| | |
|---|
| | | package com.ruoyi.framework.web.service; |
|---|
| | | |
|---|
| | | import javax.annotation.Resource; |
|---|
| | | import javax.servlet.http.HttpServletRequest; |
|---|
| | | |
|---|
| | | import com.ruoyi.common.core.domain.model.LoginBody; |
|---|
| | | import com.ruoyi.common.utils.SecurityUtils; |
|---|
| | | import org.springframework.beans.factory.annotation.Autowired; |
|---|
| | | import org.springframework.security.authentication.AuthenticationManager; |
|---|
| | | import org.springframework.security.authentication.BadCredentialsException; |
|---|
| | |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private ISysConfigService configService; |
|---|
| | | |
|---|
| | | @Autowired |
|---|
| | | private HttpServletRequest request; |
|---|
| | | |
|---|
| | | /** |
|---|
| | | * 登录验证 |
|---|
| | |
|---|
| | | throw new UserPasswordNotMatchException(); |
|---|
| | | } |
|---|
| | | // IP黑名单校验 |
|---|
| | | String blackStr = configService.selectConfigByKey("sys.login.blackIPList"); |
|---|
| | | if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked"))); |
|---|
| | | throw new BlackListException(); |
|---|
| | | } |
|---|
| | | // String blackStr = configService.selectConfigByKey("sys.login.blackIPList"); |
|---|
| | | // if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) |
|---|
| | | // { |
|---|
| | | // AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked"))); |
|---|
| | | // throw new BlackListException(); |
|---|
| | | // } |
|---|
| | | } |
|---|
| | | |
|---|
| | | /** |
|---|
| | |
|---|
| | | sysUser.setLoginDate(DateUtils.getNowDate()); |
|---|
| | | userService.updateUserProfile(sysUser); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public String appLogin(String username, String password) { |
|---|
| | | // 验证码校验 |
|---|
| | | // validateCaptcha(username, code, uuid); |
|---|
| | | // 登录前置校验 |
|---|
| | | loginPreCheck(username, password); |
|---|
| | | // 用户验证 |
|---|
| | | Authentication authentication = null; |
|---|
| | | try |
|---|
| | | { |
|---|
| | | UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password); |
|---|
| | | AuthenticationContextHolder.setContext(authenticationToken); |
|---|
| | | // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername |
|---|
| | | authentication = authenticationManager.authenticate(authenticationToken); |
|---|
| | | } |
|---|
| | | catch (Exception e) |
|---|
| | | { |
|---|
| | | if (e instanceof BadCredentialsException) |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"))); |
|---|
| | | throw new UserPasswordNotMatchException(); |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage())); |
|---|
| | | throw new ServiceException(e.getMessage()); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | finally |
|---|
| | | { |
|---|
| | | AuthenticationContextHolder.clearContext(); |
|---|
| | | } |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"))); |
|---|
| | | LoginUser loginUser = (LoginUser) authentication.getPrincipal(); |
|---|
| | | recordLoginInfo(loginUser.getUserId()); |
|---|
| | | // 生成token |
|---|
| | | return tokenService.createToken(loginUser); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public void logout() { |
|---|
| | | LoginUser loginUser = SecurityUtils.getLoginUser(); |
|---|
| | | tokenService.delLoginUser(loginUser.getToken()); |
|---|
| | | |
|---|
| | | } |
|---|
| | | } |
|---|
