java/SuperSaveDriving.git

			@@ -50,6 +50,9 @@
			@Autowired
			private IUserService userService;

			private Map<String, Integer> loginFailures = new HashMap<>();




			/**
			@@ -115,6 +118,32 @@
			*/
			@RequestMapping(value = "/login", method = RequestMethod.POST)
			public String loginVali(String username, String password, String remember, Model model, HttpServletRequest request) {
			Integer f = loginFailures.get(username);
			f = f == null ? 0 : f;
			// 校验账号，密码是否正确，如果错误，对次数进行加1
			IShiro shiroFactory = ShiroFactroy.me();
			User user = userService.getByAccount(username);
			if(null == user){
			f++;
			loginFailures.put(username, f);
			}else {
			// 校验密码
			ShiroUser shiroUser1 = shiroFactory.shiroUser(user);
			SimpleAuthenticationInfo info = shiroFactory.info(shiroUser1, user, username);
			String pass = ShiroKit.md5(password, user.getSalt());
			if(!info.getCredentials().equals(pass)){
			f++;
			loginFailures.put(username, f);
			if(f<5){
			model.addAttribute("number", "3");
			}
			if(f==5){
			model.addAttribute("number", "5");
			}
			model.addAttribute("message","账号或密码错误!");
			return "/login.html";
			}
			}
			model.addAttribute("number", "3");
			Subject currentUser = ShiroKit.getSubject();
			UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
			@@ -127,6 +156,9 @@
			token.setRememberMe(false);//关闭记住我功能
			currentUser.login(token);

			// 登录成功，错误次数值改0
			loginFailures.put(username, 0);

			ShiroUser shiroUser = ShiroKit.getUser();
			super.getSession().setAttribute("shiroUser", shiroUser);
			super.getSession().setAttribute("username", shiroUser.getAccount());