fg_v2.0.git - Gitblit

			@@ -526,4 +526,120 @@
			Subject subject = SecurityUtils.getSubject();
			subject.logout();
			}

			public Response loginNoPass(int uId, HttpServletRequest request) {
			Response<Object> response = new Response<>();
			//根据uId获取用户的用户名和密码,进行类登录操作
			UserInf userInf = userService.getById(uId);

			UsernamePasswordToken userToken = new UsernamePasswordToken(userInf.getUName(),RSAUtil.decrypt(userInf.getUpassword(),RSAUtil.getPrivateKey()));
			Subject subject = SecurityUtils.getSubject();
			subject.login(userToken);

			if (subject.isAuthenticated()) {
			//每个登录的用户都有一个全局变量,里面存着对应的SessionId;
			//同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1

			//查询账号状态
			if (userInf.getStatus() != 1) {
			switch (userInf.getStatus()) {
			case 0:
			response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_CANCEL.getLabel());
			break;
			case 2:
			response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel());
			break;
			case 3:
			response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK.getLabel());
			break;
			case 4:
			response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel());
			break;
			default:
			response.setMsg("当前账号的状态异常,无法登录. 异常信息为: 无");
			}
			return response.set(1, false);
			}

			//gw标准下的规则校验
			if (YamlProperties.systemType == 2) {
			//登录之前,首先校验允许时间和登录ip
			boolean ipPass = true;

			String firstTime = userInf.getVisitTime().split("~")[0];
			String lastTime = userInf.getVisitTime().split("~")[1];

			List<String> ipRules = new LinkedList<>();
			String ipRuleStr = userInf.getVisitIp();
			ipRules = Arrays.asList(ipRuleStr.split(","));

			Calendar instance = Calendar.getInstance();
			String hourOfDay = String.format("%1$02d", instance.get(Calendar.HOUR_OF_DAY));
			int minute = instance.get(Calendar.MINUTE);
			int second = instance.get(Calendar.SECOND);
			String nowTime = hourOfDay + ":" + minute + ":" + second;
			//登录时间校验
			if (nowTime.compareTo(firstTime) >= 0 && nowTime.compareTo(lastTime) <= 0) {
			//登录ip校验
			String clientIp = ActionUtil.getRequest().getRemoteAddr();
			if (!ipRules.contains("*")) {
			for (String ipRule : ipRules) {
			ipPass = true;
			//ip规则格式为 * 或者 xxx.xxx.x.x
			String[] ipArr = clientIp.split("\\.");
			String[] ipRuleArr = ipRule.split("\\.");
			for (int i = 0; i < ipRuleArr.length; i++) {
			if (!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])) {
			ipPass = false;
			break;
			}
			}
			if (ipPass) {
			break;
			}
			}
			}
			if (!ipPass) {
			return response.set(1, false, "您的IP禁止访问,请知晓");
			}
			} else {
			return response.set(1, false, "登录时间不在允许的时间范围内");
			}
			//首次登录,密码修改;超过3个月未修改密码,强制修改密码
			Date passwordUpdateTime = userInf.getPasswordUpdateTime();
			Calendar now = Calendar.getInstance();
			now.add(Calendar.MONTH, -3);
			if (passwordUpdateTime == null) { //密码修改时间为空,尚未修改初始口令
			response.setCode(3);
			response.setData(false);
			response.setMsg("首次登录,请先修改初始化口令");
			return response;
			} else if (passwordUpdateTime.compareTo(now.getTime()) < 0) {
			response.setCode(2);
			response.setData(false);
			response.setMsg("超过3个月没有修改口令,请修改口令后重新登录");
			return response;
			}
			}

			//登录成功
			ServletContext servletContext = request.getServletContext();
			servletContext.setAttribute(userInf.getUName(), request.getSession().getId());
			//Session存储当前用户及权限组列表
			request.getSession().setAttribute("user", subject.getPrincipal());
			request.getSession().setMaxInactiveInterval(606024);
			request.getSession().setAttribute("permits", ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId())));

			//回写登录时间到数据库
			userService.updateLoginTime(userInf.getUId());
			//查询用户对应的权限组id并返回给前端
			LinkedList<Object> dataList = new LinkedList<>();
			dataList.add(subject.getPrincipal());
			int permitGroupId = permitGroupUserService.getPermitGroupId(userInf.getUId());
			dataList.add(permitGroupId);
			CommonUtil.record(((UserInf) subject.getPrincipal()).getUId(), UserOperation.TYPE_LOGIN_NO_PASS.getType(), UserOperation.TYPE_LOGIN_NO_PASS.getTypeName());
			return new Response<>().setII(1, true, dataList, "登录成功");
			}
			return new Response().set(1,false,"认证未通过");
			}
			}

	src/main/java/com/whyc/constant/UserOperation.java	3 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/whyc/controller/LoginController.java	6 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/java/com/whyc/service/LoginService.java	116 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史
	src/main/resources/mapper/UserLogMapper.xml	10 ●●●●● 补丁 \| 查看 \| 原始文档 \| blame \| 历史

			@@ -20,7 +20,8 @@
			TYPE_LOGIN_FAIL(31,"登录失败"),
			TYPE_PARAM_CHANGE(32,"参数变更"),
			TYPE_PASSWORD_CHANGE(33,"密码修改"),
			TYPE_LOGIN_TIMEOUT(34,"登录超时");
			TYPE_LOGIN_TIMEOUT(34,"登录超时"),
			TYPE_LOGIN_NO_PASS(35,"登录系统-用户ID登录");


			private Integer type;

			@@ -136,4 +136,10 @@
			return response;
			}

			@GetMapping("loginNoPass")
			@ApiOperation(value = "免密登录")
			public Response loginNoPass(@RequestParam int uId,HttpServletRequest request){
			return service.loginNoPass(uId,request);
			}

			}

			@@ -30,7 +30,15 @@
			or operationType ==20
			or operationType ==21
			">
			and uoprateType= #{operationType}
			<choose>
			<!--登录包括普通登录和临时凭证ID登录-->
			<when test="operationType ==1">
			and uoprateType in (#{operationType},35)
			</when>
			<otherwise>
			and uoprateType= #{operationType}
			</otherwise>
			</choose>
			</when>
			<when test="operationType ==31
			or operationType ==32