis-->dao
ServerResponse<User> response = iUserService.login(username, password);
if (response.isSuccess()) {
session.setAttribute(Const.CURRENT_USER, response.getData());
}
return response;
}
在service文件夹下新建IUserService接口 新建impl文件 并创建 UserServiceImpl接口实现类
IUserService:
ServerResponse<User> login(String username, String password);
UserServiceImpl:
@Service("iUserService")
@Autowired
private UserMapper userMapper;
@Override
public ServerResponse<User> login(String username, String password) {
int resultCount = userMapper.checkUsername(username);
if (resultCount == 0) {
return ServerResponse.createByErrorMessage("用户名不存在");
}
//TODO 密码登录MD5
String md5Password = MD5Util.MD5EncodeUtf8(password);
User user = userMapper.selectLogin(username, md5Password);
if (user == null) {
return ServerResponse.createByErrorMessage("密码错误");
}
user.setPassword(StringUtils.EMPTY);
return ServerResponse.createBySuccess("登录成功", user);
}
在util包下新建MD5Util
package com.mmall.util;
import java.security.MessageDigest;
public class MD5Util {
private static String byteArrayToHexString(byte b[]) {
StringBuffer resultSb = new StringBuffer();
for (int i = 0; i < b.length; i++)
resultSb.append(byteToHexString(b[i]));
return resultSb.toString();
}
private static String byteToHexString(byte b) {
int n = b;
if (n < 0)
n += 256;
int d1 = n / 16;
int d2 = n % 16;
return hexDigits[d1] + hexDigits[d2];
}
/**
* 返回大写MD5
*
* @param origin
* @param charsetname
* @return
*/
private static String MD5Encode(String origin, String charsetname) {
String resultString = null;
try {
resultString = new String(origin);
MessageDigest md = MessageDigest.getInstance("MD5");
if (charsetname == null || "".equals(charsetname))
resultString = byteArrayToHexString(md.digest(resultString.getBytes()));
else
resultString = byteArrayToHexString(md.digest(resultString.getBytes(charsetname)));
} catch (Exception exception) {
}
return resultString.toUpperCase();
}
public static String MD5EncodeUtf8(String origin) {
origin = origin + PropertiesUtil.getProperty("password.salt", "");
return MD5Encode(origin, "utf-8");
}
private static final String hexDigits[] = {"0", "1", "2", "3", "4", "5",
"6", "7", "8", "9", "a", "b", "c", "d", "e", "f"};
}
同时新建PropertiesUtil
package com.mmall.util;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.Properties;
public class PropertiesUtil {
private static Logger logger = LoggerFactory.getLogger(PropertiesUtil.class);
private static Properties props;
static {
String fileName = "mmall.properties";
props = new Properties();
try {
props.load(new InputStreamReader(PropertiesUtil.class.getClassLoader().getResourceAsStream(fileName), "UTF-8"));
} catch (IOException e) {
logger.error("配置文件读取异常", e);
}
}
public static String getProperty(String key) {
String value = props.getProperty(key.trim());
if (StringUtils.isBlank(value)) {
return null;
}
return value.trim();
}
public static String getProperty(String key, String defaultValue) {
String value = props.getProperty(key.trim());
if (StringUtils.isBlank(value)) {
value = defaultValue;
}
return value.trim();
}
}
使用同样的方法新建其他的service方法
最终代码
common下新建Const
ResponseCode
ServerResponse
TokenCache
Const:
package com.mmall.common;
public class Const {
public static final String CURRENT_USER = "currentUser";
public static final String EMAIL = "email";
public static final String USERNAME = "username";
public interface Role{
int ROLE_CUSTOMER = 0;//普通用户
int ROLE_ADMIN = 1;//管理员
}
}
ResponseCode:
package com.mmall.common;
public enum ResponseCode {
SUCCESS(0, "SUCCESS"),
ERROR(1, "ERROR"),
NEED_LOGIN(10, "NEED_LOGIN"),
ILLEGAL_ARGUMENT(2, "ILLEGAL_ARGUMENT");
private final int code;
private final String desc;
ResponseCode(int code, String desc) {
this.code = code;
this.desc = desc;
}
public int getCode() {
return code;
}
public String getDesc() {
return desc;
}
}
ServerResponse:
package com.mmall.common;
import com.sun.org.apache.regexp.internal.RE;
import org.codehaus.jackson.annotate.JsonIgnore;
import org.codehaus.jackson.map.annotate.JsonSerialize;
import java.io.Serializable;
@JsonSerialize(include = JsonSerialize.Inclusion.NON_NULL)
//保证序列化json的时候,如果是null的对象,key也会消失
public class ServerResponse<T> implements Serializable {
private int status;
private String msg;
private T data;
private ServerResponse(int status) {
this.status = status;
}
private ServerResponse(int status, T data) {
this.status = status;
this.data = data;
}
private ServerResponse(int status, String msg, T data) {
this.status = status;
this.msg = msg;
this.data = data;
}
private ServerResponse(int status, String msg) {
this.status = status;
this.msg = msg;
}
@JsonIgnore
//使之不在json序列化结果当中
public boolean isSuccess() {
return this.status == ResponseCode.SUCCESS.getCode();
}
public int getStatus() {
return status;
}
public T getData() {
return data;
}
public String getMsg() {
return msg;
}
public static <T> ServerResponse<T> createBySuccess() {
return new ServerResponse<T>(ResponseCode.SUCCESS.getCode());
}
public static <T> ServerResponse<T> createBySuccessMessage(String msg) {
return new ServerResponse<T>(ResponseCode.SUCCESS.getCode(), msg);
}
public static <T> ServerResponse<T> createBySuccess(T data) {
return new ServerResponse<T>(ResponseCode.SUCCESS.getCode(), data);
}
public static <T> ServerResponse<T> createBySuccess(String msg, T data) {
return new ServerResponse<T>(ResponseCode.SUCCESS.getCode(), msg, data);
}
public static <T> ServerResponse<T> createByError(){
return new ServerResponse<T>(ResponseCode.ERROR.getCode(),ResponseCode.ERROR.getDesc());
}
public static <T> ServerResponse<T> createByErrorMessage(String errorMessage){
return new ServerResponse<T>(ResponseCode.ERROR.getCode(),errorMessage);
}
public static <T> ServerResponse<T> createByErrorCodeMessage(int errorCode,String errorMessage){
return new ServerResponse<T>(errorCode,errorMessage);
}
}
controller下新建backend和portal包
backend下新建UserManagerController
package com.mmall.controller.backend;
import com.mmall.common.Const;
import com.mmall.common.ServerResponse;
import com.mmall.pojo.User;
import com.mmall.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("/manager/user")
public class UserManagerController {
@Autowired
private IUserService iUserService;
@RequestMapping(value = "login.do" , method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> login(String username , String password , HttpSession session){
ServerResponse<User> response = iUserService.login(username,password);
if (response.isSuccess()) {
User user = response.getData();
if (user.getRole() == Const.Role.ROLE_ADMIN) {
//登录的是管理员
session.setAttribute(Const.CURRENT_USER,user);
return response;
}else{
return ServerResponse.createByErrorMessage("不是管理员,无法登录");
}
}
return response;
}
}
portal下新建UserController:
package com.mmall.controller.portal;
import com.mmall.common.Const;
import com.mmall.common.ResponseCode;
import com.mmall.common.ServerResponse;
import com.mmall.pojo.User;
import com.mmall.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import javax.servlet.http.HttpSession;
@Controller
@RequestMapping("/user/")
public class UserController {
@Autowired
private IUserService iUserService;
/**
* 用户登录
*
* @param username
* @param password
* @param session
* @return
*/
@RequestMapping(value = "login.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> login(String username, String password, HttpSession session) {
//service-->mybatis-->dao
ServerResponse<User> response = iUserService.login(username, password);
if (response.isSuccess()) {
session.setAttribute(Const.CURRENT_USER, response.getData());
}
return response;
}
@RequestMapping(value = "logout.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> logout(HttpSession session) {
session.removeAttribute(Const.CURRENT_USER);
return ServerResponse.createBySuccess();
}
@RequestMapping(value = "register.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> register(User user) {
return iUserService.register(user);
}
@RequestMapping(value = "check_valid.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> checkValid(String str, String type) {
return iUserService.checkValid(str, type);
}
@RequestMapping(value = "get_user_info.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> getUserInfo(HttpSession session) {
User user = (User) session.getAttribute(Const.CURRENT_USER);
if (user != null) {
return ServerResponse.createBySuccess(user);
}
return ServerResponse.createByErrorMessage("用户未登录,无法获取当前用户的信息");
}
@RequestMapping(value = "forget_get_question.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> forgetGetQuestion(String username) {
return iUserService.selectQuestion(username);
}
@RequestMapping(value = "forget_check_answer.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> forgetCheckAnswer(String username, String question, String answer) {
return iUserService.checkAnswer(username, question, answer);
}
@RequestMapping(value = "forget_reset_password.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> forgetRestPassword(String username, String passwordNew, String forgetToken) {
return iUserService.forgetResetPassword(username, passwordNew, forgetToken);
}
@RequestMapping(value = "reset_password.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<String> resetPassword(HttpSession session, String passwordOld, String passwordNew) {
User user = (User) session.getAttribute(Const.CURRENT_USER);
if (user == null) {
return ServerResponse.createByErrorMessage("用户未登录");
}
return iUserService.resetPassword(passwordOld, passwordNew, user);
}
@RequestMapping(value = "update_information.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> updateInformation(HttpSession session, User user) {
User currentUser = (User) session.getAttribute(Const.CURRENT_USER);
if (currentUser == null) {
return ServerResponse.createByErrorMessage("用户未登录");
}
user.setId(currentUser.getId());
user.setUsername(currentUser.getUsername());
ServerResponse<User> response = iUserService.updateInformation(user);
if (response.isSuccess()) {
session.setAttribute(Const.CURRENT_USER, response.getData());
}
return response;
}
@RequestMapping(value = "get_information.do", method = RequestMethod.POST)
@ResponseBody
public ServerResponse<User> getInformation(HttpSession session) {
User currentUser = (User) session.getAttribute(Const.CURRENT_USER);
if (currentUser == null) {
return ServerResponse.createByErrorCodeMessage(ResponseCode.NEED_LOGIN.getCode(), "未登录,需要强制登录status=10");
}
return iUserService.getInformation(currentUser.getId());
}
}
修改dao的UserMapper
package com.mmall.dao;
import com.mmall.pojo.User;
import org.apache.ibatis.annotations.Param;
public interface UserMapper {
int deleteByPrimaryKey(Integer id);
int insert(User record);
int insertSelective(User record);
User selectByPrimaryKey(Integer id);
int updateByPrimaryKeySelective(User record);
int updateByPrimaryKey(User record);
int checkUsername(String username);
int checkEmail(String email);
User selectLogin(@Param("username") String username, @Param("password") String password);
String selectQuestionByUsername(String username);
int checkAnswer(@Param("username") String username , @Param("question") String question , @Param("answer") String answer);
int updatePasswordByUsername(@Param("username") String username , @Param("passwordNew") String passwordNew);
int checkPassword(@Param("password") String password , @Param("userId") Integer userId);
int checkEmailByUserId(@Param("email") String email , @Param("userId") Integer userId);
}
修改UserServiceImpl
package com.mmall.service.impl;
import com.mmall.common.Const;
import com.mmall.common.ServerResponse;
import com.mmall.common.TokenCache;
import com.mmall.dao.UserMapper;
import com.mmall.pojo.User;
import com.mmall.service.IUserService;
import com.mmall.util.MD5Util;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import java.util.UUID;
@Service("iUserService")
public class UserServiceImpl implements IUserService {
@Autowired
private UserMapper userMapper;
@Override
public ServerResponse<User> login(String username, String password) {
int resultCount = userMapper.checkUsername(username);
if (resultCount == 0) {
return ServerResponse.createByErrorMessage("用户名不存在");
}
//TODO 密码登录MD5
String md5Password = MD5Util.MD5EncodeUtf8(password);
User user = userMapper.selectLogin(username, md5Password);
if (user == null) {
return ServerResponse.createByErrorMessage("密码错误");
}
user.setPassword(StringUtils.EMPTY);
return ServerResponse.createBySuccess("登录成功", user);
}
public ServerResponse<String> register(User user) {
/*int resultCount = userMapper.checkUsername(user.getUsername());
if (resultCount > 0) {
return ServerResponse.createByErrorMessage("用户名已存在");
}*/
/*resultCount = userMapper.checkEmail(user.getEmail());
if (resultCount > 0) {
return ServerResponse.createByErrorMessage("邮箱已存在");
}*/
ServerResponse validResponse = this.checkValid(user.getUsername(), Const.USERNAME);
if (!validResponse.isSuccess()) {
return validResponse;
}
validResponse = this.checkValid(user.getEmail(), Const.EMAIL);
if (!validResponse.isSuccess()) {
return validResponse;
}
user.setRole(Const.Role.ROLE_CUSTOMER);
//MD5加密
user.setPassword(MD5Util.MD5EncodeUtf8(user.getPassword()));
int resultCount = userMapper.insert(user);
if (resultCount == 0) {
return ServerResponse.createByErrorMessage("注册失败");
}
return ServerResponse.createBySuccessMessage("注册成功");
}
public ServerResponse<String> checkValid(String str, String type) {
if (StringUtils.isNoneBlank(type)) {
//开始校验
if (Const.USERNAME.equals(type)) {
int resultCount = userMapper.checkUsername(str);
if (resultCount > 0) {
return ServerResponse.createByErrorMessage("用户名已存在");
}
}
if (Const.EMAIL.equals(type)) {
int resultCount = userMapper.checkEmail(str);
if (resultCount > 0) {
return ServerResponse.createByErrorMessage("邮箱已存在");
}
}
} else {
return ServerResponse.createByErrorMessage("参数错误");
}
return ServerResponse.createBySuccessMessage("检验成功");
}
public ServerResponse selectQuestion(String username) {
//校验
ServerResponse validResponse = this.checkValid(username, Const.USERNAME);
if (validResponse.isSuccess()) {
//用户不存在
return ServerResponse.createByErrorMessage("用户不存在");
}
String question = userMapper.selectQuestionByUsername(username);
if (StringUtils.isNoneBlank(question)) {
return ServerResponse.createBySuccess(question);
}
return ServerResponse.createByErrorMessage("找回密码的问题是空的");
}
public ServerResponse<String> checkAnswer(String username, String question, String answer) {
int resultCount = userMapper.checkAnswer(username, question, answer);
if (resultCount > 0) {
//说明问题及问题答案是这个用户的,并且是正确的
String forgetToken = UUID.randomUUID().toString();
TokenCache.setKey(TokenCache.TOKEN_PREFIX + username, forgetToken);
return ServerResponse.createBySuccess(forgetToken);
}
return ServerResponse.createByErrorMessage("问题的答案错误");
}
public ServerResponse<String> forgetResetPassword(String username, String passwordNew, String forgetToken) {
if (org.apache.commons.lang3.StringUtils.isBlank(forgetToken)) {
return ServerResponse.createByErrorMessage("参数错误,token需要传递");
}
ServerResponse validResponse = this.checkValid(username, Const.USERNAME);
if (validResponse.isSuccess()) {
//用户不存在
return ServerResponse.createByErrorMessage("用户不存在");
}
String token = TokenCache.getKey(TokenCache.TOKEN_PREFIX + username);
if (org.apache.commons.lang3.StringUtils.isBlank(token)) {
return ServerResponse.createByErrorMessage("token无效或者过期");
}
if (org.apache.commons.lang3.StringUtils.equals(forgetToken, token)) {
String md5Password = MD5Util.MD5EncodeUtf8(passwordNew);
int rowCount = userMapper.updatePasswordByUsername(username, md5Password);
if (rowCount > 0) {
return ServerResponse.createBySuccessMessage("修改密码成功");
}
} else {
return ServerResponse.createByErrorMessage("token错误,请重新获取重置密码的token");
}
return ServerResponse.createByErrorMessage("修改密码失败");
}
public ServerResponse<String> resetPassword(String passwordOld, String passwordNew, User user) {
//防止横向越权,要校验一下这个用户的旧密码,一定要指定是这个用户,因为我们会查询一个count(1),如果不指定id,那么结果就是true或count>0;
int resultCount = userMapper.checkPassword(MD5Util.MD5EncodeUtf8(passwordOld), user.getId());
if (resultCount == 0) {
return ServerResponse.createByErrorMessage("旧密码错误");
}
user.setPassword(MD5Util.MD5EncodeUtf8(passwordNew));
int updateCount = userMapper.updateByPrimaryKeySelective(user);
if (updateCount > 0) {
return ServerResponse.createBySuccessMessage("密码更新成功");
}
return ServerResponse.createByErrorMessage("旧密码更新失败");
}
public ServerResponse<User> updateInformation(User user) {
//username是不被更新的
//email也要进行一个校验,校验新的email是不是已经存在,并且存在的email如果相同的话,不能是我们当前的这个用户的
int resultCount = userMapper.checkEmailByUserId(user.getEmail(), user.getId());
if (resultCount > 0) {
return ServerResponse.createByErrorMessage("email已经存在,请更换email在尝试更新");
}
User updateUser = new User();
updateUser.setId(user.getId());
updateUser.setEmail(user.getEmail());
updateUser.setPhone(user.getPhone());
updateUser.setQuestion(user.getQuestion());
updateUser.setAnswer(user.getAnswer());
int updateCount = userMapper.updateByPrimaryKeySelective(updateUser);
if (updateCount > 0) {
return ServerResponse.createBySuccess("更新个人信息成功", updateUser);
}
return ServerResponse.createByErrorMessage("更新个人信息失败");
}
public ServerResponse<User> getInformation(Integer userId) {
User user = userMapper.selectByPrimaryKey(userId);
if (user == null) {
return ServerResponse.createByErrorMessage("找不到当前用户");
}
user.setPassword(StringUtils.EMPTY);
return ServerResponse.createBySuccess(user);
}
}
修改IUserService
package com.mmall.service;
import com.mmall.common.ServerResponse;
import com.mmall.pojo.User;
public interface IUserService {
ServerResponse<User> login(String username, String password);
ServerResponse<String> register(User user);
ServerResponse<String> checkValid(String str,String type);
ServerResponse selectQuestion(String username);
ServerResponse<String> checkAnswer(String username, String question, String answer);
ServerResponse<String> forgetResetPassword(String username , String passwordNew , String forgetToken);
ServerResponse<String> resetPassword(String passwordOld , String passwordNew , User user);
ServerResponse<User> updateInformation(User user);
ServerResponse<User> getInformation(Integer userId);
}
在mmall.properties文件下添加
password.salt = geelysdafaqj23ou89ZXcj@#$@#$#@KJdjklj;D../dSF.,
浙公网安备 33010602011771号