优化

src/main/java/io/renren/modules/sys/controller/SysLoginController.java

@@ -5,11 +5,13 @@ import com.google.code.kaptcha.Producer;
 import io.renren.common.utils.R;
 import io.renren.common.utils.ShiroUtils;
 import io.renren.modules.sys.entity.SysUserEntity;
+import io.renren.modules.sys.form.LoginForm;
 import io.renren.modules.sys.service.SysUserService;
 import io.renren.modules.sys.service.SysUserTokenService;
 import org.apache.commons.io.IOUtils;
 import org.apache.shiro.crypto.hash.Sha256Hash;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
@@ -62,19 +64,19 @@ public class SysLoginController extends AbstractController {
 	 * 登录
 	 */
 	@RequestMapping(value = "/sys/login", method = RequestMethod.POST)
-	public Map<String, Object> login(String username, String password, String captcha)throws IOException {
+	public Map<String, Object> login(@RequestBody LoginForm form)throws IOException {
 		//本项目已实现，前后端完全分离，但页面还是跟项目放在一起了，所以还是会依赖session
 		//如果想把页面单独放到nginx里，实现前后端完全分离，则需要把验证码注释掉(因为不再依赖session了)
-		String kaptcha = ShiroUtils.getKaptcha(Constants.KAPTCHA_SESSION_KEY);
-		if(!captcha.equalsIgnoreCase(kaptcha)){
-			return R.error("验证码不正确");
-		}
+//		String kaptcha = ShiroUtils.getKaptcha(Constants.KAPTCHA_SESSION_KEY);
+//		if(!captcha.equalsIgnoreCase(kaptcha)){
+//			return R.error("验证码不正确");
+//		}
 
 		//用户信息
-		SysUserEntity user = sysUserService.queryByUserName(username);
+		SysUserEntity user = sysUserService.queryByUserName(form.getUsername());
 
 		//账号不存在、密码错误
-		if(user == null || !user.getPassword().equals(new Sha256Hash(password, user.getSalt()).toHex())) {
+		if(user == null || !user.getPassword().equals(new Sha256Hash(form.getPassword(), user.getSalt()).toHex())) {
 			return R.error("账号或密码不正确");
 		}
 

src/main/java/io/renren/modules/sys/controller/SysUserController.java

@@ -10,6 +10,7 @@ import io.renren.common.validator.ValidatorUtils;
 import io.renren.common.validator.group.AddGroup;
 import io.renren.common.validator.group.UpdateGroup;
 import io.renren.modules.sys.entity.SysUserEntity;
+import io.renren.modules.sys.form.PasswordForm;
 import io.renren.modules.sys.service.SysUserRoleService;
 import io.renren.modules.sys.service.SysUserService;
 import org.apache.commons.lang.ArrayUtils;
@@ -70,13 +71,13 @@ public class SysUserController extends AbstractController {
 	 */
 	@SysLog("修改密码")
 	@RequestMapping("/password")
-	public R password(String password, String newPassword){
-		Assert.isBlank(newPassword, "新密码不为能空");
+	public R password(@RequestBody PasswordForm form){
+		Assert.isBlank(form.getNewPassword(), "新密码不为能空");
 		
 		//sha256加密
-		password = new Sha256Hash(password, getUser().getSalt()).toHex();
+		String password = new Sha256Hash(form.getPassword(), getUser().getSalt()).toHex();
 		//sha256加密
-		newPassword = new Sha256Hash(newPassword, getUser().getSalt()).toHex();
+		String newPassword = new Sha256Hash(form.getNewPassword(), getUser().getSalt()).toHex();
 				
 		//更新密码
 		int count = sysUserService.updatePassword(getUserId(), password, newPassword);

src/main/java/io/renren/modules/sys/form/LoginForm.java

@@ -0,0 +1,53 @@
+/**
+ * Copyright 2018 人人开源 http://www.renren.io
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package io.renren.modules.sys.form;
+
+/**
+ * 登录表单
+ *
+ * @author Mark sunlightcs@gmail.com
+ * @since 1.4.0 2018-01-25
+ */
+public class LoginForm {
+    private String username;
+    private String password;
+    private String captcha;
+
+    public String getUsername() {
+        return username;
+    }
+
+    public void setUsername(String username) {
+        this.username = username;
+    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getCaptcha() {
+        return captcha;
+    }
+
+    public void setCaptcha(String captcha) {
+        this.captcha = captcha;
+    }
+}

src/main/java/io/renren/modules/sys/form/PasswordForm.java

@@ -0,0 +1,50 @@
+/**
+ * Copyright 2018 人人开源 http://www.renren.io
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); you may not
+ * use this file except in compliance with the License. You may obtain a copy of
+ * the License at
+ * <p>
+ * http://www.apache.org/licenses/LICENSE-2.0
+ * <p>
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+
+package io.renren.modules.sys.form;
+
+/**
+ * 密码表单
+ *
+ * @author Mark sunlightcs@gmail.com
+ * @since 1.4.0 2018-01-25
+ */
+public class PasswordForm {
+    /**
+     * 原密码
+     */
+    private String password;
+    /**
+     * 新密码
+     */
+    private String newPassword;
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getNewPassword() {
+        return newPassword;
+    }
+
+    public void setNewPassword(String newPassword) {
+        this.newPassword = newPassword;
+    }
+}

src/main/java/io/renren/modules/sys/service/impl/SysUserRoleServiceImpl.java

@@ -26,12 +26,12 @@ public class SysUserRoleServiceImpl implements SysUserRoleService {
 
 	@Override
 	public void saveOrUpdate(Long userId, List<Long> roleIdList) {
-		if(roleIdList.size() == 0){
-			return ;
-		}
-		
 		//先删除用户与角色关系
 		sysUserRoleDao.delete(userId);
+
+		if(roleIdList == null || roleIdList.size() == 0){
+			return ;
+		}
 		
 		//保存用户与角色关系
 		Map<String, Object> map = new HashMap<>();

src/main/resources/static/js/index.js

@@ -38,8 +38,10 @@ var vm = new Vue({
 		user:{},
 		menuList:{},
 		main:"main.html",
-		password:'',
-		newPassword:'',
+        form:{
+            password:'',
+            newPassword:''
+		},
         navTitle:"欢迎页"
 	},
 	methods: {
@@ -64,12 +66,12 @@ var vm = new Vue({
 				content: jQuery("#passwordLayer"),
 				btn: ['修改','取消'],
 				btn1: function (index) {
-					var data = "password="+vm.password+"&newPassword="+vm.newPassword;
 					$.ajax({
 						type: "POST",
 					    url: baseURL + "sys/user/password",
-					    data: data,
 					    dataType: "json",
+                        contentType: "application/json",
+                        data: JSON.stringify(vm.form),
 					    success: function(r){
 							if(r.code == 0){
 								layer.close(index);

src/main/resources/static/swagger/index.yaml

@@ -33,20 +33,12 @@ paths:
       produces:
         - application/json
       parameters:
-        - name: username
-          description: 用户名
-          in: query
-          type: string
-          required: true
-        - name: password
-          description: 密码
-          in: query
-          type: string
-          required: true
-        - name: captcha
-          description: 验证码
-          in: query
+        - name: body
+          description: 管理员对象
+          in: body
           type: string
+          schema:
+            $ref: '#/definitions/LoginForm'
           required: true
       responses:
         '200':
@@ -140,15 +132,12 @@ paths:
       produces:
         - application/json
       parameters:
-        - name: password
-          description: 原密码
-          in: query
-          type: string
-          required: true
-        - name: newPassword
-          description: 新密码
-          in: query
+        - name: body
+          description: 管理员对象
+          in: body
           type: string
+          schema:
+            $ref: '#/definitions/PasswordForm'
           required: true
       responses:
         '200':
@@ -1050,7 +1039,27 @@ definitions:
         msg:
           description: 失败原因
           type: string
-
+  LoginForm:
+    type: object
+    properties:
+      username:
+        description: 用户名
+        type: string
+      password:
+        description: 密码
+        type: string
+      captcha:
+        description: 验证码
+        type: string
+  PasswordForm:
+    type: object
+    properties:
+      password:
+        description: 原密码
+        type: string
+      newPassword:
+        description: 新密码
+        type: string
   SysUserEntity:
     type: object
     properties:

src/main/resources/views/index.html

@@ -108,13 +108,13 @@
 		<div class="form-group">
 		   	<div class="col-sm-2 control-label">原密码</div>
 		   	<div class="col-sm-10">
-		      <input type="password" class="form-control" v-model="password" placeholder="原密码"/>
+		      <input type="password" class="form-control" v-model="form.password" placeholder="原密码"/>
 		    </div>
 		</div>
 		<div class="form-group">
 		   	<div class="col-sm-2 control-label">新密码</div>
 		   	<div class="col-sm-10">
-		      <input type="text" class="form-control" v-model="newPassword" placeholder="新密码"/>
+		      <input type="text" class="form-control" v-model="form.newPassword" placeholder="新密码"/>
 		    </div>
 		</div>
 	</div>

src/main/resources/views/login.html

@@ -33,15 +33,15 @@
         <h4 style="margin-bottom: 0px;"><i class="fa fa-exclamation-circle"></i> {{errorMsg}}</h4>
       </div>
       <div class="form-group has-feedback">
-          <input type="text" class="form-control" v-model="username" placeholder="账号">
+          <input type="text" class="form-control" v-model="form.username" placeholder="账号">
           <span class="glyphicon glyphicon-user form-control-feedback"></span>
       </div>
       <div class="form-group has-feedback">
-          <input type="password" class="form-control" v-model="password" placeholder="密码">
+          <input type="password" class="form-control" v-model="form.password" placeholder="密码">
           <span class="glyphicon glyphicon-lock form-control-feedback"></span>
       </div>
       <div class="form-group has-feedback">
-          <input type="text" class="form-control" v-model="captcha" @keyup.enter="login" placeholder="验证码">
+          <input type="text" class="form-control" v-model="form.captcha" @keyup.enter="login" placeholder="验证码">
           <span class="glyphicon glyphicon-warning-sign form-control-feedback"></span>
       </div>
       <div class="form-group has-feedback">
@@ -76,9 +76,11 @@
     var vm = new Vue({
         el:'#rrapp',
         data:{
-            username: '',
-            password: '',
-            captcha: '',
+            form: {
+                username: '',
+                password: '',
+                captcha: ''
+            },
             error: false,
             errorMsg: '',
             src: 'captcha.jpg'
@@ -93,12 +95,12 @@
                 this.src = "captcha.jpg?t=" + $.now();
             },
             login: function () {
-                var data = "username="+vm.username+"&password="+vm.password+"&captcha="+vm.captcha;
                 $.ajax({
                     type: "POST",
                     url: baseURL + "sys/login",
-                    data: data,
                     dataType: "json",
+                    contentType: "application/json",
+                    data: JSON.stringify(vm.form),
                     success: function(r){
                         if(r.code == 0){//登录成功
                             localStorage.setItem("token", r.token);