first commit
This commit is contained in:
@ -72,6 +72,9 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
|
||||
@Override
|
||||
public String login(LoginDto dto) {
|
||||
Boolean blacklistSwitch = authConfigApiService.getBlacklistConfig();
|
||||
// 校验黑名单
|
||||
validateBlacklist(blacklistSwitch);
|
||||
// 校验验证码
|
||||
authConfigApiService.validateCaptcha(dto.getCode(), dto.getUuid());
|
||||
// username查询用户信息
|
||||
@ -79,7 +82,7 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
// 检查账号信息
|
||||
validateUser(dto.getUsername(), sysUser);
|
||||
// 检验密码
|
||||
validatePassword(dto.getUsername(), sysUser.getPassword(), dto.getPassword());
|
||||
validatePassword(blacklistSwitch, dto.getUsername(), sysUser.getPassword(), dto.getPassword());
|
||||
// 缓存在线用户
|
||||
String deviceSn = cacheOnlineUser(dto.getUsername(), sysUser.getNickname());
|
||||
// 缓存userDetails
|
||||
@ -88,15 +91,46 @@ public class SysLoginServiceImpl implements SysLoginService {
|
||||
return TokenUtil.generateToken(sysUser.getUsername(), deviceSn);
|
||||
}
|
||||
|
||||
private void validatePassword(String username, String password, String inputPassword) {
|
||||
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
|
||||
if (!result) {
|
||||
ThreadUtil.execAsync(() -> beforePasswordError(username));
|
||||
throw new ServiceException(SecurityConstant.PASSWORD_ERROR);
|
||||
private void validateBlacklist(Boolean blacklistSwitch) {
|
||||
String ip = IpUtil.getIp(request);
|
||||
if (blacklistSwitch && redisService.hasKey(SecurityConstant.BLACKLIST_KEY + ip)) {
|
||||
throw new ServiceException(SecurityConstant.HAS_BEEN_PULLED_BLACK);
|
||||
}
|
||||
}
|
||||
|
||||
private void beforePasswordError(String username) {
|
||||
private void validatePassword(Boolean blacklistSwitch, String username, String password, String inputPassword) {
|
||||
boolean result = SecurityUtil.matchesPassword(inputPassword, password);
|
||||
if (result && blacklistSwitch) {
|
||||
// 密码正确, 删除错误次数
|
||||
String ip = IpUtil.getIp(request);
|
||||
redisService.del(SecurityConstant.LOGIN_ERROR_COUNT + ip);
|
||||
} else {
|
||||
// 密码错误
|
||||
String msg = beforePasswordError(blacklistSwitch, username);
|
||||
throw new ServiceException(msg);
|
||||
}
|
||||
}
|
||||
|
||||
private String beforePasswordError(Boolean blacklistSwitch, String username) {
|
||||
String ip = IpUtil.getIp(request);
|
||||
// 未开启->直接结束
|
||||
if (!blacklistSwitch) {
|
||||
return "密码错误";
|
||||
}
|
||||
// 开启->继续
|
||||
// 错误次数是否到达允许最大错误次数
|
||||
Integer maxAllowCount = authConfigApiService.getAllowMaxErrorCount();
|
||||
Integer ipErrorCount = redisService.getObject(SecurityConstant.LOGIN_ERROR_COUNT + ip, Integer.class);
|
||||
if (ipErrorCount >= maxAllowCount) {
|
||||
// 是-> 进入黑名单库 && 返回"IP已被拉黑"
|
||||
redisService.set(SecurityConstant.BLACKLIST_KEY + ip, username, authConfigApiService.getBlacklistExpireTime());
|
||||
return SecurityConstant.HAS_BEEN_PULLED_BLACK;
|
||||
} else {
|
||||
// 否-> 错误次数+1 && 返回"你还剩xx次错误机会"
|
||||
ipErrorCount++;
|
||||
redisService.set(SecurityConstant.LOGIN_ERROR_COUNT + ip, ipErrorCount);
|
||||
return StrUtil.format("密码错误, 还有[{}]次错误机会", ipErrorCount);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user