導入Bcrypt依賴
用於加密解密用戶密碼
<!-- https://mvnrepository.com/artifact/org.mindrot/jbcrypt -->
<dependency>
<groupId>org.mindrot</groupId>
<artifactId>jbcrypt</artifactId>
<version>0.4</version>
</dependency>
基本和之前的手機號校驗登錄差不多 換湯不換葯
用戶登錄流程:
- 首先判斷字段是否合法 若不合法直接拋出異常
- 根據用戶名查詢是否有記錄 若無記錄直接返回
- 使用Bcrypt算法校驗用戶密碼是否匹配 若匹配將設置cookie和redis並返回ok 若不匹配返回error
BCrypt.checkpw() 用戶校驗用戶密碼 若密碼匹配則返回true
controller
public GraceJSONResult adminLogin(AdminLoginVO adminLoginVO,
HttpServletRequest request,
HttpServletResponse response,
BindingResult bindingResult) {
// 1. 首先查詢字段是否合法
if (bindingResult.hasErrors()) {
Map<String, String> bindResultErrors = super.getBindResultErrors(bindingResult);
return GraceJSONResult.errorMap(bindResultErrors);
}
// 2. 首先根據用戶名查詢 用戶在database中是否有記錄
AdminUser usernameByAdmin = adminService.findUsernameByAdmin(adminLoginVO.getUsername());
if (usernameByAdmin == null) {
return GraceJSONResult.errorCustom(ResponseStatusEnum.ADMIN_NOT_EXIT_ERROR);
}
// 3. 查看用戶名密碼是否匹配
boolean flag = BCrypt.checkpw(adminLoginVO.getPassword(), usernameByAdmin.getPassword());
if (flag) {
String token = UUID.randomUUID().toString();
setCookie(request, response, "atoken", token, COOKIE_AGE);
setCookie(request, response, "aid", usernameByAdmin.getId(), COOKIE_AGE);
setCookie(request, response, "aname", usernameByAdmin.getAdminName(), COOKIE_AGE);
redisOperator.set(REDIS_ADMIN_TOKEN + ":" + usernameByAdmin.getId(), token);
return GraceJSONResult.ok();
} else {
return GraceJSONResult.errorCustom(ResponseStatusEnum.ADMIN_NOT_EXIT_ERROR);
}
}
service直接調用mapper 根據用戶名查詢用戶並返回
public AdminUser findUsernameByAdmin(String username) {
QueryWrapper<AdminUser> adminUserQueryWrapper = new QueryWrapper<>();
adminUserQueryWrapper.eq("username", username);
return adminMapper.selectOne(adminUserQueryWrapper);
}