Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
_江南一点雨
vhr
提交
84441814
V
vhr
项目概览
_江南一点雨
/
vhr
9 个月 前同步成功
通知
393
Star
80
Fork
9
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
V
vhr
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
84441814
编写于
3月 29, 2020
作者:
江
江南一点雨
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
更新登录请求方式
上级
79b0fd57
变更
6
隐藏空白更改
内联
并排
Showing
6 changed file
with
119 addition
and
101 deletion
+119
-101
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/LoginFilter.java
...web/src/main/java/org/javaboy/vhr/config/LoginFilter.java
+66
-0
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/SecurityConfig.java
.../src/main/java/org/javaboy/vhr/config/SecurityConfig.java
+46
-49
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/VerificationCodeFilter.java
...n/java/org/javaboy/vhr/config/VerificationCodeFilter.java
+0
-47
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/controller/LoginController.java
...main/java/org/javaboy/vhr/controller/LoginController.java
+3
-1
vhr/vhrserver/vhr-web/src/main/resources/application.yml
vhr/vhrserver/vhr-web/src/main/resources/application.yml
+2
-2
vuehr/src/views/Login.vue
vuehr/src/views/Login.vue
+2
-2
未找到文件。
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/LoginFilter.java
0 → 100644
浏览文件 @
84441814
package
org.javaboy.vhr.config
;
import
com.fasterxml.jackson.databind.ObjectMapper
;
import
org.springframework.http.MediaType
;
import
org.springframework.security.authentication.AuthenticationServiceException
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.Authentication
;
import
org.springframework.security.core.AuthenticationException
;
import
org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
java.io.IOException
;
import
java.util.HashMap
;
import
java.util.Map
;
/**
* @作者 江南一点雨
* @微信公众号 江南一点雨
* @网站 http://www.javaboy.org
* @微信 a_java_boy
* @GitHub https://github.com/lenve
* @Gitee https://gitee.com/lenve
*/
public
class
LoginFilter
extends
UsernamePasswordAuthenticationFilter
{
@Override
public
Authentication
attemptAuthentication
(
HttpServletRequest
request
,
HttpServletResponse
response
)
throws
AuthenticationException
{
if
(!
request
.
getMethod
().
equals
(
"POST"
))
{
throw
new
AuthenticationServiceException
(
"Authentication method not supported: "
+
request
.
getMethod
());
}
String
verify_code
=
(
String
)
request
.
getSession
().
getAttribute
(
"verify_code"
);
if
(
request
.
getContentType
().
equals
(
MediaType
.
APPLICATION_JSON_VALUE
)
||
request
.
getContentType
().
equals
(
MediaType
.
APPLICATION_JSON_UTF8_VALUE
))
{
Map
<
String
,
String
>
loginData
=
new
HashMap
<>();
try
{
loginData
=
new
ObjectMapper
().
readValue
(
request
.
getInputStream
(),
Map
.
class
);
String
code
=
loginData
.
get
(
"code"
);
checkCode
(
response
,
code
,
verify_code
);
}
catch
(
IOException
e
)
{
}
String
username
=
loginData
.
get
(
getUsernameParameter
());
String
password
=
loginData
.
get
(
getPasswordParameter
());
if
(
username
==
null
)
{
username
=
""
;
}
if
(
password
==
null
)
{
password
=
""
;
}
username
=
username
.
trim
();
UsernamePasswordAuthenticationToken
authRequest
=
new
UsernamePasswordAuthenticationToken
(
username
,
password
);
setDetails
(
request
,
authRequest
);
return
this
.
getAuthenticationManager
().
authenticate
(
authRequest
);
}
else
{
checkCode
(
response
,
request
.
getParameter
(
"code"
),
verify_code
);
return
super
.
attemptAuthentication
(
request
,
response
);
}
}
public
void
checkCode
(
HttpServletResponse
resp
,
String
code
,
String
verify_code
)
{
if
(
code
==
null
||
verify_code
==
null
||
""
.
equals
(
code
)
||
!
verify_code
.
toLowerCase
().
equals
(
code
.
toLowerCase
()))
{
//验证码不正确
throw
new
AuthenticationServiceException
(
"验证码不正确"
);
}
}
}
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/SecurityConfig.java
浏览文件 @
84441814
...
...
@@ -37,7 +37,6 @@ import java.io.PrintWriter;
* @GitHub https://github.com/lenve
* @博客 http://wangsong.blog.csdn.net
* @网站 http://www.javaboy.org
* @时间 2019-09-20 8:25
*/
@Configuration
public
class
SecurityConfig
extends
WebSecurityConfigurerAdapter
{
...
...
@@ -47,8 +46,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
CustomFilterInvocationSecurityMetadataSource
customFilterInvocationSecurityMetadataSource
;
@Autowired
CustomUrlDecisionManager
customUrlDecisionManager
;
@Autowired
VerificationCodeFilter
verificationCodeFilter
;
@Bean
PasswordEncoder
passwordEncoder
()
{
...
...
@@ -62,14 +59,56 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
public
void
configure
(
WebSecurity
web
)
throws
Exception
{
web
.
ignoring
().
antMatchers
(
"/login"
,
"/css/**"
,
"/js/**"
,
"/index.html"
,
"/img/**"
,
"/fonts/**"
,
"/favicon.ico"
,
"/verifyCode"
);
web
.
ignoring
().
antMatchers
(
"/css/**"
,
"/js/**"
,
"/index.html"
,
"/img/**"
,
"/fonts/**"
,
"/favicon.ico"
,
"/verifyCode"
);
}
@Bean
LoginFilter
loginFilter
()
throws
Exception
{
LoginFilter
loginFilter
=
new
LoginFilter
();
loginFilter
.
setAuthenticationSuccessHandler
(
new
AuthenticationSuccessHandler
()
{
@Override
public
void
onAuthenticationSuccess
(
HttpServletRequest
request
,
HttpServletResponse
response
,
Authentication
authentication
)
throws
IOException
,
ServletException
{
response
.
setContentType
(
"application/json;charset=utf-8"
);
PrintWriter
out
=
response
.
getWriter
();
Hr
hr
=
(
Hr
)
authentication
.
getPrincipal
();
hr
.
setPassword
(
null
);
RespBean
ok
=
RespBean
.
ok
(
"登录成功!"
,
hr
);
String
s
=
new
ObjectMapper
().
writeValueAsString
(
ok
);
out
.
write
(
s
);
out
.
flush
();
out
.
close
();
}
});
loginFilter
.
setAuthenticationFailureHandler
(
new
AuthenticationFailureHandler
()
{
@Override
public
void
onAuthenticationFailure
(
HttpServletRequest
request
,
HttpServletResponse
response
,
AuthenticationException
exception
)
throws
IOException
,
ServletException
{
response
.
setContentType
(
"application/json;charset=utf-8"
);
PrintWriter
out
=
response
.
getWriter
();
RespBean
respBean
=
RespBean
.
error
(
exception
.
getMessage
());
if
(
exception
instanceof
LockedException
)
{
respBean
.
setMsg
(
"账户被锁定,请联系管理员!"
);
}
else
if
(
exception
instanceof
CredentialsExpiredException
)
{
respBean
.
setMsg
(
"密码过期,请联系管理员!"
);
}
else
if
(
exception
instanceof
AccountExpiredException
)
{
respBean
.
setMsg
(
"账户过期,请联系管理员!"
);
}
else
if
(
exception
instanceof
DisabledException
)
{
respBean
.
setMsg
(
"账户被禁用,请联系管理员!"
);
}
else
if
(
exception
instanceof
BadCredentialsException
)
{
respBean
.
setMsg
(
"用户名或者密码输入错误,请重新输入!"
);
}
out
.
write
(
new
ObjectMapper
().
writeValueAsString
(
respBean
));
out
.
flush
();
out
.
close
();
}
});
loginFilter
.
setAuthenticationManager
(
authenticationManagerBean
());
loginFilter
.
setFilterProcessesUrl
(
"/doLogin"
);
return
loginFilter
;
}
@Override
protected
void
configure
(
HttpSecurity
http
)
throws
Exception
{
http
.
addFilterBefore
(
verificationCodeFilter
,
UsernamePasswordAuthenticationFilter
.
class
);
http
.
authorizeRequests
()
// .anyRequest().authenticated()
.
withObjectPostProcessor
(
new
ObjectPostProcessor
<
FilterSecurityInterceptor
>()
{
@Override
public
<
O
extends
FilterSecurityInterceptor
>
O
postProcess
(
O
object
)
{
...
...
@@ -79,49 +118,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
}
})
.
and
()
.
formLogin
()
.
usernameParameter
(
"username"
)
.
passwordParameter
(
"password"
)
.
loginProcessingUrl
(
"/doLogin"
)
.
loginPage
(
"/login"
)
.
successHandler
(
new
AuthenticationSuccessHandler
()
{
@Override
public
void
onAuthenticationSuccess
(
HttpServletRequest
req
,
HttpServletResponse
resp
,
Authentication
authentication
)
throws
IOException
,
ServletException
{
resp
.
setContentType
(
"application/json;charset=utf-8"
);
PrintWriter
out
=
resp
.
getWriter
();
Hr
hr
=
(
Hr
)
authentication
.
getPrincipal
();
hr
.
setPassword
(
null
);
RespBean
ok
=
RespBean
.
ok
(
"登录成功!"
,
hr
);
String
s
=
new
ObjectMapper
().
writeValueAsString
(
ok
);
out
.
write
(
s
);
out
.
flush
();
out
.
close
();
}
})
.
failureHandler
(
new
AuthenticationFailureHandler
()
{
@Override
public
void
onAuthenticationFailure
(
HttpServletRequest
req
,
HttpServletResponse
resp
,
AuthenticationException
exception
)
throws
IOException
,
ServletException
{
resp
.
setContentType
(
"application/json;charset=utf-8"
);
PrintWriter
out
=
resp
.
getWriter
();
RespBean
respBean
=
RespBean
.
error
(
"登录失败!"
);
if
(
exception
instanceof
LockedException
)
{
respBean
.
setMsg
(
"账户被锁定,请联系管理员!"
);
}
else
if
(
exception
instanceof
CredentialsExpiredException
)
{
respBean
.
setMsg
(
"密码过期,请联系管理员!"
);
}
else
if
(
exception
instanceof
AccountExpiredException
)
{
respBean
.
setMsg
(
"账户过期,请联系管理员!"
);
}
else
if
(
exception
instanceof
DisabledException
)
{
respBean
.
setMsg
(
"账户被禁用,请联系管理员!"
);
}
else
if
(
exception
instanceof
BadCredentialsException
)
{
respBean
.
setMsg
(
"用户名或者密码输入错误,请重新输入!"
);
}
out
.
write
(
new
ObjectMapper
().
writeValueAsString
(
respBean
));
out
.
flush
();
out
.
close
();
}
})
.
permitAll
()
.
and
()
.
logout
()
.
logoutSuccessHandler
(
new
LogoutSuccessHandler
()
{
@Override
...
...
@@ -152,5 +148,6 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
out
.
close
();
}
});
http
.
addFilterAt
(
loginFilter
(),
UsernamePasswordAuthenticationFilter
.
class
);
}
}
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/config/VerificationCodeFilter.java
已删除
100644 → 0
浏览文件 @
79b0fd57
package
org.javaboy.vhr.config
;
import
com.fasterxml.jackson.databind.ObjectMapper
;
import
org.javaboy.vhr.model.RespBean
;
import
org.springframework.stereotype.Component
;
import
javax.servlet.*
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
java.io.IOException
;
import
java.io.PrintWriter
;
/**
* @作者 江南一点雨
* @公众号 江南一点雨
* @微信号 a_java_boy
* @GitHub https://github.com/lenve
* @博客 http://wangsong.blog.csdn.net
* @网站 http://www.javaboy.org
* @时间 2020-02-28 22:03
*/
@Component
public
class
VerificationCodeFilter
extends
GenericFilter
{
@Override
public
void
doFilter
(
ServletRequest
servletRequest
,
ServletResponse
servletResponse
,
FilterChain
filterChain
)
throws
IOException
,
ServletException
{
HttpServletRequest
req
=
(
HttpServletRequest
)
servletRequest
;
HttpServletResponse
resp
=
(
HttpServletResponse
)
servletResponse
;
if
(
"POST"
.
equals
(
req
.
getMethod
())
&&
"/doLogin"
.
equals
(
req
.
getServletPath
()))
{
//登录请求
String
code
=
req
.
getParameter
(
"code"
);
String
verify_code
=
(
String
)
req
.
getSession
().
getAttribute
(
"verify_code"
);
if
(
code
==
null
||
verify_code
==
null
||
""
.
equals
(
code
)
||
!
verify_code
.
toLowerCase
().
equals
(
code
.
toLowerCase
()))
{
//验证码不正确
resp
.
setContentType
(
"application/json;charset=utf-8"
);
PrintWriter
out
=
resp
.
getWriter
();
out
.
write
(
new
ObjectMapper
().
writeValueAsString
(
RespBean
.
error
(
"验证码填写错误"
)));
out
.
flush
();
out
.
close
();
return
;
}
else
{
filterChain
.
doFilter
(
req
,
resp
);
}
}
else
{
filterChain
.
doFilter
(
req
,
resp
);
}
}
}
vhr/vhrserver/vhr-web/src/main/java/org/javaboy/vhr/controller/LoginController.java
浏览文件 @
84441814
...
...
@@ -5,6 +5,7 @@ import org.javaboy.vhr.model.RespBean;
import
org.springframework.web.bind.annotation.GetMapping
;
import
org.springframework.web.bind.annotation.RestController
;
import
javax.servlet.http.HttpServletRequest
;
import
javax.servlet.http.HttpServletResponse
;
import
javax.servlet.http.HttpSession
;
import
java.awt.image.BufferedImage
;
...
...
@@ -27,10 +28,11 @@ public class LoginController {
}
@GetMapping
(
"/verifyCode"
)
public
void
verifyCode
(
HttpSe
ssion
session
,
HttpServletResponse
resp
)
throws
IOException
{
public
void
verifyCode
(
HttpSe
rvletRequest
request
,
HttpServletResponse
resp
)
throws
IOException
{
VerificationCode
code
=
new
VerificationCode
();
BufferedImage
image
=
code
.
getImage
();
String
text
=
code
.
getText
();
HttpSession
session
=
request
.
getSession
(
true
);
session
.
setAttribute
(
"verify_code"
,
text
);
VerificationCode
.
output
(
image
,
resp
.
getOutputStream
());
}
...
...
vhr/vhrserver/vhr-web/src/main/resources/application.yml
浏览文件 @
84441814
...
...
@@ -7,11 +7,11 @@ spring:
rabbitmq
:
username
:
guest
password
:
guest
host
:
1
92.168.91.128
host
:
1
27.0.0.1
publisher-confirms
:
true
publisher-returns
:
true
redis
:
host
:
1
92.168.91.128
host
:
1
27.0.0.1
database
:
0
port
:
6379
password
:
123
...
...
vuehr/src/views/Login.vue
浏览文件 @
84441814
...
...
@@ -58,7 +58,7 @@
this
.
$refs
.
loginForm
.
validate
((
valid
)
=>
{
if
(
valid
)
{
this
.
loading
=
true
;
this
.
post
KeyValue
Request
(
'
/doLogin
'
,
this
.
loginForm
).
then
(
resp
=>
{
this
.
postRequest
(
'
/doLogin
'
,
this
.
loginForm
).
then
(
resp
=>
{
this
.
loading
=
false
;
if
(
resp
)
{
this
.
$store
.
commit
(
'
INIT_CURRENTHR
'
,
resp
.
obj
);
...
...
@@ -104,4 +104,4 @@
display
:
flex
;
align-items
:
center
;
}
</
style
>
\ No newline at end of file
</
style
>
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录