package com.lyms.cm.shiro;
import java.util.Arrays;
import java.util.HashSet;
import org.apache.shiro.authc.AccountException;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.AllowAllCredentialsMatcher;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.baomidou.mybatisplus.mapper.EntityWrapper;
import com.lyms.cm.entity.sys.SysUsers;
import com.lyms.cm.enums.StatusEnum;
import com.lyms.cm.service.sys.SysUsersService;
import com.lyms.shiro.HashUtils;
import com.lyms.shiro.ShiroWebUtils;
import com.lyms.util.StrUtils;
/**
* @ClassName: ShiroRealm
* @Description: 自定义Realm授权与验证实现
* @author 方承
* @date 2015年12月29日
*
*/
public class ShiroRealm extends AuthorizingRealm {
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// TODO Auto-generated method stub
return null;
}
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
// TODO Auto-generated method stub
return null;
}
@SuppressWarnings("unused")
private static Logger logger = LoggerFactory.getLogger(ShiroRealm.class);
public ShiroRealm() {
super(new AllowAllCredentialsMatcher());
setAuthenticationTokenClass(UsernamePasswordToken.class);
//FIXME: 暂时禁用Cache
setCachingEnabled(false);
}
@Autowired
private SysUsersService sysUsersService;
// @Autowired
// private ResourceService resourceService;
// @Override
// protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
// // String username = (String) principals.getPrimaryPrincipal();
// // User user = userService.getUserByUserName(username);
// // // 授权
// // SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();
// // if(StrUtils.isNotEmpty(user.getRoles())){
// // authorizationInfo.setRoles(new HashSet(Arrays.asList(user.getRoles().split(","))));
// // }
// // authorizationInfo.setStringPermissions(resourceService.getResourcePermissionSet(userService.getUserResourceIdSet(user)));
// // return authorizationInfo;
// }
//
// @Override
// protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken) throws AuthenticationException {
// UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
// String username = token.getUsername();
// SysUsers user = sysUsersService
// .selectOne(new EntityWrapper().where("name={0}", username).and("ifDel=0"));
// if (StatusEnum.isDisEnabled(user.getEnable())) {
// throw new AccountException("用户已经被禁用,请联系管理员!");
// }
// StringBuilder pwd = new StringBuilder(100);
// for (int i = 0; i < token.getPassword().length; i++) {
// pwd.append(token.getPassword()[i]);
// }
// if (!StrUtils.equals(user.getPwd(), HashUtils.md5(pwd.toString()))) {
// throw new AccountException("用户名密码不一致");
// }
// ShiroWebUtils.saveCurrentUser(user);
// AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, pwd.toString(), username);
// return authcInfo;
// // User user = userService.getUserByUserName(username);
// // if (user == null) {
// // throw new UnknownAccountException("未知用户");
// // }
// // StringBuilder pwd = new StringBuilder(100);
// // for (int i = 0; i < token.getPassword().length; i++) {
// // pwd.append(token.getPassword()[i]);
// // }
// // if (!StrUtils.equals(user.getPassword(), HashUtils.md5(pwd.toString()))) {
// // throw new AccountException("用户名密码不一致");
// // }
// // ShiroWebUtils.saveCurrentUser(user);
// // AuthenticationInfo authcInfo = new SimpleAuthenticationInfo(username, pwd.toString(), username);
// // return authcInfo;
// }
}