P2P后台管理系统
用户登录及获取用户拥有权限功能实现
⒈在16-p2p-admin的index.jsp中为用户名、密码、免登陆的input添加id和name属性
⒉在16-p2p-admin的index.jsp中给登录按钮添加单击事件
⒊引入jQuery的md5插件
注意:因为数据库中存的是加密后的密码,所有我们这里需要对密码进行加密,加密可以在页面中通过jquery插件加密,也可以在控制层通过java代码加密,我们这里在页面通过jQuery插件加密
从已有的p2p-admin中拷贝jQuery.md5.js到16-p2p-admin/webapp/js目录下,并在index.jsp中引入。
<script src="${pageContext.request.contextPath}/js/j
⒋在16-p2p-admin的index.jsp的login函数中发送ajax请求进行登录
function login() {
var userName = $("#userName").val();
var password = $("#password").val();
var freeLogin = $("#freeLogin").is(":checked");
if(userName ==""){
$("#loginTip").html("<span style='color: red;'>请输入登陆账号</span>");
return false;
}else if(password ==""){
$("#loginTip").html("<span style='color: red;'>请输入登陆密码</span>");
return false;
}
//MD5加密
password = $.md5(password);
$.ajax({
url:"${pageContext.request.contextPath}/admin/login",
type:"POST",
dataType:"json",
data:{
"userName":userName,
"password":password,
"freeLogin":freeLogin
},
success:function (rtnMessage) {
if(rtnMessage.errorCode == 1){
//登陆成功 跳转到主页面
window.location.href = "${pageContext.request.contextPath}/admin/profile";
}else{
//登陆失败 提示用户
$("#loginTip").html("<span style='color: red;'>"+rtnMessage.errorMessage+"</span>");
}
}
});
}
⒌在index.jsp页面中添加loginTip提示
⒍在16-p2p-admin的IndexController中添加login方法,处理登录请求
@PostMapping("/admin/login")
public @ResponseBody ReturnObject login(HttpServletRequest request,HttpServletResponse response,
@RequestParam("userName") String userName,
@RequestParam("password") String password,
@RequestParam("freeLogin") boolean freeLogin){
ReturnObject returnObject = new ReturnObject();
UserInfo userInfo = userInfoService.getUserInfoByLogin(userName,password);
if(userInfo == null){
//登陆失败
returnObject.setErrorCode(Constants.ZERO);
returnObject.setErrorMessage("账号或者密码不匹配");
return returnObject;
}else{
//登陆成功
//将用户信息放到session中
request.getSession().setAttribute(Constants.SESSION_USER,userInfo);
returnObject.setErrorCode(Constants.ONE);
returnObject.setErrorMessage("账号成功");
return returnObject;
}
}
⒎在16-p2p-admin的com.bjpowernode.p2p.admin.rto包下创建ReturnObject类封装返回的对象
public class ReturnObject {
private int errorCode;
private String errorMessage;
private Object data;
//省略get|set
⒏在16-p2p-admin的com.bjpowernode.p2p.admin.constant包下创建Constants类,并配置常用常量
public class Constants {
//session中的用户
public static final String SESSION_USER = "userInfo";
//处理失败
public static final int ZERO = 0;
//处理成功
public static final int ONE = 1;
}
⒐在16-p2p-admin的com.bjpowernode.p2p.admin.service包下创建UserInfoService接口,提供getUserInfoByLogin方法
public interface UserInfoService {
UserInfo getUserInfoByLogin(String userName,String password);
}
⒑在16-p2p-admin的com.bjpowernode.p2p.admin.service.impl包下创建UserInfoServiceImpl实现类,对getUserInfoByLogin方法进行实现
@Service
public class UserInfoServiceImpl implements UserInfoService{
@Autowired
private UserInfoMapper userInfoMapper;
@Autowired
private PermissionInfoMapper permissionInfoMapper;
@Override
public UserInfo getUserInfoByLogin(String userName, String password) {
UserInfo userInfo = userInfoMapper.selectByLogin(userName,password);
if(userInfo != null){
//登录成功,获取用户的权限信息
//获取菜单权限
List<PermissionInfo> menuPermissionInfoList
= permissionInfoMapper.selectPermissionInfoByUserIdAndType(userInfo.getId(),"menu");
//获取按钮权限
List<PermissionInfo> buttonPermissionInfoList
= permissionInfoMapper.selectPermissionInfoByUserIdAndType(userInfo.getId(),"button");
userInfo.setMenuPermissionInfoList(menuPermissionInfoList);
userInfo.setButtonPermissionInfoList(buttonPermissionInfoList);
}
return userInfo;
}
}
⒒在16-p2p-admin的UserInfoMapper接口中添加selectByLogin方法
**
* 如果Mapper接口中有多个参数,我们一般有以下几种处理方式
* 1.封装Map集合
* 2.封装参数对象
* 3.@param注解
* 4.根据索引获取
*/
UserInfo selectByLogin(@Param("userName") String userName,
@Param("password") String password);
⒓在16-p2p-admin的UserInfoMapper.xml文件中对selectByLogin进行实现
<select id="selectByLogin" resultMap="BaseResultMap">
select
<include refid="Base_Column_List" />
from u_user_info
where username = #{userName,jdbcType=VARCHAR} and password = #{password,jdbcType=VARCHAR}
</select>
⒔在16-p2p-admin的PermissionInfoMapper接口中添加selectPermissionInfoByUserIdAndType方法
List<PermissionInfo> selectPermissionInfoByUserIdAndType(@Param("userId") Integer userId,
@Param("type") String type);
⒕在16-p2p-admin的PermissionInfoMapper.xml文件中对selectPermissionInfoByUserIdAndType进行实现
这条语句比较复杂,现在Navicat中测试通过后再编写
<sql id="My_Base_Column_List">
pi.id, pi.name, pi.type, pi.url, pi.code, pi.parentid, pi.sort, pi.available
</sql>
<select id="selectPermissionInfoByUserIdAndType" resultMap="BaseResultMap">
select
<include refid="My_Base_Column_List" />
from
u_permission_info pi
left join
u_role_permission rp on pi.id = rp.permission_id
left join
u_role_info ri on ri.id = rp.role_id
left join
u_user_role ur on ur.user_id = ri.id
where
ur.user_id = #{userId,jdbcType=INTEGER} and type = #{type,jdbcType=VARCHAR}
</select>
⒖登录测试
