package com.ots.project.system.user.controller; import com.ots.common.utils.ServletUtils; import com.ots.common.utils.StringUtils; import com.ots.framework.web.controller.BaseController; import com.ots.framework.web.domain.AjaxResult; import com.ots.project.tool.exam.DecryptUtil; import org.apache.commons.codec.DecoderException; import org.apache.commons.codec.binary.Hex; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.ResponseBody; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @Controller public class LoginController extends BaseController { @GetMapping("/login") public String login(HttpServletRequest request, HttpServletResponse response) { if (ServletUtils.isAjaxRequest(request)) { return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}"); } return "login"; } @PostMapping("/login") @ResponseBody public AjaxResult ajaxLogin(String username, String password, Boolean rememberMe) { try { byte[] bytes = "db2139561c9fe068".getBytes(); byte[] data = Hex.decodeHex(password.toCharArray()); byte[] s = DecryptUtil.AES_CBC_Decrypt(data, bytes, bytes); password = new String(s); } catch (Exception e) { e.printStackTrace(); } UsernamePasswordToken token = new UsernamePasswordToken(username, password, rememberMe); Subject subject = SecurityUtils.getSubject(); try { subject.login(token); return success(); } catch (AuthenticationException e) { String msg = "用户或密码错误"; if (StringUtils.isNotEmpty(e.getMessage())) { msg = e.getMessage(); } return error(msg); } } @GetMapping("/unauth") public String unauth() { return "error/unauth"; } }