root/longdianningxing
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

rev:新增登录次数限制,密码正则表达式校验,发货区AGV任务生成添加开关

Browse Source
This commit is contained in:
ZHOUZ\Noble'lift
2024-05-08 17:05:39 +08:00
parent fe191c9ad5
commit a60a4229ff
3 changed files with 74 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
lms/nladmin-system/src/main/java/org/nl/system/service/secutiry/impl/OnlineUserService.java
View File

@@ -37,6 +37,7 @@ import org.nl.system.service.user.dto.UserDto;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.data.domain.Pageable;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.scheduling.annotation.Async;
import org.springframework.stereotype.Service;
@@ -44,6 +45,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;
import java.util.concurrent.TimeUnit;
/**
* @author Zheng Jie
@@ -58,6 +60,8 @@ public class OnlineUserService {
@Autowired
private ISysRoleService roleService;
private final RedisUtils redisUtils;
@Autowired
private RedisTemplate<Object, Object> redisTemplate;
@Value("${sa-token.cookie.domain}")
private String domain;
@@ -237,11 +241,53 @@ public class OnlineUserService {
// if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
// throw new BadRequestException("验证码错误");
// }
// 校验数据库
// 根据用户名查询,在比对密码
SysUser userInfo = sysUserService.getOne(new QueryWrapper<SysUser>().eq("username", authUser.getUsername()));
if (userInfo == null || !userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) { // 这里需要密码加密
throw new BadRequestException("账号或密码错误");
// 这里需要密码加密
if (userInfo == null) {
throw new BadRequestException("当前用户不存在!");
}
String userName = userInfo.getUsername();
if (!userInfo.getPassword().equals(SaSecureUtil.md5BySalt(password, "salt"))) {
Boolean aBoolean = redisTemplate.hasKey("LoginName:" + userName);
if (aBoolean) {
String errorLoginCount = redisTemplate.opsForValue().get("LoginName:" + userName).toString();
Integer newerrorLoginCount = Integer.parseInt(errorLoginCount);
//key为 LoginName: userName value是对应的错误登陆次数
if (newerrorLoginCount.intValue() == 3) {
Long expire = redisTemplate.opsForValue().getOperations().getExpire("LoginName:" + userName);
if (expire.intValue() > 0) {
throw new BadRequestException("当前用户锁定中,请" + expire / 60 + "分钟后重试");
}
} else {
redisTemplate.opsForValue().set("LoginName:" + userName, newerrorLoginCount + 1);
if (3 - newerrorLoginCount - 1 == 0) {
redisTemplate.opsForValue().getOperations().expire("LoginName:" + userName, 300, TimeUnit.SECONDS);
throw new BadRequestException("当前用户已锁定请5分钟后重试");
}
throw new BadRequestException("密码错误,还有" + (3 - newerrorLoginCount - 1) + "次机会");
}
} else {
redisTemplate.opsForValue().set("LoginName:" + userName, "1");
throw new BadRequestException("密码错误,还有" + 2 + "次机会");
}
}
{
//密码正确判断redis里面是否有值有值就代表锁定中
Boolean aBoolean = redisTemplate.hasKey("LoginName:" + userName);
if (aBoolean) {
String errorLoginCount = redisTemplate.opsForValue().get("LoginName:" + userName).toString();
Integer newerrorLoginCount = Integer.parseInt(errorLoginCount);
if (newerrorLoginCount.intValue() == 3) {
Long expire = redisTemplate.opsForValue().getOperations().getExpire("LoginName:" + userName);
if (expire.intValue() > 0) {
throw new BadRequestException("当前用户锁定中,请" + expire / 60 + "分钟后重试");
}
} else {
//直接删除key
redisTemplate.delete("LoginName:" + userName);
}
}
}
// 获取权限列表 - 登录查找权限