9 years ago · a49c5e2ea8
--- a/src/main/java/com/uas/platform/b2b/controller/SecurityController.java
+++ b/src/main/java/com/uas/platform/b2b/controller/SecurityController.java
@@ -1,12 +1,13 @@
 
				 package com.uas.platform.b2b.controller;

			
 
				 

			
 
				 import java.io.IOException;

			
 
				+import java.util.ArrayList;

			
 
				+import java.util.List;

			
 
				 

			
 
				 import javax.servlet.http.HttpServletRequest;

			
 
				 import javax.servlet.http.HttpServletResponse;

			
 
				 import javax.servlet.http.HttpSession;

			
 
				 

			
 
				-import org.apache.commons.lang3.StringUtils;

			
 
				 import org.apache.log4j.Logger;

			
 
				 import org.springframework.beans.factory.annotation.Autowired;

			
 
				 import org.springframework.http.HttpStatus;

			
@@ -14,7 +15,9 @@ import org.springframework.mobile.device.Device;
 
				 import org.springframework.mobile.device.DeviceResolver;

			
 
				 import org.springframework.mobile.device.LiteDeviceResolver;

			
 
				 import org.springframework.mobile.device.site.SitePreference;

			
 
				+import org.springframework.security.core.userdetails.UsernameNotFoundException;

			
 
				 import org.springframework.ui.ModelMap;

			
 
				+import org.springframework.util.StringUtils;

			
 
				 import org.springframework.web.bind.annotation.RequestMapping;

			
 
				 import org.springframework.web.bind.annotation.RequestMethod;

			
 
				 import org.springframework.web.bind.annotation.ResponseBody;

			
@@ -28,6 +31,7 @@ import com.uas.platform.b2b.service.SigninLogService;
 
				 import com.uas.platform.b2b.service.UserService;

			
 
				 import com.uas.platform.b2b.support.SystemSession;

			
 
				 import com.uas.platform.core.util.AgentUtils;

			
 
				+import com.uas.platform.core.util.encry.Md5Utils;

			
 
				 import com.uas.platform.core.util.serializer.FlexJsonUtils;

			
 
				 import com.uas.sso.AuthToken;

			
 
				 import com.uas.sso.SSOConfig;

			
@@ -215,4 +219,62 @@ public class SecurityController {
 
				 		return SitePreference.NORMAL;

			
 
				 	}

			
 
				 

			
 
				+	static final String TEL_REGEXP = "^((\\(\\d{3}\\))|(\\d{3}\\-))?(13|15|18)\\d{9}$";

			
 
				+

			
 
				+	static final String UU_REGEXP = "^\\d{4,}$";

			
 
				+

			
 
				+	/**

			
 
				+	 * 账号密码登录

			
 
				+	 * 

			
 
				+	 * @param request

			
 
				+	 * @param response

			
 
				+	 * @param j_username

			
 
				+	 * @param j_password

			
 
				+	 * @param t_enuu

			
 
				+	 * @return

			
 
				+	 */

			
 
				+	@Deprecated

			
 
				+	@RequestMapping("/login/check")

			
 
				+	public List<ModelMap> autoLogin(HttpServletRequest request, HttpServletResponse response, String j_username, String j_password,

			
 
				+			String t_enuu) {

			
 
				+		User user = null;

			
 
				+		if (StringUtils.hasText(j_username) && StringUtils.hasText(j_password)) {

			
 
				+			if (j_username.contains("@")) { // 邮箱登录

			
 
				+				user = userService.findUserByUserEmail(j_username);

			
 
				+			} else if (j_username.matches(TEL_REGEXP)) {// 手机号登录

			
 
				+				user = userService.findUserByUserTel(j_username);

			
 
				+			} else if (j_username.matches(UU_REGEXP)) {

			
 
				+				user = userService.findUserByUserUU(Long.parseLong(j_username));

			
 
				+			}

			
 
				+			if (user != null && user.getUserPwd().equals(Md5Utils.encode(j_password, user.getUserUU()))) {

			
 
				+				if (StringUtils.isEmpty(t_enuu) || !checkEnterprise(user, t_enuu)) {

			
 
				+					response.setStatus(HttpStatus.MULTI_STATUS.value());

			
 
				+					List<ModelMap> data = new ArrayList<ModelMap>();

			
 
				+					for (Enterprise enterprise : user.getEnterprises()) {

			
 
				+						data.add(new ModelMap("uu", enterprise.getUu()).addAttribute("enName", enterprise.getEnName()));

			
 
				+					}

			
 
				+					return data;

			
 
				+				} else {

			
 
				+					user.setIp(AgentUtils.getIp(request));

			
 
				+					user.setCurrentEnterprise(Long.parseLong(t_enuu));

			
 
				+					request.getSession().setAttribute("user", user);

			
 
				+				}

			
 
				+			} else

			
 
				+				throw new UsernameNotFoundException(j_username + " 账号或密码错误");

			
 
				+		}

			
 
				+		return null;

			
 
				+	}

			
 
				+

			
 
				+	private boolean checkEnterprise(User user, String enUU) {

			
 
				+		boolean choosed = false;

			
 
				+		for (Enterprise enterprise : user.getEnterprises()) {

			
 
				+			if (enterprise.getUu().toString().equals(enUU)) {

			
 
				+				user.setEnterprise(enterprise);

			
 
				+				choosed = true;

			
 
				+				break;

			
 
				+			}

			
 
				+		}

			
 
				+		return choosed;

			
 
				+	}

			
 
				+

			
 
				 }

			
--- a/src/main/java/com/uas/platform/b2b/filter/SSOInterceptor.java
+++ b/src/main/java/com/uas/platform/b2b/filter/SSOInterceptor.java
@@ -157,6 +157,9 @@ public class SSOInterceptor extends AbstractSSOInterceptor {
 
				 		if (null == configAttributes || configAttributes.size() == 0 || user.isSys()) {

			
 
				 			return;

			
 
				 		}

			
 
				+		if (null == authorities || !authorities.containsKey(user.getUserUU())) {

			
 
				+			setGrantedAuthorities(user);

			
 
				+		}

			
 
				 		Iterator<ConfigAttribute> iterator = configAttributes.iterator();

			
 
				 		String needPermission = null;

			
 
				 		Collection<GrantedAuthority> userAuthorities = authorities.get(user.getUserUU());

			
--- a/src/main/webapp/resources/js/authen/app.js
+++ b/src/main/webapp/resources/js/authen/app.js
@@ -37,7 +37,7 @@ $(function() {
 
				 	function login() {

			
 
				 		$.ajax({

			
 
				 			type: 'POST',

			
 
				-			url: rootPath + '/j_spring_security_check', 

			
 
				+			url: rootPath + '/login/check', 

			
 
				 			data: {

			
 
				 				j_username: b_username,

			
 
				 				j_password: b_password,