'commit'

3 months ago · 1f01e419a5
parent fa65860a61
commit 1f01e419a5
3 changed files with 175 additions and 19 deletions
--- a/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java
+++ b/dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java
@ -39,12 +39,6 @@ public class LoginPersonController extends Controller {
    @EmptyInterface({"username", "password", "captcha"})
    public void doLogin(String username, String password, String captcha) {
        JSONObject resultJson = new JSONObject();
-        if (StrKit.isBlank(captcha)) {
-            resultJson.put("success", false);
-            resultJson.put("msg", "验证码不能为空！");
-            renderJson(resultJson);
-            return;
-        }
        String checkCodeKey = "";
        //万能验证码:dsideal
        if (!captcha.equals("dsideal")) {
@ -95,19 +89,6 @@ public class LoginPersonController extends Controller {
            }
        }

-        if (StrKit.isBlank(username)) {
-            resultJson.put("success", false);
-            resultJson.put("msg", "用户名不允许为空！");
-            renderJson(resultJson);
-            return;
-        }
-        if (StrKit.isBlank(password)) {
-            resultJson.put("success", false);
-            resultJson.put("msg", "密码不允许为空！");
-            renderJson(resultJson);
-            return;
-        }
-
        //检查缓存中此账号错误了几次
        String PassWordKey = "WrongPassWord_" + username;
        int ErrCnt = 4; //最多允许错几次 4+1
@ -195,6 +176,106 @@ public class LoginPersonController extends Controller {
        renderJson(resultJson);
    }

+    /**
+     * 登录【内部调用】
+     *
+     * @param username 用户名
+     * @param password 密码
+     * @param platform 哪个平台，WEB,MOBILE
+     */
+    @Before(POST.class)
+    @EmptyInterface({"username", "password", "captcha"})
+    public void doLogin_Internal(String username, String password,String platform) {
+        JSONObject resultJson = new JSONObject();
+
+        //检查缓存中此账号错误了几次
+        String PassWordKey = "WrongPassWord_" + username;
+        int ErrCnt = 4; //最多允许错几次 4+1
+        int cntNum = 0; //错几次了
+
+        if (RedisKit.Exists(PassWordKey))
+            cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
+        if (cntNum > ErrCnt) {
+            resultJson.put("success", false);
+            resultJson.put("msg", "账号被停用5分钟，请稍后再试！");
+            renderJson(resultJson);
+            return;
+        }
+        //与前端配合RSA通用加密解密
+        try {
+            password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
+        } catch (Exception err) {
+            password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
+        }
+        String passwordEncode = CommonUtil.getLdapPassword(password);
+        BaseModel bm = new BaseModel();
+        Map loginMap = bm.getLoginInfoByUserName(username);
+        if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) {
+            //扩展支持连续输入用户名密码错误，停用账号5分钟功能 2022.06.07
+            cntNum = 1;
+            if (RedisKit.Exists(PassWordKey))
+                cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
+
+            int finalCntNum = cntNum;
+            RedisKit.incrBy(PassWordKey, finalCntNum);
+            RedisKit.Expire(PassWordKey, 60 * 5);
+            if (cntNum > ErrCnt) {
+                resultJson.put("success", false);
+                resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误，账号将被停用5分钟！");
+                renderJson(resultJson);
+                return;
+            }
+            if (cntNum == ErrCnt) {
+                resultJson.put("success", false);
+                resultJson.put("msg", "用户名或密码连续错误，你还有1次机会，再次错误后账号将被封掉5分钟！");
+                renderJson(resultJson);
+                return;
+            }
+            resultJson.put("success", false);
+            resultJson.put("msg", "用户名或密码错误！");
+            renderJson(resultJson);
+            return;
+        }
+        //去掉限制
+        RedisKit.Del(PassWordKey);
+
+        //检查当前人员是不是存在合理身份
+        int identity_id = Integer.parseInt(loginMap.get("identity_id").toString());
+        String person_id = loginMap.get("person_id").toString();
+        if (identity_id < 5) {
+            List<Record> list = lm.getPersonDuty(person_id);
+            if (list.isEmpty()) {
+                resultJson.put("success", false);
+                resultJson.put("redirect", true);
+                resultJson.put("msg", "后台管理人员无法在前端页面登录！");
+                renderJson(resultJson);
+                return;
+            }
+        }
+
+        //返回相关信息
+        resultJson.put("success", true);
+        resultJson.put("identity_id", loginMap.get("identity_id").toString());
+        resultJson.put("person_id", loginMap.get("person_id").toString());
+        resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
+        resultJson.put("person_name", loginMap.get("person_name").toString());
+        resultJson.put("org_code", loginMap.get("org_code").toString());
+        //添加返回的JWT
+        String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()),
+                loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
+        resultJson.put("success", true);
+        resultJson.put("identity_id", loginMap.get("identity_id").toString());
+        resultJson.put("person_id", loginMap.get("person_id").toString());
+        resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
+        resultJson.put("person_name", loginMap.get("person_name").toString());
+        resultJson.put("jwt", jwtToken);
+
+        //根据人员id,获取所在单位信息
+        Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
+        if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
+        renderJson(resultJson);
+    }
+
    /**
     * 登出功能
     */
--- a/dsBase/src/main/java/com/dsideal/dsBase/Util/JwtUtil.java
+++ b/dsBase/src/main/java/com/dsideal/dsBase/Util/JwtUtil.java
@ -0,0 +1,72 @@
+package com.dsideal.dsBase.Util;
+
+import com.jfinal.kit.PropKit;
+import io.jsonwebtoken.Claims;
+import io.jsonwebtoken.Jwts;
+import io.jsonwebtoken.SignatureAlgorithm;
+
+import java.nio.charset.StandardCharsets;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Map;
+
+public class JwtUtil {
+    public static final String AUTHORIZATION_STARTER = "Bearer ";
+    public static final String SECRET = PropKit.get("SECRET");
+
+    /**
+     * 功能：黄海开发的生成JWT函数
+     *
+     * @param identity_id 身份ID
+     * @param person_id   人员ID
+     * @param bureau_id   机构ID
+     * @return JWT签名
+     */
+    public static String generateToken(int identity_id, String person_id, String bureau_id) {
+        // 获取当前日期和时间
+        Date now = new Date();
+        // 格式化日期
+        Map<String, Object> claims = new HashMap<>();
+        claims.put("create_time", now.toString());
+        claims.put("identity_id", identity_id);
+        claims.put("person_id", person_id);
+        claims.put("bureau_id", bureau_id);
+        return AUTHORIZATION_STARTER + Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS256, SECRET).compact();
+    }
+
+    public static Claims getClaims(String token) {
+        if (token.contains(AUTHORIZATION_STARTER)) {
+            token = token.replace(AUTHORIZATION_STARTER, "");
+        }
+        Claims claims;
+        try {
+            claims = Jwts.parser()
+                    .setSigningKey(SECRET)
+                    .parseClaimsJws(token)
+                    .getBody();
+        } catch (Exception e) {
+            try {
+                claims = Jwts.parser()
+                        .setSigningKey(SECRET.getBytes(StandardCharsets.UTF_8))
+                        .parseClaimsJws(token)
+                        .getBody();
+            } catch (Exception err) {
+                claims = null;
+            }
+        }
+        return claims;
+    }
+
+    public static void main(String[] args) {
+        //GwApplication gw = new GwApplication();
+        String token = generateToken(4, "0b64e31e-a85e-43eb-ba5f-3088d986a8da", "3f7f4c90-645a-4fb9-9902-447846cf1dcc");
+        /**
+         结论：
+         1、JWT的里面有三个关键信息，一个是identity_id,另一个是person_id，还有一个bureau_id
+         */
+        Claims claims = getClaims(token);
+        System.out.println(claims.get("identity_id"));
+        System.out.println(claims.get("person_id"));
+        System.out.println(claims.get("bureau_id"));
+    }
+}
--- a/dsBase/src/main/resources/application.properties
+++ b/dsBase/src/main/resources/application.properties
@ -8,6 +8,9 @@ jdbcUrl=jdbc:postgresql://10.10.14.71:5432/dsBase_db?reWriteBatchedInserts=true
 redis_ip=10.10.14.14
 redis_port=18890

+# JWT
+SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
+
 # 首页
 first_page=/login.html