package com.doumee.config.shiro;
|
|
import com.doumee.core.utils.Utils;
|
import com.doumee.dao.system.model.SystemUser;
|
import com.doumee.service.system.SystemUserService;
|
import org.apache.shiro.authc.AuthenticationInfo;
|
import org.apache.shiro.authc.AuthenticationToken;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Component;
|
|
/**
|
* Shiro密码比对处理
|
* @author Eva.Caesar Liu
|
* @date 2023/04/17 12:11
|
*/
|
@Component
|
public class ShiroCredentialsMatcher extends HashedCredentialsMatcher {
|
@Lazy
|
@Autowired
|
private SystemUserService systemUserService;
|
|
@Override
|
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
|
ShiroToken usernamePasswordToken = (ShiroToken) token;
|
SystemUser queryUserDto = new SystemUser();
|
queryUserDto.setDeleted(Boolean.FALSE);
|
if(!usernamePasswordToken.isNeedPassword()){
|
queryUserDto.setMobile(usernamePasswordToken.getUsername());
|
SystemUser systemUser = systemUserService.findOne(queryUserDto);
|
if (systemUser == null) {
|
return Boolean.FALSE;
|
}
|
return Boolean.TRUE;
|
}
|
queryUserDto.setUsername(usernamePasswordToken.getUsername());
|
SystemUser systemUser = systemUserService.findOne(queryUserDto);
|
if (systemUser == null) {
|
return Boolean.FALSE;
|
}
|
|
// 加密密码
|
String pwd = Utils.Secure.encryptPassword(new String(usernamePasswordToken.getPassword()), systemUser.getSalt());
|
// 比较密码
|
return this.equals(pwd, systemUser.getPassword());
|
}
|
}
|
