diff --git a/inventory-dao/src/main/java/com/rzyc/mapper/user/SysUserLoginMapper.java b/inventory-dao/src/main/java/com/rzyc/mapper/user/SysUserLoginMapper.java
new file mode 100644
index 0000000..3b1f06c
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/mapper/user/SysUserLoginMapper.java
@@ -0,0 +1,23 @@
+package com.rzyc.mapper.user;
+
+import com.rzyc.model.user.SysUserLogin;
+import com.baomidou.mybatisplus.core.mapper.BaseMapper;
+import org.apache.ibatis.annotations.Param;
+import org.springframework.stereotype.Repository;
+
+/**
+ *
+ * ip登录信息 Mapper 接口
+ *
+ *
+ * @author
+ * @since 2023-11-23
+ */
+@Repository
+public interface SysUserLoginMapper extends BaseMapper {
+
+ /*通过用户id查询*/
+ SysUserLogin findByUserId(@Param("userId") String userId,
+ @Param("ipDddress") String ipDddress);
+
+}
diff --git a/inventory-dao/src/main/java/com/rzyc/model/user/SysUserLogin.java b/inventory-dao/src/main/java/com/rzyc/model/user/SysUserLogin.java
new file mode 100644
index 0000000..58ad01a
--- /dev/null
+++ b/inventory-dao/src/main/java/com/rzyc/model/user/SysUserLogin.java
@@ -0,0 +1,150 @@
+package com.rzyc.model.user;
+
+import com.baomidou.mybatisplus.annotation.TableName;
+import java.util.Date;
+import com.baomidou.mybatisplus.annotation.TableId;
+import com.baomidou.mybatisplus.annotation.TableField;
+import java.io.Serializable;
+import io.swagger.annotations.ApiModel;
+import io.swagger.annotations.ApiModelProperty;
+
+/**
+ *
+ * ip登录信息
+ *
+ *
+ * @author
+ * @since 2023-11-23
+ */
+@TableName("sys_user_login")
+@ApiModel(value="SysUserLogin对象", description="ip登录信息")
+public class SysUserLogin implements Serializable {
+
+ private static final long serialVersionUID = 1L;
+
+ @ApiModelProperty(value = "登录信息id")
+ @TableId("login_id")
+ private String loginId;
+
+ @ApiModelProperty(value = "用户id")
+ @TableField("user_id")
+ private String userId;
+
+ @ApiModelProperty(value = "ip地址")
+ @TableField("ip_address")
+ private String ipAddress;
+
+ @ApiModelProperty(value = "登录次数")
+ @TableField("login_num")
+ private Integer loginNum;
+
+ @ApiModelProperty(value = "登录限制时间")
+ @TableField("limit_time")
+ private Date limitTime;
+
+ @ApiModelProperty(value = "创建人")
+ @TableField("create_by")
+ private String createBy;
+
+ @ApiModelProperty(value = "创建时间")
+ @TableField("create_time")
+ private Date createTime;
+
+ @ApiModelProperty(value = "修改人")
+ @TableField("modify_by")
+ private String modifyBy;
+
+ @ApiModelProperty(value = "修改时间")
+ @TableField("modify_time")
+ private Date modifyTime;
+
+ @TableField(exist = false)
+ private Boolean limitState;
+
+ public Boolean getLimitState() {
+ return limitState;
+ }
+
+ public void setLimitState(Boolean limitState) {
+ this.limitState = limitState;
+ }
+
+ public String getLoginId() {
+ return loginId;
+ }
+
+ public void setLoginId(String loginId) {
+ this.loginId = loginId;
+ }
+ public String getUserId() {
+ return userId;
+ }
+
+ public void setUserId(String userId) {
+ this.userId = userId;
+ }
+ public String getIpAddress() {
+ return ipAddress;
+ }
+
+ public void setIpAddress(String ipAddress) {
+ this.ipAddress = ipAddress;
+ }
+ public Integer getLoginNum() {
+ return loginNum;
+ }
+
+ public void setLoginNum(Integer loginNum) {
+ this.loginNum = loginNum;
+ }
+ public Date getLimitTime() {
+ return limitTime;
+ }
+
+ public void setLimitTime(Date limitTime) {
+ this.limitTime = limitTime;
+ }
+ public String getCreateBy() {
+ return createBy;
+ }
+
+ public void setCreateBy(String createBy) {
+ this.createBy = createBy;
+ }
+ public Date getCreateTime() {
+ return createTime;
+ }
+
+ public void setCreateTime(Date createTime) {
+ this.createTime = createTime;
+ }
+ public String getModifyBy() {
+ return modifyBy;
+ }
+
+ public void setModifyBy(String modifyBy) {
+ this.modifyBy = modifyBy;
+ }
+ public Date getModifyTime() {
+ return modifyTime;
+ }
+
+ public void setModifyTime(Date modifyTime) {
+ this.modifyTime = modifyTime;
+ }
+
+ @Override
+ public String toString() {
+ return "SysUserLogin{" +
+ "loginId=" + loginId +
+ ", userId=" + userId +
+ ", ipAddress=" + ipAddress +
+ ", loginNum=" + loginNum +
+ ", limitTime=" + limitTime +
+ ", createBy=" + createBy +
+ ", createTime=" + createTime +
+ ", modifyBy=" + modifyBy +
+ ", modifyTime=" + modifyTime +
+ "}";
+ }
+}
diff --git a/inventory-dao/src/main/resources/mapper/user/SysUserLoginMapper.xml b/inventory-dao/src/main/resources/mapper/user/SysUserLoginMapper.xml
new file mode 100644
index 0000000..1eae240
--- /dev/null
+++ b/inventory-dao/src/main/resources/mapper/user/SysUserLoginMapper.xml
@@ -0,0 +1,29 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ login_id, user_id, ip_address, login_num, limit_time, create_by, create_time, modify_by, modify_time
+
+
+
+
+
+
diff --git a/inventory-gov/src/main/java/com/rzyc/controller/BaseController.java b/inventory-gov/src/main/java/com/rzyc/controller/BaseController.java
index 20c4a2c..875e5c7 100644
--- a/inventory-gov/src/main/java/com/rzyc/controller/BaseController.java
+++ b/inventory-gov/src/main/java/com/rzyc/controller/BaseController.java
@@ -576,6 +576,14 @@ public class BaseController {
@Autowired
protected ListRelationMapper listRelationMapper;
+ //ip登录信息
+ @Autowired
+ protected SysUserLoginMapper sysUserLoginMapper;
+
+
+
+
+
/**
* 岗位不需要的字符串
@@ -631,6 +639,10 @@ public class BaseController {
protected String ELECTRIACLID = "78be60a1-55bf-44cc-9697-a983eeea98f2";
+ //登录密码错误次数
+ protected static Integer PASSWD_ERROR_NUM = 5;
+
+
/**
* 履职任务完成状态
*/
diff --git a/inventory-gov/src/main/java/com/rzyc/controller/PcPersonalController.java b/inventory-gov/src/main/java/com/rzyc/controller/PcPersonalController.java
index 3278c0c..1c388b1 100644
--- a/inventory-gov/src/main/java/com/rzyc/controller/PcPersonalController.java
+++ b/inventory-gov/src/main/java/com/rzyc/controller/PcPersonalController.java
@@ -23,26 +23,19 @@ import com.rzyc.bean.index.StayFactor;
import com.rzyc.bean.index.dto.IndexEntPageDto;
import com.rzyc.bean.user.*;
import com.rzyc.bean.user.dutyTree.DutyTrees;
-import com.rzyc.bean.user.task.TaskDetailDto;
import com.rzyc.bean.user.task.TaskPageDto;
import com.rzyc.bean.user.dto.*;
-import com.rzyc.config.MethodAnnotation;
-import com.rzyc.config.RedisUtil;
import com.rzyc.enums.*;
import com.rzyc.model.*;
import com.rzyc.model.ent.SysEnterprise;
import com.rzyc.model.log.SysLogs;
-import com.rzyc.model.oth.OtheWareHouse;
import com.rzyc.model.personal.SysResource;
import com.rzyc.model.user.*;
import com.rzyc.utils.IpUtil;
import io.swagger.annotations.*;
-import org.apache.catalina.User;
import org.apache.commons.beanutils.BeanUtils;
import org.apache.commons.beanutils.ConvertUtils;
import org.apache.commons.beanutils.converters.DateConverter;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.validation.annotation.Validated;
@@ -52,7 +45,6 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import java.util.*;
-import java.util.concurrent.TimeUnit;
/**
* PC个人中心
@@ -65,6 +57,7 @@ import java.util.concurrent.TimeUnit;
public class PcPersonalController extends com.rzyc.controller.BaseController {
+
/**
* PC登录
* @param loginDto
@@ -82,9 +75,6 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
String sysusername = loginDto.getSysusername();
String syspassword = loginDto.getSyspassword();
- String ip = IpUtil.getIpAddr(request);
- ip = ip+sysusername;
-
//获取验证码
String generateCode = request.getSession().getAttribute(constantsConfigure.getGenerateCodeKey())+"";
@@ -94,34 +84,47 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
if(loginDto.getGenerateCode().equals(generateCode)){
SysUser sysUser = sysUserMapper.findBySysUserName(sysusername);
-
//登录的是政府用户
if(null != sysUser && StringUtils.isNotBlank(sysUser.getUsertype()) && sysUser.getUsertype().equals("政府用户")){
- String ps = PasswdFactory.encryptPasswd(sysUser.getSysuserid(), sysusername, syspassword);
- System.out.println("========" + ps);
- if(sysUser.getSyspassword().equals(ps)){
- sysUser.setSyspassword("");
- //获取职务
- sysUser = getUserDuty(sysUser);
+ //判断登录限制
+ String ip = IpUtil.getIpAddr(request);
+ SysUserLogin userLogin = isLimitLogin(sysUser.getSysuserid(),ip);
+ if(userLogin.getLimitState()){
- //通过角色判断是否为安办 或者 部门管理员
- if(StringUtils.isNotBlank(sysUser.getUserroles())){
- Integer userRole = this.getUserRole(sysUser.getUserroles());
- sysUser.setUserRole(userRole);
+ String ps = PasswdFactory.encryptPasswd(sysUser.getSysuserid(), sysusername, syspassword);
+ System.out.println("========" + ps);
+ if(sysUser.getSyspassword().equals(ps)){
+ sysUser.setSyspassword("");
+
+ //获取职务
+ sysUser = getUserDuty(sysUser);
+
+ //通过角色判断是否为安办 或者 部门管理员
+ if(StringUtils.isNotBlank(sysUser.getUserroles())){
+ Integer userRole = this.getUserRole(sysUser.getUserroles());
+ sysUser.setUserRole(userRole);
+ }
+
+ //获取用户令牌
+ String userToken = JwtUtil.createToken(sysUser.getSysuserid());
+ sysUser.setUserToken(userToken);
+
+ //登录成功
+ userPasswdSuccess(sysUser.getSysuserid(),ip);
+
+ this.addLogAuth(sysUser.getSysuserid(),"登录","成功","");
+ result.setData(sysUser);
+
+ }else{
+ this.addLogAuth(sysUser.getSysuserid(),"登录","失败","");
+ result.setCode(Code.PASSWORD_ERROR.getCode());
+ result.setMessage(Message.PASSWORD_ERROR);
+ userPasswdError(sysUser.getSysuserid(),ip);
}
-
- //获取用户令牌
- String userToken = JwtUtil.createToken(sysUser.getSysuserid());
- sysUser.setUserToken(userToken);
-
- this.addLogAuth(sysUser.getSysuserid(),"登录","成功","");
- result.setData(sysUser);
-
}else{
- this.addLogAuth(sysUser.getSysuserid(),"登录","失败","");
- result.setCode(Code.PASSWORD_ERROR.getCode());
- result.setMessage(Message.PASSWORD_ERROR);
+ result.setCode(Code.ERROR.getCode());
+ result.setMessage("出现多次密码错误,请于"+DateUtils.parseDate2String(userLogin.getLimitTime(),"yyyy-MM-dd HH:mm:ss")+"后在试");
}
}else{
result.setCode(Code.PASSWORD_ERROR.getCode());
@@ -134,6 +137,92 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
return result;
}
+ /**
+ * 登录成功
+ * @version v1.0
+ * @author dong
+ * @date 2023/11/23 10:02
+ */
+ public void userPasswdSuccess(String userId,String ipAddress)throws Exception{
+ SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
+ if(null != sysUserLogin){
+ sysUserLogin.setLoginNum(0);
+ sysUserLogin.setLimitTime(new Date());
+ sysUserLogin.setModifyBy(userId);
+ sysUserLogin.setModifyTime(new Date());
+ sysUserLoginMapper.updateById(sysUserLogin);
+ }else{
+ sysUserLogin = new SysUserLogin();
+ sysUserLogin.setLoginId(RandomNumber.getUUid());
+ sysUserLogin.setUserId(userId);
+ sysUserLogin.setIpAddress(ipAddress);
+ sysUserLogin.setLoginNum(0);
+ sysUserLogin.setLimitTime(new Date());
+ sysUserLogin.setCreateTime(new Date());
+ sysUserLogin.setCreateBy(userId);
+ sysUserLogin.setModifyBy(userId);
+ sysUserLogin.setModifyTime(new Date());
+ sysUserLoginMapper.insert(sysUserLogin);
+ }
+ }
+
+ /**
+ *
+ * @version v1.0
+ * @author dong
+ * @date 2023/11/23 9:54
+ */
+ public void userPasswdError(String userId,String ipAddress)throws Exception{
+ SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
+ if(null != sysUserLogin){
+ sysUserLogin.setLoginNum(sysUserLogin.getLoginNum()+1);
+
+ if(sysUserLogin.getLoginNum() >= PASSWD_ERROR_NUM){
+ Calendar calendar = Calendar.getInstance();
+ calendar.add(Calendar.MINUTE,30);
+ sysUserLogin.setLimitTime(DateUtils.parseCalendar2Date(calendar));
+ }
+ sysUserLogin.setModifyBy(userId);
+ sysUserLogin.setModifyTime(new Date());
+ sysUserLoginMapper.updateById(sysUserLogin);
+ }else{
+ sysUserLogin = new SysUserLogin();
+ sysUserLogin.setLoginId(RandomNumber.getUUid());
+ sysUserLogin.setUserId(userId);
+ sysUserLogin.setIpAddress(ipAddress);
+ sysUserLogin.setLoginNum(1);
+ sysUserLogin.setLimitTime(new Date());
+ sysUserLogin.setCreateTime(new Date());
+ sysUserLogin.setCreateBy(userId);
+ sysUserLogin.setModifyBy(userId);
+ sysUserLogin.setModifyTime(new Date());
+ sysUserLoginMapper.insert(sysUserLogin);
+ }
+ }
+
+ /**
+ * 判断是否登录限制
+ * 密码错误超过5次 并且还在限制时间内 则限制登录
+ * 密码错误超过5次 半小时内不能登录。
+ * @version v1.0
+ * @author dong
+ * @date 2023/11/23 9:41
+ */
+ public SysUserLogin isLimitLogin(String userId,String ipAddress)throws Exception{
+ SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
+ if(null != sysUserLogin){
+ if(sysUserLogin.getLoginNum() >= PASSWD_ERROR_NUM && System.currentTimeMillis() < sysUserLogin.getLimitTime().getTime()){
+ sysUserLogin.setLimitState(false);
+ }else{
+ sysUserLogin.setLimitState(true);
+ }
+ }else{
+ sysUserLogin = new SysUserLogin();
+ sysUserLogin.setLimitState(true);
+ }
+ return sysUserLogin;
+ }
+
/**
* @Description: PC管理员登录