@Controller
@Slf4j
@RequestMapping("/mini-app")
public class AppLoginController extends BaseController {
@Resource
private PasswordService passwordService;
@Resource
private IUserService userService;
@Resource
private RedisCache redisCache;
@Value("${rsa.privateKey}")
private String privateKey;
/**
* h5端登录
* @param loginName 登录名
* @param password 密码
* @return
*/
@PostMapping("/login")
@ResponseBody
public AjaxResult login(String loginName,String password){
try {
log.info("h5端登录");
if (StringUtils.isEmpty(loginName) || StringUtils.isEmpty(password)){
return error("账号或密码不能为空");
}
String logName = RSAUtils.decryptByPrivateKey(loginName, privateKey);
String pwd = RSAUtils.decryptByPrivateKey(password, privateKey);
log.debug("loginName:{},logName:{}", loginName, logName);
log.debug("password:{},pwd:{}", password, pwd);
User user = userService.selectUserByLoginName(logName);
if (null == user){
return error("账号或密码错误");
}
String salt = user.getSalt();
String md5PassWord = passwordService.encryptPassword(logName, pwd, salt);
if (!StringUtils.equals(md5PassWord,user.getPassword())){
return error("账号或密码错误");
}
Map<String, Object> map = new HashMap<String, Object>() {
private static final long serialVersionUID = 1L;
{
put("userId", user.getUserId());
put("expire_time", System.currentTimeMillis() + 1000 * 60 * 60 * 24 * 7);
}
};
String token = JWTUtil.createToken(map, user.getLoginName().getBytes());
//保存token 24小时 每次登录会覆盖原来的token(自动登录有效时间)
redisCache.setCacheObject("APP_TOKEN_" + user.getUserId(), token, 7, TimeUnit.DAYS);
//返回用户信息
UserVo userVo = getUser(user, token);
return AjaxResult.success("登录成功",userVo);
} catch (Exception e) {
return error("账户或密码错误!");
}
}
/**
* 自动登录
* @param token
* @return
*/
@GetMapping("/autoLogin")
@ResponseBody
public AjaxResult autoLogin(String token){
log.info("自动登录");
JWT jwt = JWTUtil.parseToken(token);
Integer userId = (Integer) jwt.getPayload("userId");
User user = userService.selectUserById(Long.valueOf(userId));
if (null == user){
return error("自动登录失败!");
}
Date expireTime = new Date((Long)jwt.getPayload("expire_time"));
Date now = DateUtils.getNowDate();
if (now.after(expireTime)){
return error("登录过期!");
}
boolean verify = JWTUtil.verify(token, user.getLoginName().getBytes());
if (!verify){
return error("自动登录失败!");
}
//返回用户信息
UserVo userVo = getUser(user, token);
return AjaxResult.success("登录成功",userVo);
}
/**
* 返回登录用户信息
*/
public UserVo getUser(User user,String token){
UserVo userVo = new UserVo();
userVo.setUserId(user.getUserId());
userVo.setUserName(user.getUserName());
userVo.setLoginName(user.getLoginName());
userVo.setUserType(user.getUserType());
userVo.setEmail(user.getEmail());
userVo.setPhoneNumber(user.getPhonenumber());
userVo.setSex(user.getSex());
userVo.setAvatar(user.getAvatar());
userVo.setToken(token);
return userVo;
}
/**
* 退出登录
* @param loginName 登录名
* @return
*/
@PostMapping("/logout")
@ResponseBody
public AjaxResult logout(String loginName){
log.info("退出登录");
User user = userService.selectUserByLoginName(loginName);
String key = "APP_TOKEN_" + user.getUserId();
redisCache.deleteObject(key);
return AjaxResult.success("退出成功");
}
}
浙公网安备 33010602011771号