package com.fr.plugin.domainlogin.controller; import com.fr.decision.authority.data.User; import com.fr.decision.webservice.Response; import com.fr.decision.webservice.annotation.LoginStatusChecker; import com.fr.decision.webservice.bean.authentication.LoginRequestInfoBean; import com.fr.decision.webservice.bean.authentication.LoginResponseInfoBean; import com.fr.decision.webservice.utils.DecisionServiceConstants; import com.fr.decision.webservice.v10.login.LoginService; import com.fr.decision.webservice.v10.user.UserService; import com.fr.plugin.domainlogin.beans.DomainLoginBean; import com.fr.security.encryption.transmission.impl.AESTransmissionEncryption; import com.fr.third.springframework.stereotype.Controller; import com.fr.third.springframework.web.bind.annotation.RequestBody; import com.fr.third.springframework.web.bind.annotation.RequestMapping; import com.fr.third.springframework.web.bind.annotation.RequestMethod; import com.fr.third.springframework.web.bind.annotation.ResponseBody; import com.fr.web.controller.decision.api.auth.LoginResource; import com.fr.web.controller.decision.api.entry.HomePageResource; import com.fr.plugin.domainlogin.util.CBCDesUtil; import com.fr.log.FineLoggerFactory; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.nio.charset.StandardCharsets; import java.util.Date; @Controller @LoginStatusChecker( required = false //不需要验证是否登录 ) public class DomainLoginController { private final static int MAX_LOGIN_DURATION = 2*60*1000; @RequestMapping( value = {"/localDomain/login"}, method = {RequestMethod.POST} ) @ResponseBody public Response localDomainLogin(HttpServletRequest req, HttpServletResponse res, @RequestBody DomainLoginBean loginBean) throws Exception { String userInfo = loginBean.getUserInfo();// "Q8hphot6OxPHwCfpeofrbQ=="; FineLoggerFactory.getLogger().info("获取到的加密信息为:"+userInfo); String desKey = "desddddd"; String username = ""; try{ String decodeValue = CBCDesUtil.decodeValue(desKey,userInfo); username = decodeValue.split("\\\\")[1]; FineLoggerFactory.getLogger().info("解密结果为:"+username); } catch(Exception ex){ ex.printStackTrace(); FineLoggerFactory.getLogger().info("解密失败.."); return Response.error("11300007","登录失败"); } //先判断时间戳能对上不 long timeStamp = loginBean.getTimestamp()+MAX_LOGIN_DURATION; long currentTimeStamp = new Date().getTime(); if(timeStamp < currentTimeStamp){ FineLoggerFactory.getLogger().info("当前时间戳超时了。。。"); return Response.error("11300007","登录失败"); } else{ //判断该用户存在不 User user = UserService.getInstance().getUserByUserName(username); if(user == null){ FineLoggerFactory.getLogger().info("决策系统里不存在用户:"+username); return Response.error("21300006","用户不可用"); } // LoginRequestInfoBean infoBean = new LoginRequestInfoBean(); // infoBean.setEncrypted(true); // infoBean.setPassword(AESTransmissionEncryption.getInstance().encrypt(loginBean.getPasswd())); // infoBean.setUsername(loginBean.getUserName()); // infoBean.setValidity(-1); // LoginResponseInfoBean responseBean = LoginService.getInstance().login(req,res,infoBean); String token = LoginService.getInstance().login(req,res,username); FineLoggerFactory.getLogger().info("登录返回token:"+token); if(token != null){ req.setAttribute(DecisionServiceConstants.FINE_AUTH_TOKEN_NAME, token); return Response.ok(token); } else{ return Response.error("11300007","登录失败"); } } } }