|
|
@@ -95,9 +95,29 @@ public class AuthServiceImpl implements AuthService {
|
|
|
String accountValue = loginInfo.getAccountValue();
|
|
|
String password = loginInfo.getPassword();
|
|
|
|
|
|
+ if (StringUtils.isBlank(accountType)) {
|
|
|
+ throw new StatusException("B-001201", "accountType is null");
|
|
|
+ }
|
|
|
+ if (StringUtils.isBlank(accountValue)) {
|
|
|
+ throw new StatusException("B-001202", "accountValue is null");
|
|
|
+ }
|
|
|
+ if (StringUtils.isBlank(password)) {
|
|
|
+ throw new StatusException("B-001203", "password is null");
|
|
|
+ }
|
|
|
+ AccountType accountTypeEnum = null;
|
|
|
+ try {
|
|
|
+ accountTypeEnum = AccountType.valueOf(accountType);
|
|
|
+ } catch (Exception e) {
|
|
|
+ throw new StatusException("B-001204", "accountType is wrong");
|
|
|
+ }
|
|
|
+
|
|
|
+ if (limited(accountType, accountValue)) {
|
|
|
+ throw new StatusException("B-001205", "密码重试次数已达到上限,请1分钟后重试");
|
|
|
+ }
|
|
|
+
|
|
|
StudentEntity student = null;
|
|
|
|
|
|
- if (AccountType.STUDENT_PHONE.name().equals(accountType)) {
|
|
|
+ if (AccountType.STUDENT_PHONE.equals(accountTypeEnum)) {
|
|
|
student = studentRepo.findBySecurityPhone(accountValue);
|
|
|
if (null == student) {
|
|
|
throw new StatusException("B-001110", "学生不存在");
|
|
|
@@ -132,7 +152,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
Long orgId = null;
|
|
|
|
|
|
// 常规账户登录
|
|
|
- if (AccountType.COMMON_LOGIN_NAME.name().equals(accountType)) {
|
|
|
+ if (AccountType.COMMON_LOGIN_NAME.equals(accountTypeEnum)) {
|
|
|
UserEntity userEntity = userRepo.findByRootOrgIdAndLoginName(rootOrgId, accountValue);
|
|
|
if (null == userEntity) {
|
|
|
throw new StatusException("B-001004", "用户不存在");
|
|
|
@@ -142,6 +162,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
|
String rightPassword = userEntity.getPassword();
|
|
|
if (!rightPassword.equals(password)) {
|
|
|
+ whenPasswordError(accountType, accountValue);
|
|
|
throw new StatusException("B-001003", "密码错误");
|
|
|
}
|
|
|
user.setUserId(userEntity.getId());
|
|
|
@@ -153,11 +174,11 @@ public class AuthServiceImpl implements AuthService {
|
|
|
user.setRoleList(roleList);
|
|
|
} else {
|
|
|
// 学生学号登录
|
|
|
- if (AccountType.STUDENT_CODE.name().equals(accountType)) {
|
|
|
+ if (AccountType.STUDENT_CODE.equals(accountTypeEnum)) {
|
|
|
student = studentRepo.findByStudentCodeAndRootOrgId(accountValue, rootOrg.getId());
|
|
|
}
|
|
|
// 学生身份证号登录
|
|
|
- else if (AccountType.STUDENT_IDENTITY_NUMBER.name().equals(accountType)) {
|
|
|
+ else if (AccountType.STUDENT_IDENTITY_NUMBER.equals(accountTypeEnum)) {
|
|
|
student = studentRepo.findByIdentityNumberAndRootOrgId(accountValue,
|
|
|
rootOrg.getId());
|
|
|
}
|
|
|
@@ -170,6 +191,7 @@ public class AuthServiceImpl implements AuthService {
|
|
|
}
|
|
|
String rightPassword = student.getPassword();
|
|
|
if (!rightPassword.equals(password)) {
|
|
|
+ whenPasswordError(accountType, accountValue);
|
|
|
throw new StatusException("B-001003", "密码错误");
|
|
|
}
|
|
|
|
|
|
@@ -210,6 +232,42 @@ public class AuthServiceImpl implements AuthService {
|
|
|
return user;
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * 密码重试限制
|
|
|
+ *
|
|
|
+ * @author WANGWEI
|
|
|
+ * @param accountType
|
|
|
+ * @param accountValue
|
|
|
+ */
|
|
|
+ private void whenPasswordError(String accountType, String accountValue) {
|
|
|
+ String key = "$_PW_ERR_" + accountType + "_" + accountValue;
|
|
|
+
|
|
|
+ Long times = redisClient.get(key, Long.class);
|
|
|
+ if (null != times) {
|
|
|
+ times++;
|
|
|
+ } else {
|
|
|
+ times = 1L;
|
|
|
+ }
|
|
|
+
|
|
|
+ redisClient.set(key, times, 60);
|
|
|
+ }
|
|
|
+
|
|
|
+ /**
|
|
|
+ * 是否可登录
|
|
|
+ *
|
|
|
+ * @author WANGWEI
|
|
|
+ * @param accountType
|
|
|
+ * @param accountValue
|
|
|
+ * @return
|
|
|
+ */
|
|
|
+ private boolean limited(String accountType, String accountValue) {
|
|
|
+ String key = "$_PW_ERR_" + accountType + "_" + accountValue;
|
|
|
+
|
|
|
+ Long times = redisClient.get(key, Long.class);
|
|
|
+
|
|
|
+ return times > 5;
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* 设置角色权限缓存
|
|
|
*
|
wangwei