package com.gkhy.exam.framework.web.service; import com.gkhy.exam.common.constant.CacheConstant; import com.gkhy.exam.common.constant.Constant; import com.gkhy.exam.common.domain.entity.SysUser; import com.gkhy.exam.common.exception.ApiException; import com.gkhy.exam.common.utils.RedisUtils; import com.gkhy.exam.common.utils.SecurityUtils; import com.gkhy.exam.framework.manager.AsyncManager; import com.gkhy.exam.framework.manager.factory.AsyncFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import java.util.concurrent.TimeUnit; @Component public class SysPasswordService { @Autowired private RedisUtils redisUtils; @Value(value = "${user.password.maxRetryCount:5}") private Integer maxRetryCount; @Value(value = "${user.password.lockTime:10}") private int lockTime; /** * 登录账户密码错误次数缓存键名 * * @param username 用户名 * @return 缓存键key */ private String getCacheKey(String username) { return CacheConstant.PWD_ERR_CNT_KEY + username; } public void validate(SysUser user,String password) { String username=user.getUsername(); String key= redisUtils.generateKey(getCacheKey(username)); Integer retryCount= (Integer) redisUtils.get(key); if(retryCount==null){ retryCount=0; } if(retryCount>maxRetryCount){ AsyncManager.me().execute(AsyncFactory.recordLoginInfo(username, Constant.LOGIN_FAIL,"密码输入错误5次,帐户锁定"+lockTime+"分钟")); throw new ApiException("密码输入错误5次,帐户锁定5分钟"); } if(!matches(user,password)){ retryCount=retryCount+1; AsyncManager.me().execute(AsyncFactory.recordLoginInfo(username, Constant.LOGIN_FAIL,String.format("密码输入错误%d次",retryCount))); redisUtils.set(key,retryCount,lockTime, TimeUnit.MINUTES);//5分钟后释放 throw new ApiException("密码不匹配"); }else{ redisUtils.del(key); } } public boolean matches(SysUser sysUser,String rawPassword){ return SecurityUtils.matchesPassword(rawPassword,sysUser.getPassword()); } }