huanghai
/
dsProject
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
HuangHai 3 months ago
parent fa65860a61
commit 1f01e419a5
3 changed files with 175 additions and 19 deletions
Show Stats Download Patch File Download Diff File

119
dsBase/src/main/java/com/dsideal/dsBase/LoginPerson/Controller/LoginPersonController.java
Unescape View File

@ -39,12 +39,6 @@ public class LoginPersonController extends Controller {
@EmptyInterface({"username", "password", "captcha"}) @EmptyInterface({"username", "password", "captcha"})
public void doLogin(String username, String password, String captcha) { public void doLogin(String username, String password, String captcha) {
JSONObject resultJson = new JSONObject(); JSONObject resultJson = new JSONObject();
if (StrKit.isBlank(captcha)) {
resultJson.put("success", false);
resultJson.put("msg", "验证码不能为空!");
renderJson(resultJson);
return;
}
String checkCodeKey = ""; String checkCodeKey = "";
//万能验证码:dsideal //万能验证码:dsideal
if (!captcha.equals("dsideal")) { if (!captcha.equals("dsideal")) {
@ -95,19 +89,6 @@ public class LoginPersonController extends Controller {
} }
} }
if (StrKit.isBlank(username)) {
resultJson.put("success", false);
resultJson.put("msg", "用户名不允许为空!");
renderJson(resultJson);
return;
}
if (StrKit.isBlank(password)) {
resultJson.put("success", false);
resultJson.put("msg", "密码不允许为空!");
renderJson(resultJson);
return;
}
//检查缓存中此账号错误了几次 //检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username; String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1 int ErrCnt = 4; //最多允许错几次 4+1
@ -195,6 +176,106 @@ public class LoginPersonController extends Controller {
renderJson(resultJson); renderJson(resultJson);
} }
/**
*
*
* @param username
* @param password
* @param platform WEB,MOBILE
*/
@Before(POST.class)
@EmptyInterface({"username", "password", "captcha"})
public void doLogin_Internal(String username, String password,String platform) {
JSONObject resultJson = new JSONObject();
//检查缓存中此账号错误了几次
String PassWordKey = "WrongPassWord_" + username;
int ErrCnt = 4; //最多允许错几次 4+1
int cntNum = 0; //错几次了
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey));
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "账号被停用5分钟请稍后再试");
renderJson(resultJson);
return;
}
//与前端配合RSA通用加密解密
try {
password = RsaUtils.decryptDataOnJava(password, RsaUtils.PRIVATEKEY);
} catch (Exception err) {
password = "!@#$%^&&*^*&(*)(*_)^%^$%$^%$^%";
}
String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Map loginMap = bm.getLoginInfoByUserName(username);
if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("password").toString()))) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07
cntNum = 1;
if (RedisKit.Exists(PassWordKey))
cntNum = Integer.parseInt(RedisKit.Get(PassWordKey)) + cntNum;
int finalCntNum = cntNum;
RedisKit.incrBy(PassWordKey, finalCntNum);
RedisKit.Expire(PassWordKey, 60 * 5);
if (cntNum > ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "密码连续输入" + (ErrCnt + 1) + "次全部错误账号将被停用5分钟");
renderJson(resultJson);
return;
}
if (cntNum == ErrCnt) {
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码连续错误你还有1次机会再次错误后账号将被封掉5分钟");
renderJson(resultJson);
return;
}
resultJson.put("success", false);
resultJson.put("msg", "用户名或密码错误!");
renderJson(resultJson);
return;
}
//去掉限制
RedisKit.Del(PassWordKey);
//检查当前人员是不是存在合理身份
int identity_id = Integer.parseInt(loginMap.get("identity_id").toString());
String person_id = loginMap.get("person_id").toString();
if (identity_id < 5) {
List<Record> list = lm.getPersonDuty(person_id);
if (list.isEmpty()) {
resultJson.put("success", false);
resultJson.put("redirect", true);
resultJson.put("msg", "后台管理人员无法在前端页面登录!");
renderJson(resultJson);
return;
}
}
//返回相关信息
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("org_code", loginMap.get("org_code").toString());
//添加返回的JWT
String jwtToken = JwtUtil.generateToken(Integer.parseInt(loginMap.get("identity_id").toString()),
loginMap.get("person_id").toString(), loginMap.get("bureau_id").toString());
resultJson.put("success", true);
resultJson.put("identity_id", loginMap.get("identity_id").toString());
resultJson.put("person_id", loginMap.get("person_id").toString());
resultJson.put("bureau_id", loginMap.get("bureau_id").toString());
resultJson.put("person_name", loginMap.get("person_name").toString());
resultJson.put("jwt", jwtToken);
//根据人员id,获取所在单位信息
Record r = bm.getBureauInfoByPersonId(loginMap.get("person_id").toString());
if (r != null) resultJson.put("bureau_name", r.getStr("bureau_name"));
renderJson(resultJson);
}
/** /**
* *
*/ */

72
dsBase/src/main/java/com/dsideal/dsBase/Util/JwtUtil.java
Unescape View File

@ -0,0 +1,72 @@
package com.dsideal.dsBase.Util;
import com.jfinal.kit.PropKit;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
import java.nio.charset.StandardCharsets;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
public class JwtUtil {
public static final String AUTHORIZATION_STARTER = "Bearer ";
public static final String SECRET = PropKit.get("SECRET");
/**
* JWT
*
* @param identity_id ID
* @param person_id ID
* @param bureau_id ID
* @return JWT
*/
public static String generateToken(int identity_id, String person_id, String bureau_id) {
// 获取当前日期和时间
Date now = new Date();
// 格式化日期
Map<String, Object> claims = new HashMap<>();
claims.put("create_time", now.toString());
claims.put("identity_id", identity_id);
claims.put("person_id", person_id);
claims.put("bureau_id", bureau_id);
return AUTHORIZATION_STARTER + Jwts.builder().setClaims(claims).signWith(SignatureAlgorithm.HS256, SECRET).compact();
}
public static Claims getClaims(String token) {
if (token.contains(AUTHORIZATION_STARTER)) {
token = token.replace(AUTHORIZATION_STARTER, "");
}
Claims claims;
try {
claims = Jwts.parser()
.setSigningKey(SECRET)
.parseClaimsJws(token)
.getBody();
} catch (Exception e) {
try {
claims = Jwts.parser()
.setSigningKey(SECRET.getBytes(StandardCharsets.UTF_8))
.parseClaimsJws(token)
.getBody();
} catch (Exception err) {
claims = null;
}
}
return claims;
}
public static void main(String[] args) {
//GwApplication gw = new GwApplication();
String token = generateToken(4, "0b64e31e-a85e-43eb-ba5f-3088d986a8da", "3f7f4c90-645a-4fb9-9902-447846cf1dcc");
/**
1JWTidentity_id,person_idbureau_id
*/
Claims claims = getClaims(token);
System.out.println(claims.get("identity_id"));
System.out.println(claims.get("person_id"));
System.out.println(claims.get("bureau_id"));
}
}

3
dsBase/src/main/resources/application.properties
Unescape View File

@ -8,6 +8,9 @@ jdbcUrl=jdbc:postgresql://10.10.14.71:5432/dsBase_db?reWriteBatchedInserts=true
redis_ip=10.10.14.14 redis_ip=10.10.14.14
redis_port=18890 redis_port=18890
# JWT
SECRET: ZXZnZWVr5b+r5LmQ5L2g55qE5Ye66KGM
# 首页 # 首页
first_page=/login.html first_page=/login.html

Write Preview
Loading…
Cancel
Save