fix: 修改包名,模块名。
This commit is contained in:
tianyongbao
@@ -0,0 +1,144 @@
|
||||
package com.intc.auth.service;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import com.intc.common.core.constant.CacheConstants;
|
||||
import com.intc.common.core.constant.Constants;
|
||||
import com.intc.common.core.constant.SecurityConstants;
|
||||
import com.intc.common.core.constant.UserConstants;
|
||||
import com.intc.common.core.domain.R;
|
||||
import com.intc.common.core.enums.UserStatus;
|
||||
import com.intc.common.core.exception.ServiceException;
|
||||
import com.intc.common.core.text.Convert;
|
||||
import com.intc.common.core.utils.StringUtils;
|
||||
import com.intc.common.core.utils.ip.IpUtils;
|
||||
import com.intc.common.redis.service.RedisService;
|
||||
import com.intc.common.security.utils.SecurityUtils;
|
||||
import com.intc.system.api.RemoteUserService;
|
||||
import com.intc.system.api.domain.SysUser;
|
||||
import com.intc.system.api.model.LoginUser;
|
||||
|
||||
/**
|
||||
* 登录校验方法
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
@Component
|
||||
public class SysLoginService
|
||||
{
|
||||
@Autowired
|
||||
private RemoteUserService remoteUserService;
|
||||
|
||||
@Autowired
|
||||
private SysPasswordService passwordService;
|
||||
|
||||
@Autowired
|
||||
private SysRecordLogService recordLogService;
|
||||
|
||||
@Autowired
|
||||
private RedisService redisService;
|
||||
|
||||
/**
|
||||
* 登录
|
||||
*/
|
||||
public LoginUser login(String username, String password)
|
||||
{
|
||||
// 用户名或密码为空 错误
|
||||
if (StringUtils.isAnyBlank(username, password))
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户/密码必须填写");
|
||||
throw new ServiceException("用户/密码必须填写");
|
||||
}
|
||||
// 密码如果不在指定范围内 错误
|
||||
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
||||
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户密码不在指定范围");
|
||||
throw new ServiceException("用户密码不在指定范围");
|
||||
}
|
||||
// 用户名不在指定范围内 错误
|
||||
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
||||
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户名不在指定范围");
|
||||
throw new ServiceException("用户名不在指定范围");
|
||||
}
|
||||
// IP黑名单校验
|
||||
String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
|
||||
if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "很遗憾,访问IP已被列入系统黑名单");
|
||||
throw new ServiceException("很遗憾,访问IP已被列入系统黑名单");
|
||||
}
|
||||
// 查询用户信息
|
||||
R<LoginUser> userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER);
|
||||
|
||||
if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData()))
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "登录用户不存在");
|
||||
throw new ServiceException("登录用户:" + username + " 不存在");
|
||||
}
|
||||
|
||||
if (R.FAIL == userResult.getCode())
|
||||
{
|
||||
throw new ServiceException(userResult.getMsg());
|
||||
}
|
||||
|
||||
LoginUser userInfo = userResult.getData();
|
||||
SysUser user = userResult.getData().getSysUser();
|
||||
if (UserStatus.DELETED.getCode().equals(user.getDelFlag()))
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "对不起,您的账号已被删除");
|
||||
throw new ServiceException("对不起,您的账号:" + username + " 已被删除");
|
||||
}
|
||||
if (UserStatus.DISABLE.getCode().equals(user.getStatus()))
|
||||
{
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, "用户已停用,请联系管理员");
|
||||
throw new ServiceException("对不起,您的账号:" + username + " 已停用");
|
||||
}
|
||||
passwordService.validate(user, password);
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_SUCCESS, "登录成功");
|
||||
return userInfo;
|
||||
}
|
||||
|
||||
public void logout(String loginName)
|
||||
{
|
||||
recordLogService.recordLogininfor(loginName, Constants.LOGOUT, "退出成功");
|
||||
}
|
||||
|
||||
/**
|
||||
* 注册
|
||||
*/
|
||||
public void register(String username, String password, String resource)
|
||||
{
|
||||
// 用户名或密码为空 错误
|
||||
if (StringUtils.isAnyBlank(username, password))
|
||||
{
|
||||
throw new ServiceException("用户/密码必须填写");
|
||||
}
|
||||
if (username.length() < UserConstants.USERNAME_MIN_LENGTH
|
||||
|| username.length() > UserConstants.USERNAME_MAX_LENGTH)
|
||||
{
|
||||
throw new ServiceException("账户长度必须在2到20个字符之间");
|
||||
}
|
||||
if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
|
||||
|| password.length() > UserConstants.PASSWORD_MAX_LENGTH)
|
||||
{
|
||||
throw new ServiceException("密码长度必须在5到20个字符之间");
|
||||
}
|
||||
|
||||
// 注册用户信息
|
||||
SysUser sysUser = new SysUser();
|
||||
sysUser.setUserName(username);
|
||||
sysUser.setResource(resource);
|
||||
sysUser.setNickName(username);
|
||||
sysUser.setPassword(SecurityUtils.encryptPassword(password));
|
||||
R<?> registerResult = remoteUserService.registerUserInfo(sysUser, SecurityConstants.INNER);
|
||||
|
||||
if (R.FAIL == registerResult.getCode())
|
||||
{
|
||||
throw new ServiceException(registerResult.getMsg());
|
||||
}
|
||||
recordLogService.recordLogininfor(username, Constants.REGISTER, "注册成功");
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,85 @@
|
||||
package com.intc.auth.service;
|
||||
|
||||
import java.util.concurrent.TimeUnit;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import com.intc.common.core.constant.CacheConstants;
|
||||
import com.intc.common.core.constant.Constants;
|
||||
import com.intc.common.core.exception.ServiceException;
|
||||
import com.intc.common.redis.service.RedisService;
|
||||
import com.intc.common.security.utils.SecurityUtils;
|
||||
import com.intc.system.api.domain.SysUser;
|
||||
|
||||
/**
|
||||
* 登录密码方法
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
@Component
|
||||
public class SysPasswordService
|
||||
{
|
||||
@Autowired
|
||||
private RedisService redisService;
|
||||
|
||||
private int maxRetryCount = CacheConstants.PASSWORD_MAX_RETRY_COUNT;
|
||||
|
||||
private Long lockTime = CacheConstants.PASSWORD_LOCK_TIME;
|
||||
|
||||
@Autowired
|
||||
private SysRecordLogService recordLogService;
|
||||
|
||||
/**
|
||||
* 登录账户密码错误次数缓存键名
|
||||
*
|
||||
* @param username 用户名
|
||||
* @return 缓存键key
|
||||
*/
|
||||
private String getCacheKey(String username)
|
||||
{
|
||||
return CacheConstants.PWD_ERR_CNT_KEY + username;
|
||||
}
|
||||
|
||||
public void validate(SysUser user, String password)
|
||||
{
|
||||
String username = user.getUserName();
|
||||
|
||||
Integer retryCount = redisService.getCacheObject(getCacheKey(username));
|
||||
|
||||
if (retryCount == null)
|
||||
{
|
||||
retryCount = 0;
|
||||
}
|
||||
|
||||
if (retryCount >= Integer.valueOf(maxRetryCount).intValue())
|
||||
{
|
||||
String errMsg = String.format("密码输入错误%s次,帐户锁定%s分钟", maxRetryCount, lockTime);
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL,errMsg);
|
||||
throw new ServiceException(errMsg);
|
||||
}
|
||||
|
||||
if (!matches(user, password))
|
||||
{
|
||||
retryCount = retryCount + 1;
|
||||
recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, String.format("密码输入错误%s次", retryCount));
|
||||
redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);
|
||||
throw new ServiceException("用户不存在/密码错误");
|
||||
}
|
||||
else
|
||||
{
|
||||
clearLoginRecordCache(username);
|
||||
}
|
||||
}
|
||||
|
||||
public boolean matches(SysUser user, String rawPassword)
|
||||
{
|
||||
return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
|
||||
}
|
||||
|
||||
public void clearLoginRecordCache(String loginName)
|
||||
{
|
||||
if (redisService.hasKey(getCacheKey(loginName)))
|
||||
{
|
||||
redisService.deleteObject(getCacheKey(loginName));
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,48 @@
|
||||
package com.intc.auth.service;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Component;
|
||||
import com.intc.common.core.constant.Constants;
|
||||
import com.intc.common.core.constant.SecurityConstants;
|
||||
import com.intc.common.core.utils.StringUtils;
|
||||
import com.intc.common.core.utils.ip.IpUtils;
|
||||
import com.intc.system.api.RemoteLogService;
|
||||
import com.intc.system.api.domain.SysLogininfor;
|
||||
|
||||
/**
|
||||
* 记录日志方法
|
||||
*
|
||||
* @author ruoyi
|
||||
*/
|
||||
@Component
|
||||
public class SysRecordLogService
|
||||
{
|
||||
@Autowired
|
||||
private RemoteLogService remoteLogService;
|
||||
|
||||
/**
|
||||
* 记录登录信息
|
||||
*
|
||||
* @param username 用户名
|
||||
* @param status 状态
|
||||
* @param message 消息内容
|
||||
* @return
|
||||
*/
|
||||
public void recordLogininfor(String username, String status, String message)
|
||||
{
|
||||
SysLogininfor logininfor = new SysLogininfor();
|
||||
logininfor.setUserName(username);
|
||||
logininfor.setIpaddr(IpUtils.getIpAddr());
|
||||
logininfor.setMsg(message);
|
||||
// 日志状态
|
||||
if (StringUtils.equalsAny(status, Constants.LOGIN_SUCCESS, Constants.LOGOUT, Constants.REGISTER))
|
||||
{
|
||||
logininfor.setStatus(Constants.LOGIN_SUCCESS_STATUS);
|
||||
}
|
||||
else if (Constants.LOGIN_FAIL.equals(status))
|
||||
{
|
||||
logininfor.setStatus(Constants.LOGIN_FAIL_STATUS);
|
||||
}
|
||||
remoteLogService.saveLogininfor(logininfor, SecurityConstants.INNER);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user