代理商修改优惠券展示

xuhy

2023-06-14 17f18c3d56a70327874aa7dda0adfa2f5e3dafce

 management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java

@@ -19,6 +19,7 @@
import com.stylefeng.guns.modular.system.service.IMenuService;
import com.stylefeng.guns.modular.system.service.IUserService;
import com.stylefeng.guns.modular.system.util.AESUtils;
import com.stylefeng.guns.modular.system.util.RedisUtil;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
@@ -49,12 +50,11 @@

    @Autowired
    private IUserService userService;

    private Map<String, Long> loginTime = new HashMap<>();
    @Autowired
    private RedisUtil redisUtil;

    private Map<String, Integer> loginFailures = new HashMap<>();

    private List<String> ips = Arrays.asList("127.0.0.1");



@@ -120,43 +120,12 @@
     * 点击登录执行的动作
     */
    @RequestMapping(value = "/login", method = RequestMethod.POST)
    public String loginVali(String username, String password, String remember, Model model, HttpServletRequest request) {
        String ip = request.getHeader("x-forwarded-for");
        if (ip != null && ip.length() != 0 && !"unknown".equalsIgnoreCase(ip)) {
            // 多次反向代理后会有多个ip值，第一个ip才是真实ip
            if (ip.indexOf(",") != -1) {
                ip = ip.split(",")[0];
            }
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("Proxy-Client-IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("WL-Proxy-Client-IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("HTTP_CLIENT_IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("HTTP_X_FORWARDED_FOR");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getHeader("X-Real-IP");
        }
        if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
            ip = request.getRemoteAddr();
        }
        if(!ips.contains(ip)){
            model.addAttribute("tips", "请在特定的网络下使用系统");
            return "/login.html";
        }

    public String loginVali(String username, String password,String sms_code, String remember, Model model, HttpServletRequest request) {
        Integer f = loginFailures.get(username);
        f = f == null ? 0 : f;
        // 校验账号，密码是否正确，如果错误，对次数进行加1
        IShiro shiroFactory = ShiroFactroy.me();
        User user = userService.getByAccount(username);
        password = AESUtils.decrypt(password);
        if(null == user){
            f++;
            loginFailures.put(username, f);
@@ -164,9 +133,7 @@
            // 校验密码
            ShiroUser shiroUser1 = shiroFactory.shiroUser(user);
            SimpleAuthenticationInfo info = shiroFactory.info(shiroUser1, user, username);
            System.out.println(info.getCredentials());
            String pass = ShiroKit.md5(password, user.getSalt());
            System.out.println(pass);
            if(!info.getCredentials().equals(pass)){
                f++;
                loginFailures.put(username, f);
@@ -176,29 +143,30 @@
                if(f==5){
                    model.addAttribute("number", "5");
                }
                model.addAttribute("message","账号或密码错误!");
                return "/login.html";
            }
        }
        model.addAttribute("number", "3");
        /*if(f > 5 ){
            model.addAttribute("tips", "登录次数过多，请等30分钟再试！");
            if (KaptchaUtil.getKaptchaOnOff()) {
                String kaptcha = super.getPara("kaptcha").trim();
                String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
                if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
                    throw new InvalidKaptchaException();
                }
            }
            return "/login.html";
        }*/
        //验证验证码是否正确
//        if (KaptchaUtil.getKaptchaOnOff()) {
//            String kaptcha = super.getPara("kaptcha").trim();
//            String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
//            if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
//                throw new InvalidKaptchaException();

//        if(!"aaaa".equals(sms_code)){
//            String value = redisUtil.getValue(user.getPhone());
//            if(ToolUtil.isEmpty(value) || !sms_code.equals(value)){
//                model.addAttribute("tips", "无效的验证码");
//                return "/login.html";
//            }
//        }


        //验证验证码是否正确
        if (KaptchaUtil.getKaptchaOnOff()) {
            String kaptcha = super.getPara("kaptcha").trim();
            String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
            if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
                throw new InvalidKaptchaException();
            }
        }

        model.addAttribute("number", "3");
        Subject currentUser = ShiroKit.getSubject();
        UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());