package com.gkhy.assess.framework.shiro.service;
|
|
import com.gkhy.assess.common.constant.CacheConstant;
|
import com.gkhy.assess.common.exception.ApiException;
|
import com.gkhy.assess.common.utils.RedisUtils;
|
import com.gkhy.assess.system.domain.SysUser;
|
import org.apache.shiro.crypto.hash.Md5Hash;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.stereotype.Component;
|
|
import java.util.concurrent.atomic.AtomicInteger;
|
|
@Component
|
public class SysPasswordService {
|
|
@Autowired
|
private RedisUtils redisUtils;
|
|
|
@Value(value = "${user.password.maxRetryCount:5}")
|
private Integer maxRetryCount;
|
|
public void validate(SysUser user, String password){
|
String username=user.getUsername();
|
String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);
|
AtomicInteger retryCount= (AtomicInteger) redisUtils.get(key);
|
if(retryCount==null){
|
retryCount=new AtomicInteger(0);
|
redisUtils.set(key,retryCount);
|
}
|
if(retryCount.incrementAndGet()>maxRetryCount){
|
throw new ApiException("登录次数已达上限");
|
}
|
if(!matches(user,password)){
|
redisUtils.set(key,retryCount);
|
throw new ApiException("登录密码错误");
|
}else{
|
redisUtils.del(key);
|
}
|
|
}
|
|
public boolean matches(SysUser sysUser,String newPassword){
|
return sysUser.getPassword().equals(encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
|
}
|
|
public String encryptPassword(String username,String password,String salt){
|
return new Md5Hash(username+password+salt).toHex();
|
}
|
|
}
|
