027b213685d0dd7b2de5cea3a0c485cfe737bf56.svn-base 3.78 KB
/**
 * Copyright © 2015-2018 ODM All rights reserved.
 */
package com.thinkgem.jeesite.modules.sys.security;

import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.web.util.WebUtils;
import org.springframework.stereotype.Service;

import com.thinkgem.jeesite.common.utils.StringUtils;
import com.thinkgem.jeesite.modules.sys.entity.User;
import com.thinkgem.jeesite.modules.sys.service.SystemService;

/**
 * 表单验证(包含验证码)过滤类
 * @author ThinkGem
 * @version 2014-5-19
 */
public class FormAuthenticationFiltergty extends org.apache.shiro.web.filter.authc.FormAuthenticationFilter {

	public static final String DEFAULT_MESSAGE_PARAM = "message";

	private String messageParam = DEFAULT_MESSAGE_PARAM;
	
	private SystemService systemService = new SystemService();

	protected AuthenticationToken createToken(ServletRequest request, ServletResponse response) {
		String userId = request.getParameter("GUID");
		String username = "";
		try {
			username = URLDecoder.decode(request.getParameter("NAME"), "UTF-8");
		} catch (UnsupportedEncodingException e) {
			e.printStackTrace();
		}
		//sysIndex?GUID=407450095cd34adf9fb67ab4906e7288&NAME=%25E7%25BD%2597%25E5%25A8%259C
		User user = systemService.getUser(userId);
		String host = StringUtils.getRemoteAddr((HttpServletRequest)request);

		return new UsernamePasswordToken(username, "A11111".toCharArray(), false, host, null, false, "1");
	}
	
	public String getMessageParam() {
		return messageParam;
	}
	
//	protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
//		if (isLoginRequest(request, response)) {
//            if (isLoginSubmission(request, response)) {
//                return executeLogin(request, response);
//            } else {
//                return true;
//            }
//        } else {
//            saveRequestAndRedirectToLogin(request, response);
//            return false;
//        }
//    }
	@SuppressWarnings({"UnusedDeclaration"})
	protected boolean isLoginSubmission(ServletRequest request, ServletResponse response) {
        return (request instanceof HttpServletRequest);
    }
	
	
	
	/**
	 * 登录成功之后跳转URL
	 */
	public String getSuccessUrl() {
		return super.getSuccessUrl();
	}
	
	@Override
	protected void issueSuccessRedirect(ServletRequest request,
			ServletResponse response) throws Exception {
//		Principal p = UserUtils.getPrincipal();
//		if (p != null && !p.isMobileLogin()){
			 WebUtils.issueRedirect(request, response, getSuccessUrl(), null, true);
//		}else{
//			super.issueSuccessRedirect(request, response);
//		}
	}

	/**
	 * 登录失败调用事件
	 */
	@Override
	protected boolean onLoginFailure(AuthenticationToken token,
			AuthenticationException e, ServletRequest request, ServletResponse response) {
		String className = e.getClass().getName(), message = "";
		if (IncorrectCredentialsException.class.getName().equals(className)
				|| UnknownAccountException.class.getName().equals(className)){
			message = "用户或密码错误, 请重试.";
		}
		else if (e.getMessage() != null && StringUtils.startsWith(e.getMessage(), "msg:")){
			message = StringUtils.replace(e.getMessage(), "msg:", "");
		}
		else{
			message = "系统出现点问题,请稍后再试!";
			e.printStackTrace(); // 输出到控制台
		}
        request.setAttribute(getFailureKeyAttribute(), className);
        request.setAttribute(getMessageParam(), message);
        return true;
	}
	
}