java/zhihuishenqu.git

			@@ -2,6 +2,7 @@

			import java.security.InvalidKeyException;
			import java.security.NoSuchAlgorithmException;
			import java.time.Duration;
			import java.util.ArrayList;
			import java.util.List;
			import java.util.Set;
			@@ -46,6 +47,8 @@
			@Resource
			private RedisTemplate redisTemplate;

			private static String LOGIN_FAIL="LOGIN_FAIL_";

			@Override
			public Authentication authenticate(Authentication authentication) throws AuthenticationException {
			// 获取表单输入中返回的用户名
			@@ -56,11 +59,19 @@
			} catch (Exception e) {
			e.printStackTrace();
			}

			boolean flag= redisTemplate.hasKey(LOGIN_FAIL+userName);
			if(flag){
			Integer time= (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL+userName);
			if(time>=5){
			redisTemplate.opsForValue().set(LOGIN_FAIL+userName,5, Duration.ofMinutes(5));
			throw new LockedException("登录错误超过限制,请五分钟后重试");
			}
			}
			// 查询用户是否存在
			R<LoginUserInfoVO> r = userService.getUserInfo(userName);
			if (r.getCode() != 200) {
			throw new UsernameNotFoundException("该账号不存在");
			lockLogin(flag,userName);
			throw new UsernameNotFoundException("账号或密码错误");
			}
			LoginUserInfoVO loginUserInfoVO = r.getData();
			List<GrantedAuthority> grantedAuthorityList = new ArrayList<>();
			@@ -70,11 +81,13 @@
			grantedAuthorityList.add(new SimpleGrantedAuthority(s));
			});
			}
			if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())) {
			throw new UsernameNotFoundException("该账号不存在");
			if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())\|\|ObjectUtils.isEmpty(password)) {
			lockLogin(flag,userName);
			throw new UsernameNotFoundException("账号或密码错误");
			}
			// 我们还要判断密码是否正确，这里我们的密码使用BCryptPasswordEncoder进行加密的
			if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
			lockLogin(flag,userName);
			throw new BadCredentialsException("密码不正确");
			}
			// 还可以加一些其他信息的判断，比如用户账号已停用等判断
			@@ -90,4 +103,14 @@
			public boolean supports(Class<?> aClass) {
			return true;
			}

			private void lockLogin(Boolean flag,String userName){
			if(flag){
			Integer time= (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL+userName);
			redisTemplate.opsForValue().set(LOGIN_FAIL+userName,time+1, Duration.ofMinutes(5));
			}
			else {
			redisTemplate.opsForValue().set(LOGIN_FAIL+userName,1, Duration.ofMinutes(5));
			}
			}
			}

			@@ -2190,7 +2190,7 @@
			SysUserDO sysUserDO = userDao
			.selectOne(new QueryWrapper<SysUserDO>().lambda().eq(SysUserDO::getPhone, phone).eq(SysUserDO::getType, 1));
			if (ObjectUtils.isEmpty(sysUserDO)) {
			return R.fail("用户不存在");
			return R.fail("账号或密码错误");
			}
			SysUserVO sysUserVO = new SysUserVO();
			BeanUtils.copyProperties(sysUserDO, sysUserVO);
			@@ -2225,7 +2225,7 @@
			query.eq(SysUserDO::getType, type);
			SysUserDO sysUserDO = userDao.selectOne(query);
			if (ObjectUtils.isEmpty(sysUserDO)) {
			return R.fail("用户不存在");
			return R.fail("账号或密码错误");
			}
			SysUserVO sysUserVO = new SysUserVO();
			BeanUtils.copyProperties(sysUserDO, sysUserVO);
			@@ -2998,7 +2998,7 @@
			public R getUserInfoByUnionId(String unionId) {
			SysUserDO sysUserDO = userDao.selectOne(new QueryWrapper<SysUserDO>().lambda().eq(SysUserDO::getUnionid, unionId));
			if (isNull(sysUserDO)) {
			return R.fail("用户不存在");
			return R.fail("账号或密码错误");
			}
			LoginUserInfoVO loginUserInfoVO = new LoginUserInfoVO();
			BeanUtils.copyProperties(sysUserDO, loginUserInfoVO);

	springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java	31 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	springcloud_k8s_panzhihuazhihuishequ/service_user/src/main/java/com/panzhihua/service_user/service/impl/UserServiceImpl.java	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史