增加登录日志和错误次数校验

czt

2025-01-11 83a5abea31bf14c78572d3a4c5fdf14afb97c82f

 src/main/java/com/fzzy/web/LoginController.java

@@ -1,16 +1,16 @@
package com.fzzy.web;

import com.fzzy.sys.LogLoginService;
import com.fzzy.sys.UserPR;
import com.fzzy.sys.entity.SysUser;
import com.wf.captcha.ArithmeticCaptcha;
import com.wf.captcha.utils.CaptchaUtil;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
@@ -25,6 +25,11 @@
@RequestMapping
public class LoginController {

    @Autowired
    private UserPR userPR;
    @Autowired
    private LogLoginService logLoginService;

    /**
     * 登录验证入口
     *
@@ -33,7 +38,7 @@
     * @param captcha
     * @return
     */
    @PostMapping("/login-check")
    @GetMapping("/login-check")
    public String login(HttpServletRequest request,
                        @RequestParam(name = "username_") String username,
                        @RequestParam(name = "password_") String password,
@@ -42,9 +47,42 @@
        if (StringUtils.isEmpty(username) || StringUtils.isEmpty(password)) {
            return "redirect:/login?tag=01&username=" + username;
        }
        if (StringUtils.isEmpty(captcha)) {
            return "redirect:/login?tag=02&username=" + username;
        }

        //校验验证码
        boolean validateCode = CaptchaUtil.ver(captcha, request);
        log.info("-----------验证码-----------{}", validateCode);
        if (!validateCode) {
            return "redirect:/login?tag=04&username=" + username;
        }

        //判断限制登陆
        int num = logLoginService.checkLoginLimit(request, username);
        if (num >= 3) {
            return "redirect:/login?tag=11&username=" + username;
        }

        SysUser user = userPR.listById(username);
        if (null == user) {
            num = logLoginService.addNoUser(request, username);
            if (num >= 3) {
                return "redirect:/login?tag=12&username=" + username;
            }
            return "redirect:/login?tag=05&username=" + username;
        }

        boolean tag = userPR.checkPassword(password, user);
        if (!tag){
            num = logLoginService.addPwdError(request, user);
            if (num >= 3) {
                return "redirect:/login?tag=11&username=" + username;
            }
            return "redirect:/login?tag=06&username=" + username;
        }
        request.getSession().setAttribute("user", user);
        //增加登录日志
        logLoginService.addLoginInfo(request, user);

        return "redirect:/home";
    }
@@ -84,6 +122,12 @@
            if ("10".equals(tag)) {
                tag = "您的账号在其他地方登录，被迫下线";
            }
            if ("11".equals(tag)) {
                tag = "连续3次错误，限制登陆60分钟";
            }
            if ("12".equals(tag)) {
                tag = "连续3次输入不存在账号，限制登陆60分钟";
            }
            view.addObject("TAG", tag);
            view.addObject("USERNAME", username);
        }
@@ -101,8 +145,6 @@
    public void captcha(HttpServletResponse response, HttpServletRequest request) {
        //设置长宽
        try {
            //生成普通验证码
            // SpecCaptcha specCaptcha = new SpecCaptcha();
            //生成算数验证码
            ArithmeticCaptcha arithmeticCaptcha = new ArithmeticCaptcha();
            //设置2为算数
@@ -125,7 +167,8 @@
     * @return
     */
    @RequestMapping("/log-out")
    public String logOut() {
    public String logOut(HttpServletRequest request) {
        request.getSession().removeAttribute("user");
        return "redirect:/login";
    }