德玛OA
查看 | 历史 | 提交 | 提交对比
admin
2024-04-24 363457b34e0e4f26ffe51aa80ecb227bf7873308
提交 | 用户 | 时间
363457 1 package com.jcdm.framework.web.service;
A 2
3 import javax.annotation.Resource;
4 import org.springframework.beans.factory.annotation.Autowired;
5 import org.springframework.security.authentication.AuthenticationManager;
6 import org.springframework.security.authentication.BadCredentialsException;
7 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
8 import org.springframework.security.core.Authentication;
9 import org.springframework.stereotype.Component;
10 import com.jcdm.common.constant.CacheConstants;
11 import com.jcdm.common.constant.Constants;
12 import com.jcdm.common.constant.UserConstants;
13 import com.jcdm.common.core.domain.entity.SysUser;
14 import com.jcdm.common.core.domain.model.LoginUser;
15 import com.jcdm.common.core.redis.RedisCache;
16 import com.jcdm.common.exception.ServiceException;
17 import com.jcdm.common.exception.user.BlackListException;
18 import com.jcdm.common.exception.user.CaptchaException;
19 import com.jcdm.common.exception.user.CaptchaExpireException;
20 import com.jcdm.common.exception.user.UserNotExistsException;
21 import com.jcdm.common.exception.user.UserPasswordNotMatchException;
22 import com.jcdm.common.utils.DateUtils;
23 import com.jcdm.common.utils.MessageUtils;
24 import com.jcdm.common.utils.StringUtils;
25 import com.jcdm.common.utils.ip.IpUtils;
26 import com.jcdm.framework.manager.AsyncManager;
27 import com.jcdm.framework.manager.factory.AsyncFactory;
28 import com.jcdm.framework.security.context.AuthenticationContextHolder;
29 import com.jcdm.system.service.ISysConfigService;
30 import com.jcdm.system.service.ISysUserService;
31
32 /**
33  * 登录校验方法
34  * 
35  * @author jc
36  */
37 @Component
38 public class SysLoginService
39 {
40     @Autowired
41     private TokenService tokenService;
42
43     @Resource
44     private AuthenticationManager authenticationManager;
45
46     @Autowired
47     private RedisCache redisCache;
48     
49     @Autowired
50     private ISysUserService userService;
51
52     @Autowired
53     private ISysConfigService configService;
54
55     /**
56      * 登录验证
57      * 
58      * @param username 用户名
59      * @param password 密码
60      * @param code 验证码
61      * @param uuid 唯一标识
62      * @return 结果
63      */
64     public String login(String username, String password, String code, String uuid)
65     {
66         // 验证码校验
67         //validateCaptcha(username, code, uuid);
68         // 登录前置校验
69         loginPreCheck(username, password);
70         // 用户验证
71         Authentication authentication = null;
72         try
73         {
74             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
75             AuthenticationContextHolder.setContext(authenticationToken);
76             // 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
77             authentication = authenticationManager.authenticate(authenticationToken);
78         }
79         catch (Exception e)
80         {
81             if (e instanceof BadCredentialsException)
82             {
83                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
84                 throw new UserPasswordNotMatchException();
85             }
86             else
87             {
88                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage()));
89                 throw new ServiceException(e.getMessage());
90             }
91         }
92         finally
93         {
94             AuthenticationContextHolder.clearContext();
95         }
96         AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success")));
97         LoginUser loginUser = (LoginUser) authentication.getPrincipal();
98         recordLoginInfo(loginUser.getUserId());
99         // 生成token
100         return tokenService.createToken(loginUser);
101     }
102
103     /**
104      * 校验验证码
105      * 
106      * @param username 用户名
107      * @param code 验证码
108      * @param uuid 唯一标识
109      * @return 结果
110      */
111     public void validateCaptcha(String username, String code, String uuid)
112     {
113         boolean captchaEnabled = configService.selectCaptchaEnabled();
114         if (captchaEnabled)
115         {
116             String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
117             String captcha = redisCache.getCacheObject(verifyKey);
118             redisCache.deleteObject(verifyKey);
119             if (captcha == null)
120             {
121                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
122                 throw new CaptchaExpireException();
123             }
124             if (!code.equalsIgnoreCase(captcha))
125             {
126                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));
127                 throw new CaptchaException();
128             }
129         }
130     }
131
132     /**
133      * 登录前置校验
134      * @param username 用户名
135      * @param password 用户密码
136      */
137     public void loginPreCheck(String username, String password)
138     {
139         // 用户名或密码为空 错误
140         if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password))
141         {
142             AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("not.null")));
143             throw new UserNotExistsException();
144         }
145         // 密码如果不在指定范围内 错误
146         if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
147                 || password.length() > UserConstants.PASSWORD_MAX_LENGTH)
148         {
149             AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
150             throw new UserPasswordNotMatchException();
151         }
152         // 用户名不在指定范围内 错误
153         if (username.length() < UserConstants.USERNAME_MIN_LENGTH
154                 || username.length() > UserConstants.USERNAME_MAX_LENGTH)
155         {
156             AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match")));
157             throw new UserPasswordNotMatchException();
158         }
159         // IP黑名单校验
160         String blackStr = configService.selectConfigByKey("sys.login.blackIPList");
161         if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr()))
162         {
163             AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked")));
164             throw new BlackListException();
165         }
166     }
167
168     /**
169      * 记录登录信息
170      *
171      * @param userId 用户ID
172      */
173     public void recordLoginInfo(Long userId)
174     {
175         SysUser sysUser = new SysUser();
176         sysUser.setUserId(userId);
177         sysUser.setLoginIp(IpUtils.getIpAddr());
178         sysUser.setLoginDate(DateUtils.getNowDate());
179         userService.updateUserProfile(sysUser);
180     }
181 }