用戶登錄及獲取用戶擁有權(quán)限功能實現(xiàn)
⒈在16-p2p-admin的index.jsp中為用戶名、密碼、免登陸的input添加id和name屬性
⒉在16-p2p-admin的index.jsp中給登錄按鈕添加單擊事件
⒊引入jQuery的md5插件
注意:因為數(shù)據(jù)庫中存的是加密后的密碼,所有我們這里需要對密碼進行加密,加密可以在頁面中通過jquery插件加密,也可以在控制層通過java代碼加密,我們這里在頁面通過jQuery插件加密
從已有的p2p-admin中拷貝jQuery.md5.js到16-p2p-admin/webapp/js目錄下,并在index.jsp中引入。
<script src="${pageContext.request.contextPath}/js/j
⒋在16-p2p-admin的index.jsp的login函數(shù)中發(fā)送ajax請求進行登錄
function login() {
var userName = $("#userName").val();
var password = $("#password").val();
var freeLogin = $("#freeLogin").is(":checked");
if(userName ==""){
$("#loginTip").html("<span style='color: red;'>請輸入登陸賬號</span>");
return false;
}else if(password ==""){
$("#loginTip").html("<span style='color: red;'>請輸入登陸密碼</span>");
return false;
}
//MD5加密
password = $.md5(password);
$.ajax({
url:"${pageContext.request.contextPath}/admin/login",
type:"POST",
dataType:"json",
data:{
"userName":userName,
"password":password,
"freeLogin":freeLogin
},
success:function (rtnMessage) {
if(rtnMessage.errorCode == 1){
//登陸成功 跳轉(zhuǎn)到主頁面
window.location.href = "${pageContext.request.contextPath}/admin/profile";
}else{
//登陸失敗 提示用戶
$("#loginTip").html("<span style='color: red;'>"+rtnMessage.errorMessage+"</span>");
}
}
});
}
⒌在index.jsp頁面中添加loginTip提示
⒍在16-p2p-admin的IndexController中添加login方法,處理登錄請求
@PostMapping("/admin/login")
public @ResponseBody ReturnObject login(HttpServletRequest request,HttpServletResponse response,
@RequestParam("userName") String userName,
@RequestParam("password") String password,
@RequestParam("freeLogin") boolean freeLogin){
ReturnObject returnObject = new ReturnObject();
UserInfo userInfo = userInfoService.getUserInfoByLogin(userName,password);
if(userInfo == null){
//登陸失敗
returnObject.setErrorCode(Constants.ZERO);
returnObject.setErrorMessage("賬號或者密碼不匹配");
return returnObject;
}else{
//登陸成功
//將用戶信息放到session中
request.getSession().setAttribute(Constants.SESSION_USER,userInfo);
returnObject.setErrorCode(Constants.ONE);
returnObject.setErrorMessage("賬號成功");
return returnObject;
}
}
⒎在16-p2p-admin的com.bjpowernode.p2p.admin.rto包下創(chuàng)建ReturnObject類封裝返回的對象
public class ReturnObject {
private int errorCode;
private String errorMessage;
private Object data;
//省略get|set
⒏在16-p2p-admin的com.bjpowernode.p2p.admin.constant包下創(chuàng)建Constants類,并配置常用常量
public class Constants {
//session中的用戶
public static final String SESSION_USER = "userInfo";
//處理失敗
public static final int ZERO = 0;
//處理成功
public static final int ONE = 1;
}
⒐在16-p2p-admin的com.bjpowernode.p2p.admin.service包下創(chuàng)建UserInfoService接口,提供getUserInfoByLogin方法
public interface UserInfoService {
UserInfo getUserInfoByLogin(String userName,String password);
}
⒑在16-p2p-admin的com.bjpowernode.p2p.admin.service.impl包下創(chuàng)建UserInfoServiceImpl實現(xiàn)類,對getUserInfoByLogin方法進行實現(xiàn)
@Service
public class UserInfoServiceImpl implements UserInfoService{
@Autowired
private UserInfoMapper userInfoMapper;
@Autowired
private PermissionInfoMapper permissionInfoMapper;
@Override
public UserInfo getUserInfoByLogin(String userName, String password) {
UserInfo userInfo = userInfoMapper.selectByLogin(userName,password);
if(userInfo != null){
//登錄成功,獲取用戶的權(quán)限信息
//獲取菜單權(quán)限
List<PermissionInfo> menuPermissionInfoList
= permissionInfoMapper.selectPermissionInfoByUserIdAndType(userInfo.getId(),"menu");
//獲取按鈕權(quán)限
List<PermissionInfo> buttonPermissionInfoList
= permissionInfoMapper.selectPermissionInfoByUserIdAndType(userInfo.getId(),"button");
userInfo.setMenuPermissionInfoList(menuPermissionInfoList);
userInfo.setButtonPermissionInfoList(buttonPermissionInfoList);
}
return userInfo;
}
}
⒒在16-p2p-admin的UserInfoMapper接口中添加selectByLogin方法
**
* 如果Mapper接口中有多個參數(shù),我們一般有以下幾種處理方式
* 1.封裝Map集合
* 2.封裝參數(shù)對象
* 3.@param注解
* 4.根據(jù)索引獲取
*/
UserInfo selectByLogin(@Param("userName") String userName,
@Param("password") String password);
⒓在16-p2p-admin的UserInfoMapper.xml文件中對selectByLogin進行實現(xiàn)
<select id="selectByLogin" resultMap="BaseResultMap">
select
<include refid="Base_Column_List" />
from u_user_info
where username = #{userName,jdbcType=VARCHAR} and password = #{password,jdbcType=VARCHAR}
</select>
⒔在16-p2p-admin的PermissionInfoMapper接口中添加selectPermissionInfoByUserIdAndType方法
List<PermissionInfo> selectPermissionInfoByUserIdAndType(@Param("userId") Integer userId,
@Param("type") String type);
⒕在16-p2p-admin的PermissionInfoMapper.xml文件中對selectPermissionInfoByUserIdAndType進行實現(xiàn)
這條語句比較復雜,現(xiàn)在Navicat中測試通過后再編寫
<sql id="My_Base_Column_List">
pi.id, pi.name, pi.type, pi.url, pi.code, pi.parentid, pi.sort, pi.available
</sql>
<select id="selectPermissionInfoByUserIdAndType" resultMap="BaseResultMap">
select
<include refid="My_Base_Column_List" />
from
u_permission_info pi
left join
u_role_permission rp on pi.id = rp.permission_id
left join
u_role_info ri on ri.id = rp.role_id
left join
u_user_role ur on ur.user_id = ri.id
where
ur.user_id = #{userId,jdbcType=INTEGER} and type = #{type,jdbcType=VARCHAR}
</select>
⒖登錄測試
