@RequestMapping("/login.page")
public void login(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
String username = request.getParameter("username");
String password = request.getParameter("password");
SysUser sysUser = sysUserService.findByKeyword(username);
String errorMsg = "";
String ret = request.getParameter("ret");
if (StringUtils.isBlank(username)) {
errorMsg = "用户名不可以为空";
} else if (StringUtils.isBlank(password)) {
errorMsg = "密码不可以为空";
} else if (sysUser == null) {
errorMsg = "查询不到指定的用户";
} else if (!sysUser.getPassword().equals(MD5Util.encrypt(password))) {
errorMsg = "用户名或密码错误";
} else if (sysUser.getStatus() != 1) {
errorMsg = "用户已被冻结,请联系管理员";
} else {
// login success 放入request
request.getSession().setAttribute("user", sysUser);
if (StringUtils.isNotBlank(ret)) {
//如果ret有值,重定向到ret
response.sendRedirect(ret);
} else {
//重定向 到 首页
response.sendRedirect("/admin/index.page"); //TODO
}
return;
}
//设置错误 信息 用户名 需要跳转的路径
request.setAttribute("error", errorMsg);
request.setAttribute("username", username);
if (StringUtils.isNotBlank(ret)) {
request.setAttribute("ret", ret);
}
String path = "signin.jsp";//转发到默认的登录页面
request.getRequestDispatcher(path).forward(request, response);
}
<select id="findByKeyword" parameterType="string" resultMap="BaseResultMap">
SELECT <include refid="Base_Column_List" />
FROM sys_user
WHERE telephone = #{keyword}
OR mail = #{keyword}
</select>
@RequestMapping("/logout.page")
public void logout(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
request.getSession().invalidate();
String path = "signin.jsp";
response.sendRedirect(path);
}
还没有评论,来说两句吧...