首頁 探索 說明
註冊 登入
lihao16
/
ruoyi-cloud
1
0
複刻 0
檔案 問題管理 0 合併請求 0 Wiki
目錄樹: 4d21c11acd
分支列表 標籤列表
ruoyi-cloud
/
ruoyi-auth
/
src
/
main
/
java
/
com
/
ruoyi
/
auth
/
service
/
SysPasswordService.java

SysPasswordService.java 2.5 KB
文件歷史 原始文件

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485 
  1. package com.ruoyi.auth.service;
    2. 

  2. 

  3. import java.util.concurrent.TimeUnit;
    4. 

  4. import org.springframework.beans.factory.annotation.Autowired;
    5. 

  5. import org.springframework.stereotype.Component;
    6. 

  6. import com.ruoyi.common.core.constant.CacheConstants;
    7. 

  7. import com.ruoyi.common.core.constant.Constants;
    8. 

  8. import com.ruoyi.common.core.exception.ServiceException;
    9. 

  9. import com.ruoyi.common.redis.service.RedisService;
    10. 

  10. import com.ruoyi.common.security.utils.SecurityUtils;
    11. 

  11. import com.ruoyi.system.api.domain.SysUser;
    12. 

  12. 

  13. /**
    14. 

  14.  * 登录密码方法
    15. 

  15.  * 
    16. 

  16.  * @author ruoyi
    17. 

  17.  */
    18. 

  18. @Component
    19. 

  19. public class SysPasswordService
    20. 

  20. {
    21. 

  21.     @Autowired
    22. 

  22.     private RedisService redisService;
    23. 

  23. 

  24.     private int maxRetryCount = CacheConstants.passwordMaxRetryCount;
    25. 

  25. 

  26.     private Long lockTime = CacheConstants.passwordLockTime;
    27. 

  27. 

  28.     @Autowired
    29. 

  29.     private SysRecordLogService recordLogService;
    30. 

  30. 

  31.     /**
    32. 

  32.      * 登录账户密码错误次数缓存键名
    33. 

  33.      * 
    34. 

  34.      * @param username 用户名
    35. 

  35.      * @return 缓存键key
    36. 

  36.      */
    37. 

  37.     private String getCacheKey(String username)
    38. 

  38.     {
    39. 

  39.         return CacheConstants.PWD_ERR_CNT_KEY + username;
    40. 

  40.     }
    41. 

  41. 

  42.     public void validate(SysUser user, String password)
    43. 

  43.     {
    44. 

  44.         String username = user.getUserName();
    45. 

  45. 

  46.         Integer retryCount = redisService.getCacheObject(getCacheKey(username));
    47. 

  47. 

  48.         if (retryCount == null)
    49. 

  49.         {
    50. 

  50.             retryCount = 0;
    51. 

  51.         }
    52. 

  52. 

  53.         if (retryCount >= Integer.valueOf(maxRetryCount).intValue())
    54. 

  54.         {
    55. 

  55.             String errMsg = String.format("密码输入错误%s次,帐户锁定%s分钟", maxRetryCount, lockTime);
    56. 

  56.             recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL,errMsg);
    57. 

  57.             throw new ServiceException(errMsg);
    58. 

  58.         }
    59. 

  59. 

  60.         if (!matches(user, password))
    61. 

  61.         {
    62. 

  62.             retryCount = retryCount + 1;
    63. 

  63.             recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, String.format("密码输入错误%s次", retryCount));
    64. 

  64.             redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);
    65. 

  65.             throw new ServiceException("用户不存在/密码错误");
    66. 

  66.         }
    67. 

  67.         else
    68. 

  68.         {
    69. 

  69.             clearLoginRecordCache(username);
    70. 

  70.         }
    71. 

  71.     }
    72. 

  72. 

  73.     public boolean matches(SysUser user, String rawPassword)
    74. 

  74.     {
    75. 

  75.         return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
    76. 

  76.     }
    77. 

  77. 

  78.     public void clearLoginRecordCache(String loginName)
    79. 

  79.     {
    80. 

  80.         if (redisService.hasKey(getCacheKey(loginName)))
    81. 

  81.         {
    82. 

  82.             redisService.deleteObject(getCacheKey(loginName));
    83. 

  83.         }
    84. 

  84.     }
    85. 

  85. }
    86.