package com.doumee.config.shiro;
|
|
import com.doumee.core.utils.Utils;
|
import com.doumee.dao.system.model.SystemUser;
|
import com.doumee.service.system.SystemUserService;
|
import org.apache.shiro.authc.AuthenticationInfo;
|
import org.apache.shiro.authc.AuthenticationToken;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.context.annotation.Lazy;
|
import org.springframework.stereotype.Component;
|
|
/**
|
* Shiro密码比对处理
|
* @author dm
|
* @since 2025/03/31 16:44
|
*/
|
@Component
|
public class ShiroCredentialsMatcher extends HashedCredentialsMatcher {
|
|
@Lazy
|
@Autowired
|
private SystemUserService systemUserService;
|
|
@Override
|
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
|
ShiroToken shiroToken = (ShiroToken) token;
|
if(!shiroToken.getDdLogin()){
|
SystemUser queryUserDto = new SystemUser();
|
queryUserDto.setUsername(shiroToken.getUsername());
|
queryUserDto.setDeleted(Boolean.FALSE);
|
SystemUser systemUser = systemUserService.findOne(queryUserDto);
|
if (systemUser == null) {
|
return Boolean.FALSE;
|
}
|
// 加密密码
|
String pwd = Utils.Secure.encryptPassword(new String(shiroToken.getPassword()), systemUser.getSalt());
|
// 比较密码
|
return this.equals(pwd, systemUser.getPassword());
|
}else{
|
return true;
|
}
|
|
}
|
}
|
