no message

chentao
Showing 2 changed files with 88 additions and 33 deletions
lego-admin/src/main/java/com/lego/web/controller/core/RegisterUserController.java
lego-system/src/main/java/com/lego/system/service/SysRegisterService.java
--- a/lego-admin/src/main/java/com/lego/web/controller/core/RegisterUserController.java
View file @011e808
+++ b/lego-admin/src/main/java/com/lego/web/controller/core/RegisterUserController.java
View file @011e808
@@ -30,7 +30,6 @@ import java.util.Map;
 @RequestMapping("/core/user")
 public class RegisterUserController extends BaseController {
    private final SysRegisterService registerService;
-    private final SysLoginService loginService;
    /**
     * 用户注册
     */
@@ -50,8 +49,7 @@ public class RegisterUserController extends BaseController {
    public R<Map<String, Object>> login(@Validated @RequestBody LoginBody loginBody) {
        Map<String, Object> ajax = new HashMap<>();
        // 生成令牌
-        String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
-                loginBody.getUuid());
+        String token = registerService.login(loginBody.getUsername(), loginBody.getPassword());
        ajax.put(Constants.TOKEN, token);
        return R.ok(ajax);
    }
--- a/lego-system/src/main/java/com/lego/system/service/SysRegisterService.java
View file @011e808
+++ b/lego-system/src/main/java/com/lego/system/service/SysRegisterService.java
View file @011e808
 package com.lego.system.service;

 import cn.dev33.satoken.secure.BCrypt;
+import cn.dev33.satoken.stp.StpUtil;
+import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.collection.CollectionUtil;
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.lego.common.constant.CacheConstants;
 import com.lego.common.constant.Constants;
+import com.lego.common.core.domain.dto.RoleDTO;
+import com.lego.common.core.domain.entity.SysDept;
 import com.lego.common.core.domain.event.LogininforEvent;
 import com.lego.common.core.domain.entity.SysUser;
+import com.lego.common.core.domain.model.LoginUser;
 import com.lego.common.core.domain.model.RegisterBody;
+import com.lego.common.enums.DeviceType;
+import com.lego.common.enums.LoginType;
+import com.lego.common.enums.UserStatus;
 import com.lego.common.enums.UserType;
 import com.lego.common.exception.user.CaptchaException;
 import com.lego.common.exception.user.CaptchaExpireException;
 import com.lego.common.exception.user.UserException;
-import com.lego.common.utils.MessageUtils;
-import com.lego.common.utils.ServletUtils;
-import com.lego.common.utils.StringUtils;
+import com.lego.common.helper.LoginHelper;
+import com.lego.common.utils.*;
 import com.lego.common.utils.redis.RedisUtils;
 import com.lego.common.utils.spring.SpringUtils;
+import com.lego.system.mapper.SysUserMapper;
 import lombok.RequiredArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;

+import java.time.Duration;
+import java.util.List;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
+
 /**
 * 注册校验方法
 *
@@ -25,10 +43,19 @@ import org.springframework.stereotype.Service;
 */
 @RequiredArgsConstructor
 @Service
+@Slf4j
 public class SysRegisterService {

    private final ISysUserService userService;
    private final ISysConfigService configService;
+    private final SysUserMapper userMapper;
+    private final SysPermissionService permissionService;
+
+    private final ISysDeptService deptService;
+    @Value("${user.password.maxRetryCount}")
+    private Integer maxRetryCount;
+    @Value("${user.password.lockTime}")
+    private Integer lockTime;

    /**
     * 注册
@@ -39,11 +66,6 @@ public class SysRegisterService {
        // 校验用户类型是否存在
        String userType = UserType.getUserType(registerBody.getUserType()).getUserType();

-//        boolean captchaEnabled = configService.selectCaptchaEnabled();
-//        // 验证码开关
-//        if (captchaEnabled) {
-//            validateCaptcha(username, registerBody.getCode(), registerBody.getUuid());
-//        }
        SysUser sysUser = new SysUser();
        sysUser.setUserName(username);
        sysUser.setNickName(username);
@@ -59,28 +81,6 @@ public class SysRegisterService {
        }
        recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.register.success"));
    }
-
-    /**
-     * 校验验证码
-     *
-     * @param username 用户名
-     * @param code     验证码
-     * @param uuid     唯一标识
-     */
-    public void validateCaptcha(String username, String code, String uuid) {
-        String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.defaultString(uuid, "");
-        String captcha = RedisUtils.getCacheObject(verifyKey);
-        RedisUtils.deleteObject(verifyKey);
-        if (captcha == null) {
-            recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.expire"));
-            throw new CaptchaExpireException();
-        }
-        if (!code.equalsIgnoreCase(captcha)) {
-            recordLogininfor(username, Constants.REGISTER, MessageUtils.message("user.jcaptcha.error"));
-            throw new CaptchaException();
-        }
-    }
-
    /**
     * 记录登录信息
     *
@@ -98,4 +98,61 @@ public class SysRegisterService {
        SpringUtils.context().publishEvent(logininforEvent);
    }

+    public String login(String username, String password) {
+        // 框架登录不限制从什么表查询 只要最终构建出 LoginUser 即可
+        SysUser user = loadUserByUsername(username);
+        checkLogin(LoginType.PASSWORD, username, () -> !BCrypt.checkpw(password, user.getPassword()));
+        return EncryptUtils.encryptByAes(String.valueOf(System.currentTimeMillis()+1000*60*60*24*180));
+    }
+
+    /**
+     * 构建登录用户
+     */
+
+
+    private SysUser loadUserByUsername(String username) {
+        SysUser user = userMapper.selectOne(new LambdaQueryWrapper<SysUser>()
+                .select(SysUser::getUserName, SysUser::getStatus)
+                .eq(SysUser::getUserName, username));
+        if (ObjectUtil.isNull(user)) {
+            log.info("登录用户：{} 不存在.", username);
+            throw new UserException("user.not.exists", username);
+        } else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
+            log.info("登录用户：{} 已被停用.", username);
+            throw new UserException("user.blocked", username);
+        }
+        return userMapper.selectUserByUserName(username);
+    }
+
+    private void checkLogin(LoginType loginType, String username, Supplier<Boolean> supplier) {
+        String errorKey = CacheConstants.PWD_ERR_CNT_KEY + username;
+        String loginFail = Constants.LOGIN_FAIL;
+
+        // 获取用户登录错误次数，默认为0 (可自定义限制策略 例如: key + username + ip)
+        int errorNumber = ObjectUtil.defaultIfNull(RedisUtils.getCacheObject(errorKey), 0);
+        // 锁定时间内登录 则踢出
+        if (errorNumber >= maxRetryCount) {
+            recordLogininfor(username, loginFail, MessageUtils.message(loginType.getRetryLimitExceed(), maxRetryCount, lockTime));
+            throw new UserException(loginType.getRetryLimitExceed(), maxRetryCount, lockTime);
+        }
+
+        if (supplier.get()) {
+            // 错误次数递增
+            errorNumber++;
+            RedisUtils.setCacheObject(errorKey, errorNumber, Duration.ofMinutes(lockTime));
+            // 达到规定错误次数 则锁定登录
+            if (errorNumber >= maxRetryCount) {
+                recordLogininfor(username, loginFail, MessageUtils.message(loginType.getRetryLimitExceed(), maxRetryCount, lockTime));
+                throw new UserException(loginType.getRetryLimitExceed(), maxRetryCount, lockTime);
+            } else {
+                // 未达到规定错误次数
+                recordLogininfor(username, loginFail, MessageUtils.message(loginType.getRetryLimitCount(), errorNumber));
+                throw new UserException(loginType.getRetryLimitCount(), errorNumber);
+            }
+        }
+
+        // 登录成功 清空错误次数
+        RedisUtils.deleteObject(errorKey);
+    }
+
 }