From ca5445257b1fdeceddf3fcc2dea18c442023aeb7 Mon Sep 17 00:00:00 2001
From: kongzy <kongzy>
Date: 星期五, 08 十二月 2023 09:30:36 +0800
Subject: [PATCH] 新街口

---
 assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java |   26 ++++++++++++--------------
 1 files changed, 12 insertions(+), 14 deletions(-)

diff --git a/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java
index c8e60a8..70cdb3a 100644
--- a/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java
+++ b/assess-framework/src/main/java/com/gkhy/assess/framework/shiro/service/SysPasswordService.java
@@ -1,10 +1,10 @@
 package com.gkhy.assess.framework.shiro.service;
 
 import com.gkhy.assess.common.constant.CacheConstant;
-import com.gkhy.assess.common.exception.ApiException;
+import com.gkhy.assess.common.utils.JwtTokenUtil;
 import com.gkhy.assess.common.utils.RedisUtils;
 import com.gkhy.assess.system.domain.SysUser;
-import org.apache.shiro.crypto.hash.Md5Hash;
+import org.apache.shiro.authc.AuthenticationException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
@@ -21,20 +21,20 @@
     @Value(value = "${user.password.maxRetryCount:5}")
     private Integer maxRetryCount;
 
-    public void validate(SysUser user, String password){
+    public void validate(SysUser user, String password) throws AuthenticationException {
         String username=user.getUsername();
         String key= redisUtils.generateKey(CacheConstant.SYS_LOGIN_RECORD_CACHE+":"+username);
-        AtomicInteger retryCount= (AtomicInteger) redisUtils.get(key);
+        Integer retryCount= (Integer) redisUtils.get(key);
         if(retryCount==null){
-            retryCount=new AtomicInteger(0);
-            redisUtils.set(key,retryCount);
+            retryCount=0;
         }
-        if(retryCount.incrementAndGet()>maxRetryCount){
-            throw new ApiException("登录次数已达上限");
+        ++retryCount;
+        if(retryCount>maxRetryCount){
+            throw new AuthenticationException("登录次数已达上限,5分钟之后再试");
         }
         if(!matches(user,password)){
-            redisUtils.set(key,retryCount);
-            throw new ApiException("登录密码错误");
+            redisUtils.set(key,retryCount,60*5);//5分钟后释放
+            throw new AuthenticationException("登录密码错误");
         }else{
             redisUtils.del(key);
         }
@@ -42,11 +42,9 @@
     }
 
     public boolean matches(SysUser sysUser,String newPassword){
-        return sysUser.getPassword().equals(encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
+        return sysUser.getPassword().equals(JwtTokenUtil.encryptPassword(sysUser.getUsername(),newPassword,sysUser.getSalt()));
     }
 
-    public String encryptPassword(String username,String password,String salt){
-        return new Md5Hash(username+password+salt).toHex();
-    }
+
 
 }

--
Gitblit v1.9.2