update 同步ruoyi

2025-09-03 11:05:58 +00:00 · 2022-08-08 10:35:08 +08:00
parent e4dc172f45 c8a108b93a
commit 7bacfd9c4c
11 changed files with 228 additions and 23 deletions
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java
@@ -19,7 +19,6 @@ import com.ruoyi.common.redis.utils.RedisUtils;
 import com.ruoyi.common.satoken.utils.LoginHelper;
 import com.ruoyi.system.api.RemoteLogService;
 import com.ruoyi.system.api.RemoteUserService;
-import com.ruoyi.system.api.domain.SysLogininfor;
 import com.ruoyi.system.api.domain.SysUser;
 import com.ruoyi.system.api.model.LoginUser;
 import com.ruoyi.system.api.model.XcxLoginUser;
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysPasswordService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysPasswordService.java
@@ -0,0 +1,85 @@
+package com.ruoyi.auth.service;
+
+import java.util.concurrent.TimeUnit;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.CacheConstants;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.exception.ServiceException;
+import com.ruoyi.common.redis.service.RedisService;
+import com.ruoyi.common.security.utils.SecurityUtils;
+import com.ruoyi.system.api.domain.SysUser;
+
+/**
+ * 登录密码方法
+ * 
+ * @author ruoyi
+ */
+@Component
+public class SysPasswordService
+{
+    @Autowired
+    private RedisService redisService;
+
+    private int maxRetryCount = CacheConstants.passwordMaxRetryCount;
+
+    private Long lockTime = CacheConstants.passwordLockTime;
+
+    @Autowired
+    private SysRecordLogService recordLogService;
+
+    /**
+     * 登录账户密码错误次数缓存键名
+     * 
+     * @param username 用户名
+     * @return 缓存键key
+     */
+    private String getCacheKey(String username)
+    {
+        return CacheConstants.PWD_ERR_CNT_KEY + username;
+    }
+
+    public void validate(SysUser user, String password)
+    {
+        String username = user.getUserName();
+
+        Integer retryCount = redisService.getCacheObject(getCacheKey(username));
+
+        if (retryCount == null)
+        {
+            retryCount = 0;
+        }
+
+        if (retryCount >= Integer.valueOf(maxRetryCount).intValue())
+        {
+            String errMsg = String.format("密码输入错误%s次，帐户锁定%s分钟", maxRetryCount, lockTime);
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL,errMsg);
+            throw new ServiceException(errMsg);
+        }
+
+        if (!matches(user, password))
+        {
+            retryCount = retryCount + 1;
+            recordLogService.recordLogininfor(username, Constants.LOGIN_FAIL, String.format("密码输入错误%s次", retryCount));
+            redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES);
+            throw new ServiceException("用户不存在/密码错误");
+        }
+        else
+        {
+            clearLoginRecordCache(username);
+        }
+    }
+
+    public boolean matches(SysUser user, String rawPassword)
+    {
+        return SecurityUtils.matchesPassword(rawPassword, user.getPassword());
+    }
+
+    public void clearLoginRecordCache(String loginName)
+    {
+        if (redisService.hasKey(getCacheKey(loginName)))
+        {
+            redisService.deleteObject(getCacheKey(loginName));
+        }
+    }
+}
--- a/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysRecordLogService.java
+++ b/ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysRecordLogService.java
@@ -0,0 +1,49 @@
+package com.ruoyi.auth.service;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import com.ruoyi.common.core.constant.Constants;
+import com.ruoyi.common.core.constant.SecurityConstants;
+import com.ruoyi.common.core.utils.ServletUtils;
+import com.ruoyi.common.core.utils.StringUtils;
+import com.ruoyi.common.core.utils.ip.IpUtils;
+import com.ruoyi.system.api.RemoteLogService;
+import com.ruoyi.system.api.domain.SysLogininfor;
+
+/**
+ * 记录日志方法
+ * 
+ * @author ruoyi
+ */
+@Component
+public class SysRecordLogService
+{
+    @Autowired
+    private RemoteLogService remoteLogService;
+
+    /**
+     * 记录登录信息
+     * 
+     * @param username 用户名
+     * @param status 状态
+     * @param message 消息内容
+     * @return
+     */
+    public void recordLogininfor(String username, String status, String message)
+    {
+        SysLogininfor logininfor = new SysLogininfor();
+        logininfor.setUserName(username);
+        logininfor.setIpaddr(IpUtils.getIpAddr(ServletUtils.getRequest()));
+        logininfor.setMsg(message);
+        // 日志状态
+        if (StringUtils.equalsAny(status, Constants.LOGIN_SUCCESS, Constants.LOGOUT, Constants.REGISTER))
+        {
+            logininfor.setStatus(Constants.LOGIN_SUCCESS_STATUS);
+        }
+        else if (Constants.LOGIN_FAIL.equals(status))
+        {
+            logininfor.setStatus(Constants.LOGIN_FAIL_STATUS);
+        }
+        remoteLogService.saveLogininfor(logininfor, SecurityConstants.INNER);
+    }
+}