package com.gkhy.assess.framework.shiro.service;
|
|
import com.gkhy.assess.common.constant.CacheConstant;
|
import com.gkhy.assess.common.utils.JwtTokenUtil;
|
import com.gkhy.assess.common.utils.RedisUtils;
|
import com.gkhy.assess.system.domain.SysUser;
|
import org.apache.shiro.authc.AuthenticationException;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.stereotype.Component;
|
|
import java.util.concurrent.atomic.AtomicInteger;
|
|
@Component
|
public class SysPasswordService {
|
|
@Autowired
|
private RedisUtils redisUtils;
|
|
|
@Value(value = "${user.password.maxRetryCount:5}")
|
private Integer maxRetryCount;
|
|
public void validate(SysUser user, String password) throws AuthenticationException {
|
String username=user.getUsername();
|
String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);
|
Integer retryCount= (Integer) redisUtils.get(key);
|
if(retryCount==null){
|
retryCount=0;
|
}
|
++retryCount;
|
if(retryCount>maxRetryCount){
|
throw new AuthenticationException("登录次数已达上限,5分钟之后再试");
|
}
|
if(!matches(user,password)){
|
redisUtils.set(key,retryCount,60*5);//5分钟后释放
|
throw new AuthenticationException("登录密码错误");
|
}else{
|
redisUtils.del(key);
|
}
|
|
}
|
|
public boolean matches(SysUser sysUser,String newPassword){
|
return sysUser.getPassword().equals(JwtTokenUtil.encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
|
}
|
|
|
|
}
|
