add session

src/main/java/cn/quantgroup/xyqb/controller/internal/user/UserController.java

@@ -9,11 +9,15 @@ import cn.quantgroup.xyqb.exception.UserNotExistException;
 import cn.quantgroup.xyqb.model.AuthBean;
 import cn.quantgroup.xyqb.model.JsonResult;
 import cn.quantgroup.xyqb.model.UserModel;
+import cn.quantgroup.xyqb.model.session.SessionStruct;
 import cn.quantgroup.xyqb.repository.IUserDetailRepository;
+import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.sms.ISmsService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.util.ValidationUtil;
+import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.StringUtils;
+import org.apache.tomcat.util.security.MD5Encoder;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,6 +30,7 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
 import javax.servlet.http.HttpServletRequest;
+import java.io.UnsupportedEncodingException;
 import java.security.Principal;
 import java.util.Random;
 
@@ -41,6 +46,8 @@ public class UserController implements IBaseController {
 
     private static final int SMS_VERIFICATION_MAXLEN = 6;
 
+    public final String pwdSalt = "_lkb";
+
     @Autowired
     private IUserService userService;
 
@@ -59,6 +66,9 @@ public class UserController implements IBaseController {
     @Autowired
     private ISmsService smsService;
 
+    @Autowired
+    private ISessionService sessionService;
+
     @Autowired
     private IUserDetailRepository userDetailRepository;
 
@@ -68,8 +78,38 @@ public class UserController implements IBaseController {
 
     @RequestMapping("/login")
     public JsonResult login2(HttpServletRequest request) {
+        String credential = request.getHeader("authorization");
+        if(!credential.startsWith("Basic ")){
+            return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
+        }
+        credential = credential.substring("Basic ".length(), credential.length());
+        byte[] buf = Base64.decodeBase64(credential);
+        String bufStr = "";
+        try {
+            bufStr = new String(buf, "UTF-8");
+        } catch (UnsupportedEncodingException e){
+            LOGGER.error("不支持的编码: ", e);
+        }
+        String[] credentialArr = bufStr.split(":");
+        if(credential.length() != 2){
+            return JsonResult.buildErrorStateResult("用户名或密码不正确.", null);
+        }
+        String userName = credentialArr[0];
+        String pass = credentialArr[1];
+        User user = userService.findByPhone(userName);
+        if(user == null){
+            return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
+        }
+        //验证密码
+        validatePassword(pass, user.getPassword());
+        //找到用户
+        SessionStruct sessionStruct = sessionService.createSession(user);
+        return JsonResult.buildSuccessResult("success", sessionStruct);
+    }
 
-        return null;
+    private boolean validatePassword(String paramPass, String findPass){
+        String hashPass = MD5Encoder.encode((paramPass.toLowerCase() + pwdSalt).getBytes());
+        return hashPass == findPass;
     }
 
     /**

src/main/java/cn/quantgroup/xyqb/service/session/ISessionService.java

+package cn.quantgroup.xyqb.service.session;
+
+import cn.quantgroup.xyqb.entity.User;
+import cn.quantgroup.xyqb.model.JsonResult;
+import cn.quantgroup.xyqb.model.session.SessionStruct;
+import cn.quantgroup.xyqb.model.session.SessionValue;
+
+/**
+ * Created by 11 on 2016/12/28.
+ */
+public interface ISessionService {
+    SessionStruct createSession(User user);
+    String findSessionIdByUserId(Long userId);
+    JsonResult findSessionValueBySessionId(String sessionId);
+    SessionStruct newSession(User user);
+    JsonResult PersistSession(String token, SessionValue sessionValue);
+}

src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java

+package cn.quantgroup.xyqb.service.session.impl;
+
+import cn.quantgroup.xyqb.Constants;
+import cn.quantgroup.xyqb.entity.User;
+import cn.quantgroup.xyqb.model.JsonResult;
+import cn.quantgroup.xyqb.model.session.SessionStruct;
+import cn.quantgroup.xyqb.model.session.SessionValue;
+import cn.quantgroup.xyqb.service.session.ISessionService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.data.redis.core.RedisTemplate;
+
+import java.sql.Timestamp;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+/**
+ * Created by 11 on 2016/12/28.
+ */
+public class SessionServiceImpl implements ISessionService{
+
+    public final int oneDay = 24 * 60 * 60;
+
+    @Autowired
+    @Qualifier("stringRedisTemplate")
+    private RedisTemplate<String, String> stringRedisTemplate;
+
+    @Override
+    public SessionStruct createSession(User user) {
+        SessionStruct sessionStruct;
+        //获取sessionid
+        String sessionId = findSessionIdByUserId(user.getId());
+        if(sessionId.length() == 36){
+            sessionStruct = new SessionStruct();
+            //TODO 不确定
+            JsonResult result = findSessionValueBySessionId(sessionId);
+            if(result != null){
+                sessionStruct = newSession(user);
+                PersistSession(sessionStruct.getSid(), sessionStruct.getValues());
+            }
+            sessionStruct.setSid(sessionId);
+        }else {
+            sessionStruct = newSession(user);
+            PersistSession(sessionStruct.getSid(), sessionStruct.getValues());
+        }
+        return sessionStruct;
+    }
+
+    @Override
+    public String findSessionIdByUserId(Long userId) {
+        //TODO 暂时写死
+        return stringRedisTemplate.opsForValue().get("userid-sessionvalue:cache:" + userId.toString());
+    }
+
+    @Override
+    public JsonResult findSessionValueBySessionId(String sessionId){
+        String result = stringRedisTemplate.opsForValue().get("userid-sessionvalue:cache:" + sessionId);
+        if(result.length() == 0){
+            return JsonResult.buildErrorStateResult("wrong session Id", null, 0001L);
+        }
+        return null;
+    }
+
+    @Override
+    public SessionStruct newSession(User user){
+        Timestamp now = new Timestamp(System.currentTimeMillis());
+        SessionStruct sessionStruct = new SessionStruct();
+        SessionValue sessionValue = new SessionValue();
+        sessionStruct.setSid(UUID.randomUUID().toString());
+        sessionValue.setCreatedAt(now);
+        sessionValue.setLastAccessTime(now);
+        sessionValue.setUser(user);
+        Map<String, Object> values = new HashMap();
+        sessionValue.setValues(values);
+        sessionStruct.setValues(sessionValue);
+        return sessionStruct;
+    }
+
+    public JsonResult PersistSession(String token, SessionValue sessionValue){
+        Timestamp current = new Timestamp(System.currentTimeMillis());
+        sessionValue.setLastAccessTime(current);
+        String json = Constants.GSON.toJson(sessionValue);
+        stringRedisTemplate.opsForValue().set("userid-sessionvalue:cache:" + token, json, oneDay);
+        return JsonResult.buildSuccessResult("持久化session success.", null);
+    }
+}