package com.whyc.service; import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.baomidou.mybatisplus.core.toolkit.Wrappers; import com.whyc.constant.YamlProperties; import com.whyc.dto.Response; import com.whyc.dto.UserClient; import com.whyc.mapper.UserMapper; import com.whyc.pojo.db_user.User; import com.whyc.util.CommonUtil; import com.whyc.util.DateUtil; import com.whyc.util.MessageUtils; import com.whyc.util.RSAUtil; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.stereotype.Service; import javax.annotation.Resource; import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpSession; import java.io.UnsupportedEncodingException; import java.util.*; @Service public class LoginService { @Resource private UserMapper userMapper; @Resource private UserService userService; public Response login(String name, String pwd, HttpServletRequest request) { UsernamePasswordToken userToken = new UsernamePasswordToken(name, pwd); Subject subject = SecurityUtils.getSubject(); try { subject.login(userToken); } catch (Exception e) { String message = e.getMessage(); if (message.contains("did not match the expected credentials")) { return new Response<>().set(1, false, "密码错误"); } return new Response<>().set(1, false, message); } if (subject.isAuthenticated()){ //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 request.getServletContext().setAttribute(name,request.getSession().getId()); //Session存储当前用户 request.getSession().setAttribute("user",subject.getPrincipal()); //request.getSession().setMaxInactiveInterval(600); return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功"); } return new Response<>().set(1,false,"密码错误"); } public Response login2(String userName, String pwd, HttpServletRequest request) throws UnsupportedEncodingException { //String password = URLDecoder.decode(pwd, "utf-8"); String password = pwd; String[] dataArr = RSAUtil.decryptFront(password, RSAUtil.fontSeparator); //验签md5 if(!dataArr[1].equals(CommonUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())){ return new Response<>().set(0,"密码验签失败"); } UsernamePasswordToken userToken = new UsernamePasswordToken(userName, password); Subject subject = SecurityUtils.getSubject(); try { subject.login(userToken); }catch (Exception e){ String message = e.getMessage(); if(message.contains("did not match the expected credentials")){ return new Response<>().set(1,false,"密码错误"); } return new Response<>().set(1,false,message); } if (subject.isAuthenticated()){ //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 request.getServletContext().setAttribute(userName,request.getSession().getId()); //Session存储当前用户 request.getSession().setAttribute("user",subject.getPrincipal()); return new Response<>().setII(1,true,subject.getPrincipal(),"登录成功"); } return new Response<>().set(1,false,"密码错误"); } public Response loginByRSA(String userName, String pwd, String deliveredCode, HttpServletRequest request, Integer validCode) { Response response = new Response<>(); //默认赋值0 response.setData3(0); //Locale.setDefault(Locale.ENGLISH); deliveredCode = deliveredCode.toUpperCase(Locale.ENGLISH); if(validCode ==null ) { //属性不存在,则进行验证码校验;属性存在,则不进行验证码校验 if (YamlProperties.fontDynamicCodeSwitch.toLowerCase(Locale.ENGLISH).equals("true")) { String fontDynamicCode = (String) CommonUtil.getSession().getAttribute("fontDynamicCode"); if (fontDynamicCode == null || "".equals(fontDynamicCode)) { return response.set(1, false, MessageUtils.getMessage("RefreshVerification")); } if (!deliveredCode.equals(fontDynamicCode.toUpperCase(Locale.ENGLISH))) { return response.set(1, false, MessageUtils.getMessage("VerificationError")); } } } //验证正确,清除验证码 CommonUtil.getSession().removeAttribute("fontDynamicCode"); /*String password = ""; try { password = URLDecoder.decode(pwd, "utf-8"); } catch (UnsupportedEncodingException e) { e.printStackTrace(); }*/ String[] dataArr = RSAUtil.decryptFront(pwd, RSAUtil.fontSeparator); //验签md5 if (!dataArr[1].equals(CommonUtil.EncryptionMD5(org.apache.commons.lang3.StringUtils.trim(dataArr[0])).toString())) { return response.set(1, false, MessageUtils.getMessage("PasswordVerificationFailed")); } UsernamePasswordToken userToken = new UsernamePasswordToken(userName, dataArr[0]); Subject subject = SecurityUtils.getSubject(); ServletContext servletContext = request.getServletContext(); Enumeration attributeNames = servletContext.getAttributeNames(); QueryWrapper queryWrapper = Wrappers.query(); queryWrapper.select("uId", "status", "visit_ip", "visit_time", "password_update_time", "last_login_time").eq("uName", userName); User user = userMapper.selectOne(queryWrapper); //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 //查询账号状态 if(user == null){ return response.set(1,false,MessageUtils.getMessage("AccountOrPasswordError")); } try { subject.login(userToken); } catch (Exception e) { String message = e.getMessage(); if (message.contains("did not match the expected credentials")) { //密码错误,记录次数 //内存中查找该用户中的登录失败次数 int loginFailTimes = 0; List loginFailAttributeList = new LinkedList<>(); while (attributeNames.hasMoreElements()){ String attributeName = attributeNames.nextElement(); if(attributeName.contains(userName+"_login_fail_times_")){ loginFailTimes++; loginFailAttributeList.add(attributeName); } } //查询账号密码错误限制次数 return response.set(1, false, MessageUtils.getMessage("AccountOrPasswordError")); }else if(e instanceof AuthenticationException){ return response.set(1, false, "密码解析失败"); } return response.set(1, false, message); } if (subject.isAuthenticated()) { //登录成功 servletContext.setAttribute(userName, request.getSession().getId()); //日登录用户统计 HashMap loginMap = (HashMap) servletContext.getAttribute("login"); if(loginMap == null){ loginMap = new HashMap<>(); servletContext.setAttribute("login", loginMap); } String dateStr = DateUtil.YYYY_MM_DD.format(new Date()); loginMap.put(userName, dateStr); //Session存储当前用户及权限组列表 request.getSession().setAttribute("user", subject.getPrincipal()); //request.getSession().setMaxInactiveInterval(60*60*24); //清除账号登录失败记录 while (attributeNames.hasMoreElements()) { String attributeName = attributeNames.nextElement(); if (attributeName.contains(userName + "_login_fail_times_")) { servletContext.removeAttribute(attributeName); } } //回写登录时间到数据库 //查询用户对应的权限组id并返回给前端 LinkedList dataList = new LinkedList<>(); dataList.add(subject.getPrincipal()); return response.setII(1, true, dataList, MessageUtils.getMessage("LoginSucceeded")); } return response.set(1, false, MessageUtils.getMessage("AuthenticationFailed")); } // 将所有登陆的用户的信息存到application中 public void setApplication(User user) { ServletContext application = CommonUtil.getApplication(); //查看全局中存储的users的Map的key-value集合 Map map = (Map) application.getAttribute("users"); if (map == null) { map = new HashMap(); } else { //如果集合中有值,则获取当前用户对应的用户信息,key为用户名username,Value为用户名,存储的时间 UserClient client = map.get(user.getName()); if (client != null) { //已存在 map.remove(user.getName()); } } Long login_time = new Date().getTime(); CommonUtil.getSession().setAttribute("login_time", login_time); map.put(user.getName(), new UserClient(CommonUtil.getRequest().getRemoteAddr(),user,login_time)); application.setAttribute("users", map); } /** * 开始查看application中是否有另一用使用该账号登陆 * * @return */ public Response checkUser(){ Response model = new Response(); Map map = (Map) CommonUtil.getApplication().getAttribute("users"); // System.out.println(map); if (map != null && map.size() > 0) { HttpSession session = CommonUtil.getSession(); // System.out.println(session); User user = (User) session.getAttribute("user"); Long login_time = (Long) session.getAttribute("login_time"); if (user != null && login_time != null) { UserClient client = map.get(user.getName()); if (client != null) { if (!login_time.equals(client.getLogin_times())) { model.setCode(1); //model.setMsg(getText("The landing on the account in another host, please log in again")); model.setMsg("The landing on the account in another host, please log in again"); } } } else { model.setCode(1); //model.setMsg(getText("You are not logged in, please log in")); model.setMsg("You are not logged in, please log in"); } } else { model.setCode(1); //model.setMsg(getText("You are not logged in, please log in")); model.setMsg("You are not logged in, please log in"); } return model; } public Response checkUserWebSocket(HttpSession httpSession){ Response model = new Response(); try { User user = (User) httpSession.getAttribute("user"); //System.out.println("webSocket:"+user); if(user!=null){ ServletContext servletContext = httpSession.getServletContext(); String sessionId = (String) servletContext.getAttribute(user.getName()); if(httpSession.getId().equals(sessionId)){ //用户在线状态校验成功,更新当前用户的在线时间 HashMap onlineMap = (HashMap) servletContext.getAttribute("online"); if(onlineMap == null){ onlineMap = new HashMap<>(); servletContext.setAttribute("online", onlineMap); } onlineMap.put(user.getName(), System.currentTimeMillis()); model.set(1,user,null); }else{ model.set(1,false,"不同主机登录"); //用户在其他主机登录,强迫用户在本机的session失效 httpSession.invalidate(); } } else { model.set(1,false,"用户信息失效,请重新登录"); } }catch (Exception e){ model.set(1,false,"登录信息失效,重新登录"); } return model; } public void logout() { Subject subject = SecurityUtils.getSubject(); subject.logout(); } public Response loginNoPass(int uId, HttpServletRequest request) { Response response = new Response<>(); //根据uId获取用户的用户名和密码,进行类登录操作 User user = userService.getById(uId); UsernamePasswordToken userToken = new UsernamePasswordToken(user.getName(),RSAUtil.decrypt(user.getPwd(),RSAUtil.getPrivateKey())); Subject subject = SecurityUtils.getSubject(); subject.login(userToken); if (subject.isAuthenticated()) { //每个登录的用户都有一个全局变量,里面存着对应的SessionId; //同一个账号,后面登录的,会挤掉之前登录的SessionId,这个todo,做限制账号同时登陆人数为1 //登录成功 ServletContext servletContext = request.getServletContext(); servletContext.setAttribute(user.getName(), request.getSession().getId()); //Session存储当前用户及权限组列表 request.getSession().setAttribute("user", subject.getPrincipal()); request.getSession().setMaxInactiveInterval(60 * 60 * 24); //回写登录时间到数据库 //查询用户对应的权限组id并返回给前端 LinkedList dataList = new LinkedList<>(); dataList.add(subject.getPrincipal()); return new Response<>().setII(1, true, dataList, "登录成功"); } return new Response().set(1,false,"认证未通过"); } }