java/zhihuishenqu.git

			@@ -15,6 +15,7 @@
			import com.panzhihua.auth.config.MyAESUtil;
			import com.panzhihua.common.constants.Constants;
			import com.panzhihua.common.model.helper.AESUtil;
			import com.panzhihua.common.service.community.CommunityService;
			import com.panzhihua.common.utlis.AES;
			import org.springframework.beans.factory.annotation.Value;
			import org.springframework.data.redis.core.RedisTemplate;
			@@ -35,6 +36,8 @@
			import com.panzhihua.common.model.vos.R;
			import com.panzhihua.common.service.user.UserService;

			import static java.util.Objects.nonNull;

			/**
			* @program: springcloud_k8s_panzhihuazhihuishequ
			* @description: 登录认证
			@@ -47,6 +50,8 @@
			private UserService userService;
			@Resource
			private RedisTemplate redisTemplate;
			@Resource
			private CommunityService communityService;

			private static String LOGIN_FAIL="LOGIN_FAIL_";

			@@ -66,7 +71,7 @@
			Integer time= (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL+userName);
			if(time>=5){
			redisTemplate.opsForValue().set(LOGIN_FAIL+userName,5);
			throw new LockedException("登录错误超过限制,账号已被锁定");
			throw new LockedException("账号或密码错误,登录错误超过限制");
			}
			}
			// 查询用户是否存在
			@@ -90,7 +95,7 @@
			// 我们还要判断密码是否正确，这里我们的密码使用BCryptPasswordEncoder进行加密的
			if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
			lockLogin(flag,userName);
			throw new BadCredentialsException("密码不正确");
			throw new BadCredentialsException("账号或密码错误");
			}
			// 还可以加一些其他信息的判断，比如用户账号已停用等判断
			if (loginUserInfoVO.getStatus().intValue() == 2) {
			@@ -99,9 +104,11 @@
			// 维护最后登录时间
			userService.putUserLastLoginTime(loginUserInfoVO.getUserId());
			//是否为专家登陆
			R r1 = userService.isExpert(loginUserInfoVO.getPhone());
			if (r1.getCode()== Constants.SUCCESS){
			loginUserInfoVO.setType(13);
			if (nonNull(loginUserInfoVO.getPhone())){
			R r1 = communityService.isExpert(loginUserInfoVO.getPhone());
			if (r1.getCode()== Constants.SUCCESS){
			loginUserInfoVO.setType(13);
			}
			}
			return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList);
			}
			@@ -109,7 +116,7 @@
			// 查询用户是否存在
			R<LoginUserInfoVO> r = userService.getUserInfo(userName);
			if (r.getCode() != 200) {
			throw new UsernameNotFoundException("该账号不存在");
			throw new UsernameNotFoundException("账号或密码错误");
			}
			LoginUserInfoVO loginUserInfoVO = r.getData();
			List<GrantedAuthority> grantedAuthorityList = new ArrayList<>();
			@@ -120,11 +127,11 @@
			});
			}
			if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())) {
			throw new UsernameNotFoundException("该账号不存在");
			throw new UsernameNotFoundException("账号或密码错误");
			}
			// 我们还要判断密码是否正确，这里我们的密码使用BCryptPasswordEncoder进行加密的
			if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
			throw new BadCredentialsException("密码不正确");
			throw new BadCredentialsException("账号或密码错误");
			}
			// 还可以加一些其他信息的判断，比如用户账号已停用等判断
			if (loginUserInfoVO.getStatus().intValue() == 2) {
			@@ -133,9 +140,11 @@
			// 维护最后登录时间
			userService.putUserLastLoginTime(loginUserInfoVO.getUserId());
			//是否为专家登陆
			R r1 = userService.isExpert(loginUserInfoVO.getPhone());
			if (r1.getCode()== Constants.SUCCESS){
			loginUserInfoVO.setType(13);
			if (nonNull(loginUserInfoVO.getPhone())){
			R r1 = communityService.isExpert(loginUserInfoVO.getPhone());
			if (r1.getCode() == Constants.SUCCESS){
			loginUserInfoVO.setType(13);
			}
			}
			return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList);