| | |
|---|
| | | clearLoginRecordCache(username); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | public void reValidate(SysUser user) |
|---|
| | | { |
|---|
| | | Authentication usernamePasswordAuthenticationToken = AuthenticationContextHolder.getContext(); |
|---|
| | | String username = usernamePasswordAuthenticationToken.getName(); |
|---|
| | | if(username.contains("_")){ |
|---|
| | | username = username.split("_")[0]; |
|---|
| | | } |
|---|
| | | String password = usernamePasswordAuthenticationToken.getCredentials().toString(); |
|---|
| | | |
|---|
| | | Integer retryCount = redisCache.getCacheObject(getCacheKey(username)); |
|---|
| | | |
|---|
| | | if (retryCount == null) |
|---|
| | | { |
|---|
| | | retryCount = 0; |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) |
|---|
| | | { |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|---|
| | | MessageUtils.message("user.password.retry.limit.exceed", maxRetryCount, lockTime))); |
|---|
| | | throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime); |
|---|
| | | } |
|---|
| | | |
|---|
| | | if (!reMatches(user, password)) |
|---|
| | | { |
|---|
| | | retryCount = retryCount + 1; |
|---|
| | | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|---|
| | | MessageUtils.message("user.password.retry.limit.count", retryCount))); |
|---|
| | | redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); |
|---|
| | | throw new UserPasswordNotMatchException(); |
|---|
| | | } |
|---|
| | | else |
|---|
| | | { |
|---|
| | | clearLoginRecordCache(username); |
|---|
| | | } |
|---|
| | | } |
|---|
| | | |
|---|
| | | public boolean matches(SysUser user, String rawPassword) |
|---|
| | | { |
|---|
| | | return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public static void main(String[] args) { |
|---|
| | | // $2a$10$qofXsM/ZKUMqvysvsWBAfOizecqUdAaXPFUYDVxaYYM0FJg6/mOpq |
|---|
| | | String s = SecurityUtils.encryptPassword("123456"); |
|---|
| | | System.err.println(s); |
|---|
| | | boolean b = SecurityUtils.matchesPassword("123456", "$2a$10$Wx75W2oW23.tsSkvA21QyueQ59iwWwv2ns06Bxubje0ZwPe2wNOQ2"); |
|---|
| | | System.err.println(b); |
|---|
| | | } |
|---|
| | | public boolean reMatches(SysUser user, String rawPassword) |
|---|
| | | { |
|---|
| | | System.err.println(SecurityUtils.matchesPassword(rawPassword, user.getRePassword())); |
|---|
| | | System.err.println(rawPassword); |
|---|
| | | System.err.println(user.getRePassword()); |
|---|
| | | return SecurityUtils.matchesPassword(rawPassword, user.getRePassword()); |
|---|
| | | } |
|---|
| | | |
|---|
| | | public void clearLoginRecordCache(String loginName) |
|---|
| | | { |
|---|
| | | if (redisCache.hasKey(getCacheKey(loginName))) |
|---|
