From 0bf868d3cdf9226e178c076d3b588ed5207409a0 Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期五, 24 十一月 2023 17:51:40 +0800
Subject: [PATCH] merge

---
 assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java |   52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 files changed, 52 insertions(+), 0 deletions(-)

diff --git a/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java
new file mode 100644
index 0000000..c8e60a8
--- /dev/null
+++ b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java
@@ -0,0 +1,52 @@
+package com.gkhy.assess.framework.shiro.service;
+
+import com.gkhy.assess.common.constant.CacheConstant;
+import com.gkhy.assess.common.exception.ApiException;
+import com.gkhy.assess.common.utils.RedisUtils;
+import com.gkhy.assess.system.domain.SysUser;
+import org.apache.shiro.crypto.hash.Md5Hash;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Component;
+
+import java.util.concurrent.atomic.AtomicInteger;
+
+@Component
+public class SysPasswordService {
+
+    @Autowired
+    private RedisUtils redisUtils;
+
+
+    @Value(value = "${user.password.maxRetryCount:5}")
+    private Integer maxRetryCount;
+
+    public void validate(SysUser user, String password){
+        String username=user.getUsername();
+        String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);
+        AtomicInteger retryCount= (AtomicInteger) redisUtils.get(key);
+        if(retryCount==null){
+            retryCount=new AtomicInteger(0);
+            redisUtils.set(key,retryCount);
+        }
+        if(retryCount.incrementAndGet()>maxRetryCount){
+            throw new ApiException("登录次数已达上限");
+        }
+        if(!matches(user,password)){
+            redisUtils.set(key,retryCount);
+            throw new ApiException("登录密码错误");
+        }else{
+            redisUtils.del(key);
+        }
+
+    }
+
+    public boolean matches(SysUser sysUser,String newPassword){
+        return sysUser.getPassword().equals(encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
+    }
+
+    public String encryptPassword(String username,String password,String salt){
+        return new Md5Hash(username+password+salt).toHex();
+    }
+
+}

--
Gitblit v1.9.2