From 3c4fee1db116c11d4f04727cfe076d7c94daeaf2 Mon Sep 17 00:00:00 2001 From: yanzhaofeige <yanzhaofeige@qq.com> Date: Mon, 30 Sep 2024 12:10:57 +0800 Subject: [PATCH] init --- cpzidc-framework/src/main/java/com/odcc/cpzidc/framework/web/service/SysPasswordService.java | 86 +++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 86 insertions(+), 0 deletions(-) diff --git a/cpzidc-framework/src/main/java/com/odcc/cpzidc/framework/web/service/SysPasswordService.java b/cpzidc-framework/src/main/java/com/odcc/cpzidc/framework/web/service/SysPasswordService.java new file mode 100644 index 0000000..9e04908 --- /dev/null +++ b/cpzidc-framework/src/main/java/com/odcc/cpzidc/framework/web/service/SysPasswordService.java @@ -0,0 +1,86 @@ +package com.odcc.cpzidc.framework.web.service; + +import java.util.concurrent.TimeUnit; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.security.core.Authentication; +import org.springframework.stereotype.Component; +import com.odcc.cpzidc.common.constant.CacheConstants; +import com.odcc.cpzidc.common.core.domain.entity.SysUser; +import com.odcc.cpzidc.common.core.redis.RedisCache; +import com.odcc.cpzidc.common.exception.user.UserPasswordNotMatchException; +import com.odcc.cpzidc.common.exception.user.UserPasswordRetryLimitExceedException; +import com.odcc.cpzidc.common.utils.SecurityUtils; +import com.odcc.cpzidc.framework.security.context.AuthenticationContextHolder; + +/** + * 登录密码方法 + * + * @author ruoyi + */ +@Component +public class SysPasswordService +{ + @Autowired + private RedisCache redisCache; + + @Value(value = "${user.password.maxRetryCount}") + private int maxRetryCount; + + @Value(value = "${user.password.lockTime}") + private int lockTime; + + /** + * 登录账户密码错误次数缓存键名 + * + * @param username 用户名 + * @return 缓存键key + */ + private String getCacheKey(String username) + { + return CacheConstants.PWD_ERR_CNT_KEY + username; + } + + public void validate(SysUser user) + { + Authentication usernamePasswordAuthenticationToken = AuthenticationContextHolder.getContext(); + String username = usernamePasswordAuthenticationToken.getName(); + String password = usernamePasswordAuthenticationToken.getCredentials().toString(); + + Integer retryCount = redisCache.getCacheObject(getCacheKey(username)); + + if (retryCount == null) + { + retryCount = 0; + } + + if (retryCount >= Integer.valueOf(maxRetryCount).intValue()) + { + throw new UserPasswordRetryLimitExceedException(maxRetryCount, lockTime); + } + + if (!matches(user, password)) + { + retryCount = retryCount + 1; + redisCache.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); + throw new UserPasswordNotMatchException(); + } + else + { + clearLoginRecordCache(username); + } + } + + public boolean matches(SysUser user, String rawPassword) + { + return SecurityUtils.matchesPassword(rawPassword, user.getPassword()); + } + + public void clearLoginRecordCache(String loginName) + { + if (redisCache.hasKey(getCacheKey(loginName))) + { + redisCache.deleteObject(getCacheKey(loginName)); + } + } +} -- Gitblit v1.9.3