com.yqjr.framework.component.shiro.SystemAuthorizingRealm Maven / Gradle / Ivy
package com.yqjr.framework.component.shiro;
import java.util.Collection;
import java.util.List;
import javax.annotation.PostConstruct;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.Permission;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.stereotype.Service;
import org.springframework.web.context.request.RequestContextHolder;
import org.springframework.web.context.request.ServletRequestAttributes;
import com.yqjr.framework.component.context.SpringContext;
import com.yqjr.framework.datatype.Date;
import com.yqjr.framework.utils.StringUtils;
import com.yqjr.modules.user.model.UserModel;
import com.yqjr.modules.user.service.UserService;
/**
*
* ClassName: SystemAuthorizingRealm
* Description: 自定义Shiro登录Realm
* Create By: Wanglei
* Create Date: 2017年6月8日 上午8:33:41
* Modified By:
* Modified Date:
* Modified Content:
* Version: 1.0
*
*/
@Service
public class SystemAuthorizingRealm extends AuthorizingRealm {
/**
* 该类Service不能使用@Autowired,不能在初始化时使用SpringContext.getInstance().
* getBeanWithClass(UserService.class) 会引起@Transactional失效
* 解决办法:改写getUserSerivce(),再调用时获取
*/
private UserService userService;
/**
* 认证回调函数, 登录时调用
*/
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) {
UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// 校验登录验证码
// if (LoginController.isValidateCodeLogin(token.getUsername(), false,
// false)){
// Session session = UserUtils.getSession();
// String code =
// (String)session.getAttribute(ValidateCodeServlet.VALIDATE_CODE);
// if (token.getCaptcha() == null ||
// !token.getCaptcha().toUpperCase().equals(code)){
// throw new AuthenticationException("msg:验证码错误, 请重试.");
// }
// }
// 校验用户名密码
UserModel condition = new UserModel();
condition.setLoginName(token.getUsername());
condition.setCanLogin(true);
UserModel userModel = getUserService().get(condition);
if (userModel != null) {
if (!userModel.getCanLogin()) {
throw new AuthenticationException("msg:该已帐号禁止登录.");
}
// 保存上次登录信息
userModel.setLastLoginIp(StringUtils.getRemoteAddr(
((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest()));
userModel.setLastLoginDate(new Date());
getUserService().update(userModel);
return new SimpleAuthenticationInfo(new Principal(userModel, token.isMobileLogin()), // 登陆主体
userModel.getPassword(), // md5加密后密码
getName());
} else {
throw new AuthenticationException("msg:用户不存在或者密码错误.");
}
}
/**
* 授权查询回调函数, 进行鉴权但缓存中无用户的授权信息时调用
*/
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
Principal principal = (Principal) getAvailablePrincipal(principals);
UserModel condition = new UserModel();
condition.setLoginName(principal.getLoginName());
UserModel user = getUserService().get(condition);
if (user != null) {
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
// List