| | |
|---|
| | | package com.ruoyi.framework.web.service; |
|---|
| | | |
|---|
| | | import java.util.concurrent.TimeUnit; |
|---|
| | | |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.beans.factory.annotation.Value; |
|---|
| | | import org.springframework.security.core.Authentication; |
|---|
| | |
|---|
| | | * @author ruoyi |
|---|
| | | */ |
|---|
| | | @Component |
|---|
| | | public class SysPasswordService |
|---|
| | | { |
|---|
| | | public class SysPasswordService { |
|---|
| | | @Autowired |
|---|
| | | private RedisCache redisCache; |
|---|
| | | |
|---|
| | |
|---|
| | | * @param username 用户名 |
|---|
| | | * @return 缓存键key |
|---|
| | | */ |
|---|
| | | private String getCacheKey(String username) |
|---|
| | | { |
|---|
| | | private String getCacheKey(String username) { |
|---|
| | | return CacheConstants.PWD_ERR_CNT_KEY + username; |
|---|
| | | } |
|---|
| | | |
|---|
| | | public void validate(SysUser user) |
|---|
| | | { |
|---|
| | | public void validate(SysUser user) { |
|---|
| | | Authentication usernamePasswordAuthenticationToken = AuthenticationContextHolder.getContext(); |
|---|
| | | String username = usernamePasswordAuthenticationToken.getName(); |
|---|
| | | String password = usernamePasswordAuthenticationToken.getCredentials().toString(); |
|---|
| | | |
|---|
| | | Integer retryCount = redisCache.getCacheObject(getCacheKey(username)); |
|---|
| | | |
|---|
| | | if (retryCount == null) |
|---|
| | | { |
|---|
| | | if (retryCount == null) { |
|---|
| | | retryCount = 0; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|---|
| | | MessageUtils.message("user.password.retry.limit.exceed", maxRetryCount, lockTime))); |
|---|
| | | if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", maxRetryCount, lockTime))); |
|---|
| | | throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!matches(user, password)) |
|---|
| | | { |
|---|
| | | if (!matches(user, password)) { |
|---|
| | | retryCount = retryCount + 1; |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|---|
| | | MessageUtils.message("user.password.retry.limit.count", retryCount))); |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.count", retryCount))); |
|---|
| | | redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); |
|---|
| | | throw new UserPasswordNotMatchException(); |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | } else { |
|---|
| | | clearLoginRecordCache(username); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | public boolean matches(SysUser user, String rawPassword) |
|---|
| | | { |
|---|
| | | public boolean matches(SysUser user, String rawPassword) { |
|---|
| | | return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public void clearLoginRecordCache(String loginName) |
|---|
| | | { |
|---|
| | | if (redisCache.hasKey(getCacheKey(loginName))) |
|---|
| | | { |
|---|
| | | public void clearLoginRecordCache(String loginName) { |
|---|
| | | if (redisCache.hasKey(getCacheKey(loginName))) { |
|---|
| | | redisCache.deleteObject(getCacheKey(loginName)); |
|---|
| | | } |
|---|
| | | } |
|---|
