main
黄海 12 months ago
parent 940c701f3c
commit 6fdf326747

@ -20,6 +20,7 @@ import java.io.IOException;
import java.util.Set; import java.util.Set;
public class WebLoginController extends Controller { public class WebLoginController extends Controller {
BaseModel bm = new BaseModel();
@Before({GET.class}) @Before({GET.class})
public void index() { public void index() {
@ -28,28 +29,22 @@ public class WebLoginController extends Controller {
/** /**
* http://10.10.21.21:9001/dsssoserver/login?redirect_url=https://www.ccsjy.cn/QingLong/loginPerson/getCaptcha * http://10.10.21.21:9001/dsssoserver/login?redirect_url=https://www.ccsjy.cn/QingLong/loginPerson/getCaptcha
stu81 * stu81
632342 * 632342
*
* @param redirect_url * @param redirect_url
*/ */
@Before({GET.class}) @Before({GET.class})
@EmptyInterface({"redirect_url"}) @EmptyInterface({"redirect_url"})
public void login(String redirect_url) { public void login(String redirect_url) {
// Set<String> _set = RedisKit.SMembers(PropKit.get("SYS_JRXT")); boolean found = bm.checkUrlExist(redirect_url);
// boolean found = false; if (!found) {
// for (String s : _set) { JSONObject resultJson = new JSONObject();
// if (redirect_url.contains(s)) { resultJson.put("success", false);
// found = true; resultJson.put("msg", "回调地址不在指定的IP或域名范围内");
// break; renderJson(resultJson);
// } return;
// } }
// if (!found) {
// JSONObject resultJson = new JSONObject();
// resultJson.put("success", false);
// resultJson.put("msg", "回调地址不在指定的IP或域名范围内");
// renderJson(resultJson);
// return;
// }
Kv kv = SsoLoginHelper.loginCheck(getRequest()); Kv kv = SsoLoginHelper.loginCheck(getRequest());
if (kv.getBoolean("success")) { if (kv.getBoolean("success")) {
String ssoSessionId = PropKit.get("sso.sessionid"); String ssoSessionId = PropKit.get("sso.sessionid");
@ -155,7 +150,7 @@ public class WebLoginController extends Controller {
} }
String passwordEncode = CommonUtil.getLdapPassword(password); String passwordEncode = CommonUtil.getLdapPassword(password);
BaseModel bm = new BaseModel();
Record loginMap = bm.getLoginInfoByUserName(username); Record loginMap = bm.getLoginInfoByUserName(username);
if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("pwd").toString()))) { if (passwordEncode != null && (loginMap == null || !passwordEncode.equals(loginMap.get("pwd").toString()))) {
//扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07 //扩展支持连续输入用户名密码错误停用账号5分钟功能 2022.06.07

@ -50,4 +50,16 @@ public class BaseModel {
RedisKit.HSet(redisKey, "person_id", record.getStr("person_id")); RedisKit.HSet(redisKey, "person_id", record.getStr("person_id"));
return record; return record;
} }
/**
* URL
*
* @param redirect_url
* @return
*/
public boolean checkUrlExist(String redirect_url) {
String sql = "select * from t_sso_system where redirect_url=?";
List<Record> list = Db.find(sql, redirect_url);
return !list.isEmpty();
}
} }

Loading…
Cancel
Save