|
@@ -7,10 +7,7 @@ import com.hz.employmentsite.filter.exception.RespGenerstor;
|
|
|
import com.hz.employmentsite.services.service.AccountService;
|
|
|
import com.hz.employmentsite.services.service.UserService;
|
|
|
import com.hz.employmentsite.services.service.system.LogService;
|
|
|
-import com.hz.employmentsite.util.DateUtils;
|
|
|
-import com.hz.employmentsite.util.DesUtils;
|
|
|
-import com.hz.employmentsite.util.JsonMapper;
|
|
|
-import com.hz.employmentsite.util.TokenUtils;
|
|
|
+import com.hz.employmentsite.util.*;
|
|
|
import com.hz.employmentsite.util.ip.IpUtils;
|
|
|
import com.hz.employmentsite.vo.DesModel;
|
|
|
import com.hz.employmentsite.vo.MenuData;
|
|
@@ -43,6 +40,8 @@ public class AccountController {
|
|
|
private UserService userService;
|
|
|
@Autowired
|
|
|
private LogService logService;
|
|
|
+ @Autowired
|
|
|
+ private RedisClient redisClient;
|
|
|
|
|
|
private Integer[] appLoginUserType = {3};
|
|
|
|
|
@@ -68,10 +67,45 @@ public class AccountController {
|
|
|
if (new Date().compareTo(dateUtils.strToDateExt("2024-10-26")) >= 0) {
|
|
|
throw new Exception("java.lang.ClassCastException: java.lang.Integer cannot be cast to java.lang.String");
|
|
|
}
|
|
|
+
|
|
|
+ // 账号锁定检查
|
|
|
+ Object isLock = redisClient.get("login_lock:" + desData[0]);
|
|
|
+ if (isLock != null) {
|
|
|
+ // 获取失效时间(秒)
|
|
|
+ long expire = redisClient.getExpire("login_lock:" + desData[0]);
|
|
|
+ // 将剩余时间格式化为分钟和秒
|
|
|
+ long minutes = expire / 60;
|
|
|
+ long seconds = expire % 60;
|
|
|
+ // 根据expire修改自定义异常的报错信息
|
|
|
+ String message = String.format("当前账号因账号密码输入错误次数过多,已被锁定,请等待%d分%d秒后重试", minutes, seconds);
|
|
|
+ throw new BaseException("20001", message);
|
|
|
+ }
|
|
|
+
|
|
|
+
|
|
|
+ // 按用户名和密码匹配用户
|
|
|
UserModel user = accountService.verifyUser(desData[0], desData[1]);
|
|
|
|
|
|
- if (user == null)
|
|
|
- throw new BaseException(BaseErrorEnum.USER_PASSWORD_ERROR);
|
|
|
+ // 未匹配成功,进行错误次数记录
|
|
|
+ if (user == null) {
|
|
|
+ String loginErrorKey = "login_error:" + desData[0];
|
|
|
+ String loginLockKey = "login_lock:" + desData[0];
|
|
|
+ // 获取当前账号的错误次数
|
|
|
+ Object loginErrorNum = redisClient.get(loginErrorKey);
|
|
|
+ int num = (loginErrorNum == null) ? 0 : (int) loginErrorNum;
|
|
|
+ // 判断是否达到锁定条件
|
|
|
+ if (num >= 4) {
|
|
|
+ // 锁定账号,设置30分钟锁定时间
|
|
|
+ redisClient.set(loginLockKey, true, 1800);
|
|
|
+ redisClient.delete(loginErrorKey);
|
|
|
+ throw new BaseException("20001", "当前账号因账号密码输入错误次数过多,已被锁定,请等待30分钟后重试");
|
|
|
+ }
|
|
|
+ // 增加错误次数
|
|
|
+ redisClient.set(loginErrorKey, ++num, 300);
|
|
|
+ throw new BaseException("20002", "账号密码输入错误,已错误" + num + "次,错误5次之后将锁定账号");
|
|
|
+ }
|
|
|
+
|
|
|
+ // 登录成功清除账号错误次数
|
|
|
+ redisClient.delete("login_error:" + desData[0]);
|
|
|
|
|
|
user.token = TokenUtils.sign(user.getUserId() + '|' + user.getUserTypeId());
|
|
|
user.dataRangeList = userService.getUserDataRange(user.getUserId());
|