huanghai
/
QingLong
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
黄海 2 years ago
parent d0ade71f2f
commit aa9076304a
3 changed files with 86 additions and 83 deletions
Show Stats Download Patch File Download Diff File

85
src/main/java/com/dsideal/QingLong/Collect/Controller/CollectController.java
Unescape View File

@ -1741,4 +1741,89 @@ public class CollectController extends Controller {
List<Record> list = cm.getSchoolNjList(bureau_id);
renderJson(CommonUtil.renderJsonForLayUI(list));
}
/**
*
* @param username
* @param password
*/
@Before({POST.class})
public void doFillLogin(String username, String password) {
JSONObject resultJson = new JSONObject();
String checkCodeKey = "";
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
RedisKit.Del(checkCodeKey);
//防止用户攻击修改Cookie
Map<String, Object> _map = new HashMap<>();
_map.put("person_id", loginMap.get("person_id"));
SessionKit.set(getRequest(), getResponse(), "person_id", loginMap.get("person_id").toString());
resultJson.put("success", true);
resultJson.put("person_id", loginMap.get("person_id").toString());
renderJson(resultJson);
}
}

1
src/main/java/com/dsideal/QingLong/Collect/Model/CollectModel.java
Unescape View File

@ -2260,4 +2260,5 @@ public class CollectModel {
String sql = "select * from t_collect_job_target where job_id=? and target_id=?";
return Db.findFirst(sql, job_id, person_id);
}
}

83
src/main/java/com/dsideal/QingLong/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -30,89 +30,6 @@ public class LoginPersonController extends Controller {
//实例化model
LoginPersonModel model = new LoginPersonModel();
/**
*
* @param username
* @param password
*/
@Before({POST.class})
public void doFillLogin(String username, String password) {
JSONObject resultJson = new JSONObject();
String checkCodeKey = "";
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
RedisKit.Del(checkCodeKey);
//防止用户攻击修改Cookie
Map<String, Object> _map = new HashMap<>();
_map.put("person_id", loginMap.get("person_id"));
SessionKit.set(getRequest(), getResponse(), "person_id", loginMap.get("person_id").toString());
resultJson.put("success", true);
resultJson.put("person_id", loginMap.get("person_id").toString());
renderJson(resultJson);
}
/**

Write Preview
Loading…
Cancel
Save