1. 运营商系统登录
1.1 环境准备
1.1.1 添加SpringSecutiry依赖
<!-- 添加SpringSecutiry依赖 -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-config</artifactId>
</dependency>
1.1.2 添加SpringSecutiry相关过滤器和监听
在web.xml中添加如下代码
<context-param>
<param-name>contextConfigLocation</param-name>
<param-value>classpath:spring/spring-security.xml</param-value>
</context-param>
<listener>
<listener-class>
org.springframework.web.context.ContextLoaderListener
</listener-class>
</listener>
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
1.1.3 添加SpringSecutiry配置信息
spring-security.xml
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 页面拦截规则 -->
<!-- 1. 设置不拦截的请求 -->
<http pattern="/css/**" security="none"></http>
<http pattern="/js/**" security="none"></http>
<http pattern="/img/**" security="none"></http>
<http pattern="/plugins/**" security="none"></http>
<http pattern="/*.html" security="none"></http>
<http use-expressions="false" >
<!-- 当前用户必须拥有ROLE_ADMIN的角色才可以访问 -->
<intercept-url pattern="/**" access="ROLE_ADMIN" />
<form-login default-target-url="/admin/index.html" login-page="/login.html" authentication-failure-url="/login.html"/>
<csrf disabled="true"/>
<headers>
<frame-options policy="SAMEORIGIN"/>
</headers>
</http>
<!-- 认证管理器 -->
<authentication-manager>
<authentication-provider>
<user-service>
<user name="admin" password="123456" authorities="ROLE_ADMIN"/>
</user-service>
</authentication-provider>
</authentication-manager>
</beans:beans>
1.1.4 修改login.html的登录form
启动工程,能成功登录
1.2 显示登录名
1.2.1 后端代码
package com.pinyougou.manager.controller;
import java.util.HashMap;
import java.util.Map;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/login")
public class LoginController {
@RequestMapping("/name")
public Map<String, Object> name(){
Map<String, Object> map = new HashMap<String, Object>();
// 获取登录用户名
String name = SecurityContextHolder.getContext().getAuthentication().getName();
map.put("loginName", name);
return map;
}
}
1.2.2 前端代码
1)service
app.service("loginService",function($http){
this.loginname = function() {
return $http.get("../login/name.do");
}
});
2)controller
app.controller("indexController",function($scope,loginService){
$scope.loginname = function() {
loginService.loginname().success(function(data){
$scope.loginname = data.loginName;
});
}
});
3)页面改造
引入头文件
<!-- 引入angularjs -->
<script type="text/javascript" src="../plugins/angularjs/angular.min.js"></script>
<!-- 引入js文件 -->
<script type="text/javascript" src="../js/base.js"></script>
<script type="text/javascript" src="../js/service/loginService.js"></script>
<script type="text/javascript" src="../js/controller/baseController.js"></script>
<script type="text/javascript" src="../js/controller/indexController.js"></script>
添加指令
修改用户名
测试结果:
2. 退出登录
在SpringSecutiry框架中,要实现退出功能只需要在SpringSecutiry配置文件中加上<logout/>标签即可,如图:
然后在退出上添加/logout即可,例如;
3. 商家申请入驻
3.1 前端代码
1)添加js代码
$scope.add = function() {
sellerService.add($scope.entity).success(function(response) {
if(response.success){
// 跳转到登录页面等待审核通过
alert("入驻申请已提交,请耐心等待平台审核!");
location.href='shoplogin.html';
}else{
alert(response.message);
}
});
}
2)页面头文件引入
3)添加指令
4)页面属性绑定
3.2 后端代码
在 pinyougou-shop-web工程的SellerController 类中添加
/**
* 增加
* @param seller
* @return
*/
@RequestMapping("/add")
public Result add(@RequestBody TbSeller seller){
try {
seller.setStatus("0");
sellerService.add(seller);
return new Result(true, "增加成功");
} catch (Exception e) {
e.printStackTrace();
return new Result(false, "增加失败");
}
}
4. 商家审核
4.1 显示未审核列表
在 pinyougou-manager-web 项目中
4.1.1 后端
/**
* 返回全部列表
* @return
*/
@RequestMapping("/findPage")
public PageResult findPage(@RequestBody TbSeller seller, int page,int rows){
return sellerService.findPage(seller,page, rows);
}
4.1.2 前端
1)service层sellerService.js
//分页
this.findPage=function(page,rows,searchEntity){
return $http.post('../seller/findPage.do?page='+page+'&rows='+rows,searchEntity);
}
2)controller层sellerController.js
//分页
$scope.findPage=function(page,rows){
sellerService.findPage(page,rows,$scope.seachEntity).success(
function(response){
$scope.list=response.rows;
$scope.paginationConf.totalItems=response.total;//更新总记录数
}
);
}
3)页面seller_1.html修改
1. 引入头文件
2. 相关指令添加
3. 引入分页组件
4. 数据绑定
测试:
4.2 商家详情
详情很简单,在详情按钮上添加一个findOne方法,然后修改数据绑定即可
4.3 商家审核
在 pinyougou-manager-web 工程
4.3.1 后端
1)dao
接口添加方法
/**
* 修改状态
* @param map
*/
void updateStatus(Map<String, Object> map);
mapper配置文件
<!-- 修改状态 -->
<update id="updateStatus" parameterType="map">
update tb_seller set status = #{status} where seller_id = #{sellerId}
</update>
2)服务层接口与实现类
接口
/**
* 修改状态
* @param map
*/
void updateStatus(String sellerId,String status);
实现类
@Override
public void updateStatus(String sellerId, String status) {
Map<String, Object> map = new HashMap<String, Object>();
map.put("status", status);
map.put("sellerId", sellerId);
sellerMapper.updateStatus(map);
}
3)controller层
/**
* @param sellerId
* @param status
* @return
*/
@RequestMapping("/updateStatus")
public Result updateStatus(String sellerId, String status){
try {
sellerService.updateStatus(sellerId, status);
return new Result(true, "审核成功");
} catch (Exception e) {
e.printStackTrace();
return new Result(false, "审核失败");
}
}
4.3.2 前端
1)js代码
服务层
//搜索
this.updateStatus = function(status,sellerId){
return $http.get('../seller/updateStatus.do?sellerId='+sellerId + "&status="+status);
}
控制层
// 更新状态
$scope.updateStatus=function(sellerId,status){
//获取选中的复选框
sellerService.updateStatus(status,sellerId).success(
function(response){
if(response.success){
$scope.reloadList();
} else {
alert(response.message);
}
}
);
}
2)页面
5. 商家系统登录
5.1 添加SpringSecutiry框架
1)添加依赖
2)添加SpringSecutiry配置文件
3)配置web.xml
5.2 自定义认证类
package com.pinyougou.shop.service;
import java.util.ArrayList;
import java.util.List;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import com.pinyougou.pojo.TbSeller;
import com.pinyougou.sellergoods.service.SellerService;
/**
* 认证类
* @author Administrator
*
*/
public class UserDetailServiceImpl implements UserDetailsService{
// 注入SellerService,用户校验用户名和密码
private SellerService sellerService;
public void setSellerService(SellerService sellerService) {
this.sellerService = sellerService;
}
/*
* username 是用户登录的时候输入的用户名
* 返回null 就登录失败
*/
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 获取角色组
List<GrantedAuthority> authorities = new ArrayList<>();
GrantedAuthority e = new SimpleGrantedAuthority("ROLE_SELLER");
authorities.add(e );
// 根据用户名查询对应的对象
TbSeller seller = sellerService.findOne(username);
if(null != seller){
if(seller.getStatus().equals("1")){ // 只有审核通过的用户才允许登录
// 认证
User user = new User(username, seller.getPassword(), authorities);
return user;
}
}
return null;
}
}
5.3 修改spring_security.xml配置文件
<!-- 引用dubbo 服务 -->
<dubbo:application name="pinyougou-shop-web" />
<dubbo:registry address="zookeeper://192.168.25.129:2181"/>
<dubbo:reference id="sellerService" interface="com.pinyougou.sellergoods.service.SellerService" >
</dubbo:reference>
<beans:bean id="userDetailService" class="com.pinyougou.service.UserDetailsServiceImpl">
<beans:property name="sellerService" ref="sellerService"></bean:property>
</beans:bean>
经过上述修改后,在登陆页输入用户名和密码与数据库一致即可登陆
完整的spring_security.xml文件
<?xml version="1.0" encoding="UTF-8"?>
<beans:beans xmlns="http://www.springframework.org/schema/security"
xmlns:beans="http://www.springframework.org/schema/beans"
xmlns:dubbo="http://code.alibabatech.com/schema/dubbo"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://code.alibabatech.com/schema/dubbo http://code.alibabatech.com/schema/dubbo/dubbo.xsd
http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security.xsd">
<!-- 页面拦截规则 -->
<!-- 1. 设置不拦截的请求 -->
<http pattern="/css/**" security="none"></http>
<http pattern="/js/**" security="none"></http>
<http pattern="/img/**" security="none"></http>
<http pattern="/plugins/**" security="none"></http>
<http pattern="/*.html" security="none"></http>
<http pattern="/seller/add.do" security="none"></http>
<http use-expressions="false" >
<!-- 当前用户必须拥有ROLE_SELLER的角色才可以访问 -->
<intercept-url pattern="/**" access="ROLE_SELLER" />
<form-login default-target-url="/admin/index.html" login-page="/shoplogin.html" authentication-failure-url="/shoplogin.html"/>
<csrf disabled="true"/>
<headers>
<frame-options policy="SAMEORIGIN"/>
</headers>
<logout/>
</http>
<!-- 认证管理器 -->
<authentication-manager>
<authentication-provider user-service-ref="userDetailService">
</authentication-provider>
</authentication-manager>
<!-- 添加认证类 -->
<beans:bean id="userDetailService" class="com.pinyougou.shop.service.UserDetailServiceImpl">
<beans:property name="sellerService" ref="sellerService"></beans:property>
</beans:bean>
<!-- 引用dubbo 服务 -->
<dubbo:application name="pinyougou-manager-web" />
<dubbo:registry address="zookeeper://192.168.25.130:2181"/>
<!-- 远程注入sellerService -->
<dubbo:reference id="sellerService" interface="com.pinyougou.sellergoods.service.SellerService"></dubbo:reference>
</beans:beans>