贵阳-积分商城
blame | 历史 | 原始文档
Pu Zhibing
2025-03-26 7f26677ab7f9b83697370fa142dd1686cdf4082a 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

package com.ruoyi.auth.service;


 


import java.util.concurrent.TimeUnit;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.stereotype.Component;


import com.ruoyi.common.core.constant.CacheConstants;


import com.ruoyi.common.core.constant.Constants;


import com.ruoyi.common.core.exception.ServiceException;


import com.ruoyi.common.redis.service.RedisService;


import com.ruoyi.common.security.utils.SecurityUtils;


import com.ruoyi.system.api.domain.SysUser;


 


import javax.servlet.http.HttpServletRequest;


 


/**


 * 登录密码方法


 * 


 * @author ruoyi


 */


@Component


public class SysPasswordService


{


    @Autowired


    private RedisService redisService;


 


    private int maxRetryCount = CacheConstants.PASSWORD_MAX_RETRY_COUNT;


    private Long lockTime = CacheConstants.PASSWORD_LOCK_TIME;


 


    @Autowired


    private SysRecordLogService recordLogService;


 


    /**


     * 登录账户密码错误次数缓存键名


     * 


     * @param username 用户名


     * @return 缓存键key


     */


    private String getCacheKey(String username)


    {


        return CacheConstants.PWD_ERR_CNT_KEY + username;


    }


 


    public void validate(SysUser user, String password, HttpServletRequest request) {


        String username = user.getUserName();


 


        Integer retryCount = redisService.getCacheObject(getCacheKey(username));


 


        if (retryCount == null)


        {


            retryCount = 0;


        }


 


        if (retryCount >= Integer.valueOf(maxRetryCount).intValue())


        {


            String errMsg = String.format("密码输入错误%s次,帐户锁定%s分钟", maxRetryCount, lockTime);


            recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS,errMsg);


            throw new ServiceException(errMsg);


        }


 


        if (!matches(user,password)){


            retryCount = retryCount + 1;


            recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, String.format("密码输入错误%s次", retryCount));


            redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);


            throw new ServiceException("密码错误");


        } else {


            clearLoginRecordCache(username);


        }


    }


 


    public boolean matches(SysUser user, String rawPassword)


    {


        return SecurityUtils.matchesPassword(rawPassword, user.getPassword());


    }


 


    public void clearLoginRecordCache(String loginName)


    {


        if (redisService.hasKey(getCacheKey(loginName)))


        {


            redisService.deleteObject(getCacheKey(loginName));


        }


    }


}