huanghai
/
dsProject
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
HuangHai 3 months ago
parent db4cca2f5a
commit 0604e3bb4e
3 changed files with 128 additions and 103 deletions
Show Stats Download Patch File Download Diff File

4
dsBase/src/main/java/com/dsideal/dsBase/BaseApplication.java
Unescape View File

@ -9,6 +9,7 @@ import com.dsideal.dsBase.Handler.XssHandler;
import com.dsideal.dsBase.Index.Controller.IndexController;
import com.dsideal.dsBase.Interceptor.*;
import com.dsideal.dsBase.LoginPerson.Controller.LoginPersonController;
import com.dsideal.dsBase.LoginPerson.Controller.LoginPersonInternalController;
import com.dsideal.dsBase.Menu.Controller.MenuController;
import com.dsideal.dsBase.Organization.Controller.OrganizationController;
import com.dsideal.dsBase.Student.Controller.StudentController;
@ -76,6 +77,9 @@ public class BaseApplication extends JFinalConfig {
me.add("/", IndexController.class);
//登录表
me.add("/loginPerson", LoginPersonController.class);
//发布内部登录接口
me.add("/loginPerson/internal", LoginPersonInternalController.class);
//全局变量
me.add("/global", GlobalController.class);
//数据字典

104
dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -171,114 +171,12 @@ public class LoginPersonController extends Controller {
renderJson(resultJson);
}
/**
*
*
* @param username
* @param password
* @param platform WEB,MOBILE
*/
@Before(POST.class)
@EmptyInterface({"username", "password", "platform"})
public void doLogin_Internal(String username, String password, String platform) {
JSONObject resultJson = new JSONObject();
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
//检查当前人员是不是存在合理身份
int identity_id = Integer.parseInt(loginMap.get("identity_id").toString());
String person_id = loginMap.get("person_id").toString();
if (identity_id < 5) {
List<Record> list = lm.getPersonDuty(person_id);
if (list.isEmpty()) {
resultJson.put("success", false);
resultJson.put("redirect", true);
resultJson.put("msg", "后台管理人员无法在前端页面登录!");
renderJson(resultJson);
return;
}
}
//返回相关信息
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("org_code", loginMap.get("org_code").toString());
//添加返回的JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()),
loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//根据人员id,获取所在单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
}
/**
*
*/
@Before({GET.class})
public void logout() {
//SessionKit.clear(getRequest(), getResponse());
//TODO: 登出功能需要完善,目前只重定向到登录页面
CookieUtil.remove(getRequest(), getResponse(), "jwt-token");
redirect("/plogin.html");
}

123
dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonInternalController.java
Unescape View File

@ -0,0 +1,123 @@
package com.dsideal.dsBase.LoginPerson.Controller;
import com.alibaba.fastjson.JSONObject;
import com.dsideal.dsBase.Base.Model.BaseModel;
import com.dsideal.dsBase.Interceptor.EmptyInterface;
import com.dsideal.dsBase.LoginPerson.Model.LoginPersonModel;
import com.dsideal.dsBase.Util.*;
import com.jfinal.aop.Before;
import com.jfinal.core.ActionKey;
import com.jfinal.core.Controller;
import com.jfinal.ext.interceptor.POST;
import com.jfinal.plugin.activerecord.Record;
import java.util.List;
import java.util.Map;
public class LoginPersonInternalController extends Controller {
//实例化model
LoginPersonModel lm = new LoginPersonModel();
/**
*
*
* @param username
* @param password
* @param platform WEB,MOBILE
* 访http://10.10.21.20:8001/dsBase/loginPerson/internal/doLogin
*/
@Before(POST.class)
@EmptyInterface({"username", "password", "platform"})
public void doLogin(String username, String password, String platform) {
JSONObject resultJson = new JSONObject();
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
//检查当前人员是不是存在合理身份
int identity_id = Integer.parseInt(loginMap.get("identity_id").toString());
String person_id = loginMap.get("person_id").toString();
if (identity_id < 5) {
List<Record> list = lm.getPersonDuty(person_id);
if (list.isEmpty()) {
resultJson.put("success", false);
resultJson.put("redirect", true);
resultJson.put("msg", "后台管理人员无法在前端页面登录!");
renderJson(resultJson);
return;
}
}
//返回相关信息
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("org_code", loginMap.get("org_code").toString());
//添加返回的JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()),
loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//根据人员id,获取所在单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
}
}
Write Preview
Loading…
Cancel
Save