package com.whyc.service;
|
|
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
|
import com.whyc.constant.YamlProperties;
|
import com.whyc.dto.Response;
|
import com.whyc.dto.UserClient;
|
import com.whyc.mapper.UserMapper;
|
import com.whyc.pojo.db_user.User;
|
import com.whyc.util.CommonUtil;
|
import com.whyc.util.DateUtil;
|
import com.whyc.util.MessageUtils;
|
import com.whyc.util.RSAUtil;
|
import org.apache.shiro.SecurityUtils;
|
import org.apache.shiro.authc.AuthenticationException;
|
import org.apache.shiro.authc.UsernamePasswordToken;
|
import org.apache.shiro.subject.Subject;
|
import org.springframework.stereotype.Service;
|
|
import javax.annotation.Resource;
|
import javax.servlet.ServletContext;
|
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpSession;
|
import java.io.UnsupportedEncodingException;
|
import java.util.*;
|
|
@Service
|
public class LoginService {
|
|
@Resource
|
private UserMapper userMapper;
|
|
@Resource
|
private UserService userService;
|
|
|
public Response login(String name, String pwd, HttpServletRequest request) {
|
UsernamePasswordToken userToken = new UsernamePasswordToken(name, pwd);
|
Subject subject = SecurityUtils.getSubject();
|
try {
|
subject.login(userToken);
|
} catch (Exception e) {
|
String message = e.getMessage();
|
if (message.contains("did not match the expected credentials")) {
|
return new Response<>().set(1, false, "密码错误");
|
}
|
return new Response<>().set(1, false, message);
|
}
|
if (subject.isAuthenticated()){
|
//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
|
//同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1
|
request.getServletContext().setAttribute(name,request.getSession().getId());
|
//Session存储当前用户
|
request.getSession().setAttribute("user",subject.getPrincipal());
|
//request.getSession().setMaxInactiveInterval(600);
|
return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功");
|
}
|
return new Response<>().set(1,false,"密码错误");
|
}
|
public Response login2(String userName, String pwd, HttpServletRequest request) throws UnsupportedEncodingException {
|
//String password = URLDecoder.decode(pwd, "utf-8");
|
String password = pwd;
|
|
String[] dataArr = RSAUtil.decryptFront(password, RSAUtil.fontSeparator);
|
//验签md5
|
if(!dataArr[1].equals(CommonUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())){
|
return new Response<>().set(0,"密码验签失败");
|
}
|
UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password);
|
Subject subject = SecurityUtils.getSubject();
|
try {
|
subject.login(userToken);
|
}catch (Exception e){
|
String message = e.getMessage();
|
if(message.contains("did not match the expected credentials")){
|
return new Response<>().set(1,false,"密码错误");
|
}
|
return new Response<>().set(1,false,message);
|
}
|
if (subject.isAuthenticated()){
|
//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
|
//同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1
|
request.getServletContext().setAttribute(userName,request.getSession().getId());
|
//Session存储当前用户
|
request.getSession().setAttribute("user",subject.getPrincipal());
|
return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功");
|
}
|
return new Response<>().set(1,false,"密码错误");
|
}
|
|
public Response loginByRSA(String userName, String pwd, String deliveredCode, HttpServletRequest request, Integer validCode) {
|
Response<Object> response = new Response<>();
|
//默认赋值0
|
response.setData3(0);
|
//Locale.setDefault(Locale.ENGLISH);
|
deliveredCode = deliveredCode.toUpperCase(Locale.ENGLISH);
|
if(validCode ==null ) { //属性不存在,则进行验证码校验;属性存在,则不进行验证码校验
|
if (YamlProperties.fontDynamicCodeSwitch.toLowerCase(Locale.ENGLISH).equals("true")) {
|
String fontDynamicCode = (String) CommonUtil.getSession().getAttribute("fontDynamicCode");
|
if (fontDynamicCode == null || "".equals(fontDynamicCode)) {
|
return response.set(1, false, MessageUtils.getMessage("RefreshVerification"));
|
}
|
if (!deliveredCode.equals(fontDynamicCode.toUpperCase(Locale.ENGLISH))) {
|
return response.set(1, false, MessageUtils.getMessage("VerificationError"));
|
}
|
}
|
}
|
//验证正确,清除验证码
|
CommonUtil.getSession().removeAttribute("fontDynamicCode");
|
/*String password = "";
|
try {
|
password = URLDecoder.decode(pwd, "utf-8");
|
} catch (UnsupportedEncodingException e) {
|
e.printStackTrace();
|
}*/
|
String[] dataArr = RSAUtil.decryptFront(pwd, RSAUtil.fontSeparator);
|
//验签md5
|
if (!dataArr[1].equals(CommonUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())) {
|
return response.set(1, false, MessageUtils.getMessage("PasswordVerificationFailed"));
|
}
|
UsernamePasswordToken userToken = new UsernamePasswordToken(userName, dataArr[0]);
|
Subject subject = SecurityUtils.getSubject();
|
|
ServletContext servletContext = request.getServletContext();
|
Enumeration<String> attributeNames = servletContext.getAttributeNames();
|
|
QueryWrapper<User> queryWrapper = Wrappers.query();
|
queryWrapper.select("uId", "status", "visit_ip", "visit_time", "password_update_time", "last_login_time").eq("uName", userName);
|
User user = userMapper.selectOne(queryWrapper);
|
//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
|
//同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1
|
|
//查询账号状态
|
if(user == null){
|
return response.set(1,false,MessageUtils.getMessage("AccountOrPasswordError"));
|
}
|
|
try {
|
subject.login(userToken);
|
} catch (Exception e) {
|
String message = e.getMessage();
|
if (message.contains("did not match the expected credentials")) {
|
//密码错误,记录次数
|
//内存中查找该用户中的登录失败次数
|
int loginFailTimes = 0;
|
List<String> loginFailAttributeList = new LinkedList<>();
|
while (attributeNames.hasMoreElements()){
|
String attributeName = attributeNames.nextElement();
|
if(attributeName.contains(userName+"_login_fail_times_")){
|
loginFailTimes++;
|
loginFailAttributeList.add(attributeName);
|
}
|
}
|
//查询账号密码错误限制次数
|
return response.set(1, false, MessageUtils.getMessage("AccountOrPasswordError"));
|
}else if(e instanceof AuthenticationException){
|
return response.set(1, false, "密码解析失败");
|
}
|
return response.set(1, false, message);
|
}
|
|
if (subject.isAuthenticated()) {
|
//登录成功
|
servletContext.setAttribute(userName, request.getSession().getId());
|
//日登录用户统计
|
HashMap<String, String> loginMap = (HashMap<String, String>) servletContext.getAttribute("login");
|
if(loginMap == null){
|
loginMap = new HashMap<>();
|
servletContext.setAttribute("login", loginMap);
|
}
|
String dateStr = DateUtil.YYYY_MM_DD.format(new Date());
|
loginMap.put(userName, dateStr);
|
//Session存储当前用户及权限组列表
|
request.getSession().setAttribute("user", subject.getPrincipal());
|
//request.getSession().setMaxInactiveInterval(60*60*24);
|
//清除账号登录失败记录
|
while (attributeNames.hasMoreElements()) {
|
String attributeName = attributeNames.nextElement();
|
if (attributeName.contains(userName + "_login_fail_times_")) {
|
servletContext.removeAttribute(attributeName);
|
}
|
}
|
//回写登录时间到数据库
|
//查询用户对应的权限组id并返回给前端
|
LinkedList<Object> dataList = new LinkedList<>();
|
dataList.add(subject.getPrincipal());
|
|
return response.setII(1, true, dataList, MessageUtils.getMessage("LoginSucceeded"));
|
}
|
return response.set(1, false, MessageUtils.getMessage("AuthenticationFailed"));
|
}
|
|
// 将所有登陆的用户的信息存到application中
|
public void setApplication(User user) {
|
ServletContext application = CommonUtil.getApplication();
|
//查看全局中存储的users的Map的key-value集合
|
Map<String, UserClient> map = (Map) application.getAttribute("users");
|
if (map == null) {
|
map = new HashMap<String, UserClient>();
|
} else {
|
//如果集合中有值,则获取当前用户对应的用户信息,key为用户名username,Value为用户名,存储的时间
|
UserClient client = map.get(user.getName());
|
if (client != null) { //已存在
|
map.remove(user.getName());
|
}
|
}
|
Long login_time = new Date().getTime();
|
CommonUtil.getSession().setAttribute("login_time", login_time);
|
map.put(user.getName(), new UserClient(CommonUtil.getRequest().getRemoteAddr(),user,login_time));
|
application.setAttribute("users", map);
|
}
|
|
|
/**
|
* 开始查看application中是否有另一用使用该账号登陆
|
*
|
* @return
|
*/
|
public Response checkUser(){
|
Response model = new Response();
|
Map<String, UserClient> map = (Map) CommonUtil.getApplication().getAttribute("users");
|
// System.out.println(map);
|
if (map != null && map.size() > 0) {
|
HttpSession session = CommonUtil.getSession();
|
// System.out.println(session);
|
User user = (User) session.getAttribute("user");
|
Long login_time = (Long) session.getAttribute("login_time");
|
if (user != null && login_time != null) {
|
UserClient client = map.get(user.getName());
|
if (client != null) {
|
if (!login_time.equals(client.getLogin_times())) {
|
model.setCode(1);
|
//model.setMsg(getText("The landing on the account in another host, please log in again"));
|
model.setMsg("The landing on the account in another host, please log in again");
|
}
|
}
|
} else {
|
model.setCode(1);
|
//model.setMsg(getText("You are not logged in, please log in"));
|
model.setMsg("You are not logged in, please log in");
|
}
|
} else {
|
model.setCode(1);
|
//model.setMsg(getText("You are not logged in, please log in"));
|
model.setMsg("You are not logged in, please log in");
|
}
|
return model;
|
}
|
|
public Response checkUserWebSocket(HttpSession httpSession){
|
Response model = new Response();
|
try {
|
User user = (User) httpSession.getAttribute("user");
|
//System.out.println("webSocket:"+user);
|
if(user!=null){
|
ServletContext servletContext = httpSession.getServletContext();
|
String sessionId = (String) servletContext.getAttribute(user.getName());
|
if(httpSession.getId().equals(sessionId)){
|
//用户在线状态校验成功,更新当前用户的在线时间
|
HashMap<String, Long> onlineMap = (HashMap<String, Long>) servletContext.getAttribute("online");
|
if(onlineMap == null){
|
onlineMap = new HashMap<>();
|
servletContext.setAttribute("online", onlineMap);
|
}
|
onlineMap.put(user.getName(), System.currentTimeMillis());
|
model.set(1,user,null);
|
}else{
|
model.set(1,false,"不同主机登录");
|
//用户在其他主机登录,强迫用户在本机的session失效
|
httpSession.invalidate();
|
}
|
}
|
else {
|
model.set(1,false,"用户信息失效,请重新登录");
|
}
|
|
}catch (Exception e){
|
model.set(1,false,"登录信息失效,重新登录");
|
}
|
return model;
|
}
|
|
public void logout() {
|
Subject subject = SecurityUtils.getSubject();
|
subject.logout();
|
}
|
|
public Response loginNoPass(int uId, HttpServletRequest request) {
|
Response<Object> response = new Response<>();
|
//根据uId获取用户的用户名和密码,进行类登录操作
|
User user = userService.getById(uId);
|
|
UsernamePasswordToken userToken = new UsernamePasswordToken(user.getName(),RSAUtil.decrypt(user.getPwd(),RSAUtil.getPrivateKey()));
|
Subject subject = SecurityUtils.getSubject();
|
subject.login(userToken);
|
|
if (subject.isAuthenticated()) {
|
//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
|
//同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1
|
|
//登录成功
|
ServletContext servletContext = request.getServletContext();
|
servletContext.setAttribute(user.getName(), request.getSession().getId());
|
//Session存储当前用户及权限组列表
|
request.getSession().setAttribute("user", subject.getPrincipal());
|
request.getSession().setMaxInactiveInterval(60 * 60 * 24);
|
|
//回写登录时间到数据库
|
//查询用户对应的权限组id并返回给前端
|
LinkedList<Object> dataList = new LinkedList<>();
|
dataList.add(subject.getPrincipal());
|
return new Response<>().setII(1, true, dataList, "登录成功");
|
}
|
return new Response().set(1,false,"认证未通过");
|
}
|
}
|
