From 2baf2c4a7667b1a36c86d841413a8997ba666afd Mon Sep 17 00:00:00 2001 From: chenhc <2369838784@qq.com> Date: Wed, 12 Mar 2025 16:11:57 +0800 Subject: [PATCH] =?UTF-8?q?feat:=20=E4=BF=AE=E5=A4=8D=E9=AB=98=E4=BD=8D?= =?UTF-8?q?=E6=BC=8F=E6=B4=9E=20=E5=AF=86=E7=A0=81=E4=B8=8D=E8=BF=94?= =?UTF-8?q?=E5=9B=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../java/com/glxp/api/constant/Constant.java | 3 +++ .../api/controller/auth/LoginController.java | 21 +++++++++++++------ 2 files changed, 18 insertions(+), 6 deletions(-) diff --git a/src/main/java/com/glxp/api/constant/Constant.java b/src/main/java/com/glxp/api/constant/Constant.java index 7887d34eb..a55bce90b 100644 --- a/src/main/java/com/glxp/api/constant/Constant.java +++ b/src/main/java/com/glxp/api/constant/Constant.java @@ -334,4 +334,7 @@ public class Constant { public static final Integer SK_PRO_DSB_TYPE = 1;//1:定数包,内部使用 public static final Integer SK_PRO_THR_TYPE = 2;//2:项目、组套外部关联 public static final Integer SK_PRO_SS_TYPE = 3;//3:术式组套 + + //密码错误次数 + public static final String PASSWORD_ERROR_COUNT = "PasswordErrorCount"; } diff --git a/src/main/java/com/glxp/api/controller/auth/LoginController.java b/src/main/java/com/glxp/api/controller/auth/LoginController.java index 0c173906c..3b60d9264 100644 --- a/src/main/java/com/glxp/api/controller/auth/LoginController.java +++ b/src/main/java/com/glxp/api/controller/auth/LoginController.java @@ -62,7 +62,8 @@ public class LoginController extends BaseController { private CompanyService companyService; @Resource private AuthLicenseDao authLicenseDao; - + @Resource + RedisUtil redisUtil; /** * 用户登录 @@ -82,18 +83,26 @@ public class LoginController extends BaseController { throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } - log.info(loginRequest.getPassword()); - log.info(PasswordUtils.authAdminPwd(authAdmin.getPassWord())); + //验证错误了几次 + Integer errorCount = (Integer) redisUtil.get(Constant.PASSWORD_ERROR_COUNT + authAdmin.getId()); + if (errorCount == null ){ + errorCount = 0; + }else { + if (errorCount == 5){ + throw new JsonException(ResultEnum.DATA_NOT, "已连续5次输入错误密码,账号被锁定30分钟!"); + } + } if (PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord())) - || loginRequest.getPassword().equals(authAdmin.getPassWord()) - || (loginRequest.getPassword().equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))) + || loginRequest.getPassword().equals(authAdmin.getPassWord()) || (loginRequest.getPassword().equals(PasswordUtils.authAdminPwd(authAdmin.getPassWord()))) ) { - + redisUtil.del(Constant.PASSWORD_ERROR_COUNT+authAdmin.getId()); } else { if (!PasswordUtils.authAdminPwd(loginRequest.getPassword()).equals(SecureUtil.sha256(authAdmin.getPassWord()))) { + redisUtil.set(Constant.PASSWORD_ERROR_COUNT+authAdmin.getId(), errorCount + 1,30*60); throw new JsonException(ResultEnum.DATA_NOT, "用户名或密码错误"); } } + if (authAdmin.getUserFlag() == 0) { throw new JsonException(ResultEnum.DATA_NOT, "该用户已被禁用!"); }