提交 | 用户 | 时间
|
0cceb6
|
1 |
package com.jcdm.framework.web.service; |
Y |
2 |
|
|
3 |
import java.util.concurrent.TimeUnit; |
|
4 |
import org.springframework.beans.factory.annotation.Autowired; |
|
5 |
import org.springframework.beans.factory.annotation.Value; |
|
6 |
import org.springframework.security.core.Authentication; |
|
7 |
import org.springframework.stereotype.Component; |
|
8 |
import com.jcdm.common.constant.CacheConstants; |
|
9 |
import com.jcdm.common.constant.Constants; |
|
10 |
import com.jcdm.common.core.domain.entity.SysUser; |
|
11 |
import com.jcdm.common.core.redis.RedisCache; |
|
12 |
import com.jcdm.common.exception.user.UserPasswordNotMatchException; |
|
13 |
import com.jcdm.common.exception.user.UserPasswordRetryLimitExceedException; |
|
14 |
import com.jcdm.common.utils.MessageUtils; |
|
15 |
import com.jcdm.common.utils.SecurityUtils; |
|
16 |
import com.jcdm.framework.manager.AsyncManager; |
|
17 |
import com.jcdm.framework.manager.factory.AsyncFactory; |
|
18 |
import com.jcdm.framework.security.context.AuthenticationContextHolder; |
|
19 |
|
|
20 |
/** |
|
21 |
* 登录密码方法 |
|
22 |
* |
|
23 |
* @author jc |
|
24 |
*/ |
|
25 |
@Component |
|
26 |
public class SysPasswordService |
|
27 |
{ |
|
28 |
@Autowired |
|
29 |
private RedisCache redisCache; |
|
30 |
|
|
31 |
@Value(value = "${user.password.maxRetryCount}") |
|
32 |
private int maxRetryCount; |
|
33 |
|
|
34 |
@Value(value = "${user.password.lockTime}") |
|
35 |
private int lockTime; |
|
36 |
|
|
37 |
/** |
|
38 |
* 登录账户密码错误次数缓存键名 |
|
39 |
* |
|
40 |
* @param username 用户名 |
|
41 |
* @return 缓存键key |
|
42 |
*/ |
|
43 |
private String getCacheKey(String username) |
|
44 |
{ |
|
45 |
return CacheConstants.PWD_ERR_CNT_KEY + username; |
|
46 |
} |
|
47 |
|
|
48 |
public void validate(SysUser user) |
|
49 |
{ |
|
50 |
Authentication usernamePasswordAuthenticationToken = AuthenticationContextHolder.getContext(); |
|
51 |
String username = usernamePasswordAuthenticationToken.getName(); |
|
52 |
String password = usernamePasswordAuthenticationToken.getCredentials().toString(); |
|
53 |
|
|
54 |
Integer retryCount = redisCache.getCacheObject(getCacheKey(username)); |
|
55 |
|
|
56 |
if (retryCount == null) |
|
57 |
{ |
|
58 |
retryCount = 0; |
|
59 |
} |
|
60 |
|
|
61 |
if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) |
|
62 |
{ |
|
63 |
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|
64 |
MessageUtils.message("user.password.retry.limit.exceed", maxRetryCount, lockTime))); |
|
65 |
throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime); |
|
66 |
} |
|
67 |
|
|
68 |
if (!matches(user, password)) |
|
69 |
{ |
|
70 |
retryCount = retryCount + 1; |
|
71 |
AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, |
|
72 |
MessageUtils.message("user.password.retry.limit.count", retryCount))); |
|
73 |
redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); |
|
74 |
throw new UserPasswordNotMatchException(); |
|
75 |
} |
|
76 |
else |
|
77 |
{ |
|
78 |
clearLoginRecordCache(username); |
|
79 |
} |
|
80 |
} |
|
81 |
|
|
82 |
public boolean matches(SysUser user, String rawPassword) |
|
83 |
{ |
|
84 |
return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); |
|
85 |
} |
|
86 |
|
|
87 |
public void clearLoginRecordCache(String loginName) |
|
88 |
{ |
|
89 |
if (redisCache.hasKey(getCacheKey(loginName))) |
|
90 |
{ |
|
91 |
redisCache.deleteObject(getCacheKey(loginName)); |
|
92 |
} |
|
93 |
} |
|
94 |
} |