|
@@ -125,6 +125,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
|
|
|
|
|
Integer errorTimes = getLoginErrorTimes(accountTypeEnum, accountValue, clientIp);
|
|
Integer errorTimes = getLoginErrorTimes(accountTypeEnum, accountValue, clientIp);
|
|
|
if (5 < errorTimes) {
|
|
if (5 < errorTimes) {
|
|
|
|
|
+ log.warn("LoginOutOfTryLimits... account:{} ip:{} errorTimes:{} ", accountValue, clientIp, errorTimes);
|
|
|
throw new StatusException("003205", "登陆失败次数已达到上限,请5分钟后重试");
|
|
throw new StatusException("003205", "登陆失败次数已达到上限,请5分钟后重试");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -191,12 +192,14 @@ public class AuthServiceImpl implements AuthService {
|
|
|
if (AccountType.COMMON_LOGIN_NAME.equals(accountTypeEnum)) {
|
|
if (AccountType.COMMON_LOGIN_NAME.equals(accountTypeEnum)) {
|
|
|
UserEntity userEntity = userRepo.findByRootOrgIdAndLoginName(rootOrgId, accountValue);
|
|
UserEntity userEntity = userRepo.findByRootOrgIdAndLoginName(rootOrgId, accountValue);
|
|
|
if (null == userEntity) {
|
|
if (null == userEntity) {
|
|
|
|
|
+ log.warn("WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003004", "账号或密码错误");
|
|
throw new StatusException("003004", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
if (null != userEntity.getEnable() && !userEntity.getEnable()) {
|
|
if (null != userEntity.getEnable() && !userEntity.getEnable()) {
|
|
|
throw new StatusException("003005", "账号被禁用");
|
|
throw new StatusException("003005", "账号被禁用");
|
|
|
}
|
|
}
|
|
|
if (StringUtils.isBlank(password)) {
|
|
if (StringUtils.isBlank(password)) {
|
|
|
|
|
+ log.warn("WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003203", "账号或密码错误");
|
|
throw new StatusException("003203", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
|
|
|
|
@@ -214,6 +217,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
|
if (!password.equals(userEntity.getPassword()) && !encodePassword.equals(userEntity.getPassword())) {
|
|
if (!password.equals(userEntity.getPassword()) && !encodePassword.equals(userEntity.getPassword())) {
|
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
|
|
|
+ log.warn("WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
} else {
|
|
} else {
|
|
@@ -229,6 +233,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
|
if (!password.equals(userEntity.getPassword()) && !encodePassword.equals(userEntity.getPassword())) {
|
|
if (!password.equals(userEntity.getPassword()) && !encodePassword.equals(userEntity.getPassword())) {
|
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
|
|
|
+ log.warn("WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
@@ -247,6 +252,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
StudentCodeEntity scEntity = studentCodeRepo
|
|
StudentCodeEntity scEntity = studentCodeRepo
|
|
|
.findByStudentCodeAndRootOrgId(accountValue, rootOrgId);
|
|
.findByStudentCodeAndRootOrgId(accountValue, rootOrgId);
|
|
|
if (null == scEntity) {
|
|
if (null == scEntity) {
|
|
|
|
|
+ log.warn("[S] WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003009", "账号或密码错误");
|
|
throw new StatusException("003009", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
student = GlobalHelper.getEntity(studentRepo, scEntity.getStudentId(),
|
|
student = GlobalHelper.getEntity(studentRepo, scEntity.getStudentId(),
|
|
@@ -259,6 +265,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (null == student) {
|
|
if (null == student) {
|
|
|
|
|
+ log.warn("[S] WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003110", "账号或密码错误");
|
|
throw new StatusException("003110", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
if (null != student.getEnable() && !student.getEnable()) {
|
|
if (null != student.getEnable() && !student.getEnable()) {
|
|
@@ -278,12 +285,14 @@ public class AuthServiceImpl implements AuthService {
|
|
|
// 密码登录
|
|
// 密码登录
|
|
|
else {
|
|
else {
|
|
|
if (StringUtils.isBlank(password)) {
|
|
if (StringUtils.isBlank(password)) {
|
|
|
|
|
+ log.warn("[S] WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003203", "账号或密码错误");
|
|
throw new StatusException("003203", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
byte[] bytes = SHA256.encode(student.getIdentityNumber() + password);
|
|
byte[] bytes = SHA256.encode(student.getIdentityNumber() + password);
|
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
String encodePassword = ByteUtil.toHexAscii(bytes);
|
|
|
if (!password.equals(student.getPassword()) && !encodePassword.equals(student.getPassword())) {
|
|
if (!password.equals(student.getPassword()) && !encodePassword.equals(student.getPassword())) {
|
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
whenLoginError(accountTypeEnum, accountValue, clientIp);
|
|
|
|
|
+ log.warn("[S] WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
throw new StatusException("003003", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
@@ -692,6 +701,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
if (null == student) {
|
|
if (null == student) {
|
|
|
|
|
+ log.warn("[S] WrongAccountOrPsw... rootOrgId:{} account:{} ip:{}", rootOrgId, accountValue, clientIp);
|
|
|
throw new StatusException("003110", "账号或密码错误");
|
|
throw new StatusException("003110", "账号或密码错误");
|
|
|
}
|
|
}
|
|
|
|
|
|
deason