From 9a56c5710eb281afc06e2f3a211b8b595f24bbe1 Mon Sep 17 00:00:00 2001
From: liujie <liujie>
Date: 星期三, 16 八月 2023 09:39:34 +0800
Subject: [PATCH] update
---
management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java | 56 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 55 insertions(+), 1 deletions(-)
diff --git a/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java b/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
index 9978e45..1c19d87 100644
--- a/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
+++ b/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
@@ -19,6 +19,7 @@
import com.stylefeng.guns.modular.system.service.IMenuService;
import com.stylefeng.guns.modular.system.service.IUserService;
import com.stylefeng.guns.modular.system.util.AESUtils;
+import com.stylefeng.guns.modular.system.util.RedisUtil;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
@@ -49,6 +50,11 @@
@Autowired
private IUserService userService;
+ @Autowired
+ private RedisUtil redisUtil;
+
+ private Map<String, Integer> loginFailures = new HashMap<>();
+
@@ -114,7 +120,52 @@
* 点击登录执行的动作
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
- public String loginVali(String username, String password, String remember, Model model, HttpServletRequest request) {
+ public String loginVali(String username, String password,String sms_code, String remember, Model model, HttpServletRequest request) {
+ Integer f = loginFailures.get(username);
+ f = f == null ? 0 : f;
+ // 校验账号,密码是否正确,如果错误,对次数进行加1
+ IShiro shiroFactory = ShiroFactroy.me();
+ User user = userService.getByAccount(username);
+ if(null == user){
+ f++;
+ loginFailures.put(username, f);
+ }else {
+ // 校验密码
+ ShiroUser shiroUser1 = shiroFactory.shiroUser(user);
+ SimpleAuthenticationInfo info = shiroFactory.info(shiroUser1, user, username);
+ String pass = ShiroKit.md5(password, user.getSalt());
+ if(!info.getCredentials().equals(pass)){
+ f++;
+ loginFailures.put(username, f);
+ if(f<5){
+ model.addAttribute("number", "3");
+ }
+ if(f==5){
+ model.addAttribute("number", "5");
+ }
+ model.addAttribute("tips","账号或密码错误!");
+ return "/login.html";
+ }
+ }
+
+// if(!"aaaa".equals(sms_code)){
+// String value = redisUtil.getValue(user.getPhone());
+// if(ToolUtil.isEmpty(value) || !sms_code.equals(value)){
+// model.addAttribute("tips", "无效的验证码");
+// return "/login.html";
+// }
+// }
+
+
+ //验证验证码是否正确
+ if (KaptchaUtil.getKaptchaOnOff()) {
+ String kaptcha = super.getPara("kaptcha").trim();
+ String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
+ if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
+ throw new InvalidKaptchaException();
+ }
+ }
+
model.addAttribute("number", "3");
Subject currentUser = ShiroKit.getSubject();
UsernamePasswordToken token = new UsernamePasswordToken(username, password.toCharArray());
@@ -127,6 +178,9 @@
token.setRememberMe(false);//关闭记住我功能
currentUser.login(token);
+ // 登录成功,错误次数值改0
+ loginFailures.put(username, 0);
+
ShiroUser shiroUser = ShiroKit.getUser();
super.getSession().setAttribute("shiroUser", shiroUser);
super.getSession().setAttribute("username", shiroUser.getAccount());
--
Gitblit v1.7.1