From 4c80d2017a3b88b9ad55f28c3b87fd96eb67bcb2 Mon Sep 17 00:00:00 2001
From: 张天森 <1292933220@qq.com>
Date: 星期四, 29 九月 2022 09:40:51 +0800
Subject: [PATCH] Merge branch 'sanshuohuitang_dev' into huacheng_test
---
springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java | 154 ++++++++++++++++++++++++++++++++++++++++-----------
1 files changed, 121 insertions(+), 33 deletions(-)
diff --git a/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java b/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java
index 23cf075..a2c4935 100644
--- a/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java
+++ b/springcloud_k8s_panzhihuazhihuishequ/auth/src/main/java/com/panzhihua/auth/handel/UserAuthenticationProvider.java
@@ -1,8 +1,23 @@
package com.panzhihua.auth.handel;
-import com.panzhihua.common.model.vos.LoginUserInfoVO;
-import com.panzhihua.common.model.vos.R;
-import com.panzhihua.common.service.user.UserService;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.time.Duration;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Set;
+
+import javax.annotation.Resource;
+import javax.crypto.BadPaddingException;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+
+import com.panzhihua.auth.config.MyAESUtil;
+import com.panzhihua.common.constants.Constants;
+import com.panzhihua.common.model.helper.AESUtil;
+import com.panzhihua.common.utlis.AES;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.LockedException;
@@ -16,10 +31,9 @@
import org.springframework.stereotype.Component;
import org.springframework.util.ObjectUtils;
-import javax.annotation.Resource;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Set;
+import com.panzhihua.common.model.vos.LoginUserInfoVO;
+import com.panzhihua.common.model.vos.R;
+import com.panzhihua.common.service.user.UserService;
/**
* @program: springcloud_k8s_panzhihuazhihuishequ
@@ -31,41 +45,115 @@
public class UserAuthenticationProvider implements AuthenticationProvider {
@Resource
private UserService userService;
+ @Resource
+ private RedisTemplate redisTemplate;
+
+ private static String LOGIN_FAIL="LOGIN_FAIL_";
+
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
// 获取表单输入中返回的用户名
- String userName = (String) authentication.getPrincipal();
- // 获取表单中输入的密码
- String password = (String) authentication.getCredentials();
- // 查询用户是否存在
- R<LoginUserInfoVO> r = userService.getUserInfo(userName);
- if (r.getCode()!=200) {
- throw new UsernameNotFoundException("用户名不存在");
+ String userName = (String)authentication.getPrincipal();
+ String password =(String)authentication.getCredentials();
+ if(!userName.contains("_1")&&!userName.contains("_6")){
+ try {
+ password = MyAESUtil.Decrypt((String)authentication.getCredentials(),"Ryo7M3n8loC5Abcd");
+ } catch (Exception e) {
+ e.printStackTrace();
+ }
+ boolean flag= redisTemplate.hasKey(LOGIN_FAIL+userName);
+ if(flag){
+ Integer time= (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL+userName);
+ if(time>=5){
+ redisTemplate.opsForValue().set(LOGIN_FAIL+userName,5);
+ throw new LockedException("登录错误超过限制,账号已被锁定");
+ }
+ }
+ // 查询用户是否存在
+ R<LoginUserInfoVO> r = userService.getUserInfo(userName);
+ if (r.getCode() != 200) {
+ lockLogin(flag,userName);
+ throw new UsernameNotFoundException("账号或密码错误");
+ }
+ LoginUserInfoVO loginUserInfoVO = r.getData();
+ List<GrantedAuthority> grantedAuthorityList = new ArrayList<>();
+ Set<String> roles = loginUserInfoVO.getRoles();
+ if (!ObjectUtils.isEmpty(roles)) {
+ roles.forEach(s -> {
+ grantedAuthorityList.add(new SimpleGrantedAuthority(s));
+ });
+ }
+ if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())||ObjectUtils.isEmpty(password)) {
+ lockLogin(flag,userName);
+ throw new UsernameNotFoundException("账号或密码错误");
+ }
+ // 我们还要判断密码是否正确,这里我们的密码使用BCryptPasswordEncoder进行加密的
+ if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
+ lockLogin(flag,userName);
+ throw new BadCredentialsException("密码不正确");
+ }
+ // 还可以加一些其他信息的判断,比如用户账号已停用等判断
+ if (loginUserInfoVO.getStatus().intValue() == 2) {
+ throw new LockedException("该用户已被禁用");
+ }
+ // 维护最后登录时间
+ userService.putUserLastLoginTime(loginUserInfoVO.getUserId());
+ //是否为专家登陆
+ R r1 = userService.isExpert(loginUserInfoVO.getPhone());
+ if (r1.getCode()== Constants.SUCCESS){
+ loginUserInfoVO.setType(13);
+ }
+ return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList);
}
- LoginUserInfoVO loginUserInfoVO = r.getData();
- List<GrantedAuthority> grantedAuthorityList=new ArrayList<>();
- Set<String> roles = loginUserInfoVO.getRoles();
- if (!ObjectUtils.isEmpty(roles)) {
- roles.forEach(s -> {
- grantedAuthorityList.add(new SimpleGrantedAuthority(s));
- });
+ else {
+ // 查询用户是否存在
+ R<LoginUserInfoVO> r = userService.getUserInfo(userName);
+ if (r.getCode() != 200) {
+ throw new UsernameNotFoundException("该账号不存在");
+ }
+ LoginUserInfoVO loginUserInfoVO = r.getData();
+ List<GrantedAuthority> grantedAuthorityList = new ArrayList<>();
+ Set<String> roles = loginUserInfoVO.getRoles();
+ if (!ObjectUtils.isEmpty(roles)) {
+ roles.forEach(s -> {
+ grantedAuthorityList.add(new SimpleGrantedAuthority(s));
+ });
+ }
+ if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())) {
+ throw new UsernameNotFoundException("该账号不存在");
+ }
+ // 我们还要判断密码是否正确,这里我们的密码使用BCryptPasswordEncoder进行加密的
+ if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
+ throw new BadCredentialsException("密码不正确");
+ }
+ // 还可以加一些其他信息的判断,比如用户账号已停用等判断
+ if (loginUserInfoVO.getStatus().intValue() == 2) {
+ throw new LockedException("该用户已被禁用");
+ }
+ // 维护最后登录时间
+ userService.putUserLastLoginTime(loginUserInfoVO.getUserId());
+ //是否为专家登陆
+ R r1 = userService.isExpert(loginUserInfoVO.getPhone());
+ if (r1.getCode()== Constants.SUCCESS){
+ loginUserInfoVO.setType(13);
+ }
+ return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList);
+
}
- if (ObjectUtils.isEmpty(loginUserInfoVO.getAccount())) {
- throw new UsernameNotFoundException("用户名不存在");
- }
- // 我们还要判断密码是否正确,这里我们的密码使用BCryptPasswordEncoder进行加密的
- if (!new BCryptPasswordEncoder().matches(password, loginUserInfoVO.getPassword())) {
- throw new BadCredentialsException("密码不正确");
- }
- // 还可以加一些其他信息的判断,比如用户账号已停用等判断
- if (loginUserInfoVO.getStatus().intValue()==2) {
- throw new LockedException("该用户已被禁用");
- }
- return new UsernamePasswordAuthenticationToken(loginUserInfoVO, password, grantedAuthorityList);
}
@Override
public boolean supports(Class<?> aClass) {
return true;
}
+
+ private void lockLogin(Boolean flag,String userName){
+ if(flag){
+ Integer time= (Integer) redisTemplate.opsForValue().get(LOGIN_FAIL+userName);
+ redisTemplate.opsForValue().set(LOGIN_FAIL+userName,time+1, Duration.ofMinutes(5));
+ }
+ else {
+ redisTemplate.opsForValue().set(LOGIN_FAIL+userName,1, Duration.ofMinutes(5));
+ }
+ }
}
--
Gitblit v1.7.1