添加账号中心后台管理简易登录页面

sso-manage-console/build.gradle

@@ -29,6 +29,7 @@ dependencies {
   compile("org.springframework.boot:spring-boot-starter-actuator")
   compile("net.sourceforge.nekohtml:nekohtml:1.9.15")
 
+  compile('commons-codec:commons-codec:1.11')
   compile("mysql:mysql-connector-java:5.1.41")
   compile("com.alibaba:druid:1.1.6")
 

sso-manage-console/src/main/java/com/uas/sso/sso/backend/api/LoginController.java

@@ -0,0 +1,52 @@
+package com.uas.sso.sso.backend.api;
+
+import com.uas.sso.sso.backend.entity.Admin;
+import com.uas.sso.sso.backend.service.AdminService;
+import com.uas.sso.sso.backend.support.MD5Utils;
+import com.uas.sso.sso.backend.support.ResultBean;
+import java.util.Objects;
+import javax.servlet.http.HttpServletRequest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Controller;
+import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+@Controller
+public class LoginController {
+
+    private final AdminService adminService;
+
+    @Autowired
+    public LoginController(AdminService adminService) {
+        this.adminService = adminService;
+    }
+
+    @RequestMapping(method = {RequestMethod.POST, RequestMethod.GET}, path = "/api/login", produces = MediaType.APPLICATION_JSON_UTF8_VALUE)
+    public String login(String userName, String password, HttpServletRequest request) {
+        try {
+            if ("GET".equals(request.getMethod())) {
+                return "redirect:/login";
+            }
+
+            Assert.hasText(userName, "用户名不能为空");
+            Assert.hasText(password, "密码不能为空");
+
+            Admin admin = adminService.findAdminByUserName(userName);
+            Assert.notNull(admin, String.format("用户名 %s 没有注册", userName));
+
+            boolean status = Objects.equals(admin.getPassword(), MD5Utils.encode(password));
+
+            if (status) {
+                request.getSession(true).setAttribute("account", admin);
+                return "redirect:/index";
+            }
+            return "redirect:/login";
+        } catch (Exception e) {
+            return "redirect:/login";
+        }
+    }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/config/SecurityConfiguration.java

@@ -37,16 +37,16 @@ public class SecurityConfiguration extends WebMvcConfigurerAdapter {
 
     @Override
     public void addInterceptors(InterceptorRegistry registry) {
-        // TODO 暂时注释管理员登录功能
-        /*registry.addInterceptor(securityInterceptor)
+        registry.addInterceptor(securityInterceptor)
                 .addPathPatterns("/**")
-                .excludePathPatterns("/login/**");*/
+                .excludePathPatterns("/login", "/api/login");
     }
 
     @Override
     public void addViewControllers(ViewControllerRegistry registry) {
         registry.addViewController("/").setViewName("index");
         registry.addViewController("/index").setViewName("index");
+        registry.addViewController("/login").setViewName("login");
     }
 
     @Bean(name = "accountConfigurer")

sso-manage-console/src/main/java/com/uas/sso/sso/backend/config/SecurityInterceptor.java

@@ -1,83 +1,46 @@
 package com.uas.sso.sso.backend.config;
 
-import com.uas.sso.SSOConfig;
-import com.uas.sso.SSOHelper;
-import com.uas.sso.SSOToken;
-import com.uas.sso.entity.UserAccount;
-import com.uas.sso.support.SystemSession;
-import com.uas.sso.util.FastjsonUtils;
-import com.uas.sso.web.spring.AbstractSSOInterceptor;
-import java.io.IOException;
+import com.uas.sso.sso.backend.entity.Admin;
+import com.uas.sso.sso.backend.support.AccountSession;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Component;
-import org.springframework.util.StringUtils;
+import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 
 /**
  * 登录拦截
  *
- * @author wangmh
- * @date 2018/1/9.
+ * @author huxz
  */
 @Component
-public class SecurityInterceptor extends AbstractSSOInterceptor {
+public class SecurityInterceptor extends HandlerInterceptorAdapter {
 
-    @Override
-    protected boolean onAuthenticateFailed(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) {
-        return false;
-    }
+  @Override
+  public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+    HttpSession session = request.getSession();
 
-    @Override
-    protected void onAuthenticateSuccess(HttpServletRequest request, HttpServletResponse response) {
-        SSOToken token = SSOHelper.attrToken(request);
-        UserAccount userAccount = getUserByToken(token);
+    boolean flag = false;
+    if (session != null && session.getAttribute("account") != null) {
+      Admin account = (Admin) session.getAttribute("account");
 
-        if (userAccount != null) {
-            request.getSession().setAttribute("userAccount", userAccount);
-            SystemSession.setUserAccount(userAccount);
-        } else {
-            try {
-                sendRedirect(request, response);
-            } catch (IOException e) {
-                e.printStackTrace();
-            }
-        }
+      if (account != null) {
+        flag = true;
+        AccountSession.setUserAccount(account);
+      }
     }
 
-    @Override
-    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)
-            throws Exception {
-        super.afterCompletion(request, response, handler, ex);
-        SystemSession.clear();
+    if (!flag) {
+        response.sendRedirect("/login");
+        // response.sendError(HttpStatus.UNAUTHORIZED.value(), "请您进行登录认证");
     }
 
-    @Override
-    protected void sendRedirect(HttpServletRequest request, HttpServletResponse response) throws IOException {
-        System.out.println(request.getRequestURL().toString());
-        boolean cross = SSOHelper.isCrossDomain(request);
-        if (cross) {
-            request.getSession().setAttribute(SSOConfig.SSOReferer, request.getRequestURL());
-
-            String returnUrl = request.getRequestURL().toString();
-            String baseUrl = returnUrl.replace(request.getRequestURI(), "");
-            if (StringUtils.isEmpty(returnUrl)) {
-                returnUrl = SSOHelper.getRedirectRefererLoginUrl(request);
-            } else {
-                returnUrl = SSOHelper.getRedirectLoginUrl(request, returnUrl);
-            }
+    return flag;
+  }
 
-            baseUrl = baseUrl + "/login/other";
-            response.sendRedirect(returnUrl + "&baseUrl=" + baseUrl);
-        } else {
-            SSOHelper.clearRedirectLogin(request, response);
-        }
-    }
-
-    private UserAccount getUserByToken(SSOToken token) {
-        UserAccount userAccount = null;
-        if (token != null && !StringUtils.isEmpty(token.getData())) {
-            userAccount = FastjsonUtils.fromJson(token.getData(), UserAccount.class);
-        }
-        return userAccount;
-    }
+  @Override
+  public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
+    AccountSession.clear();
+  }
 }

sso-manage-console/src/main/java/com/uas/sso/sso/backend/dao/AdminDao.java

@@ -0,0 +1,17 @@
+package com.uas.sso.sso.backend.dao;
+
+import com.uas.sso.sso.backend.entity.Admin;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.JpaSpecificationExecutor;
+import org.springframework.stereotype.Repository;
+
+/**
+ * A repository stores admin info records.
+ *
+ * @author huxz
+ */
+@Repository
+public interface AdminDao extends JpaSpecificationExecutor<Admin>, JpaRepository<Admin, Long> {
+
+    Admin findByUserName(String userName);
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/entity/Admin.java

@@ -0,0 +1,79 @@
+package com.uas.sso.sso.backend.entity;
+
+import java.util.Date;
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+/**
+ * Entity represents information of admin.
+ *
+ * @author huxz
+ */
+@Entity
+@Table(name = "sso$admin_manage")
+public class Admin {
+
+    /**
+     * 主键
+     */
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    private Long id;
+
+    /**
+     * 用户名
+     */
+    @Column(name = "admin_name", unique = true)
+    private String userName;
+
+    /**
+     * 密码
+     */
+    @Column(name = "admin_pass")
+    private String password;
+
+    /**
+     * 创建时间
+     */
+    @Column(name = "create_time")
+    private Date createTime;
+
+    public Admin() {
+    }
+
+    public Long getId() {
+        return id;
+    }
+
+    public void setId(Long id) {
+        this.id = id;
+    }
+
+    public String getUserName() {
+        return userName;
+    }
+
+    public void setUserName(String userName) {
+        this.userName = userName;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public Date getCreateTime() {
+        return createTime;
+    }
+
+    public void setCreateTime(Date createTime) {
+        this.createTime = createTime;
+    }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/service/AdminService.java

@@ -0,0 +1,19 @@
+package com.uas.sso.sso.backend.service;
+
+import com.uas.sso.sso.backend.entity.Admin;
+
+/**
+ * 管理员账户业务操作接口.
+ *
+ * @author huxz
+ */
+public interface AdminService {
+
+  /**
+   * 根据管理员名查询管理员信息
+   *
+   * @param userName  管理员名称
+   * @return  管理员信息实体
+   */
+  Admin findAdminByUserName(String userName);
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/service/impl/AdminServiceImpl.java

@@ -0,0 +1,23 @@
+package com.uas.sso.sso.backend.service.impl;
+
+import com.uas.sso.sso.backend.dao.AdminDao;
+import com.uas.sso.sso.backend.entity.Admin;
+import com.uas.sso.sso.backend.service.AdminService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+@Service
+public class AdminServiceImpl implements AdminService {
+
+  private final AdminDao adminDao;
+
+  @Autowired
+  public AdminServiceImpl(AdminDao adminDao) {
+    this.adminDao = adminDao;
+  }
+
+  @Override
+  public Admin findAdminByUserName(String userName) {
+    return adminDao.findByUserName(userName);
+  }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/support/AccountSession.java

@@ -0,0 +1,20 @@
+package com.uas.sso.sso.backend.support;
+
+import com.uas.sso.sso.backend.entity.Admin;
+
+public class AccountSession {
+
+  private static ThreadLocal<Admin> local = new ThreadLocal<>();
+
+  public static Admin getUserAccount() {
+    return local.get();
+  }
+
+  public static void setUserAccount(Admin admin) {
+    local.set(admin);
+  }
+
+  public static void clear() {
+    local.set(null);
+  }
+}

sso-manage-console/src/main/java/com/uas/sso/sso/backend/support/MD5Utils.java

@@ -0,0 +1,15 @@
+package com.uas.sso.sso.backend.support;
+
+import org.apache.commons.codec.digest.DigestUtils;
+
+/**
+ * MD5 加密工具类
+ *
+ * @author huxz
+ */
+public class MD5Utils {
+
+  public static String encode(String str) {
+    return DigestUtils.md5Hex(str);
+  }
+}