Merge branch 'master' into docker_package
This commit is contained in:
commit
b4c2c261c4
|
@ -31,7 +31,6 @@ public class TsingtaoDataResourceService extends AbstractDataResourceService {
|
||||||
TsingtaoDataResourceService.restTemplate = SpringContextUtils.getBean(RestTemplate.class);
|
TsingtaoDataResourceService.restTemplate = SpringContextUtils.getBean(RestTemplate.class);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public Object getDataResource(GetDataResourceListDto dto) {
|
public Object getDataResource(GetDataResourceListDto dto) {
|
||||||
|
|
||||||
|
|
|
@ -1,12 +1,16 @@
|
||||||
package io.renren.modules.security.controller;
|
package io.renren.modules.security.controller;
|
||||||
|
|
||||||
|
import cn.hutool.core.date.DateUtil;
|
||||||
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||||
import io.renren.common.annotation.LogOperation;
|
import io.renren.common.annotation.LogOperation;
|
||||||
import io.renren.common.constant.Constant;
|
import io.renren.common.constant.Constant;
|
||||||
import io.renren.common.exception.ErrorCode;
|
import io.renren.common.exception.ErrorCode;
|
||||||
import io.renren.common.exception.RenException;
|
import io.renren.common.exception.RenException;
|
||||||
|
import io.renren.common.utils.DateUtils;
|
||||||
import io.renren.common.utils.IpUtils;
|
import io.renren.common.utils.IpUtils;
|
||||||
import io.renren.common.utils.Result;
|
import io.renren.common.utils.Result;
|
||||||
import io.renren.common.validator.AssertUtils;
|
import io.renren.common.validator.AssertUtils;
|
||||||
|
import io.renren.modules.log.dao.SysLogLoginDao;
|
||||||
import io.renren.modules.log.entity.SysLogLoginEntity;
|
import io.renren.modules.log.entity.SysLogLoginEntity;
|
||||||
import io.renren.modules.log.enums.LoginOperationEnum;
|
import io.renren.modules.log.enums.LoginOperationEnum;
|
||||||
import io.renren.modules.log.enums.LoginStatusEnum;
|
import io.renren.modules.log.enums.LoginStatusEnum;
|
||||||
|
@ -65,6 +69,8 @@ public class LoginController {
|
||||||
private CaptchaService captchaService;
|
private CaptchaService captchaService;
|
||||||
@Autowired
|
@Autowired
|
||||||
private SysLogLoginService sysLogLoginService;
|
private SysLogLoginService sysLogLoginService;
|
||||||
|
@Autowired
|
||||||
|
private SysLogLoginDao logLoginDao;
|
||||||
|
|
||||||
@Autowired(required = false)
|
@Autowired(required = false)
|
||||||
private SSOValidator ssoValidator;
|
private SSOValidator ssoValidator;
|
||||||
|
@ -72,6 +78,11 @@ public class LoginController {
|
||||||
@Value("${yawei.enable}")
|
@Value("${yawei.enable}")
|
||||||
private Boolean yaweiEnable; // 亚微登录?
|
private Boolean yaweiEnable; // 亚微登录?
|
||||||
|
|
||||||
|
@Value("${system.maxErrorTimes}")
|
||||||
|
private Integer maxErrorTimes;
|
||||||
|
@Value("${system.resumeLogonTime}")
|
||||||
|
private Integer resumeLogonTime;
|
||||||
|
|
||||||
@GetMapping("captcha")
|
@GetMapping("captcha")
|
||||||
@ApiOperation(value = "验证码", produces = "application/octet-stream")
|
@ApiOperation(value = "验证码", produces = "application/octet-stream")
|
||||||
@ApiImplicitParam(paramType = "query", dataType = "string", name = "uuid", required = true)
|
@ApiImplicitParam(paramType = "query", dataType = "string", name = "uuid", required = true)
|
||||||
|
@ -95,21 +106,25 @@ public class LoginController {
|
||||||
public Result login(HttpServletRequest request, HttpServletResponse response, @ApiIgnore @RequestParam Map<String, Object> params) throws Exception {
|
public Result login(HttpServletRequest request, HttpServletResponse response, @ApiIgnore @RequestParam Map<String, Object> params) throws Exception {
|
||||||
|
|
||||||
LoginDTO login = new LoginDTO();
|
LoginDTO login = new LoginDTO();
|
||||||
login.setUsername(String.valueOf(params.get("username")));
|
|
||||||
|
//2022-11-11 修改用户名加密传输
|
||||||
|
String userName = PasswordUtils.desEncrypt(String.valueOf(params.get("username")));
|
||||||
|
login.setUsername(userName);
|
||||||
|
//login.setUsername(String.valueOf(params.get("username")));
|
||||||
String password = PasswordUtils.desEncrypt(String.valueOf(params.get("password")));
|
String password = PasswordUtils.desEncrypt(String.valueOf(params.get("password")));
|
||||||
login.setPassword(password);
|
login.setPassword(password);
|
||||||
login.setUuid(String.valueOf(params.get("uuid")));
|
login.setUuid(String.valueOf(params.get("uuid")));
|
||||||
//新增访客模式,访客模式下模拟登录,每次新增用户
|
//新增访客模式,访客模式下模拟登录,每次新增用户
|
||||||
if (String.valueOf(params.get("username")).contains("guest")) {
|
//if (String.valueOf(params.get("username")).contains("guest")) {
|
||||||
SysUserDTO userDTO = new SysUserDTO();
|
// SysUserDTO userDTO = new SysUserDTO();
|
||||||
userDTO.setStatus(1);
|
// userDTO.setStatus(1);
|
||||||
userDTO.setPassword(String.valueOf(params.get("password")));
|
// userDTO.setPassword(String.valueOf(params.get("password")));
|
||||||
userDTO.setUsername(String.valueOf(params.get("username")));
|
// userDTO.setUsername(String.valueOf(params.get("username")));
|
||||||
userDTO.setSuperAdmin(0);
|
// userDTO.setSuperAdmin(0);
|
||||||
userDTO.setDeptId(sysDeptDao.getByName("访客部门") == null ? null : sysDeptDao.getByName("访客部门").getId());
|
// userDTO.setDeptId(sysDeptDao.getByName("访客部门") == null ? null : sysDeptDao.getByName("访客部门").getId());
|
||||||
userDTO.setDeptName("访客部门");
|
// userDTO.setDeptName("访客部门");
|
||||||
sysUserService.save(userDTO);
|
// sysUserService.save(userDTO);
|
||||||
}
|
//}
|
||||||
//用户信息
|
//用户信息
|
||||||
SysUserDTO user = sysUserService.getByUsername(login.getUsername());
|
SysUserDTO user = sysUserService.getByUsername(login.getUsername());
|
||||||
|
|
||||||
|
@ -118,7 +133,6 @@ public class LoginController {
|
||||||
log.setCreateDate(new Date());
|
log.setCreateDate(new Date());
|
||||||
log.setIp(IpUtils.getIpAddr(request));
|
log.setIp(IpUtils.getIpAddr(request));
|
||||||
log.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT));
|
log.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT));
|
||||||
log.setIp(IpUtils.getIpAddr(request));
|
|
||||||
|
|
||||||
//用户不存在
|
//用户不存在
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
|
@ -129,16 +143,6 @@ public class LoginController {
|
||||||
throw new RenException(ErrorCode.ACCOUNT_PASSWORD_ERROR);
|
throw new RenException(ErrorCode.ACCOUNT_PASSWORD_ERROR);
|
||||||
}
|
}
|
||||||
|
|
||||||
//密码错误
|
|
||||||
if (!PasswordUtils.matches(login.getPassword(), user.getPassword())) {
|
|
||||||
log.setStatus(LoginStatusEnum.FAIL.value());
|
|
||||||
log.setCreator(user.getId());
|
|
||||||
log.setCreatorName(user.getUsername());
|
|
||||||
sysLogLoginService.save(log);
|
|
||||||
|
|
||||||
throw new RenException(ErrorCode.ACCOUNT_PASSWORD_ERROR);
|
|
||||||
}
|
|
||||||
|
|
||||||
//账号停用
|
//账号停用
|
||||||
if (user.getStatus() == UserStatusEnum.DISABLE.value()) {
|
if (user.getStatus() == UserStatusEnum.DISABLE.value()) {
|
||||||
log.setStatus(LoginStatusEnum.LOCK.value());
|
log.setStatus(LoginStatusEnum.LOCK.value());
|
||||||
|
@ -149,11 +153,55 @@ public class LoginController {
|
||||||
throw new RenException(ErrorCode.ACCOUNT_DISABLE);
|
throw new RenException(ErrorCode.ACCOUNT_DISABLE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//2022-11-11 账号锁定 且在规定时间内则不能登录
|
||||||
|
if (user.getStatus() == UserStatusEnum.LOCKED.value()) {
|
||||||
|
Date now = DateUtil.date();
|
||||||
|
QueryWrapper<SysLogLoginEntity> queryWrapper = new QueryWrapper<>();
|
||||||
|
//queryWrapper.eq("creator_name", params.get("username")).orderByDesc("create_date").last("LIMIT 1");
|
||||||
|
queryWrapper.eq("creator_name", userName).orderByDesc("create_date").last("LIMIT 1");
|
||||||
|
SysLogLoginEntity loginEntity = logLoginDao.selectOne(queryWrapper);
|
||||||
|
Date lastLoginDate = loginEntity.getCreateDate();
|
||||||
|
//未超过规定时间,返回账户锁定信息
|
||||||
|
if (DateUtils.addDateHours(lastLoginDate, resumeLogonTime).after(now)) {
|
||||||
|
throw new RenException("当前账号为锁定状态,请在" + DateUtils.format(DateUtils.addDateHours(lastLoginDate, resumeLogonTime), DateUtils.DATE_TIME_PATTERN) + "时间后重试。");
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
//密码错误
|
||||||
|
if (!PasswordUtils.matches(login.getPassword(), user.getPassword())) {
|
||||||
|
log.setStatus(LoginStatusEnum.FAIL.value());
|
||||||
|
log.setCreator(user.getId());
|
||||||
|
log.setCreatorName(user.getUsername());
|
||||||
|
sysLogLoginService.save(log);
|
||||||
|
|
||||||
|
//2022-11-11 新增限制用户登录次数,超过后账户锁定(状态变为2)
|
||||||
|
if (user.getFrequency() < maxErrorTimes) {
|
||||||
|
user.setFrequency(user.getFrequency() + 1);
|
||||||
|
if (user.getFrequency() == maxErrorTimes) {
|
||||||
|
user.setStatus(2);
|
||||||
|
sysUserService.update(user);
|
||||||
|
throw new RenException("账号或密码连续输入错误" + maxErrorTimes + "次,账号已锁定。");
|
||||||
|
} else {
|
||||||
|
sysUserService.update(user);
|
||||||
|
throw new RenException("账号或密码输入错误,当前还可输入" + (maxErrorTimes - user.getFrequency()) + "次。");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
//登录成功
|
//登录成功
|
||||||
log.setStatus(LoginStatusEnum.SUCCESS.value());
|
log.setStatus(LoginStatusEnum.SUCCESS.value());
|
||||||
log.setCreator(user.getId());
|
log.setCreator(user.getId());
|
||||||
log.setCreatorName(user.getUsername());
|
log.setCreatorName(user.getUsername());
|
||||||
sysLogLoginService.save(log);
|
sysLogLoginService.save(log);
|
||||||
|
//将用户状态改为正常,登录失败次数置为0
|
||||||
|
if (user.getStatus() != 1 || user.getFrequency() != 0) {
|
||||||
|
user.setStatus(1);
|
||||||
|
user.setFrequency(0);
|
||||||
|
sysUserService.update(user);
|
||||||
|
}
|
||||||
|
|
||||||
Result<Map> token = sysUserTokenService.createToken(user.getId());
|
Result<Map> token = sysUserTokenService.createToken(user.getId());
|
||||||
request.setAttribute(Constant.TOKEN_HEADER, token.getData().get(Constant.TOKEN_HEADER));
|
request.setAttribute(Constant.TOKEN_HEADER, token.getData().get(Constant.TOKEN_HEADER));
|
||||||
|
|
|
@ -83,4 +83,9 @@ public class SysUserEntity extends BaseEntity {
|
||||||
*/
|
*/
|
||||||
private String ywMobile;
|
private String ywMobile;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 登录失败次数
|
||||||
|
*/
|
||||||
|
private Integer frequency;
|
||||||
|
|
||||||
}
|
}
|
|
@ -0,0 +1 @@
|
||||||
|
ALTER TABLE sys_user ADD COLUMN 'frequency' int NULL DEFAULT 0 COMMENT '登录失败次数';
|
Loading…
Reference in New Issue