| 提交 | 用户 | 时间 | ||
| e57a89 | 1 | package com.jcdm.framework.web.service; |
| 懒 | 2 | |
| 3 | import java.util.concurrent.TimeUnit; | |
| 4 | import org.springframework.beans.factory.annotation.Autowired; | |
| 5 | import org.springframework.beans.factory.annotation.Value; | |
| 6 | import org.springframework.security.core.Authentication; | |
| 7 | import org.springframework.stereotype.Component; | |
| 8 | import com.jcdm.common.constant.CacheConstants; | |
| 9 | import com.jcdm.common.constant.Constants; | |
| 10 | import com.jcdm.common.core.domain.entity.SysUser; | |
| 11 | import com.jcdm.common.core.redis.RedisCache; | |
| 12 | import com.jcdm.common.exception.user.UserPasswordNotMatchException; | |
| 13 | import com.jcdm.common.exception.user.UserPasswordRetryLimitExceedException; | |
| 14 | import com.jcdm.common.utils.MessageUtils; | |
| 15 | import com.jcdm.common.utils.SecurityUtils; | |
| 16 | import com.jcdm.framework.manager.AsyncManager; | |
| 17 | import com.jcdm.framework.manager.factory.AsyncFactory; | |
| 18 | import com.jcdm.framework.security.context.AuthenticationContextHolder; | |
| 19 | ||
| 20 | /** | |
| 21 | * 登录密码方法 | |
| 22 | * | |
| 23 | * @author jc | |
| 24 | */ | |
| 25 | @Component | |
| 26 | public class SysPasswordService | |
| 27 | { | |
| 28 | @Autowired | |
| 29 | private RedisCache redisCache; | |
| 30 | ||
| 31 | @Value(value = "${user.password.maxRetryCount}") | |
| 32 | private int maxRetryCount; | |
| 33 | ||
| 34 | @Value(value = "${user.password.lockTime}") | |
| 35 | private int lockTime; | |
| 36 | ||
| 37 | /** | |
| 38 | * 登录账户密码错误次数缓存键名 | |
| 39 | * | |
| 40 | * @param username 用户名 | |
| 41 | * @return 缓存键key | |
| 42 | */ | |
| 43 | private String getCacheKey(String username) | |
| 44 | { | |
| 45 | return CacheConstants.PWD_ERR_CNT_KEY + username; | |
| 46 | } | |
| 47 | ||
| 48 | public void validate(SysUser user) | |
| 49 | { | |
| 50 | Authentication usernamePasswordAuthenticationToken = AuthenticationContextHolder.getContext(); | |
| 51 | String username = usernamePasswordAuthenticationToken.getName(); | |
| 52 | String password = usernamePasswordAuthenticationToken.getCredentials().toString(); | |
| 53 | ||
| 54 | Integer retryCount = redisCache.getCacheObject(getCacheKey(username)); | |
| 55 | ||
| 56 | if (retryCount == null) | |
| 57 | { | |
| 58 | retryCount = 0; | |
| 59 | } | |
| 60 | ||
| 61 | if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) | |
| 62 | { | |
| 63 | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, | |
| 64 | MessageUtils.message("user.password.retry.limit.exceed", maxRetryCount, lockTime))); | |
| 65 | throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime); | |
| 66 | } | |
| 67 | ||
| 68 | if (!matches(user, password)) | |
| 69 | { | |
| 70 | retryCount = retryCount + 1; | |
| 71 | AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, | |
| 72 | MessageUtils.message("user.password.retry.limit.count", retryCount))); | |
| 73 | redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); | |
| 74 | throw new UserPasswordNotMatchException(); | |
| 75 | } | |
| 76 | else | |
| 77 | { | |
| 78 | clearLoginRecordCache(username); | |
| 79 | } | |
| 80 | } | |
| 81 | ||
| 82 | public boolean matches(SysUser user, String rawPassword) | |
| 83 | { | |
| 84 | return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); | |
| 85 | } | |
| 86 | ||
| 87 | public void clearLoginRecordCache(String loginName) | |
| 88 | { | |
| 89 | if (redisCache.hasKey(getCacheKey(loginName))) | |
| 90 | { | |
| 91 | redisCache.deleteObject(getCacheKey(loginName)); | |
| 92 | } | |
| 93 | } | |
| 94 | } | |
