Merge branch 'master' into docker_package

renren-admin/src/main/java/io/renren/modules/resource/dataResource/domain/TsingtaoDataResourceService.java

@@ -31,7 +31,6 @@ public class TsingtaoDataResourceService extends AbstractDataResourceService {
         TsingtaoDataResourceService.restTemplate = SpringContextUtils.getBean(RestTemplate.class);
     }
 
-
     @Override
     public Object getDataResource(GetDataResourceListDto dto) {
 

renren-admin/src/main/java/io/renren/modules/security/controller/LoginController.java

@@ -1,12 +1,16 @@
 package io.renren.modules.security.controller;
 
+import cn.hutool.core.date.DateUtil;
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import io.renren.common.annotation.LogOperation;
 import io.renren.common.constant.Constant;
 import io.renren.common.exception.ErrorCode;
 import io.renren.common.exception.RenException;
+import io.renren.common.utils.DateUtils;
 import io.renren.common.utils.IpUtils;
 import io.renren.common.utils.Result;
 import io.renren.common.validator.AssertUtils;
+import io.renren.modules.log.dao.SysLogLoginDao;
 import io.renren.modules.log.entity.SysLogLoginEntity;
 import io.renren.modules.log.enums.LoginOperationEnum;
 import io.renren.modules.log.enums.LoginStatusEnum;
@@ -65,6 +69,8 @@ public class LoginController {
     private CaptchaService captchaService;
     @Autowired
     private SysLogLoginService sysLogLoginService;
+    @Autowired
+    private SysLogLoginDao logLoginDao;
 
     @Autowired(required = false)
     private SSOValidator ssoValidator;
@@ -72,6 +78,11 @@ public class LoginController {
     @Value("${yawei.enable}")
     private Boolean yaweiEnable; // 亚微登录？
 
+    @Value("${system.maxErrorTimes}")
+    private Integer maxErrorTimes;
+    @Value("${system.resumeLogonTime}")
+    private Integer resumeLogonTime;
+
     @GetMapping("captcha")
     @ApiOperation(value = "验证码", produces = "application/octet-stream")
     @ApiImplicitParam(paramType = "query", dataType = "string", name = "uuid", required = true)
@@ -95,21 +106,25 @@ public class LoginController {
     public Result login(HttpServletRequest request, HttpServletResponse response, @ApiIgnore @RequestParam Map<String, Object> params) throws Exception {
 
         LoginDTO login = new LoginDTO();
-        login.setUsername(String.valueOf(params.get("username")));
+
+        //2022-11-11 修改用户名加密传输
+        String userName = PasswordUtils.desEncrypt(String.valueOf(params.get("username")));
+        login.setUsername(userName);
+        //login.setUsername(String.valueOf(params.get("username")));
         String password = PasswordUtils.desEncrypt(String.valueOf(params.get("password")));
         login.setPassword(password);
         login.setUuid(String.valueOf(params.get("uuid")));
         //新增访客模式，访客模式下模拟登录，每次新增用户
-        if (String.valueOf(params.get("username")).contains("guest")) {
-            SysUserDTO userDTO = new SysUserDTO();
-            userDTO.setStatus(1);
-            userDTO.setPassword(String.valueOf(params.get("password")));
-            userDTO.setUsername(String.valueOf(params.get("username")));
-            userDTO.setSuperAdmin(0);
-            userDTO.setDeptId(sysDeptDao.getByName("访客部门") == null ? null : sysDeptDao.getByName("访客部门").getId());
-            userDTO.setDeptName("访客部门");
-            sysUserService.save(userDTO);
-        }
+        //if (String.valueOf(params.get("username")).contains("guest")) {
+        //    SysUserDTO userDTO = new SysUserDTO();
+        //    userDTO.setStatus(1);
+        //    userDTO.setPassword(String.valueOf(params.get("password")));
+        //    userDTO.setUsername(String.valueOf(params.get("username")));
+        //    userDTO.setSuperAdmin(0);
+        //    userDTO.setDeptId(sysDeptDao.getByName("访客部门") == null ? null : sysDeptDao.getByName("访客部门").getId());
+        //    userDTO.setDeptName("访客部门");
+        //    sysUserService.save(userDTO);
+        //}
         //用户信息
         SysUserDTO user = sysUserService.getByUsername(login.getUsername());
 
@@ -118,7 +133,6 @@ public class LoginController {
         log.setCreateDate(new Date());
         log.setIp(IpUtils.getIpAddr(request));
         log.setUserAgent(request.getHeader(HttpHeaders.USER_AGENT));
-        log.setIp(IpUtils.getIpAddr(request));
 
         //用户不存在
         if (user == null) {
@@ -129,16 +143,6 @@ public class LoginController {
             throw new RenException(ErrorCode.ACCOUNT_PASSWORD_ERROR);
         }
 
-        //密码错误
-        if (!PasswordUtils.matches(login.getPassword(), user.getPassword())) {
-            log.setStatus(LoginStatusEnum.FAIL.value());
-            log.setCreator(user.getId());
-            log.setCreatorName(user.getUsername());
-            sysLogLoginService.save(log);
-
-            throw new RenException(ErrorCode.ACCOUNT_PASSWORD_ERROR);
-        }
-
         //账号停用
         if (user.getStatus() == UserStatusEnum.DISABLE.value()) {
             log.setStatus(LoginStatusEnum.LOCK.value());
@@ -149,11 +153,55 @@ public class LoginController {
             throw new RenException(ErrorCode.ACCOUNT_DISABLE);
         }
 
+        //2022-11-11 账号锁定 且在规定时间内则不能登录
+        if (user.getStatus() == UserStatusEnum.LOCKED.value()) {
+            Date now = DateUtil.date();
+            QueryWrapper<SysLogLoginEntity> queryWrapper = new QueryWrapper<>();
+            //queryWrapper.eq("creator_name", params.get("username")).orderByDesc("create_date").last("LIMIT 1");
+            queryWrapper.eq("creator_name", userName).orderByDesc("create_date").last("LIMIT 1");
+            SysLogLoginEntity loginEntity = logLoginDao.selectOne(queryWrapper);
+            Date lastLoginDate = loginEntity.getCreateDate();
+            //未超过规定时间，返回账户锁定信息
+            if (DateUtils.addDateHours(lastLoginDate, resumeLogonTime).after(now)) {
+                throw new RenException("当前账号为锁定状态，请在" + DateUtils.format(DateUtils.addDateHours(lastLoginDate, resumeLogonTime), DateUtils.DATE_TIME_PATTERN) + "时间后重试。");
+            }
+
+        }
+
+        //密码错误
+        if (!PasswordUtils.matches(login.getPassword(), user.getPassword())) {
+            log.setStatus(LoginStatusEnum.FAIL.value());
+            log.setCreator(user.getId());
+            log.setCreatorName(user.getUsername());
+            sysLogLoginService.save(log);
+
+            //2022-11-11 新增限制用户登录次数，超过后账户锁定（状态变为2）
+            if (user.getFrequency() < maxErrorTimes) {
+                user.setFrequency(user.getFrequency() + 1);
+                if (user.getFrequency() == maxErrorTimes) {
+                    user.setStatus(2);
+                    sysUserService.update(user);
+                    throw new RenException("账号或密码连续输入错误" + maxErrorTimes + "次，账号已锁定。");
+                } else {
+                    sysUserService.update(user);
+                    throw new RenException("账号或密码输入错误，当前还可输入" + (maxErrorTimes - user.getFrequency()) + "次。");
+                }
+            }
+
+        }
+
+
         //登录成功
         log.setStatus(LoginStatusEnum.SUCCESS.value());
         log.setCreator(user.getId());
         log.setCreatorName(user.getUsername());
         sysLogLoginService.save(log);
+        //将用户状态改为正常,登录失败次数置为0
+        if (user.getStatus() != 1 || user.getFrequency() != 0) {
+            user.setStatus(1);
+            user.setFrequency(0);
+            sysUserService.update(user);
+        }
 
         Result<Map> token = sysUserTokenService.createToken(user.getId());
         request.setAttribute(Constant.TOKEN_HEADER, token.getData().get(Constant.TOKEN_HEADER));

renren-admin/src/main/java/io/renren/modules/sys/entity/SysUserEntity.java

@@ -83,4 +83,9 @@ public class SysUserEntity extends BaseEntity {
      */
     private String ywMobile;
 
+    /**
+     * 登录失败次数
+     */
+    private Integer frequency;
+
 }

renren-admin/src/main/resources/db/V7.2__sys_user_add_col.sql

@@ -0,0 +1 @@
+ALTER TABLE sys_user ADD COLUMN 'frequency' int NULL DEFAULT 0 COMMENT '登录失败次数';