huanghai
/
dsProject
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
黄海 10 months ago
parent 4876e1b4a6
commit 1c89353a67
4 changed files with 146 additions and 88 deletions
Show Stats Download Patch File Download Diff File

27
dsBase/src/main/java/com/dsideal/base/Const/RetBean.java
Unescape View File

@ -0,0 +1,27 @@
package com.dsideal.base.Const;
import com.alibaba.fastjson.JSONObject;
import lombok.Getter;
import lombok.Setter;
@Setter
@Getter
public class RetBean {
/**
* {
* "code": 200,
* "data": { },
* "msg": "成功"
* }
*/
private int code;
private String msg;
private JSONObject data;
public RetBean(int code, String msg, JSONObject data) {
this.code = code;
this.msg = msg;
this.data = data;
}
}

8
dsBase/src/main/java/com/dsideal/base/Const/RetConst.java
Unescape View File

@ -0,0 +1,8 @@
package com.dsideal.base.Const;
public class RetConst {
public static final Integer SUCCESS = 200;
public static final Integer ERROR = 500;
public static final Integer OVERDUE = 401;
public static final Integer TIMEOUT = 30000;
}

101
dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -2,6 +2,8 @@ package com.dsideal.base.LoginPerson.Controller;
import com.alibaba.fastjson.JSONObject;
import com.dsideal.base.BaseApplication;
import com.dsideal.base.Const.RetBean;
import com.dsideal.base.Const.RetConst;
import com.dsideal.base.Interceptor.*;
import com.dsideal.base.LoginPerson.Model.LoginPersonModel;
import com.dsideal.base.Base.Model.BaseModel;
@ -28,96 +30,23 @@ public class LoginPersonController extends Controller {
@Before({POST.class})
public void doLogin(String username, String password, String platform) {
if (StrKit.isBlank(platform)) {
platform = "WEB";
}
JSONObject resultJson = new JSONObject();
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
JSONObject jo = model.doLogin(username, password, platform, getResponse());
renderJson(jo);
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString());
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
@Before({POST.class})
public void doLoginV2(String username, String password, String platform) {
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
JSONObject jo = model.doLogin(username, password, platform, getResponse());
RetBean ret = new RetBean(RetConst.SUCCESS, "成功!", jo);
renderJson(ret);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
JSONObject jo = new JSONObject();
jo.put("success", false);
jo.put("msg", err.getMessage());
RetBean ret = new RetBean(RetConst.ERROR, "失败!", jo);
renderJson(ret);
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum;
RedisKit.set(PassWordKey, String.valueOf(cntNum));
RedisKit.expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.del(PassWordKey);
//防止用户攻击修改Cookie
Map _map = new HashMap<String, String>();
_map.put("identity_id", loginMap.get("identity_id"));
_map.put("person_id", loginMap.get("person_id"));
_map.put("bureau_id", loginMap.get("bureau_id"));
String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("CookieMd5SingPwd"));
CookieUtil.set(getResponse(), "identity_id", loginMap.get("identity_id").toString(), false, true);
CookieUtil.set(getResponse(), "person_id", loginMap.get("person_id").toString(), false, true);
CookieUtil.set(getResponse(), "bureau_id", loginMap.get("bureau_id").toString(), false, true);
CookieUtil.set(getResponse(), "token", token, false, true);
//添加返回的Token JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//将此人员的权限信息写入Pika,如果后面的要求登录互踢,可以用来处理互踢
//处理逻辑就是检查此jwt是不是在Pika中存在存在就是系统派发出去并且是最后一次用户在此平台登录的TOKEN
//如果不存在就表示此token已过期踢出即可。
RedisKit.set("jwt_" + platform + "_" + loginMap.get("person_id").toString(), jwtToken);
//根据人员id,获取所有单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
}

98
dsBase/src/main/java/com/dsideal/base/LoginPerson/Model/LoginPersonModel.java
Unescape View File

@ -1,13 +1,20 @@
package com.dsideal.base.LoginPerson.Model;
import com.dsideal.base.Util.CommonUtil;
import com.dsideal.base.Util.IpUtil;
import com.alibaba.fastjson.JSONObject;
import com.dsideal.base.Base.Model.BaseModel;
import com.dsideal.base.BaseApplication;
import com.dsideal.base.Util.*;
import com.jfinal.kit.Kv;
import com.jfinal.kit.StrKit;
import com.jfinal.plugin.activerecord.Db;
import com.jfinal.plugin.activerecord.Page;
import com.jfinal.plugin.activerecord.Record;
import com.jfinal.plugin.activerecord.SqlPara;
import javax.servlet.http.HttpServletResponse;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
@SuppressWarnings("unchecked")
public class LoginPersonModel {
@ -267,4 +274,91 @@ public class LoginPersonModel {
return flag;
}
public JSONObject doLogin(String username, String password, String platform, HttpServletResponse response) {
if (StrKit.isBlank(platform)) {
platform = "WEB";
}
JSONObject resultJson = new JSONObject();
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
return resultJson;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
return resultJson;
}
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString());
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
return resultJson;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum;
RedisKit.set(PassWordKey, String.valueOf(cntNum));
RedisKit.expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
return resultJson;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
return resultJson;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
return resultJson;
}
//去掉限制
RedisKit.del(PassWordKey);
//防止用户攻击修改Cookie
Map _map = new HashMap<String, String>();
_map.put("identity_id", loginMap.get("identity_id"));
_map.put("person_id", loginMap.get("person_id"));
_map.put("bureau_id", loginMap.get("bureau_id"));
String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("CookieMd5SingPwd"));
CookieUtil.set(response, "identity_id", loginMap.get("identity_id").toString(), false, true);
CookieUtil.set(response, "person_id", loginMap.get("person_id").toString(), false, true);
CookieUtil.set(response, "bureau_id", loginMap.get("bureau_id").toString(), false, true);
CookieUtil.set(response, "token", token, false, true);
//添加返回的Token JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//将此人员的权限信息写入Pika,如果后面的要求登录互踢,可以用来处理互踢
//处理逻辑就是检查此jwt是不是在Pika中存在存在就是系统派发出去并且是最后一次用户在此平台登录的TOKEN
//如果不存在就表示此token已过期踢出即可。
RedisKit.set("jwt_" + platform + "_" + loginMap.get("person_id").toString(), jwtToken);
//根据人员id,获取所有单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
return resultJson;
}
}

Write Preview
Loading…
Cancel
Save