package com.gkhy.exam.framework.web.service;
|
|
import com.gkhy.exam.common.constant.CacheConstant;
|
import com.gkhy.exam.common.constant.Constant;
|
import com.gkhy.exam.common.domain.entity.SysUser;
|
import com.gkhy.exam.common.exception.ApiException;
|
import com.gkhy.exam.common.utils.RedisUtils;
|
import com.gkhy.exam.common.utils.SecurityUtils;
|
import com.gkhy.exam.framework.manager.AsyncManager;
|
import com.gkhy.exam.framework.manager.factory.AsyncFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.stereotype.Component;
|
|
import java.util.concurrent.TimeUnit;
|
|
@Component
|
public class SysPasswordService {
|
|
@Autowired
|
private RedisUtils redisUtils;
|
|
|
@Value(value = "${user.password.maxRetryCount:5}")
|
private Integer maxRetryCount;
|
|
@Value(value = "${user.password.lockTime:10}")
|
private int lockTime;
|
|
/**
|
* 登录账户密码错误次数缓存键名
|
*
|
* @param username 用户名
|
* @return 缓存键key
|
*/
|
private String getCacheKey(String username)
|
{
|
return CacheConstant.PWD_ERR_CNT_KEY + username;
|
}
|
|
public void validate(SysUser user,String password) {
|
String username=user.getUsername();
|
String key= redisUtils.generateKey(getCacheKey(username));
|
Integer retryCount= (Integer) redisUtils.get(key);
|
if(retryCount==null){
|
retryCount=0;
|
}
|
if(retryCount>maxRetryCount){
|
AsyncManager.me().execute(AsyncFactory.recordLoginInfo(username, Constant.LOGIN_FAIL,"密码输入错误5次,帐户锁定"+lockTime+"分钟"));
|
throw new ApiException("密码输入错误5次,帐户锁定5分钟");
|
}
|
if(!matches(user,password)){
|
retryCount=retryCount+1;
|
AsyncManager.me().execute(AsyncFactory.recordLoginInfo(username, Constant.LOGIN_FAIL,String.format("密码输入错误%d次",retryCount)));
|
redisUtils.set(key,retryCount,lockTime, TimeUnit.MINUTES);//5分钟后释放
|
throw new ApiException("密码不匹配");
|
}else{
|
redisUtils.del(key);
|
}
|
|
}
|
|
public boolean matches(SysUser sysUser,String rawPassword){
|
return SecurityUtils.matchesPassword(rawPassword,sysUser.getPassword());
|
}
|
}
|