From e8ee5ad6918f7e2912329926be5c963221a26643 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?= <15040126243@163.com> Date: Thu, 2 Dec 2021 16:04:45 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E7=94=A8=E6=88=B7=E7=99=BB=E5=BD=95?= =?UTF-8?q?=20=E6=94=AF=E6=8C=81=E6=A0=A1=E9=AA=8C=E9=94=99=E8=AF=AF?= =?UTF-8?q?=E6=AC=A1=E6=95=B0=E9=94=81=E5=AE=9A=E7=99=BB=E5=BD=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../main/resources/i18n/messages.properties | 8 +++--- .../resources/i18n/messages_en_US.properties | 8 +++--- .../resources/i18n/messages_zh_CN.properties | 8 +++--- .../com/ruoyi/common/constant/Constants.java | 15 ++++++++++ .../common/exception/user/UserException.java | 2 +- .../handle/LogoutSuccessHandlerImpl.java | 8 ++++-- .../ruoyi/system/service/SysLoginService.java | 28 +++++++++++++++++-- .../service/impl/UserDetailsServiceImpl.java | 8 +++--- 8 files changed, 62 insertions(+), 23 deletions(-) diff --git a/ruoyi-admin/src/main/resources/i18n/messages.properties b/ruoyi-admin/src/main/resources/i18n/messages.properties index ede2df8c8..6db4b42c5 100644 --- a/ruoyi-admin/src/main/resources/i18n/messages.properties +++ b/ruoyi-admin/src/main/resources/i18n/messages.properties @@ -2,12 +2,12 @@ not.null=* 必须填写 user.jcaptcha.error=验证码错误 user.jcaptcha.expire=验证码已失效 -user.not.exists=用户不存在/密码错误 +user.not.exists=对不起, 您的账号:{0} 不存在. user.password.not.match=用户不存在/密码错误 user.password.retry.limit.count=密码输入错误{0}次 -user.password.retry.limit.exceed=密码输入错误{0}次,帐户锁定10分钟 -user.password.delete=对不起,您的账号已被删除 -user.blocked=用户已封禁,请联系管理员 +user.password.retry.limit.exceed=密码错误次数过多,帐户锁定{0}分钟 +user.password.delete=对不起,您的账号:{0} 已被删除 +user.blocked=对不起,您的账号:{0} 已禁用,请联系管理员 role.blocked=角色已封禁,请联系管理员 user.logout.success=退出成功 length.not.valid=长度必须在{min}到{max}个字符之间 diff --git a/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties b/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties index af57cf4e4..c67beab66 100644 --- a/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties +++ b/ruoyi-admin/src/main/resources/i18n/messages_en_US.properties @@ -2,12 +2,12 @@ not.null=* Required fill in user.jcaptcha.error=Captcha error user.jcaptcha.expire=Captcha invalid -user.not.exists=User does not exist/Password error +user.not.exists=Sorry, your account: {0} does not exist user.password.not.match=User does not exist/Password error user.password.retry.limit.count=Password input error {0} times -user.password.retry.limit.exceed=Password input error {0} times, account locked for 10 minutes -user.password.delete=Sorry, your account has been deleted -user.blocked=User disabled,please contact administrators +user.password.retry.limit.exceed=Too many password errors, account locked for {0} minutes +user.password.delete=Sorry, your account:{0} has been deleted +user.blocked=Sorry, your account: {0} has been disabled. Please contact the administrator role.blocked=Role disabled,please contact administrators user.logout.success=Exit successful length.not.valid=The length must be between {min} and {max} characters diff --git a/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties b/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties index ede2df8c8..6db4b42c5 100644 --- a/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties +++ b/ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties @@ -2,12 +2,12 @@ not.null=* 必须填写 user.jcaptcha.error=验证码错误 user.jcaptcha.expire=验证码已失效 -user.not.exists=用户不存在/密码错误 +user.not.exists=对不起, 您的账号:{0} 不存在. user.password.not.match=用户不存在/密码错误 user.password.retry.limit.count=密码输入错误{0}次 -user.password.retry.limit.exceed=密码输入错误{0}次,帐户锁定10分钟 -user.password.delete=对不起,您的账号已被删除 -user.blocked=用户已封禁,请联系管理员 +user.password.retry.limit.exceed=密码错误次数过多,帐户锁定{0}分钟 +user.password.delete=对不起,您的账号:{0} 已被删除 +user.blocked=对不起,您的账号:{0} 已禁用,请联系管理员 role.blocked=角色已封禁,请联系管理员 user.logout.success=退出成功 length.not.valid=长度必须在{min}到{max}个字符之间 diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java index 0c5a92c74..76e959dee 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/constant/Constants.java @@ -83,6 +83,21 @@ public interface Constants { */ Integer CAPTCHA_EXPIRATION = 2; + /** + * 登陆错误 redis key + */ + String LOGIN_ERROR = "login_error:"; + + /** + * 登录错误次数 + */ + Integer LOGIN_ERROR_NUMBER = 5; + + /** + * 登录错误限制时间(分钟) + */ + Integer LOGIN_ERROR_LIMIT_TIME = 10; + /** * 令牌 */ diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java index 94dbcdd52..99a888056 100644 --- a/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java +++ b/ruoyi-common/src/main/java/com/ruoyi/common/exception/user/UserException.java @@ -10,7 +10,7 @@ import com.ruoyi.common.exception.base.BaseException; public class UserException extends BaseException { private static final long serialVersionUID = 1L; - public UserException(String code, Object[] args) { + public UserException(String code, Object... args) { super("user", code, args, null); } } diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java index 857cbe376..76d8090c8 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/handle/LogoutSuccessHandlerImpl.java @@ -7,6 +7,7 @@ import com.ruoyi.common.core.domain.model.LoginUser; import com.ruoyi.common.core.service.LogininforService; import com.ruoyi.common.core.service.TokenService; import com.ruoyi.common.utils.JsonUtils; +import com.ruoyi.common.utils.MessageUtils; import com.ruoyi.common.utils.ServletUtils; import com.ruoyi.common.utils.StringUtils; import org.springframework.beans.factory.annotation.Autowired; @@ -40,14 +41,15 @@ public class LogoutSuccessHandlerImpl implements LogoutSuccessHandler { public void onLogoutSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { LoginUser loginUser = tokenService.getLoginUser(request); - if (StringUtils.isNotNull(loginUser)) { + String message = MessageUtils.message("user.logout.success"); + if (StringUtils.isNotNull(loginUser)) { String userName = loginUser.getUsername(); // 删除用户缓存记录 tokenService.delLoginUser(loginUser.getToken()); // 记录用户退出日志 - asyncService.recordLogininfor(userName, Constants.LOGOUT, "退出成功", request); + asyncService.recordLogininfor(userName, Constants.LOGOUT, message, request); } - ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(HttpStatus.HTTP_OK, "退出成功"))); + ServletUtils.renderString(response, JsonUtils.toJsonString(AjaxResult.error(HttpStatus.HTTP_OK, message))); } } diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java index 70f66019f..6add556fe 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/SysLoginService.java @@ -1,5 +1,6 @@ package com.ruoyi.system.service; +import cn.hutool.core.util.ObjectUtil; import com.ruoyi.common.constant.Constants; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; @@ -8,7 +9,7 @@ import com.ruoyi.common.core.service.TokenService; import com.ruoyi.common.exception.ServiceException; import com.ruoyi.common.exception.user.CaptchaException; import com.ruoyi.common.exception.user.CaptchaExpireException; -import com.ruoyi.common.exception.user.UserPasswordNotMatchException; +import com.ruoyi.common.exception.user.UserException; import com.ruoyi.common.utils.DateUtils; import com.ruoyi.common.utils.MessageUtils; import com.ruoyi.common.utils.RedisUtils; @@ -22,6 +23,7 @@ import org.springframework.stereotype.Service; import javax.annotation.Resource; import javax.servlet.http.HttpServletRequest; +import java.util.concurrent.TimeUnit; /** * 登录校验方法 @@ -62,6 +64,13 @@ public class SysLoginService { if (captchaOnOff) { validateCaptcha(username, code, uuid, request); } + // 获取用户登录错误次数(可自定义限制策略 例如: key + username + ip) + Integer errorNumber = RedisUtils.getCacheObject(Constants.LOGIN_ERROR + username); + // 锁定时间内登录 则踢出 + if (ObjectUtil.isNotNull(errorNumber) && errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) { + asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request); + throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME); + } // 用户验证 Authentication authentication = null; try { @@ -70,13 +79,26 @@ public class SysLoginService { .authenticate(new UsernamePasswordAuthenticationToken(username, password)); } catch (Exception e) { if (e instanceof BadCredentialsException) { - asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.not.match"), request); - throw new UserPasswordNotMatchException(); + // 是否第一次 + errorNumber = ObjectUtil.isNull(errorNumber) ? 1 : errorNumber + 1; + // 达到规定错误次数 则锁定登录 + if (errorNumber.equals(Constants.LOGIN_ERROR_NUMBER)) { + RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber, Constants.LOGIN_ERROR_LIMIT_TIME, TimeUnit.MINUTES); + asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME), request); + throw new UserException("user.password.retry.limit.exceed", Constants.LOGIN_ERROR_LIMIT_TIME); + } else { + // 未达到规定错误次数 则递增 + RedisUtils.setCacheObject(Constants.LOGIN_ERROR + username, errorNumber); + asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.password.retry.limit.count", errorNumber), request); + throw new UserException("user.password.retry.limit.count", errorNumber); + } } else { asyncService.recordLogininfor(username, Constants.LOGIN_FAIL, e.getMessage(), request); throw new ServiceException(e.getMessage()); } } + // 登录成功 清空错误次数 + RedisUtils.deleteObject(Constants.LOGIN_ERROR + username); asyncService.recordLogininfor(username, Constants.LOGIN_SUCCESS, MessageUtils.message("user.login.success"), request); LoginUser loginUser = (LoginUser) authentication.getPrincipal(); recordLoginInfo(loginUser.getUserId(), username); diff --git a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java index 14801e9dc..8472d685e 100644 --- a/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java +++ b/ruoyi-system/src/main/java/com/ruoyi/system/service/impl/UserDetailsServiceImpl.java @@ -3,7 +3,7 @@ package com.ruoyi.system.service.impl; import com.ruoyi.common.core.domain.entity.SysUser; import com.ruoyi.common.core.domain.model.LoginUser; import com.ruoyi.common.enums.UserStatus; -import com.ruoyi.common.exception.ServiceException; +import com.ruoyi.common.exception.user.UserException; import com.ruoyi.common.utils.StringUtils; import com.ruoyi.system.service.ISysUserService; import com.ruoyi.system.service.SysPermissionService; @@ -34,13 +34,13 @@ public class UserDetailsServiceImpl implements UserDetailsService { SysUser user = userService.selectUserByUserName(username); if (StringUtils.isNull(user)) { log.info("登录用户:{} 不存在.", username); - throw new ServiceException("登录用户:" + username + " 不存在"); + throw new UserException("user.not.exists", username); } else if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) { log.info("登录用户:{} 已被删除.", username); - throw new ServiceException("对不起,您的账号:" + username + " 已被删除"); + throw new UserException("user.password.delete", username); } else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) { log.info("登录用户:{} 已被停用.", username); - throw new ServiceException("对不起,您的账号:" + username + " 已停用"); + throw new UserException("user.blocked", username); } return createLoginUser(user);