基于Java技术的PerfreeBlog博客/CMS建站平台设计源码

package com.perfree.controller; import cn.hutool.captcha.CaptchaUtil; import cn.hutool.captcha.LineCaptcha; import cn.hutool.core.util.RandomUtil; import com.perfree.base.BaseController; import com.perfree.commons.*; import com.perfree.model.Menu; import com.perfree.model.Option; import com.perfree.model.Role; import com.perfree.model.User; import com.perfree.service.*; import io.swagger.annotations.ApiOperation; import net.sf.ehcache.CacheManager; import net.sf.ehcache.Ehcache; import net.sf.ehcache.Element; import org.apache.commons.lang3.StringUtils; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.authz.annotation.Logical; import org.apache.shiro.authz.annotation.RequiresRoles; import org.apache.shiro.crypto.hash.Md5Hash; import org.apache.shiro.subject.Subject; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.http.MediaType; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.*; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import javax.validation.Valid; import java.io.IOException; import java.io.Writer; import java.util.Date; import java.util.HashMap; import java.util.List; /** * 控制首页地址 */ @Controller public class SystemController extends BaseController { private final Logger logger = LoggerFactory.getLogger(SystemController.class); private static final CacheManager cacheManager = CacheManager.newInstance(); @Autowired private UserService userService; @Autowired private SEOService seoService; @Autowired private MailService mailService; @Autowired private UpdateService updateService; @Autowired private RoleService roleService; @Autowired private RssServices rssServices; @Value("${shiro.timeout}") private Long timeout; @Value("${server.port}") private int serverPort; /** * 后台首页 * @return String */ @RequestMapping("/admin") @RequiresRoles(value={Constants.ROLE_ADMIN, Constants.ROLE_EDITOR, Constants.ROLE_CONTRIBUTE, Constants.ROLE_USER}, logical= Logical.OR) public String adminIndex(Model model) { model.addAttribute("user", getUser()); return view("static/admin/pages/index.html"); } @PostMapping("/admin/menu/getAdminMenu") @ResponseBody @RequiresRoles(value={Constants.ROLE_ADMIN, Constants.ROLE_EDITOR, Constants.ROLE_CONTRIBUTE, Constants.ROLE_USER}, logical= Logical.OR) public ResponseBean getAdminMenu() { List<Menu> menus = getMenuByUserIdAndType(1); return ResponseBean.success("success", menus); } /** * 前台首页 * @return String */ @RequestMapping("/") @FrontViewNodeRender public String index(Model model) { model.addAttribute("url", Constants.URL_ARTICLE_LIST); return view(currentThemePage() + "/index.html"); } /** * 登陆页 * @return String */ @RequestMapping("/login") public String login() { return view("/login.html", "/login.html", "static/admin/pages/login/login.html"); } @RequestMapping("/html/{name}") @FrontViewNodeRender public String renderHtml(@PathVariable String name) { return view(currentThemePage() + "/html/" + name + ".html"); } /** * 注册页 * @return String */ @RequestMapping("/register") public String register() { return view("/register.html", "/register.html", "static/admin/pages/register/register.html"); } /** * 忘记密码 * @return String */ @RequestMapping("/restPassword") public String restPassword() { return view("/restPassword.html", "/restPassword.html", "static/admin/pages/restPassword/restPassword.html"); } /** * 忘记密码 * @return String */ @RequestMapping("/restPasswordStep2") public String restPasswordStep2() { return view("/restPassword-step2.html", "/restPassword-step2.html", "static/admin/pages/restPassword/restPassword-step2.html"); } /** * 登录 * @return ResponseBean */ @RequestMapping(method = RequestMethod.POST, path = "/doLogin") @ResponseBody @SuppressWarnings("all") @AccessCacheLock public ResponseBean doLogin(@RequestBody User user,Boolean rememberMe, HttpSession session, HttpServletResponse response) { if(rememberMe == null) { rememberMe = false; } int count = 1; Ehcache cache = cacheManager.getEhcache("loginCache"); try { String isOpenCaptcha = OptionCacheUtil.getDefaultValue(Constants.OPTION_WEB_OPEN_CAPTCHA, Constants.OPEN_CAPTCHA); if (Constants.OPEN_CAPTCHA.equals(isOpenCaptcha) && (StringUtils.isBlank(user.getCaptcha()) || !user.getCaptcha().toUpperCase().equals(session.getAttribute("CAPTCHA_CODE").toString()))){ return ResponseBean.fail("验证码错误", null); } Element element = cache.get(user.getAccount()); if(element == null){ cache.put(new Element(user.getAccount(), 1)); } else { count = Integer.parseInt(element.getObjectValue().toString()); } if (count >= 8) { return ResponseBean.fail("账户已被锁定,请10分钟后再试", null); } UsernamePasswordToken usernamePasswordToken = new UsernamePasswordToken(user.getAccount(),user.getPassword(),rememberMe); Subject subject = SecurityUtils.getSubject(); subject.login(usernamePasswordToken); User userByAccount = userService.getUserByAccount(user.getAccount()); String md5Hash = new Md5Hash(userByAccount.getPassword(), user.getSalt()).toString(); String token = JwtUtils.sign(userByAccount.getAccount(), md5Hash); userByAccount.setPassword(null); userByAccount.setSalt(null); HashMap<String, Object> result = new HashMap<>(); result.put("user", userByAccount); result.put("token", token); subject.getSession().setTimeout(timeout * 1000 * 60); return ResponseBean.success("登录成功", result); }catch (IncorrectCredentialsException e) { session.removeAttribute("CAPTCHA_CODE"); if (count < 8) { cache.put(new Element(user.getAccount(), ++count)); count--; } if (count >= 5 && count < 8) { return ResponseBean.fail("用户名或密码错误,还有" + (8 - count) + "次将锁定该账户10分钟", e.getMessage()); } if (count >= 8) { return ResponseBean.fail("用户名或密码错误,账户已被锁定,请10分钟后再试", e.getMessage()); } return ResponseBean.fail("用户名或密码错误", e.getMessage()); }catch (UnknownAccountException e) { session.removeAttribute("CAPTCHA_CODE"); return ResponseBean.fail("账户不存在", e.getMessage()); }catch (Exception e) { session.removeAttribute("CAPTCHA_CODE"); return ResponseBean.fail("系统异常", e.getMessage()); } } /** * @description 重置密码 step1 * @return com.perfree.common.ResponseBean * @author Perfree */ @RequestMapping(method = RequestMethod.POST, path = "/doRestPassword") @ResponseBody @AccessCacheLock public ResponseBean doRestPassword(@RequestBody User user, HttpSess