springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/java/com/panzhihua/sangeshenbian/api/SystemUserController.java
@@ -12,6 +12,7 @@ import com.panzhihua.sangeshenbian.model.entity.SystemRoleMenu; import com.panzhihua.sangeshenbian.model.entity.SystemUser; import com.panzhihua.sangeshenbian.model.vo.RegionVO; import com.panzhihua.sangeshenbian.model.vo.UpdatePasswordDTO; import com.panzhihua.sangeshenbian.service.ISystemMenuService; import com.panzhihua.sangeshenbian.service.ISystemRoleMenuService; import com.panzhihua.sangeshenbian.service.ISystemUserService; @@ -27,9 +28,11 @@ import org.springframework.beans.BeanUtils; import org.springframework.data.redis.core.RedisTemplate; import org.springframework.util.ObjectUtils; import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; import javax.annotation.Resource; import javax.validation.Valid; import java.time.LocalDateTime; import java.util.*; import java.util.concurrent.TimeUnit; @@ -41,6 +44,7 @@ */ @Api @Slf4j @Valid @RestController @RequestMapping("/systemUser") public class SystemUserController extends BaseController { @@ -54,7 +58,10 @@ @Resource private TokenService tokenService; private final Integer max_err = 5; // 添加错误次数和冻结时间常量 private static final Integer LOCK_ERR = 5; // 锁定账号的错误次数 private static final Integer FREEZE_ERR = 3; // 冻结账号的错误次数 private static final Integer FREEZE_MINUTES = 3; // 冻结时间(分钟) @Resource private ISystemRoleMenuService systemRoleMenuService; @@ -71,31 +78,60 @@ @OperLog(operModul = "三个身边后台",operType = 0,businessType = "登录") public R<TokenVo> login(@RequestBody LoginVo vo){ String key = "login:" + vo.getPhone(); Integer size = (Integer) redisTemplate.opsForValue().get(key); if(null != size && max_err.equals(size)){ return R.fail("连续登录失败,请稍后重试。"); } if(null == size){ size = 0; } SystemUser systemUser = systemUserService.getOne(new LambdaQueryWrapper<SystemUser>() .eq(SystemUser::getPhone, vo.getPhone()).ne(SystemUser::getStatus, 3)); .eq(SystemUser::getPhone, vo.getPhone()) .ne(SystemUser::getStatus, 3)); if(null == systemUser){ size++; redisTemplate.opsForValue().set(key, size, 5, TimeUnit.MINUTES); return R.fail("登录失败,手机号/密码错误。"); } if(!vo.getPassword().equals(systemUser.getPassword())){ size++; redisTemplate.opsForValue().set(key, size, 5, TimeUnit.MINUTES); return R.fail("登录失败,手机号/密码错误。"); // 检查用户是否已被锁定 if(4 == systemUser.getStatus()){ return R.fail("密码连续输入错误五次,账号已被锁定,请联系管理员解锁。"); } // 检查用户是否已被冻结 if(2 == systemUser.getStatus()){ return R.fail("当前账号已冻结。"); } //创建token // 检查是否在临时冻结期 Integer errorCount = (Integer) redisTemplate.opsForValue().get(key); if(null != errorCount && FREEZE_ERR <= errorCount && errorCount < LOCK_ERR){ return R.fail("密码连续输入错误三次,账号已被冻结" + FREEZE_MINUTES + "分钟。"); } if(null == errorCount){ errorCount = 0; } if(!vo.getPassword().equals(systemUser.getPassword())){ errorCount++; // 达到锁定次数,更新用户状态为锁定 if(errorCount >= LOCK_ERR) { systemUser.setStatus(4); // 4表示账号锁定 systemUserService.updateById(systemUser); redisTemplate.delete(key); // 清除redis中的错误计数 return R.fail("密码连续输入错误五次,账号已被锁定,请联系管理员解锁。"); } // 达到冻结次数 else if(errorCount == FREEZE_ERR) { redisTemplate.opsForValue().set(key, errorCount, FREEZE_MINUTES, TimeUnit.MINUTES); return R.fail("密码连续输入错误三次,账号已被冻结" + FREEZE_MINUTES + "分钟。"); } // 普通错误 else { redisTemplate.opsForValue().set(key, errorCount, 5, TimeUnit.MINUTES); return R.fail("登录失败,手机号/密码错误。"); } } //登录成功,创建token R<LoginReturnVO> reult = tokenService.loginThreeAround(systemUser.getId()); redisTemplate.delete(key); redisTemplate.delete(key); // 清除错误计数 LoginReturnVO loginReturnVO = reult.getData(); TokenVo tokenVo = new TokenVo(); BeanUtils.copyProperties(loginReturnVO, tokenVo); @@ -273,14 +309,14 @@ @PutMapping("/unfreeze/{id}") @ApiOperation(value = "解冻账号", tags = {"三个身边后台-人员管理"}) @OperLog(operModul = "三个身边后台",operType = 2,businessType = "解冻账号") @ApiOperation(value = "解冻/解锁账号", tags = {"三个身边后台-人员管理"}) @OperLog(operModul = "三个身边后台",operType = 2,businessType = "解冻/解锁账号") public R unfreeze(@PathVariable("id") Integer id){ SystemUser systemUser = systemUserService.getById(id); if(1 == systemUser.getStatus()){ return R.fail("不能重复操作"); } systemUser.setStatus(1); systemUser.setStatus(1); // 将冻结(2)或锁定(4)状态恢复为正常状态(1) systemUserService.updateById(systemUser); return R.ok(); } @@ -333,4 +369,11 @@ log.info("获取行政区划层级联动数据:{}", list); return R.ok(list); } @ApiOperation(value = "修改密码",tags = {"三个身边后台-人员管理"}) @PostMapping("/updatePassword") public R<?> updatePassword(@RequestBody @Validated UpdatePasswordDTO dto) { SystemUserVo loginUserInfoSanGeShenBian = getLoginUserInfoSanGeShenBian(); systemUserService.updatePassword(dto,loginUserInfoSanGeShenBian); return R.ok(); } } springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/java/com/panzhihua/sangeshenbian/model/vo/UpdatePasswordDTO.java
New file @@ -0,0 +1,24 @@ package com.panzhihua.sangeshenbian.model.vo; import io.swagger.annotations.ApiModel; import io.swagger.annotations.ApiModelProperty; import lombok.Data; import javax.validation.constraints.NotBlank; /** * @author mitao * @date 2025/3/14 */ @Data @ApiModel("管理后台修改密码数据传输对象") public class UpdatePasswordDTO { @ApiModelProperty("旧密码") @NotBlank(message = "旧密码不能为空") private String oldPassword; @ApiModelProperty("新密码") @NotBlank(message = "新密码不能为空") private String newPassword; } springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/java/com/panzhihua/sangeshenbian/service/ISystemUserService.java
@@ -2,8 +2,10 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.service.IService; import com.panzhihua.common.model.vos.sangeshenbian.SystemUserVo; import com.panzhihua.sangeshenbian.model.entity.SystemUser; import com.panzhihua.sangeshenbian.model.vo.RegionVO; import com.panzhihua.sangeshenbian.model.vo.UpdatePasswordDTO; import com.panzhihua.sangeshenbian.warpper.SystemUserList; import com.panzhihua.sangeshenbian.warpper.SystemUserListVo; @@ -54,4 +56,11 @@ * @return */ List<RegionVO> getCommunity(String streetId); /** * 修改密码 * @param dto * @param systemUserVo */ void updatePassword(UpdatePasswordDTO dto, SystemUserVo systemUserVo); } springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/java/com/panzhihua/sangeshenbian/service/impl/SystemUserServiceImpl.java
@@ -3,10 +3,14 @@ import com.baomidou.mybatisplus.core.metadata.IPage; import com.baomidou.mybatisplus.extension.plugins.pagination.Page; import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl; import com.panzhihua.common.exceptions.ServiceException; import com.panzhihua.common.model.vos.R; import com.panzhihua.common.model.vos.sangeshenbian.SystemUserVo; import com.panzhihua.common.utlis.StringUtils; import com.panzhihua.sangeshenbian.dao.SystemUserMapper; import com.panzhihua.sangeshenbian.model.entity.SystemUser; import com.panzhihua.sangeshenbian.model.vo.RegionVO; import com.panzhihua.sangeshenbian.model.vo.UpdatePasswordDTO; import com.panzhihua.sangeshenbian.service.ISystemUserService; import com.panzhihua.sangeshenbian.warpper.SystemUserList; import com.panzhihua.sangeshenbian.warpper.SystemUserListVo; @@ -42,7 +46,7 @@ * @return */ @Override public Optional<SystemUser> getSystemUserByPhone(String phone) { public Optional<SystemUser> getSystemUserAdminByPhone(String phone) { if (StringUtils.isBlank(phone)) { return Optional.empty(); } @@ -51,8 +55,14 @@ .eq(SystemUser::getIsAdmin, 1).last("LIMIT 1").oneOpt(); } @Override public Optional<SystemUser> getSystemUserByPhone(String phone) { if (StringUtils.isBlank(phone)) { return Optional.empty(); } return this.lambdaQuery() .eq(SystemUser::getPhone, phone).ne(SystemUser::getStatus, 3).last("LIMIT 1").oneOpt(); } /** * 获取行政区划数据 @@ -88,4 +98,23 @@ public List<RegionVO> getCommunity(String streetId) { return this.baseMapper.getCommunity(streetId); } /** * 修改密码 * @param dto * @param systemUserVo */ @Override public void updatePassword(UpdatePasswordDTO dto, SystemUserVo systemUserVo) { if (systemUserVo == null) { throw new ServiceException("用户不存在"); } if (systemUserVo.getPassword().equals(dto.getNewPassword())) { throw new ServiceException("新密码不能与旧密码相同"); } if (!systemUserVo.getPassword().equals(dto.getOldPassword())) { throw new ServiceException("旧密码错误"); } this.lambdaUpdate().set(SystemUser::getPassword, dto.getNewPassword()).eq(SystemUser::getId, systemUserVo.getId()).update(); } } springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/java/com/panzhihua/sangeshenbian/warpper/SystemUserListVo.java
@@ -25,6 +25,8 @@ private String systemRoleName; @ApiModelProperty(value = "账号层级(1=市级账号,2=区县账号,3=街道账号,4=社区账号)") private Integer accountLevel; @ApiModelProperty("账号状态(1=使用中,2=已冻结)") @ApiModelProperty(value = "账号所属层级") private String accountLevelStr; @ApiModelProperty("账号状态(1=使用中,2=已冻结4=已锁定)") private Integer status; } springcloud_k8s_panzhihuazhihuishequ/service_sangeshenbian/src/main/resources/mapper/SystemUserMapper.xml
@@ -14,6 +14,13 @@ f.`name` as systemPostName, g.`name` as systemRoleName, a.account_level as accountLevel, CASE WHEN a.account_level = 1 THEN '市' WHEN a.account_level = 2 THEN CONCAT('区县-', a.districts) WHEN a.account_level = 3 THEN CONCAT('街道-', a.districts, '-', a.street) WHEN a.account_level = 4 THEN CONCAT('社区-', a.districts, '-', a.street, '-', a.community) ELSE '' END as accountLevelStr, a.`status` from sgsb_system_user a left join sgsb_department b on (a.one_department_id = b.id)
