登录密码超过5次错误 限制登录半小时
This commit is contained in:
parent
744fb80719
commit
4cc1c64d27
|
|
@ -0,0 +1,23 @@
|
|||
package com.rzyc.mapper.user;
|
||||
|
||||
import com.rzyc.model.user.SysUserLogin;
|
||||
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
|
||||
import org.apache.ibatis.annotations.Param;
|
||||
import org.springframework.stereotype.Repository;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* ip登录信息 Mapper 接口
|
||||
* </p>
|
||||
*
|
||||
* @author
|
||||
* @since 2023-11-23
|
||||
*/
|
||||
@Repository
|
||||
public interface SysUserLoginMapper extends BaseMapper<SysUserLogin> {
|
||||
|
||||
/*通过用户id查询*/
|
||||
SysUserLogin findByUserId(@Param("userId") String userId,
|
||||
@Param("ipDddress") String ipDddress);
|
||||
|
||||
}
|
||||
|
|
@ -0,0 +1,150 @@
|
|||
package com.rzyc.model.user;
|
||||
|
||||
import com.baomidou.mybatisplus.annotation.TableName;
|
||||
import java.util.Date;
|
||||
import com.baomidou.mybatisplus.annotation.TableId;
|
||||
import com.baomidou.mybatisplus.annotation.TableField;
|
||||
import java.io.Serializable;
|
||||
import io.swagger.annotations.ApiModel;
|
||||
import io.swagger.annotations.ApiModelProperty;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* ip登录信息
|
||||
* </p>
|
||||
*
|
||||
* @author
|
||||
* @since 2023-11-23
|
||||
*/
|
||||
@TableName("sys_user_login")
|
||||
@ApiModel(value="SysUserLogin对象", description="ip登录信息")
|
||||
public class SysUserLogin implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
@ApiModelProperty(value = "登录信息id")
|
||||
@TableId("login_id")
|
||||
private String loginId;
|
||||
|
||||
@ApiModelProperty(value = "用户id")
|
||||
@TableField("user_id")
|
||||
private String userId;
|
||||
|
||||
@ApiModelProperty(value = "ip地址")
|
||||
@TableField("ip_address")
|
||||
private String ipAddress;
|
||||
|
||||
@ApiModelProperty(value = "登录次数")
|
||||
@TableField("login_num")
|
||||
private Integer loginNum;
|
||||
|
||||
@ApiModelProperty(value = "登录限制时间")
|
||||
@TableField("limit_time")
|
||||
private Date limitTime;
|
||||
|
||||
@ApiModelProperty(value = "创建人")
|
||||
@TableField("create_by")
|
||||
private String createBy;
|
||||
|
||||
@ApiModelProperty(value = "创建时间")
|
||||
@TableField("create_time")
|
||||
private Date createTime;
|
||||
|
||||
@ApiModelProperty(value = "修改人")
|
||||
@TableField("modify_by")
|
||||
private String modifyBy;
|
||||
|
||||
@ApiModelProperty(value = "修改时间")
|
||||
@TableField("modify_time")
|
||||
private Date modifyTime;
|
||||
|
||||
@TableField(exist = false)
|
||||
private Boolean limitState;
|
||||
|
||||
public Boolean getLimitState() {
|
||||
return limitState;
|
||||
}
|
||||
|
||||
public void setLimitState(Boolean limitState) {
|
||||
this.limitState = limitState;
|
||||
}
|
||||
|
||||
public String getLoginId() {
|
||||
return loginId;
|
||||
}
|
||||
|
||||
public void setLoginId(String loginId) {
|
||||
this.loginId = loginId;
|
||||
}
|
||||
public String getUserId() {
|
||||
return userId;
|
||||
}
|
||||
|
||||
public void setUserId(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
public String getIpAddress() {
|
||||
return ipAddress;
|
||||
}
|
||||
|
||||
public void setIpAddress(String ipAddress) {
|
||||
this.ipAddress = ipAddress;
|
||||
}
|
||||
public Integer getLoginNum() {
|
||||
return loginNum;
|
||||
}
|
||||
|
||||
public void setLoginNum(Integer loginNum) {
|
||||
this.loginNum = loginNum;
|
||||
}
|
||||
public Date getLimitTime() {
|
||||
return limitTime;
|
||||
}
|
||||
|
||||
public void setLimitTime(Date limitTime) {
|
||||
this.limitTime = limitTime;
|
||||
}
|
||||
public String getCreateBy() {
|
||||
return createBy;
|
||||
}
|
||||
|
||||
public void setCreateBy(String createBy) {
|
||||
this.createBy = createBy;
|
||||
}
|
||||
public Date getCreateTime() {
|
||||
return createTime;
|
||||
}
|
||||
|
||||
public void setCreateTime(Date createTime) {
|
||||
this.createTime = createTime;
|
||||
}
|
||||
public String getModifyBy() {
|
||||
return modifyBy;
|
||||
}
|
||||
|
||||
public void setModifyBy(String modifyBy) {
|
||||
this.modifyBy = modifyBy;
|
||||
}
|
||||
public Date getModifyTime() {
|
||||
return modifyTime;
|
||||
}
|
||||
|
||||
public void setModifyTime(Date modifyTime) {
|
||||
this.modifyTime = modifyTime;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "SysUserLogin{" +
|
||||
"loginId=" + loginId +
|
||||
", userId=" + userId +
|
||||
", ipAddress=" + ipAddress +
|
||||
", loginNum=" + loginNum +
|
||||
", limitTime=" + limitTime +
|
||||
", createBy=" + createBy +
|
||||
", createTime=" + createTime +
|
||||
", modifyBy=" + modifyBy +
|
||||
", modifyTime=" + modifyTime +
|
||||
"}";
|
||||
}
|
||||
}
|
||||
|
|
@ -0,0 +1,29 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
|
||||
<mapper namespace="com.rzyc.mapper.user.SysUserLoginMapper">
|
||||
|
||||
<!-- 通用查询映射结果 -->
|
||||
<resultMap id="BaseResultMap" type="com.rzyc.model.user.SysUserLogin">
|
||||
<id column="login_id" property="loginId" />
|
||||
<result column="user_id" property="userId" />
|
||||
<result column="ip_address" property="ipAddress" />
|
||||
<result column="login_num" property="loginNum" />
|
||||
<result column="limit_time" property="limitTime" />
|
||||
<result column="create_by" property="createBy" />
|
||||
<result column="create_time" property="createTime" />
|
||||
<result column="modify_by" property="modifyBy" />
|
||||
<result column="modify_time" property="modifyTime" />
|
||||
</resultMap>
|
||||
|
||||
<!-- 通用查询结果列 -->
|
||||
<sql id="Base_Column_List">
|
||||
login_id, user_id, ip_address, login_num, limit_time, create_by, create_time, modify_by, modify_time
|
||||
</sql>
|
||||
|
||||
<!--通过用户id查询-->
|
||||
<select id="findByUserId" resultMap="BaseResultMap">
|
||||
SELECT * FROM sys_user_login sl
|
||||
WHERE sl.`user_id` = #{userId} AND sl.`ip_address` = #{ipDddress}
|
||||
</select>
|
||||
|
||||
</mapper>
|
||||
|
|
@ -576,6 +576,14 @@ public class BaseController {
|
|||
@Autowired
|
||||
protected ListRelationMapper listRelationMapper;
|
||||
|
||||
//ip登录信息
|
||||
@Autowired
|
||||
protected SysUserLoginMapper sysUserLoginMapper;
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* 岗位不需要的字符串
|
||||
|
|
@ -631,6 +639,10 @@ public class BaseController {
|
|||
protected String ELECTRIACLID = "78be60a1-55bf-44cc-9697-a983eeea98f2";
|
||||
|
||||
|
||||
//登录密码错误次数
|
||||
protected static Integer PASSWD_ERROR_NUM = 5;
|
||||
|
||||
|
||||
/**
|
||||
* 履职任务完成状态
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -23,26 +23,19 @@ import com.rzyc.bean.index.StayFactor;
|
|||
import com.rzyc.bean.index.dto.IndexEntPageDto;
|
||||
import com.rzyc.bean.user.*;
|
||||
import com.rzyc.bean.user.dutyTree.DutyTrees;
|
||||
import com.rzyc.bean.user.task.TaskDetailDto;
|
||||
import com.rzyc.bean.user.task.TaskPageDto;
|
||||
import com.rzyc.bean.user.dto.*;
|
||||
import com.rzyc.config.MethodAnnotation;
|
||||
import com.rzyc.config.RedisUtil;
|
||||
import com.rzyc.enums.*;
|
||||
import com.rzyc.model.*;
|
||||
import com.rzyc.model.ent.SysEnterprise;
|
||||
import com.rzyc.model.log.SysLogs;
|
||||
import com.rzyc.model.oth.OtheWareHouse;
|
||||
import com.rzyc.model.personal.SysResource;
|
||||
import com.rzyc.model.user.*;
|
||||
import com.rzyc.utils.IpUtil;
|
||||
import io.swagger.annotations.*;
|
||||
import org.apache.catalina.User;
|
||||
import org.apache.commons.beanutils.BeanUtils;
|
||||
import org.apache.commons.beanutils.ConvertUtils;
|
||||
import org.apache.commons.beanutils.converters.DateConverter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.transaction.annotation.Transactional;
|
||||
import org.springframework.validation.annotation.Validated;
|
||||
|
|
@ -52,7 +45,6 @@ import javax.servlet.http.HttpServletRequest;
|
|||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.validation.Valid;
|
||||
import java.util.*;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
/**
|
||||
* PC个人中心
|
||||
|
|
@ -65,6 +57,7 @@ import java.util.concurrent.TimeUnit;
|
|||
public class PcPersonalController extends com.rzyc.controller.BaseController {
|
||||
|
||||
|
||||
|
||||
/**
|
||||
* PC登录
|
||||
* @param loginDto
|
||||
|
|
@ -82,9 +75,6 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
|
|||
String sysusername = loginDto.getSysusername();
|
||||
String syspassword = loginDto.getSyspassword();
|
||||
|
||||
String ip = IpUtil.getIpAddr(request);
|
||||
ip = ip+sysusername;
|
||||
|
||||
|
||||
//获取验证码
|
||||
String generateCode = request.getSession().getAttribute(constantsConfigure.getGenerateCodeKey())+"";
|
||||
|
|
@ -94,34 +84,47 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
|
|||
|
||||
if(loginDto.getGenerateCode().equals(generateCode)){
|
||||
SysUser sysUser = sysUserMapper.findBySysUserName(sysusername);
|
||||
|
||||
//登录的是政府用户
|
||||
if(null != sysUser && StringUtils.isNotBlank(sysUser.getUsertype()) && sysUser.getUsertype().equals("政府用户")){
|
||||
String ps = PasswdFactory.encryptPasswd(sysUser.getSysuserid(), sysusername, syspassword);
|
||||
System.out.println("========" + ps);
|
||||
if(sysUser.getSyspassword().equals(ps)){
|
||||
sysUser.setSyspassword("");
|
||||
|
||||
//获取职务
|
||||
sysUser = getUserDuty(sysUser);
|
||||
//判断登录限制
|
||||
String ip = IpUtil.getIpAddr(request);
|
||||
SysUserLogin userLogin = isLimitLogin(sysUser.getSysuserid(),ip);
|
||||
if(userLogin.getLimitState()){
|
||||
|
||||
//通过角色判断是否为安办 或者 部门管理员
|
||||
if(StringUtils.isNotBlank(sysUser.getUserroles())){
|
||||
Integer userRole = this.getUserRole(sysUser.getUserroles());
|
||||
sysUser.setUserRole(userRole);
|
||||
String ps = PasswdFactory.encryptPasswd(sysUser.getSysuserid(), sysusername, syspassword);
|
||||
System.out.println("========" + ps);
|
||||
if(sysUser.getSyspassword().equals(ps)){
|
||||
sysUser.setSyspassword("");
|
||||
|
||||
//获取职务
|
||||
sysUser = getUserDuty(sysUser);
|
||||
|
||||
//通过角色判断是否为安办 或者 部门管理员
|
||||
if(StringUtils.isNotBlank(sysUser.getUserroles())){
|
||||
Integer userRole = this.getUserRole(sysUser.getUserroles());
|
||||
sysUser.setUserRole(userRole);
|
||||
}
|
||||
|
||||
//获取用户令牌
|
||||
String userToken = JwtUtil.createToken(sysUser.getSysuserid());
|
||||
sysUser.setUserToken(userToken);
|
||||
|
||||
//登录成功
|
||||
userPasswdSuccess(sysUser.getSysuserid(),ip);
|
||||
|
||||
this.addLogAuth(sysUser.getSysuserid(),"登录","成功","");
|
||||
result.setData(sysUser);
|
||||
|
||||
}else{
|
||||
this.addLogAuth(sysUser.getSysuserid(),"登录","失败","");
|
||||
result.setCode(Code.PASSWORD_ERROR.getCode());
|
||||
result.setMessage(Message.PASSWORD_ERROR);
|
||||
userPasswdError(sysUser.getSysuserid(),ip);
|
||||
}
|
||||
|
||||
//获取用户令牌
|
||||
String userToken = JwtUtil.createToken(sysUser.getSysuserid());
|
||||
sysUser.setUserToken(userToken);
|
||||
|
||||
this.addLogAuth(sysUser.getSysuserid(),"登录","成功","");
|
||||
result.setData(sysUser);
|
||||
|
||||
}else{
|
||||
this.addLogAuth(sysUser.getSysuserid(),"登录","失败","");
|
||||
result.setCode(Code.PASSWORD_ERROR.getCode());
|
||||
result.setMessage(Message.PASSWORD_ERROR);
|
||||
result.setCode(Code.ERROR.getCode());
|
||||
result.setMessage("出现多次密码错误,请于"+DateUtils.parseDate2String(userLogin.getLimitTime(),"yyyy-MM-dd HH:mm:ss")+"后在试");
|
||||
}
|
||||
}else{
|
||||
result.setCode(Code.PASSWORD_ERROR.getCode());
|
||||
|
|
@ -134,6 +137,92 @@ public class PcPersonalController extends com.rzyc.controller.BaseController {
|
|||
return result;
|
||||
}
|
||||
|
||||
/**
|
||||
* 登录成功
|
||||
* @version v1.0
|
||||
* @author dong
|
||||
* @date 2023/11/23 10:02
|
||||
*/
|
||||
public void userPasswdSuccess(String userId,String ipAddress)throws Exception{
|
||||
SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
|
||||
if(null != sysUserLogin){
|
||||
sysUserLogin.setLoginNum(0);
|
||||
sysUserLogin.setLimitTime(new Date());
|
||||
sysUserLogin.setModifyBy(userId);
|
||||
sysUserLogin.setModifyTime(new Date());
|
||||
sysUserLoginMapper.updateById(sysUserLogin);
|
||||
}else{
|
||||
sysUserLogin = new SysUserLogin();
|
||||
sysUserLogin.setLoginId(RandomNumber.getUUid());
|
||||
sysUserLogin.setUserId(userId);
|
||||
sysUserLogin.setIpAddress(ipAddress);
|
||||
sysUserLogin.setLoginNum(0);
|
||||
sysUserLogin.setLimitTime(new Date());
|
||||
sysUserLogin.setCreateTime(new Date());
|
||||
sysUserLogin.setCreateBy(userId);
|
||||
sysUserLogin.setModifyBy(userId);
|
||||
sysUserLogin.setModifyTime(new Date());
|
||||
sysUserLoginMapper.insert(sysUserLogin);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
*
|
||||
* @version v1.0
|
||||
* @author dong
|
||||
* @date 2023/11/23 9:54
|
||||
*/
|
||||
public void userPasswdError(String userId,String ipAddress)throws Exception{
|
||||
SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
|
||||
if(null != sysUserLogin){
|
||||
sysUserLogin.setLoginNum(sysUserLogin.getLoginNum()+1);
|
||||
|
||||
if(sysUserLogin.getLoginNum() >= PASSWD_ERROR_NUM){
|
||||
Calendar calendar = Calendar.getInstance();
|
||||
calendar.add(Calendar.MINUTE,30);
|
||||
sysUserLogin.setLimitTime(DateUtils.parseCalendar2Date(calendar));
|
||||
}
|
||||
sysUserLogin.setModifyBy(userId);
|
||||
sysUserLogin.setModifyTime(new Date());
|
||||
sysUserLoginMapper.updateById(sysUserLogin);
|
||||
}else{
|
||||
sysUserLogin = new SysUserLogin();
|
||||
sysUserLogin.setLoginId(RandomNumber.getUUid());
|
||||
sysUserLogin.setUserId(userId);
|
||||
sysUserLogin.setIpAddress(ipAddress);
|
||||
sysUserLogin.setLoginNum(1);
|
||||
sysUserLogin.setLimitTime(new Date());
|
||||
sysUserLogin.setCreateTime(new Date());
|
||||
sysUserLogin.setCreateBy(userId);
|
||||
sysUserLogin.setModifyBy(userId);
|
||||
sysUserLogin.setModifyTime(new Date());
|
||||
sysUserLoginMapper.insert(sysUserLogin);
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* 判断是否登录限制
|
||||
* 密码错误超过5次 并且还在限制时间内 则限制登录
|
||||
* 密码错误超过5次 半小时内不能登录。
|
||||
* @version v1.0
|
||||
* @author dong
|
||||
* @date 2023/11/23 9:41
|
||||
*/
|
||||
public SysUserLogin isLimitLogin(String userId,String ipAddress)throws Exception{
|
||||
SysUserLogin sysUserLogin = sysUserLoginMapper.findByUserId(userId,ipAddress);
|
||||
if(null != sysUserLogin){
|
||||
if(sysUserLogin.getLoginNum() >= PASSWD_ERROR_NUM && System.currentTimeMillis() < sysUserLogin.getLimitTime().getTime()){
|
||||
sysUserLogin.setLimitState(false);
|
||||
}else{
|
||||
sysUserLogin.setLimitState(true);
|
||||
}
|
||||
}else{
|
||||
sysUserLogin = new SysUserLogin();
|
||||
sysUserLogin.setLimitState(true);
|
||||
}
|
||||
return sysUserLogin;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* @Description: PC管理员登录
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user