增加login功能

colin-lee · Oct 6, 2015 · 327dc66 · 327dc66
1 parent 80abc64
commit 327dc66
Show file tree

Hide file tree

Showing 29 changed files with 15,478 additions and 36 deletions.
diff --git a/config-web/pom.xml b/config-web/pom.xml
@@ -19,6 +19,7 @@
         <spring.version>4.2.1.RELEASE</spring.version>
         <aspectj.version>1.8.7</aspectj.version>
         <jackson.version>2.2.0</jackson.version>
+        <jetty.version>9.0.1.v20130408</jetty.version>
     </properties>
 
     <dependencies>
@@ -174,11 +175,11 @@
             <scope>provided</scope>
         </dependency>
 
+        <!-- JSR303  BeanValidator -->
         <dependency>
-            <groupId>com.google.code.findbugs</groupId>
-            <artifactId>jsr305</artifactId>
-            <version>3.0.0</version>
-            <scope>compile</scope>
+            <groupId>org.hibernate</groupId>
+            <artifactId>hibernate-validator</artifactId>
+            <version>4.3.0.Final</version>
         </dependency>
 
         <!-- JSON begin -->
@@ -229,6 +230,24 @@
                     <check/>
                 </configuration>
             </plugin>
+            <!-- jetty插件, 设定context path与spring profile -->
+            <plugin>
+                <groupId>org.eclipse.jetty</groupId>
+                <artifactId>jetty-maven-plugin</artifactId>
+                <version>${jetty.version}</version>
+                <configuration>
+                    <systemProperties>
+                        <systemProperty>
+                            <name>spring.profiles.active</name>
+                            <value>development</value>
+                        </systemProperty>
+                    </systemProperties>
+                    <useTestClasspath>true</useTestClasspath>
+                    <webAppConfig>
+                        <contextPath>/${project.artifactId}</contextPath>
+                    </webAppConfig>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 </project>
diff --git a/config-web/src/main/java/com/github/autoconf/web/HomeController.java b/config-web/src/main/java/com/github/autoconf/web/HomeController.java
@@ -1,11 +1,57 @@
 package com.github.autoconf.web;
 
+import com.github.autoconf.entity.User;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.UsernamePasswordToken;
 import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+import javax.validation.Valid;
 
 /**
  * 业务主程
  * Created by lirui on 2015-10-04 13:35.
  */
 @Controller
 public class HomeController {
+  @RequestMapping("/login")
+  public String login(Model model) {
+    if (!model.containsAttribute("user")) {
+      model.addAttribute("user", new User());
+    }
+    return "login";
+  }
+
+  @RequestMapping(value = "/login", method = RequestMethod.POST)
+  public String loginAction(@Valid User user, BindingResult result, RedirectAttributes r) {
+    if (result.hasErrors()) {
+      r.addFlashAttribute("user", user);
+      return "redirect:/login";
+    }
+    try {
+      SecurityUtils.getSubject().login(new UsernamePasswordToken(user.getUsername(), user.getPassword()));
+      return "redirect:/";
+    } catch (AuthenticationException e) {
+      r.addFlashAttribute("message", "用户名或者密码错误");
+      r.addFlashAttribute("user", user);
+    }
+    return "redirect:/login";
+  }
+
+  @RequestMapping("/logout")
+  public String logout(RedirectAttributes r) {
+    SecurityUtils.getSubject().logout();
+    r.addFlashAttribute("message", "您已经安全退出");
+    return "redirect:/login";
+  }
+
+  @RequestMapping("unauthorized")
+  public String unauthorized() {
+    return "unauthorized";
+  }
 }
diff --git a/config-web/src/main/java/com/github/jetbrick/functions/JetbrickFunctions.java b/config-web/src/main/java/com/github/jetbrick/functions/JetbrickFunctions.java
@@ -0,0 +1,45 @@
+package com.github.jetbrick.functions;
+
+import jetbrick.template.JetAnnotations;
+import jetbrick.template.runtime.InterpretContext;
+import jetbrick.template.web.JetWebContext;
+
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.Locale;
+
+/**
+ * 为jetbrick-template提供的一个公共扩展
+ * <p/>
+ * Created by lirui on 2015/1/15.
+ */
+@JetAnnotations.Functions
+public final class JetbrickFunctions {
+  public static String copyright() {
+    String year = new SimpleDateFormat("yyyy", Locale.CHINA).format(new Date());
+    return "©" + year + " ColinLee";
+  }
+
+  /**
+   * 针对内部url增加contextPath
+   *
+   * @return 构造好的内部链接
+   */
+  public static String link(String url) {
+    if (url.contains("://") || url.startsWith("//")) {
+      return url;
+    } else {
+      InterpretContext ctx = InterpretContext.current();
+      String path = (String) ctx.getValueStack().getValue(JetWebContext.CONTEXT_PATH);
+      StringBuilder sb = new StringBuilder(32);
+      if (path != null && path.length() > 0) {
+        sb.append(path);
+      }
+      if (url.charAt(0) != '/') {
+        sb.append('/');
+      }
+      sb.append(url);
+      return sb.toString();
+    }
+  }
+}
diff --git a/config-web/src/main/java/com/github/jetbrick/functions/ShiroFunctions.java b/config-web/src/main/java/com/github/jetbrick/functions/ShiroFunctions.java
@@ -0,0 +1,214 @@
+package com.github.jetbrick.functions;
+
+import jetbrick.template.JetAnnotations;
+import org.apache.shiro.SecurityUtils;
+import org.apache.shiro.subject.Subject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import java.beans.BeanInfo;
+import java.beans.Introspector;
+import java.beans.PropertyDescriptor;
+import java.util.Collection;
+
+/**
+ * shiro扩展
+ * <p/>
+ * Created by lirui on 2015/1/16.
+ */
+@JetAnnotations.Functions
+public final class ShiroFunctions {
+  private static final Logger log = LoggerFactory.getLogger(ShiroFunctions.class);
+
+  /* 验证是否为已认证通过的用户，不包含已记住的用户，这是与 isUser 标签方法的区别所在。 */
+  public static boolean authenticated() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject != null && subject.isAuthenticated();
+  }
+
+  /* 验证是否为未认证通过用户，与 isAuthenticated 标签相对应，与 isGuest 标签的区别是，该标签包含已记住用户。 */
+  public static boolean notAuthenticated() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject == null || !subject.isAuthenticated();
+  }
+
+  /* 验证当前用户是否为“访客”，即未认证（包含未记住）的用户。 */
+  public static boolean guest() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject == null || subject.getPrincipal() == null;
+  }
+
+  /* 验证当前用户是否认证通过或已记住的用户。 */
+  public static boolean user() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject != null && subject.getPrincipal() != null;
+  }
+
+  public static boolean remembered() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject != null && subject.isRemembered();
+  }
+
+  public static boolean notRemembered() {
+    Subject subject = SecurityUtils.getSubject();
+    return subject == null || !subject.isRemembered();
+  }
+
+  /* 验证当前用户是否属于该角色 。 */
+  public static boolean hasRole(String role) {
+    Subject subject = SecurityUtils.getSubject();
+    return subject != null && subject.hasRole(role);
+  }
+
+  /* 验证当前用户是否不属于该角色，与 hasRole 逻辑相反。 */
+  public static boolean lacksRole(String role) {
+    return !hasRole(role);
+  }
+
+  /* 验证当前用户是否属于以下任意一个角色。 */
+  public static boolean hasAnyRole(String roleNames) {
+    Subject subject = SecurityUtils.getSubject();
+    if (subject != null) {
+      for (String role : split(roleNames)) {
+        if (subject.hasRole(role.trim())) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /* 验证当前用户是否属于以下任意一个角色。 */
+  public static boolean hasAnyRole(Collection<String> roleNames) {
+    Subject subject = SecurityUtils.getSubject();
+
+    if (subject != null && roleNames != null) {
+      for (String role : roleNames) {
+        if (role != null && subject.hasRole(role.trim())) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /* 验证当前用户是否属于以下任意一个角色。 */
+  public static boolean hasAnyRole(String[] roleNames) {
+    Subject subject = SecurityUtils.getSubject();
+
+    if (subject != null && roleNames != null) {
+      for (String role : roleNames) {
+        if (role != null && subject.hasRole(role.trim())) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /* 验证当前用户是否拥有指定权限 */
+  public static boolean hasPermission(String permission) {
+    Subject subject = SecurityUtils.getSubject();
+    return subject != null && subject.isPermitted(permission);
+  }
+
+  /* 验证当前用户是否不拥有指定权限，与 hasPermission 逻辑相反。 */
+  public static boolean lacksPermission(String permission) {
+    return !hasPermission(permission);
+  }
+
+  /* 验证当前用户是否拥有以下任意一个权限。 */
+  public static boolean hasAnyPermission(String permissions) {
+    Subject subject = SecurityUtils.getSubject();
+    if (subject != null) {
+      for (String permission : split(permissions)) {
+        if (permission != null && subject.isPermitted(permission.trim())) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /* 验证当前用户是否拥有以下任意一个权限。 */
+  public static boolean hasAnyPermission(Collection<String> permissions) {
+    Subject subject = SecurityUtils.getSubject();
+
+    if (subject != null && permissions != null) {
+      for (String permission : permissions) {
+        if (permission != null && subject.isPermitted(permission.trim())) {
+          return true;
+        }
+      }
+    }
+
+    return false;
+  }
+
+  /* 验证当前用户是否拥有以下任意一个权限。 */
+  public static boolean hasAnyPermission(String[] permissions) {
+    Subject subject = SecurityUtils.getSubject();
+
+    if (subject != null && permissions != null) {
+      for (String permission : permissions) {
+        if (permission != null && subject.isPermitted(permission.trim())) {
+          return true;
+        }
+      }
+    }
+    return false;
+  }
+
+  private static String[] split(String val) {
+    return val.split("[,\\s]+");
+  }
+
+  /* 获取当前用户 Principal。 */
+  public static Object principal() {
+    Subject subject = SecurityUtils.getSubject();
+    if (subject != null) {
+      return subject.getPrincipal();
+    }
+
+    return null;
+  }
+
+  /* 获取当前用户属性。 */
+  public static Object principal(String property) {
+    Subject subject = SecurityUtils.getSubject();
+    Object value = null;
+
+    if (subject != null) {
+      Object principal = subject.getPrincipal();
+
+      try {
+        BeanInfo bi = Introspector.getBeanInfo(principal.getClass());
+
+        boolean foundProperty = false;
+        for (PropertyDescriptor pd : bi.getPropertyDescriptors()) {
+          if (pd.getName().equals(property)) {
+            value = pd.getReadMethod().invoke(principal, (Object[]) null);
+            foundProperty = true;
+            break;
+          }
+        }
+
+        if (!foundProperty) {
+          final String message = "Property [" + property + "] not found in principal of type ["
+            + principal.getClass().getName() + "]";
+          log.trace(message);
+        }
+      } catch (Exception e) {
+        final String message = "Error reading property [" + property + "] from principal of type ["
+          + principal.getClass().getName() + "]";
+        log.trace(message);
+      }
+    }
+
+    return value;
+  }
+}