From 1c89353a671d77652c799f25d521182f4df1a425 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=BB=84=E6=B5=B7?= <10402852@qq.com> Date: Mon, 23 Sep 2024 16:42:12 +0800 Subject: [PATCH] 'commit' --- .../java/com/dsideal/base/Const/RetBean.java | 27 +++++ .../java/com/dsideal/base/Const/RetConst.java | 8 ++ .../Controller/LoginPersonController.java | 101 +++--------------- .../LoginPerson/Model/LoginPersonModel.java | 98 ++++++++++++++++- 4 files changed, 146 insertions(+), 88 deletions(-) create mode 100644 dsBase/src/main/java/com/dsideal/base/Const/RetBean.java create mode 100644 dsBase/src/main/java/com/dsideal/base/Const/RetConst.java diff --git a/dsBase/src/main/java/com/dsideal/base/Const/RetBean.java b/dsBase/src/main/java/com/dsideal/base/Const/RetBean.java new file mode 100644 index 00000000..dd9510fe --- /dev/null +++ b/dsBase/src/main/java/com/dsideal/base/Const/RetBean.java @@ -0,0 +1,27 @@ +package com.dsideal.base.Const; + +import com.alibaba.fastjson.JSONObject; +import lombok.Getter; +import lombok.Setter; + +@Setter +@Getter +public class RetBean { + /** + * { + * "code": 200, + * "data": { }, + * "msg": "成功" + * } + */ + private int code; + private String msg; + private JSONObject data; + + public RetBean(int code, String msg, JSONObject data) { + this.code = code; + this.msg = msg; + this.data = data; + } + +} diff --git a/dsBase/src/main/java/com/dsideal/base/Const/RetConst.java b/dsBase/src/main/java/com/dsideal/base/Const/RetConst.java new file mode 100644 index 00000000..1d7da0e6 --- /dev/null +++ b/dsBase/src/main/java/com/dsideal/base/Const/RetConst.java @@ -0,0 +1,8 @@ +package com.dsideal.base.Const; + +public class RetConst { + public static final Integer SUCCESS = 200; + public static final Integer ERROR = 500; + public static final Integer OVERDUE = 401; + public static final Integer TIMEOUT = 30000; +} diff --git a/dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java b/dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java index deb0983b..2a346474 100644 --- a/dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java +++ b/dsBase/src/main/java/com/dsideal/base/LoginPerson/Controller/LoginPersonController.java @@ -2,6 +2,8 @@ package com.dsideal.base.LoginPerson.Controller; import com.alibaba.fastjson.JSONObject; import com.dsideal.base.BaseApplication; +import com.dsideal.base.Const.RetBean; +import com.dsideal.base.Const.RetConst; import com.dsideal.base.Interceptor.*; import com.dsideal.base.LoginPerson.Model.LoginPersonModel; import com.dsideal.base.Base.Model.BaseModel; @@ -28,96 +30,23 @@ public class LoginPersonController extends Controller { @Before({POST.class}) public void doLogin(String username, String password, String platform) { - if (StrKit.isBlank(platform)) { - platform = "WEB"; - } - JSONObject resultJson = new JSONObject(); - if (StrKit.isBlank(username)) { - resultJson.put("success", false); - resultJson.put("msg", "用户名不允许为空!"); - renderJson(resultJson); - return; - } - if (StrKit.isBlank(password)) { - resultJson.put("success", false); - resultJson.put("msg", "密码不允许为空!"); - renderJson(resultJson); - return; - } + JSONObject jo = model.doLogin(username, password, platform, getResponse()); + renderJson(jo); + } - //检查缓存中此账号错误了几次 - String PassWordKey = "WrongPassWord_" + username; - int ErrCnt = 4; //最多允许错几次 4+1 - int cntNum = 0; //错几次了 - if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()); - if (cntNum > ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "账号被停用5分钟,请稍后再试!"); - renderJson(resultJson); - return; - } - //与前端配合RSA通用加密解密 + @Before({POST.class}) + public void doLoginV2(String username, String password, String platform) { try { - password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY); + JSONObject jo = model.doLogin(username, password, platform, getResponse()); + RetBean ret = new RetBean(RetConst.SUCCESS, "成功!", jo); + renderJson(ret); } catch (Exception err) { - password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%"; + JSONObject jo = new JSONObject(); + jo.put("success", false); + jo.put("msg", err.getMessage()); + RetBean ret = new RetBean(RetConst.ERROR, "失败!", jo); + renderJson(ret); } - String passwordEncode = CommonUtil.getLdapPassword(password); - BaseModel bm = new BaseModel(); - Map loginMap = bm.getLoginInfoByUserName(username); - if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) { - //扩展支持连续输入用户名密码错误,停用账号5分钟功能 2022.06.07 - cntNum = 1; - if (RedisKit.exists(PassWordKey)) - cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum; - RedisKit.set(PassWordKey, String.valueOf(cntNum)); - RedisKit.expire(PassWordKey, 60 * 5); - if (cntNum > ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误,账号将被停用5分钟!"); - renderJson(resultJson); - return; - } - if (cntNum == ErrCnt) { - resultJson.put("success", false); - resultJson.put("msg", "用户名或密码连续错误,你还有1次机会,再次错误后账号将被封掉5分钟!"); - renderJson(resultJson); - return; - } - resultJson.put("success", false); - resultJson.put("msg", "用户名或密码错误!"); - renderJson(resultJson); - return; - } - //去掉限制 - RedisKit.del(PassWordKey); - //防止用户攻击修改Cookie - Map _map = new HashMap(); - _map.put("identity_id", loginMap.get("identity_id")); - _map.put("person_id", loginMap.get("person_id")); - _map.put("bureau_id", loginMap.get("bureau_id")); - - String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("CookieMd5SingPwd")); - CookieUtil.set(getResponse(), "identity_id", loginMap.get("identity_id").toString(), false, true); - CookieUtil.set(getResponse(), "person_id", loginMap.get("person_id").toString(), false, true); - CookieUtil.set(getResponse(), "bureau_id", loginMap.get("bureau_id").toString(), false, true); - CookieUtil.set(getResponse(), "token", token, false, true); - //添加返回的Token JWT - String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString()); - resultJson.put("success", true); - resultJson.put("identity_id", loginMap.get("identity_id").toString()); - resultJson.put("person_id", loginMap.get("person_id").toString()); - resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); - resultJson.put("person_name", loginMap.get("person_name").toString()); - resultJson.put("jwt", jwtToken); - //将此人员的权限信息写入Pika,如果后面的要求登录互踢,可以用来处理互踢 - //处理逻辑就是:检查此jwt是不是在Pika中存在,存在就是系统派发出去,并且是最后一次用户在此平台登录的TOKEN - //如果不存在,就表示此token已过期,踢出即可。 - RedisKit.set("jwt_" + platform + "_" + loginMap.get("person_id").toString(), jwtToken); - //根据人员id,获取所有单位信息 - Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString()); - if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name")); - renderJson(resultJson); } diff --git a/dsBase/src/main/java/com/dsideal/base/LoginPerson/Model/LoginPersonModel.java b/dsBase/src/main/java/com/dsideal/base/LoginPerson/Model/LoginPersonModel.java index 02d96589..e7585332 100644 --- a/dsBase/src/main/java/com/dsideal/base/LoginPerson/Model/LoginPersonModel.java +++ b/dsBase/src/main/java/com/dsideal/base/LoginPerson/Model/LoginPersonModel.java @@ -1,13 +1,20 @@ package com.dsideal.base.LoginPerson.Model; -import com.dsideal.base.Util.CommonUtil; -import com.dsideal.base.Util.IpUtil; +import com.alibaba.fastjson.JSONObject; +import com.dsideal.base.Base.Model.BaseModel; +import com.dsideal.base.BaseApplication; +import com.dsideal.base.Util.*; +import com.jfinal.kit.Kv; +import com.jfinal.kit.StrKit; import com.jfinal.plugin.activerecord.Db; import com.jfinal.plugin.activerecord.Page; import com.jfinal.plugin.activerecord.Record; import com.jfinal.plugin.activerecord.SqlPara; +import javax.servlet.http.HttpServletResponse; +import java.util.HashMap; import java.util.List; +import java.util.Map; @SuppressWarnings("unchecked") public class LoginPersonModel { @@ -267,4 +274,91 @@ public class LoginPersonModel { return flag; } + public JSONObject doLogin(String username, String password, String platform, HttpServletResponse response) { + if (StrKit.isBlank(platform)) { + platform = "WEB"; + } + JSONObject resultJson = new JSONObject(); + if (StrKit.isBlank(username)) { + resultJson.put("success", false); + resultJson.put("msg", "用户名不允许为空!"); + return resultJson; + } + if (StrKit.isBlank(password)) { + resultJson.put("success", false); + resultJson.put("msg", "密码不允许为空!"); + return resultJson; + } + + //检查缓存中此账号错误了几次 + String PassWordKey = "WrongPassWord_" + username; + int ErrCnt = 4; //最多允许错几次 4+1 + int cntNum = 0; //错几次了 + if (RedisKit.exists(PassWordKey)) cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()); + if (cntNum > ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "账号被停用5分钟,请稍后再试!"); + return resultJson; + } + //与前端配合RSA通用加密解密 + try { + password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY); + } catch (Exception err) { + password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%"; + } + String passwordEncode = CommonUtil.getLdapPassword(password); + BaseModel bm = new BaseModel(); + Map loginMap = bm.getLoginInfoByUserName(username); + if (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString())) { + //扩展支持连续输入用户名密码错误,停用账号5分钟功能 2022.06.07 + cntNum = 1; + if (RedisKit.exists(PassWordKey)) + cntNum = Integer.parseInt(RedisKit.get(PassWordKey).toString()) + cntNum; + RedisKit.set(PassWordKey, String.valueOf(cntNum)); + RedisKit.expire(PassWordKey, 60 * 5); + if (cntNum > ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误,账号将被停用5分钟!"); + return resultJson; + } + if (cntNum == ErrCnt) { + resultJson.put("success", false); + resultJson.put("msg", "用户名或密码连续错误,你还有1次机会,再次错误后账号将被封掉5分钟!"); + return resultJson; + } + resultJson.put("success", false); + resultJson.put("msg", "用户名或密码错误!"); + return resultJson; + } + //去掉限制 + RedisKit.del(PassWordKey); + //防止用户攻击修改Cookie + Map _map = new HashMap(); + _map.put("identity_id", loginMap.get("identity_id")); + _map.put("person_id", loginMap.get("person_id")); + _map.put("bureau_id", loginMap.get("bureau_id")); + + String token = CommonUtil.Sign(_map, BaseApplication.PropKit.get("CookieMd5SingPwd")); + CookieUtil.set(response, "identity_id", loginMap.get("identity_id").toString(), false, true); + CookieUtil.set(response, "person_id", loginMap.get("person_id").toString(), false, true); + CookieUtil.set(response, "bureau_id", loginMap.get("bureau_id").toString(), false, true); + CookieUtil.set(response, "token", token, false, true); + //添加返回的Token JWT + String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()), loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString()); + resultJson.put("success", true); + resultJson.put("identity_id", loginMap.get("identity_id").toString()); + resultJson.put("person_id", loginMap.get("person_id").toString()); + resultJson.put("bureau_id", loginMap.get("bureau_id").toString()); + resultJson.put("person_name", loginMap.get("person_name").toString()); + resultJson.put("jwt", jwtToken); + //将此人员的权限信息写入Pika,如果后面的要求登录互踢,可以用来处理互踢 + //处理逻辑就是:检查此jwt是不是在Pika中存在,存在就是系统派发出去,并且是最后一次用户在此平台登录的TOKEN + //如果不存在,就表示此token已过期,踢出即可。 + RedisKit.set("jwt_" + platform + "_" + loginMap.get("person_id").toString(), jwtToken); + //根据人员id,获取所有单位信息 + Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString()); + if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name")); + return resultJson; + } } +