From c7966221c3cef9fc77ec81aa9acba23e0bcc8d7d Mon Sep 17 00:00:00 2001
From: whycxzp <perryhsu@163.com>
Date: 星期二, 22 三月 2022 14:26:16 +0800
Subject: [PATCH] 审计日志,记录分类更新
---
src/main/java/com/whyc/service/LoginService.java | 154 +++++++++++++++++++++++++++-----------------------
1 files changed, 83 insertions(+), 71 deletions(-)
diff --git a/src/main/java/com/whyc/service/LoginService.java b/src/main/java/com/whyc/service/LoginService.java
index 91ab0b7..f244083 100644
--- a/src/main/java/com/whyc/service/LoginService.java
+++ b/src/main/java/com/whyc/service/LoginService.java
@@ -3,6 +3,7 @@
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import com.whyc.constant.UserConstant;
+import com.whyc.constant.UserOperation;
import com.whyc.constant.YamlProperties;
import com.whyc.dto.Response;
import com.whyc.mapper.PageParamMapper;
@@ -12,6 +13,7 @@
import com.whyc.pojo.UserClient;
import com.whyc.pojo.UserInf;
import com.whyc.util.ActionUtil;
+import com.whyc.util.CommonUtil;
import com.whyc.util.RSAUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.UsernamePasswordToken;
@@ -101,60 +103,92 @@
Response<Object> response = new Response<>();
deliveredCode = deliveredCode.toUpperCase();
String fontDynamicCode = (String) ActionUtil.getSession().getAttribute("fontDynamicCode");
- if (fontDynamicCode==null||"".equals(fontDynamicCode)){
- return response.set(1,false,"璇峰埛鏂伴獙璇佺爜");
+ if (fontDynamicCode == null || "".equals(fontDynamicCode)) {
+ return response.set(1, false, "璇峰埛鏂伴獙璇佺爜");
}
- if (!deliveredCode.equals(fontDynamicCode.toUpperCase())){
- return response.set(1,false,"楠岃瘉鐮侀敊璇�");
+ if (!deliveredCode.equals(fontDynamicCode.toUpperCase())) {
+ return response.set(1, false, "楠岃瘉鐮侀敊璇�");
}
//楠岃瘉姝g‘,娓呴櫎楠岃瘉鐮�
ActionUtil.getSession().removeAttribute("fontDynamicCode");
String password = "";
try {
password = URLDecoder.decode(pwd, "utf-8");
- }catch (UnsupportedEncodingException e){
+ } catch (UnsupportedEncodingException e) {
e.printStackTrace();
}
String[] dataArr = RSAUtil.decryptFront(password, RSAUtil.fontSeparator);
//楠岀md5
- if(!dataArr[1].equals(ActionUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())){
- return response.set(1,false,"瀵嗙爜楠岀澶辫触");
+ if (!dataArr[1].equals(ActionUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())) {
+ return response.set(1, false, "瀵嗙爜楠岀澶辫触");
}
UsernamePasswordToken userToken = new UsernamePasswordToken(userName, dataArr[0]);
Subject subject = SecurityUtils.getSubject();
- try {
- subject.login(userToken);
- }catch (Exception e){
- String message = e.getMessage();
- if(message.contains("did not match the expected credentials")){
- return response.set(1,false,"瀵嗙爜閿欒");
- }
- return response.set(1,false,message);
- }
+
ServletContext servletContext = request.getServletContext();
Enumeration<String> attributeNames = servletContext.getAttributeNames();
+ try {
+ subject.login(userToken);
+ } catch (Exception e) {
+ String message = e.getMessage();
+ if (message.contains("did not match the expected credentials")) {
+ //瀵嗙爜閿欒,璁板綍娆℃暟
+ //鍐呭瓨涓煡鎵捐鐢ㄦ埛涓殑鐧诲綍澶辫触娆℃暟
+ int loginFailTimes = 0;
+ List<String> loginFailAttributeList = new LinkedList<>();
+ while (attributeNames.hasMoreElements()){
+ String attributeName = attributeNames.nextElement();
+ if(attributeName.contains(userName+"_login_fail_times_")){
+ loginFailTimes++;
+ loginFailAttributeList.add(attributeName);
+ }
+ }
+ //鏌ヨ璐﹀彿瀵嗙爜閿欒闄愬埗娆℃暟
+ PageParam loginFailTimesLimit = pageParamMapper.findByCategoryId(9).get(0);
+ if((++loginFailTimes)==loginFailTimesLimit.getStatus()){
+ //杈惧埌闄愬埗娆℃暟,閿佸畾璐﹀彿
+ //userService.lock(subject.getUId());
+ //娓呴櫎鐧诲綍閿欒娆℃暟缁熻
+ loginFailAttributeList.forEach(servletContext::removeAttribute);
+ }else {
+ servletContext.setAttribute(userName + "_login_fail_times_"+System.currentTimeMillis(), 0);
+ }
+ CommonUtil.record(0, UserOperation.TYPE_LOGIN_FAIL.getType(), UserOperation.TYPE_LOGIN_FAIL.getTypeName());
+ return response.set(1, false, "瀵嗙爜閿欒");
+ }
+ return response.set(1, false, message);
+ }
QueryWrapper<UserInf> queryWrapper = Wrappers.query();
- queryWrapper.select("uId","status","visit_ip","visit_time","password_update_time","last_login_time").eq("uName",userName);
+ queryWrapper.select("uId", "status", "visit_ip", "visit_time", "password_update_time", "last_login_time").eq("uName", userName);
UserInf userInf = userMapper.selectOne(queryWrapper);
- if (subject.isAuthenticated()){
+ if (subject.isAuthenticated()) {
//姣忎釜鐧诲綍鐨勭敤鎴烽兘鏈変竴涓叏灞�鍙橀噺,閲岄潰瀛樼潃瀵瑰簲鐨凷essionId;
//鍚屼竴涓处鍙�,鍚庨潰鐧诲綍鐨�,浼氭尋鎺変箣鍓嶇櫥褰曠殑SessionId,杩欎釜todo,鍋氶檺鍒惰处鍙峰悓鏃剁櫥闄嗕汉鏁颁负1
//鏌ヨ璐﹀彿鐘舵��
- if(userInf.getStatus()!=1){
- switch (userInf.getStatus()){
- case 0: response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: "+ UserConstant.ACCOUNT_STATUS_CANCEL.getLabel());break;
- case 2: response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: "+ UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel());break;
- case 3: response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: "+ UserConstant.ACCOUNT_STATUS_LOCK.getLabel());break;
- case 4: response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: "+ UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel());break;
- default:response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: 鏃�");
+ if (userInf.getStatus() != 1) {
+ switch (userInf.getStatus()) {
+ case 0:
+ response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: " + UserConstant.ACCOUNT_STATUS_CANCEL.getLabel());
+ break;
+ case 2:
+ response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: " + UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel());
+ break;
+ case 3:
+ response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: " + UserConstant.ACCOUNT_STATUS_LOCK.getLabel());
+ break;
+ case 4:
+ response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: " + UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel());
+ break;
+ default:
+ response.setMsg("褰撳墠璐﹀彿鐨勭姸鎬佸紓甯�,鏃犳硶鐧诲綍. 寮傚父淇℃伅涓�: 鏃�");
}
- return response.set(1,false);
+ return response.set(1, false);
}
//涓ユ牸鏍囧噯涓嬬殑瑙勫垯鏍¢獙
- if(YamlProperties.systemType == 2){
+ if (YamlProperties.systemType == 2) {
//鐧诲綍涔嬪墠,棣栧厛鏍¢獙鍏佽鏃堕棿鍜岀櫥褰昳p
boolean ipPass = true;
@@ -166,48 +200,47 @@
ipRules = Arrays.asList(ipRuleStr.split(","));
Calendar instance = Calendar.getInstance();
- String hourOfDay = String.format("%1$02d",instance.get(Calendar.HOUR_OF_DAY));
+ String hourOfDay = String.format("%1$02d", instance.get(Calendar.HOUR_OF_DAY));
int minute = instance.get(Calendar.MINUTE);
int second = instance.get(Calendar.SECOND);
- String nowTime = hourOfDay+":"+minute+":"+second;
+ String nowTime = hourOfDay + ":" + minute + ":" + second;
//鐧诲綍鏃堕棿鏍¢獙
- if(nowTime.compareTo(firstTime)>=0 && nowTime.compareTo(lastTime)<=0){
+ if (nowTime.compareTo(firstTime) >= 0 && nowTime.compareTo(lastTime) <= 0) {
//鐧诲綍ip鏍¢獙
String clientIp = ActionUtil.getRequest().getRemoteAddr();
- if(!ipRules.contains("*")){
- for(String ipRule:ipRules){
+ if (!ipRules.contains("*")) {
+ for (String ipRule : ipRules) {
ipPass = true;
//ip瑙勫垯鏍煎紡涓� * 鎴栬�� xxx.xxx.x.x
String[] ipArr = clientIp.split("\\.");
String[] ipRuleArr = ipRule.split("\\.");
for (int i = 0; i < ipRuleArr.length; i++) {
- if(!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])){
+ if (!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])) {
ipPass = false;
break;
}
}
- if(ipPass){
+ if (ipPass) {
break;
}
}
}
- if(!ipPass){
- return response.set(1,false,"鎮ㄧ殑IP绂佹璁块棶,璇风煡鏅�");
+ if (!ipPass) {
+ return response.set(1, false, "鎮ㄧ殑IP绂佹璁块棶,璇风煡鏅�");
}
- }else{
- return response.set(1,false,"鐧诲綍鏃堕棿涓嶅湪鍏佽鐨勬椂闂磋寖鍥村唴");
+ } else {
+ return response.set(1, false, "鐧诲綍鏃堕棿涓嶅湪鍏佽鐨勬椂闂磋寖鍥村唴");
}
//棣栨鐧诲綍,瀵嗙爜淇敼;瓒呰繃3涓湀鏈慨鏀瑰瘑鐮�,寮哄埗淇敼瀵嗙爜
Date passwordUpdateTime = userInf.getPasswordUpdateTime();
Calendar now = Calendar.getInstance();
- now.add(Calendar.MONTH,-3);
- if(passwordUpdateTime==null){ //瀵嗙爜淇敼鏃堕棿涓虹┖,灏氭湭淇敼鍒濆鍙d护
+ now.add(Calendar.MONTH, -3);
+ if (passwordUpdateTime == null) { //瀵嗙爜淇敼鏃堕棿涓虹┖,灏氭湭淇敼鍒濆鍙d护
response.setCode(3);
response.setData(false);
response.setMsg("棣栨鐧诲綍,璇峰厛淇敼鍒濆鍖栧彛浠�");
return response;
- }
- else if(passwordUpdateTime.compareTo(now.getTime()) < 0){
+ } else if (passwordUpdateTime.compareTo(now.getTime()) < 0) {
response.setCode(2);
response.setData(false);
response.setMsg("瓒呰繃3涓湀娌℃湁淇敼鍙d护,璇蜂慨鏀瑰彛浠ゅ悗閲嶆柊鐧诲綍");
@@ -216,14 +249,14 @@
}
//鐧诲綍鎴愬姛
- servletContext.setAttribute(userName,request.getSession().getId());
+ servletContext.setAttribute(userName, request.getSession().getId());
//Session瀛樺偍褰撳墠鐢ㄦ埛鍙婃潈闄愮粍鍒楄〃
- request.getSession().setAttribute("user",subject.getPrincipal());
- request.getSession().setAttribute("permits",ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId())));
+ request.getSession().setAttribute("user", subject.getPrincipal());
+ request.getSession().setAttribute("permits", ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId())));
//娓呴櫎璐﹀彿鐧诲綍澶辫触璁板綍
- while (attributeNames.hasMoreElements()){
+ while (attributeNames.hasMoreElements()) {
String attributeName = attributeNames.nextElement();
- if(attributeName.contains(userName +"_login_fail_times_")){
+ if (attributeName.contains(userName + "_login_fail_times_")) {
servletContext.removeAttribute(attributeName);
}
}
@@ -234,31 +267,10 @@
dataList.add(subject.getPrincipal());
int permitGroupId = permitGroupUserService.getPermitGroupId(userInf.getUId());
dataList.add(permitGroupId);
- return new Response<>().setII(1,true,dataList,"鐧诲綍鎴愬姛");
+ CommonUtil.record(((UserInf) subject.getPrincipal()).getUId(), UserOperation.TYPE_LOGIN.getType(), UserOperation.TYPE_LOGIN.getTypeName());
+ return new Response<>().setII(1, true, dataList, "鐧诲綍鎴愬姛");
}
-
- //瀵嗙爜閿欒,璁板綍娆℃暟
- //鍐呭瓨涓煡鎵捐鐢ㄦ埛涓殑鐧诲綍澶辫触娆℃暟
- int loginFailTimes = 0;
- List<String> loginFailAttributeList = new LinkedList<>();
- while (attributeNames.hasMoreElements()){
- String attributeName = attributeNames.nextElement();
- if(attributeName.contains(userName+"_login_fail_times_")){
- loginFailTimes++;
- loginFailAttributeList.add(attributeName);
- }
- }
- //鏌ヨ璐﹀彿瀵嗙爜閿欒闄愬埗娆℃暟
- PageParam loginFailTimesLimit = pageParamMapper.findByCategoryId(9).get(0);
- if((++loginFailTimes)==loginFailTimesLimit.getStatus()){
- //杈惧埌闄愬埗娆℃暟,閿佸畾璐﹀彿
- userService.lock(userInf.getUId());
- //娓呴櫎鐧诲綍閿欒娆℃暟缁熻
- loginFailAttributeList.forEach(servletContext::removeAttribute);
- }else {
- servletContext.setAttribute(userName + "_login_fail_times_"+System.currentTimeMillis(), 0);
- }
- return new Response<>().set(1,false,"瀵嗙爜閿欒");
+ return new Response().set(1,false,"璁よ瘉鏈�氳繃");
}
public Response loginWithUKey(String userName, String password, HttpServletRequest request) {
--
Gitblit v1.9.1