diff --git a/dsBase/src/main/java/com/dsideal/dsBase/BaseApplication.java b/dsBase/src/main/java/com/dsideal/dsBase/BaseApplication.java index b892ce37..ee16a300 100644 --- a/dsBase/src/main/java/com/dsideal/dsBase/BaseApplication.java +++ b/dsBase/src/main/java/com/dsideal/dsBase/BaseApplication.java @@ -9,6 +9,7 @@ import com.dsideal.dsBase.Handler.XssHandler; import com.dsideal.dsBase.Index.Controller.IndexController; import com.dsideal.dsBase.Interceptor.*; import com.dsideal.dsBase.LoginPerson.Controller.LoginPersonController; +import com.dsideal.dsBase.LoginPerson.Controller.LoginPersonInternalController; import com.dsideal.dsBase.Menu.Controller.MenuController; import com.dsideal.dsBase.Organization.Controller.OrganizationController; import com.dsideal.dsBase.Student.Controller.StudentController; @@ -76,6 +77,9 @@ public class BaseApplication extends JFinalConfig { me.add("/", IndexController.class); //登录表 me.add("/loginPerson", LoginPersonController.class); + //发布内部登录接口 + me.add("/loginPerson/internal", LoginPersonInternalController.class); + //全局变量 me.add("/global", GlobalController.class); //数据字典 diff --git a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java index 8f2d9813..28d0d253 100644 --- a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java +++ b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java @@ -171,114 +171,12 @@ public class LoginPersonController extends Controller { renderJson(resultJson); } - /** - * 登录【内部调用】 - * - * @param username 用户名 - * @param password 密码 - * @param platform 哪个平台,WEB,MOBILE - */ - @Before(POST.class) - @EmptyInterface({"username", "password", "platform"}) - public void doLogin_Internal(String username, String password, String platform) { - JSONObject resultJson = new JSONObject(); - - //检查缓存中此账号错误了几次 - String PassWordKey = "WrongPassWord_" + username; - int ErrCnt = 4; //最多允许错几次 4+1 - int cntNum = 0; //错几次了 - - if (RedisKit.Exists(PassWordKey)) - cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)); - if (cntNum > ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "账号被停用5分钟,请稍后再试!"); - renderJson(resultJson); - return; - } - //与前端配合RSA通用加密解密 - try { - password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY); - } catch (Exception err) { - password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%"; - } - String passwordEncode = CommonUtil.getLdapPassword(password); - BaseModel bm = new BaseModel(); - Map loginMap = bm.getLoginInfoByUserName(username); - if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) { - //扩展支持连续输入用户名密码错误,停用账号5分钟功能 2022.06.07 - cntNum = 1; - if (RedisKit.Exists(PassWordKey)) - cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum; - - int finalCntNum = cntNum; - RedisKit.incrBy(PassWordKey, finalCntNum); - RedisKit.Expire(PassWordKey, 60 * 5); - if (cntNum > ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误,账号将被停用5分钟!"); - renderJson(resultJson); - return; - } - if (cntNum == ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "用户名或密码连续错误,你还有1次机会,再次错误后账号将被封掉5分钟!"); - renderJson(resultJson); - return; - } - resultJson.put("success", false); - resultJson.put("msg", "用户名或密码错误!"); - renderJson(resultJson); - return; - } - //去掉限制 - RedisKit.Del(PassWordKey); - - //检查当前人员是不是存在合理身份 - int identity_id = Integer.parseInt(loginMap.get("identity_id").toString()); - String person_id = loginMap.get("person_id").toString(); - if (identity_id < 5) { - List list = lm.getPersonDuty(person_id); - if (list.isEmpty()) { - resultJson.put("success", false); - resultJson.put("redirect", true); - resultJson.put("msg", "后台管理人员无法在前端页面登录!"); - renderJson(resultJson); - return; - } - } - - //返回相关信息 - resultJson.put("success", true); - resultJson.put("identity_id", loginMap.get("identity_id").toString()); - resultJson.put("person_id", loginMap.get("person_id").toString()); - resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); - resultJson.put("person_name", loginMap.get("person_name").toString()); - resultJson.put("org_code", loginMap.get("org_code").toString()); - - //添加返回的JWT - String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), - loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString()); - resultJson.put("success", true); - resultJson.put("identity_id", loginMap.get("identity_id").toString()); - resultJson.put("person_id", loginMap.get("person_id").toString()); - resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); - resultJson.put("person_name", loginMap.get("person_name").toString()); - resultJson.put("jwt", jwtToken); - - //根据人员id,获取所在单位信息 - Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString()); - if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name")); - renderJson(resultJson); - } - /** * 登出功能 */ @Before({GET.class}) public void logout() { - //SessionKit.clear(getRequest(), getResponse()); - //TODO: 登出功能需要完善,目前只重定向到登录页面 + CookieUtil.remove(getRequest(), getResponse(), "jwt-token"); redirect("/plogin.html"); } diff --git a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonInternalController.java b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonInternalController.java new file mode 100644 index 00000000..4d78f414 --- /dev/null +++ b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonInternalController.java @@ -0,0 +1,123 @@ +package com.dsideal.dsBase.LoginPerson.Controller; + +import com.alibaba.fastjson.JSONObject; +import com.dsideal.dsBase.Base.Model.BaseModel; +import com.dsideal.dsBase.Interceptor.EmptyInterface; +import com.dsideal.dsBase.LoginPerson.Model.LoginPersonModel; +import com.dsideal.dsBase.Util.*; +import com.jfinal.aop.Before; +import com.jfinal.core.ActionKey; +import com.jfinal.core.Controller; +import com.jfinal.ext.interceptor.POST; +import com.jfinal.plugin.activerecord.Record; + +import java.util.List; +import java.util.Map; + +public class LoginPersonInternalController extends Controller { + //实例化model + LoginPersonModel lm = new LoginPersonModel(); + + + /** + * 登录【内部调用】 + * + * @param username 用户名 + * @param password 密码 + * @param platform 哪个平台,WEB,MOBILE + * 完整访问路径:http://10.10.21.20:8001/dsBase/loginPerson/internal/doLogin + */ + @Before(POST.class) + @EmptyInterface({"username", "password", "platform"}) + public void doLogin(String username, String password, String platform) { + JSONObject resultJson = new JSONObject(); + + //检查缓存中此账号错误了几次 + String PassWordKey = "WrongPassWord_" + username; + int ErrCnt = 4; //最多允许错几次 4+1 + int cntNum = 0; //错几次了 + + if (RedisKit.Exists(PassWordKey)) + cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)); + if (cntNum > ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "账号被停用5分钟,请稍后再试!"); + renderJson(resultJson); + return; + } + //与前端配合RSA通用加密解密 + try { + password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY); + } catch (Exception err) { + password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%"; + } + String passwordEncode = CommonUtil.getLdapPassword(password); + BaseModel bm = new BaseModel(); + Map loginMap = bm.getLoginInfoByUserName(username); + if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) { + //扩展支持连续输入用户名密码错误,停用账号5分钟功能 2022.06.07 + cntNum = 1; + if (RedisKit.Exists(PassWordKey)) + cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum; + + int finalCntNum = cntNum; + RedisKit.incrBy(PassWordKey, finalCntNum); + RedisKit.Expire(PassWordKey, 60 * 5); + if (cntNum > ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误,账号将被停用5分钟!"); + renderJson(resultJson); + return; + } + if (cntNum == ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "用户名或密码连续错误,你还有1次机会,再次错误后账号将被封掉5分钟!"); + renderJson(resultJson); + return; + } + resultJson.put("success", false); + resultJson.put("msg", "用户名或密码错误!"); + renderJson(resultJson); + return; + } + //去掉限制 + RedisKit.Del(PassWordKey); + + //检查当前人员是不是存在合理身份 + int identity_id = Integer.parseInt(loginMap.get("identity_id").toString()); + String person_id = loginMap.get("person_id").toString(); + if (identity_id < 5) { + List list = lm.getPersonDuty(person_id); + if (list.isEmpty()) { + resultJson.put("success", false); + resultJson.put("redirect", true); + resultJson.put("msg", "后台管理人员无法在前端页面登录!"); + renderJson(resultJson); + return; + } + } + + //返回相关信息 + resultJson.put("success", true); + resultJson.put("identity_id", loginMap.get("identity_id").toString()); + resultJson.put("person_id", loginMap.get("person_id").toString()); + resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); + resultJson.put("person_name", loginMap.get("person_name").toString()); + resultJson.put("org_code", loginMap.get("org_code").toString()); + + //添加返回的JWT + String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), + loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString()); + resultJson.put("success", true); + resultJson.put("identity_id", loginMap.get("identity_id").toString()); + resultJson.put("person_id", loginMap.get("person_id").toString()); + resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); + resultJson.put("person_name", loginMap.get("person_name").toString()); + resultJson.put("jwt", jwtToken); + + //根据人员id,获取所在单位信息 + Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString()); + if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name")); + renderJson(resultJson); + } +} \ No newline at end of file