智能安评系统后端
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
kongzy
2023-12-08 ca5445257b1fdeceddf3fcc2dea18c442023aeb7 
 assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java


@@ -1,10 +1,10 @@


package com.gkhy.assess.framework.shiro.service;




import com.gkhy.assess.common.constant.CacheConstant;


import com.gkhy.assess.common.exception.ApiException;


import com.gkhy.assess.common.utils.JwtTokenUtil;


import com.gkhy.assess.common.utils.RedisUtils;


import com.gkhy.assess.system.domain.SysUser;


import org.apache.shiro.crypto.hash.Md5Hash;


import org.apache.shiro.authc.AuthenticationException;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.beans.factory.annotation.Value;


import org.springframework.stereotype.Component;


@@ -21,20 +21,20 @@


    @Value(value = "${user.password.maxRetryCount:5}")


    private Integer maxRetryCount;




    public void validate(SysUser user, String password){


    public void validate(SysUser user, String password) throws AuthenticationException {


        String username=user.getUsername();


        String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);


        AtomicInteger retryCount= (AtomicInteger) redisUtils.get(key);


        Integer retryCount= (Integer) redisUtils.get(key);


        if(retryCount==null){


            retryCount=new AtomicInteger(0);


            redisUtils.set(key,retryCount);


            retryCount=0;


        }


        if(retryCount.incrementAndGet()>maxRetryCount){


            throw new ApiException("登录次数已达上限");


        ++retryCount;


        if(retryCount>maxRetryCount){


            throw new AuthenticationException("登录次数已达上限,5分钟之后再试");


        }


        if(!matches(user,password)){


            redisUtils.set(key,retryCount);


            throw new ApiException("登录密码错误");


            redisUtils.set(key,retryCount,60*5);//5分钟后释放


            throw new AuthenticationException("登录密码错误");


        }else{


            redisUtils.del(key);


        }


@@ -42,11 +42,9 @@


    }




    public boolean matches(SysUser sysUser,String newPassword){


        return sysUser.getPassword().equals(encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));


        return sysUser.getPassword().equals(JwtTokenUtil.encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));


    }




    public String encryptPassword(String username,String password,String salt){


        return new Md5Hash(username+password+salt).toHex();


    }






}