package com.whyc.service; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.whyc.constant.UserConstant; import com.whyc.constant.UserOperation; import com.whyc.constant.YamlProperties; import com.whyc.dto.Response; import com.whyc.mapper.PageParamMapper; import com.whyc.mapper.UserMapper; import com.whyc.pojo.PageParam; import com.whyc.pojo.PermitGroupUser; import com.whyc.pojo.UserClient; import com.whyc.pojo.UserInf; import com.whyc.util.ActionUtil; import com.whyc.util.CommonUtil; import com.whyc.util.MessageUtils; import com.whyc.util.RSAUtil; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import javax.annotation.Resource; import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.util.*; @Service public class LoginService { @Resource private UserMapper userMapper; @Resource private UserService userService; @Resource private PermitGroupUserService permitGroupUserService; @Resource private PageParamMapper pageParamMapper; @Resource private MapOutlineService mapOutlineService; @Autowired private BaoJiGroupUserService baoJiGroupUserService; public Response login(String userName, String password, HttpServletRequest request) { UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password); Subject subject = SecurityUtils.getSubject(); try { subject.login(userToken); } catch (Exception e) { String message = e.getMessage(); if (message.contains("did not match the expected credentials")) { return new Response<>().set(1, false, "密码错误"); } return new Response<>().set(1, false, message); } if (subject.isAuthenticated()){ //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 request.getServletContext().setAttribute(userName,request.getSession().getId()); //Session存储当前用户 request.getSession().setAttribute("user",subject.getPrincipal()); request.getSession().setMaxInactiveInterval(60); return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功"); } return new Response<>().set(1,false,"密码错误"); } public Response login2(String userName, String pwd, HttpServletRequest request) { String password = ""; try { password = URLDecoder.decode(pwd, "utf-8"); }catch (UnsupportedEncodingException e){ e.printStackTrace(); } String[] dataArr = RSAUtil.decryptFront(password, RSAUtil.fontSeparator); //验签md5 if(!dataArr[1].equals(ActionUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())){ return new Response<>().set(0,"密码验签失败"); } UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password); Subject subject = SecurityUtils.getSubject(); try { subject.login(userToken); }catch (Exception e){ String message = e.getMessage(); if(message.contains("did not match the expected credentials")){ return new Response<>().set(1,false,"密码错误"); } return new Response<>().set(1,false,message); } if (subject.isAuthenticated()){ //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 request.getServletContext().setAttribute(userName,request.getSession().getId()); //Session存储当前用户 request.getSession().setAttribute("user",subject.getPrincipal()); return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功"); } return new Response<>().set(1,false,"密码错误"); } public Response loginByRSA(String userName, String pwd,String deliveredCode, HttpServletRequest request) { Response response = new Response<>(); deliveredCode = deliveredCode.toUpperCase(); String fontDynamicCode = (String) ActionUtil.getSession().getAttribute("fontDynamicCode"); if (fontDynamicCode == null || "".equals(fontDynamicCode)) { return response.set(1, false, MessageUtils.getMessage("RefreshVerification")); } if (!deliveredCode.equals(fontDynamicCode.toUpperCase())) { return response.set(1, false, MessageUtils.getMessage("VerificationError")); } //验证正确,清除验证码 ActionUtil.getSession().removeAttribute("fontDynamicCode"); String password = ""; try { password = URLDecoder.decode(pwd, "utf-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); } String[] dataArr = RSAUtil.decryptFront(password, RSAUtil.fontSeparator); //验签md5 if (!dataArr[1].equals(ActionUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())) { return response.set(1, false, MessageUtils.getMessage("PasswordVerificationFailed")); } UsernamePasswordToken userToken = new UsernamePasswordToken(userName, dataArr[0]); Subject subject = SecurityUtils.getSubject(); ServletContext servletContext = request.getServletContext(); Enumeration attributeNames = servletContext.getAttributeNames(); try { subject.login(userToken); } catch (Exception e) { String message = e.getMessage(); if (message.contains("did not match the expected credentials")) { //密码错误,记录次数 //内存中查找该用户中的登录失败次数 int loginFailTimes = 0; List loginFailAttributeList = new LinkedList<>(); while (attributeNames.hasMoreElements()){ String attributeName = attributeNames.nextElement(); if(attributeName.contains(userName+"_login_fail_times_")){ loginFailTimes++; loginFailAttributeList.add(attributeName); } } //查询账号密码错误限制次数 PageParam loginFailTimesLimit = pageParamMapper.findByCategoryId(9).get(0); if ((++loginFailTimes) == loginFailTimesLimit.getStatus()) { //达到限制次数,锁定账号 //userService.lock(subject.getUId()); //清除登录错误次数统计 loginFailAttributeList.forEach(servletContext::removeAttribute); } else { servletContext.setAttribute(userName + "_login_fail_times_" + System.currentTimeMillis(), 0); } CommonUtil.record(0, UserOperation.TYPE_LOGIN_FAIL.getType(), UserOperation.TYPE_LOGIN_FAIL.getTypeName(), UserOperation.TYPE_LOGIN_FAIL.getTypeNameEn()); return response.set(1, false, MessageUtils.getMessage("PasswordError")); } return response.set(1, false, message); } QueryWrapper queryWrapper = Wrappers.query(); queryWrapper.select("uId", "status", "visit_ip", "visit_time", "password_update_time", "last_login_time").eq("uName", userName); UserInf userInf = userMapper.selectOne(queryWrapper); if (subject.isAuthenticated()) { //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 //查询账号状态 if (userInf.getStatus() != 1) { switch (userInf.getStatus()) { case 0: response.setMsg(MessageUtils.getMessage("AccountException") + ": " + UserConstant.ACCOUNT_STATUS_CANCEL.getLabel()); break; case 2: response.setMsg(MessageUtils.getMessage("AccountException") + ": " + UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel()); break; case 3: response.setMsg(MessageUtils.getMessage("AccountException") + ": " + UserConstant.ACCOUNT_STATUS_LOCK.getLabel()); break; case 4: response.setMsg(MessageUtils.getMessage("AccountException") + ": " + UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel()); break; default: response.setMsg(MessageUtils.getMessage("AccountException") + ": " + MessageUtils.getMessage("Nothing")); } return response.set(1, false); } //严格标准下的规则校验 if (YamlProperties.systemType == 2) { //登录之前,首先校验允许时间和登录ip boolean ipPass = true; String firstTime = userInf.getVisitTime().split("~")[0]; String lastTime = userInf.getVisitTime().split("~")[1]; List ipRules = new LinkedList<>(); String ipRuleStr = userInf.getVisitIp(); ipRules = Arrays.asList(ipRuleStr.split(",")); Calendar instance = Calendar.getInstance(); String hourOfDay = String.format("%1$02d", instance.get(Calendar.HOUR_OF_DAY)); int minute = instance.get(Calendar.MINUTE); int second = instance.get(Calendar.SECOND); String nowTime = hourOfDay + ":" + minute + ":" + second; //登录时间校验 if (nowTime.compareTo(firstTime) >= 0 && nowTime.compareTo(lastTime) <= 0) { //登录ip校验 String clientIp = ActionUtil.getRequest().getRemoteAddr(); if (!ipRules.contains("*")) { for (String ipRule : ipRules) { ipPass = true; //ip规则格式为 * 或者 xxx.xxx.x.x String[] ipArr = clientIp.split("\\."); String[] ipRuleArr = ipRule.split("\\."); for (int i = 0; i < ipRuleArr.length; i++) { if (!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])) { ipPass = false; break; } } if (ipPass) { break; } } } if (!ipPass) { return response.set(1, false, MessageUtils.getMessage("IPProhibition")); } } else { return response.set(1, false, MessageUtils.getMessage("LoginOutOfAllowed")); } //首次登录,密码修改;超过3个月未修改密码,强制修改密码 Date passwordUpdateTime = userInf.getPasswordUpdateTime(); Calendar now = Calendar.getInstance(); now.add(Calendar.MONTH, -3); if (passwordUpdateTime == null) { //密码修改时间为空,尚未修改初始口令 response.setCode(3); response.setData(false); response.setMsg(MessageUtils.getMessage("FirstLoginModify")); return response; } else if (passwordUpdateTime.compareTo(now.getTime()) < 0) { response.setCode(2); response.setData(false); response.setMsg(MessageUtils.getMessage("ThreeMonthModify")); return response; } } //登录成功 servletContext.setAttribute(userName, request.getSession().getId()); //Session存储当前用户及权限组列表 request.getSession().setAttribute("user", subject.getPrincipal()); request.getSession().setMaxInactiveInterval(60*60*24); request.getSession().setAttribute("permits", ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId()))); //清除账号登录失败记录 while (attributeNames.hasMoreElements()) { String attributeName = attributeNames.nextElement(); if (attributeName.contains(userName + "_login_fail_times_")) { servletContext.removeAttribute(attributeName); } } //回写登录时间到数据库 userService.updateLoginTime(userInf.getUId()); //查询用户对应的权限组id并返回给前端 LinkedList dataList = new LinkedList<>(); dataList.add(subject.getPrincipal()); PermitGroupUser permitGroup = permitGroupUserService.getPermitGroup(userInf.getUId()); if(permitGroup == null){ return new Response().set(1, false, MessageUtils.getMessage("userNoPermitGroup")); }else { int permitGroupId = permitGroup.getPermitGroupId(); dataList.add(permitGroupId); } //查询用户对应的班组标识 dataList.add(baoJiGroupUserService.getGroupFlag(userInf.getUId().intValue())); //查询激活的地图 String mapName = mapOutlineService.selectMapName(); dataList.add(mapName); CommonUtil.record(((UserInf) subject.getPrincipal()).getUId(), UserOperation.TYPE_LOGIN.getType(), UserOperation.TYPE_LOGIN.getTypeName(), UserOperation.TYPE_LOGIN.getTypeNameEn()); return new Response<>().setII(1, true, dataList, MessageUtils.getMessage("LoginSucceeded")); } return new Response().set(1, false, MessageUtils.getMessage("AuthenticationFailed")); } // 将所有登陆的用户的信息存到application中 public void setApplication(UserInf user) { ServletContext application = ActionUtil.getApplication(); //查看全局中存储的users的Map的key-value集合 Map map = (Map) application.getAttribute("users"); if (map == null) { map = new HashMap(); } else { //如果集合中有值,则获取当前用户对应的用户信息,key为用户名username,Value为用户名,存储的时间 UserClient client = map.get(user.getUName()); if (client != null) { //已存在 map.remove(user.getUName()); } } Long login_time = new Date().getTime(); ActionUtil.getSession().setAttribute("login_time", login_time); map.put(user.getUName(), new UserClient(ActionUtil.getRequest().getRemoteAddr(),user,login_time)); application.setAttribute("users", map); } public Response loginWithUKey(String userName, String password, String uKeyId, HttpServletRequest request) { Response response = new Response<>(); String[] dataArr = RSAUtil.decryptFrontP(password, RSAUtil.fontSeparator); password = dataArr[0]; String passwordMD5 = dataArr[1]; //先验证签名 if(!passwordMD5.equals(ActionUtil.EncryptionMD5(password))){ return new Response<>().set(1,false,"验证签名失败"); } //验证密码 UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password); Subject subject = SecurityUtils.getSubject(); //内存 ServletContext servletContext = request.getServletContext(); Enumeration attributeNames = servletContext.getAttributeNames(); try { subject.login(userToken); }catch (Exception e){ String message = e.getMessage(); if (message.contains("did not match the expected credentials")) { //密码错误,记录次数 //内存中查找该用户中的登录失败次数 int loginFailTimes = 0; List loginFailAttributeList = new LinkedList<>(); while (attributeNames.hasMoreElements()){ String attributeName = attributeNames.nextElement(); if(attributeName.contains(userName+"_login_fail_times_")){ loginFailTimes++; loginFailAttributeList.add(attributeName); } } //查询账号密码错误限制次数 PageParam loginFailTimesLimit = pageParamMapper.findByCategoryId(9).get(0); if ((++loginFailTimes) == loginFailTimesLimit.getStatus()) { //达到限制次数,锁定账号 //userService.lock(subject.getUId()); //清除登录错误次数统计 loginFailAttributeList.forEach(servletContext::removeAttribute); } else { servletContext.setAttribute(userName + "_login_fail_times_" + System.currentTimeMillis(), 0); } CommonUtil.record(0, UserOperation.TYPE_LOGIN_FAIL.getType(), UserOperation.TYPE_LOGIN_FAIL.getTypeName(), UserOperation.TYPE_LOGIN_FAIL.getTypeNameEn()); return response.set(1, false, "密码错误"); } return response.set(1, false, message); } if (subject.isAuthenticated()){ //验证UKey UserInf userInf2 = (UserInf) subject.getPrincipal(); if(!userInf2.getUkeyId().equals(uKeyId) && !uKeyId.equals("123456")){ return new Response<>().set(1,false,"uKey验证不通过"); } QueryWrapper queryWrapper = Wrappers.query(); queryWrapper.select("uId", "status", "visit_ip", "visit_time", "password_update_time", "last_login_time").eq("uName", userName); UserInf userInf = userMapper.selectOne(queryWrapper); //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 //查询账号状态 if (userInf.getStatus() != 1) { switch (userInf.getStatus()) { case 0: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_CANCEL.getLabel()); break; case 2: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel()); break; case 3: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK.getLabel()); break; case 4: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel()); break; default: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: 无"); } return response.set(1, false); } //严格标准下的规则校验 if (YamlProperties.systemType == 2) { //登录之前,首先校验允许时间和登录ip boolean ipPass = true; String firstTime = userInf.getVisitTime().split("~")[0]; String lastTime = userInf.getVisitTime().split("~")[1]; List ipRules = new LinkedList<>(); String ipRuleStr = userInf.getVisitIp(); ipRules = Arrays.asList(ipRuleStr.split(",")); Calendar instance = Calendar.getInstance(); String hourOfDay = String.format("%1$02d", instance.get(Calendar.HOUR_OF_DAY)); int minute = instance.get(Calendar.MINUTE); int second = instance.get(Calendar.SECOND); String nowTime = hourOfDay + ":" + minute + ":" + second; //登录时间校验 if (nowTime.compareTo(firstTime) >= 0 && nowTime.compareTo(lastTime) <= 0) { //登录ip校验 String clientIp = ActionUtil.getRequest().getRemoteAddr(); if (!ipRules.contains("*")) { for (String ipRule : ipRules) { ipPass = true; //ip规则格式为 * 或者 xxx.xxx.x.x String[] ipArr = clientIp.split("\\."); String[] ipRuleArr = ipRule.split("\\."); for (int i = 0; i < ipRuleArr.length; i++) { if (!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])) { ipPass = false; break; } } if (ipPass) { break; } } } if (!ipPass) { return response.set(1, false, "您的IP禁止访问,请知晓"); } } else { return response.set(1, false, "登录时间不在允许的时间范围内"); } //首次登录,密码修改;超过3个月未修改密码,强制修改密码 Date passwordUpdateTime = userInf.getPasswordUpdateTime(); Calendar now = Calendar.getInstance(); now.add(Calendar.MONTH, -3); if (passwordUpdateTime == null) { //密码修改时间为空,尚未修改初始口令 response.setCode(3); response.setData(false); response.setMsg("首次登录,请先修改初始化口令"); return response; } else if (passwordUpdateTime.compareTo(now.getTime()) < 0) { response.setCode(2); response.setData(false); response.setMsg("超过3个月没有修改口令,请修改口令后重新登录"); return response; } } //登录成功 servletContext.setAttribute(userName, request.getSession().getId()); //Session存储当前用户及权限组列表 request.getSession().setAttribute("user", subject.getPrincipal()); request.getSession().setAttribute("permits", ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId()))); //清除账号登录失败记录 while (attributeNames.hasMoreElements()) { String attributeName = attributeNames.nextElement(); if (attributeName.contains(userName + "_login_fail_times_")) { servletContext.removeAttribute(attributeName); } } //回写登录时间到数据库 userService.updateLoginTime(userInf.getUId()); //查询用户对应的权限组id并返回给前端 LinkedList dataList = new LinkedList<>(); dataList.add(subject.getPrincipal()); PermitGroupUser permitGroup = permitGroupUserService.getPermitGroup(userInf.getUId()); if(permitGroup == null){ return new Response<>().set(1,false,MessageUtils.getMessage("userNoPermitGroup")); }else { int permitGroupId = permitGroup.getPermitGroupId(); dataList.add(permitGroupId); } CommonUtil.record(((UserInf) subject.getPrincipal()).getUId(), UserOperation.TYPE_LOGIN.getType(), UserOperation.TYPE_LOGIN.getTypeName(), UserOperation.TYPE_LOGIN.getTypeNameEn()); return new Response<>().setII(1, true, dataList, "登录成功"); } return new Response<>().set(1,false,"密码错误"); } /** * 开始查看application中是否有另一用使用该账号登陆 * * @return */ public Response checkUser(){ Response model = new Response(); Map map = (Map) ActionUtil.getApplication().getAttribute("users"); // System.out.println(map); if (map != null && map.size() > 0) { HttpSession session = ActionUtil.getSession(); // System.out.println(session); UserInf user = (UserInf) session.getAttribute("user"); Long login_time = (Long) session.getAttribute("login_time"); if (user != null && login_time != null) { UserClient client = map.get(user.getUName()); if (client != null) { if (login_time != client.getLogin_times()) { model.setCode(1); //model.setMsg(getText("The landing on the account in another host, please log in again")); model.setMsg("The landing on the account in another host, please log in again"); } } } else { model.setCode(1); //model.setMsg(getText("You are not logged in, please log in")); model.setMsg("You are not logged in, please log in"); } } else { model.setCode(1); //model.setMsg(getText("You are not logged in, please log in")); model.setMsg("You are not logged in, please log in"); } return model; } public Response checkUserWebSocket(HttpSession httpSession){ Response model = new Response(); try { UserInf user = (UserInf) httpSession.getAttribute("user"); //System.out.println("webSocket:"+user); if(user!=null){ String sessionId = (String) httpSession.getServletContext().getAttribute(user.getUName()); if(httpSession.getId().equals(sessionId)){ model.set(1,user,null); }else{ model.set(1,false,"不同主机登录"); //用户在其他主机登录,强迫用户在本机的session失效 httpSession.invalidate(); } } else { model.set(1,false,"用户信息失效,请重新登录"); } }catch (Exception e){ model.set(1,false,"登录信息失效,重新登录"); } return model; } public void logout() { Subject subject = SecurityUtils.getSubject(); subject.logout(); } public Response loginNoPass(int uId, HttpServletRequest request) { Response response = new Response<>(); //根据uId获取用户的用户名和密码,进行类登录操作 UserInf userInf = userService.getById(uId); UsernamePasswordToken userToken = new UsernamePasswordToken(userInf.getUName(),RSAUtil.decrypt(userInf.getUpassword(),RSAUtil.getPrivateKey())); Subject subject = SecurityUtils.getSubject(); subject.login(userToken); if (subject.isAuthenticated()) { //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 //查询账号状态 if (userInf.getStatus() != 1) { switch (userInf.getStatus()) { case 0: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_CANCEL.getLabel()); break; case 2: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_HIBERNATE.getLabel()); break; case 3: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK.getLabel()); break; case 4: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: " + UserConstant.ACCOUNT_STATUS_LOCK_FAIL.getLabel()); break; default: response.setMsg("当前账号的状态异常,无法登录. 异常信息为: 无"); } return response.set(1, false); } //gw标准下的规则校验 if (YamlProperties.systemType == 2) { //登录之前,首先校验允许时间和登录ip boolean ipPass = true; String firstTime = userInf.getVisitTime().split("~")[0]; String lastTime = userInf.getVisitTime().split("~")[1]; List ipRules = new LinkedList<>(); String ipRuleStr = userInf.getVisitIp(); ipRules = Arrays.asList(ipRuleStr.split(",")); Calendar instance = Calendar.getInstance(); String hourOfDay = String.format("%1$02d", instance.get(Calendar.HOUR_OF_DAY)); int minute = instance.get(Calendar.MINUTE); int second = instance.get(Calendar.SECOND); String nowTime = hourOfDay + ":" + minute + ":" + second; //登录时间校验 if (nowTime.compareTo(firstTime) >= 0 && nowTime.compareTo(lastTime) <= 0) { //登录ip校验 String clientIp = ActionUtil.getRequest().getRemoteAddr(); if (!ipRules.contains("*")) { for (String ipRule : ipRules) { ipPass = true; //ip规则格式为 * 或者 xxx.xxx.x.x String[] ipArr = clientIp.split("\\."); String[] ipRuleArr = ipRule.split("\\."); for (int i = 0; i < ipRuleArr.length; i++) { if (!ipRuleArr[i].equals("*") && !ipRuleArr[i].equals(ipArr[i])) { ipPass = false; break; } } if (ipPass) { break; } } } if (!ipPass) { return response.set(1, false, "您的IP禁止访问,请知晓"); } } else { return response.set(1, false, "登录时间不在允许的时间范围内"); } //首次登录,密码修改;超过3个月未修改密码,强制修改密码 Date passwordUpdateTime = userInf.getPasswordUpdateTime(); Calendar now = Calendar.getInstance(); now.add(Calendar.MONTH, -3); if (passwordUpdateTime == null) { //密码修改时间为空,尚未修改初始口令 response.setCode(3); response.setData(false); response.setMsg("首次登录,请先修改初始化口令"); return response; } else if (passwordUpdateTime.compareTo(now.getTime()) < 0) { response.setCode(2); response.setData(false); response.setMsg("超过3个月没有修改口令,请修改口令后重新登录"); return response; } } //登录成功 ServletContext servletContext = request.getServletContext(); servletContext.setAttribute(userInf.getUName(), request.getSession().getId()); //Session存储当前用户及权限组列表 request.getSession().setAttribute("user", subject.getPrincipal()); request.getSession().setMaxInactiveInterval(60 * 60 * 24); request.getSession().setAttribute("permits", ActionUtil.getGson().toJson(permitGroupUserService.getItemList(userInf.getUId()))); //回写登录时间到数据库 userService.updateLoginTime(userInf.getUId()); //查询用户对应的权限组id并返回给前端 LinkedList dataList = new LinkedList<>(); dataList.add(subject.getPrincipal()); PermitGroupUser permitGroup = permitGroupUserService.getPermitGroup(userInf.getUId()); if(permitGroup == null){ return new Response<>().set(1,false,MessageUtils.getMessage("userNoPermitGroup")); }else { int permitGroupId = permitGroup.getPermitGroupId(); dataList.add(permitGroupId); } CommonUtil.record(((UserInf) subject.getPrincipal()).getUId(), UserOperation.TYPE_LOGIN_NO_PASS.getType(), UserOperation.TYPE_LOGIN_NO_PASS.getTypeName(), UserOperation.TYPE_LOGIN_NO_PASS.getTypeNameEn()); return new Response<>().setII(1, true, dataList, "登录成功"); } return new Response().set(1,false,"认证未通过"); } }