power2.0
/
power_gm
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

新增redis密码输入次数过多锁定账号

Browse Source
master
ALW 3 years ago
parent 001a040db3
commit 783bb6a7ce
10 changed files with 235 additions and 242 deletions
Show Stats Download Patch File Download Diff File

24
power-admin/pom.xml
Unescape Escape View File

@ -158,18 +158,18 @@
<build> <build>
<finalName>power</finalName> <finalName>power</finalName>
<plugins> <plugins>
<!--<plugin>--> <plugin>
<!--&lt;!&ndash; 指定maven编译的jdk版本,如果不指定,maven3默认用jdk 1.5 maven2默认用jdk1.3 &ndash;&gt;--> <!-- 指定maven编译的jdk版本,如果不指定,maven3默认用jdk 1.5 maven2默认用jdk1.3 -->
<!--<groupId>org.apache.maven.plugins</groupId>--> <groupId>org.apache.maven.plugins</groupId>
<!--<artifactId>maven-compiler-plugin</artifactId>--> <artifactId>maven-compiler-plugin</artifactId>
<!--<version>3.1</version>--> <version>3.1</version>
<!--<configuration>--> <configuration>
<!--&lt;!&ndash; 一般而言target与source是保持一致的但是有时候为了让程序能在其他版本的jdk中运行(对于低版本目标jdk源代码中不能使用低版本jdk中不支持的语法)会存在target不同于source的情况 &ndash;&gt;--> <!-- 一般而言target与source是保持一致的但是有时候为了让程序能在其他版本的jdk中运行(对于低版本目标jdk源代码中不能使用低版本jdk中不支持的语法)会存在target不同于source的情况 -->
<!--<source>1.8</source> &lt;!&ndash; 源代码使用的JDK版本 &ndash;&gt;--> <source>1.8</source> <!-- 源代码使用的JDK版本 -->
<!--<target>1.8</target> &lt;!&ndash; 需要生成的目标class文件的编译版本 &ndash;&gt;--> <target>1.8</target> <!-- 需要生成的目标class文件的编译版本 -->
<!--<encoding>UTF-8</encoding>&lt;!&ndash; 字符集编码 &ndash;&gt;--> <encoding>UTF-8</encoding><!-- 字符集编码 -->
<!--</configuration>--> </configuration>
<!--</plugin>--> </plugin>
<plugin> <plugin>
<groupId>org.apache.tomcat.maven</groupId> <groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId> <artifactId>tomcat7-maven-plugin</artifactId>

14
power-admin/src/main/java/com/manage/bean/LoginVoRedis.java
Unescape Escape View File

@ -1,17 +1,19 @@
package com.manage.bean; package com.manage.bean;
public class LoginVoRedis { public class LoginVoRedis {
private String username; private String userName;
private String password; private String password;
private int loginFailureCount; private int loginFailureCount;
private String loginTime; private String loginTime;
public String getUsername() {
return username; public String getUserName() {
return userName;
} }
public void setUsername(String username) { public void setUserName(String userName) {
this.username = username; this.userName = userName;
} }
public String getPassword() { public String getPassword() {
@ -41,7 +43,7 @@ public class LoginVoRedis {
@Override @Override
public String toString() { public String toString() {
return "LoginVo_Redis{" + return "LoginVo_Redis{" +
"username='" + username + '\'' + "username='" + userName + '\'' +
", password='" + password + '\'' + ", password='" + password + '\'' +
", loginFailureCount=" + loginFailureCount + ", loginFailureCount=" + loginFailureCount +
", loginTime='" + loginTime + '\'' + ", loginTime='" + loginTime + '\'' +

44
power-admin/src/main/java/com/manage/controller/LoginController.java
Unescape Escape View File

@ -73,40 +73,23 @@ public class LoginController {
@RequestMapping(value = "login", method = RequestMethod.POST) @RequestMapping(value = "login", method = RequestMethod.POST)
@ResponseBody @ResponseBody
public Msg login(Power_User powerUser, HttpServletResponse response, HttpServletRequest request, Model model) { public Msg login(Power_User powerUser, HttpServletResponse response, HttpServletRequest request, Model model) {
LoginVoRedis loginVo = new LoginVoRedis();
Msg msg = new Msg();
String userName = powerUser.getUserName(); String userName = powerUser.getUserName();
String userPwd = powerUser.getUserPwd();
if (!userName.equals("admin")) { if (!userName.equals("admin")) {
String s = "00" + userName; String s = "00" + userName;
powerUser.setUserName(s); powerUser.setUserName(s);
} }
loginVo.setUsername(userName);
loginVo.setPassword(userPwd);
Date date = new Date();
SimpleDateFormat sdFormatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
loginVo.setLoginTime(sdFormatter.toString());
Jedis redis = JedisPoolUtil.getJedisPoolInstance().getResource(); Jedis redis = JedisPoolUtil.getJedisPoolInstance().getResource();
String userInfo = redis.get(userName); String userInfo = redis.get(userName);
String errorPwsCount = "0";
if (userInfo == null) { if (userInfo == null) {
loginVo.setLoginFailureCount(0); redis.set(userName, errorPwsCount);
redis.set(userName, JSONObject.toJSONString(loginVo));
userInfo = redis.get(userName);
}
JSON json =JSONObject.parseObject(userInfo);
System.out.println(json);
LoginVoRedis userLoginInfo = JSONObject.toJavaObject(json, LoginVoRedis.class);
int loginFailCount = userLoginInfo.getLoginFailureCount();
if (loginFailCount >= 5 ) {
} }
int i = Integer.parseInt(redis.get(userName));
if (i < 5) {
try { try {
Power_UserVo user = powerUserService.findPowerUserByUserNameAndUserPwd(powerUser); Power_UserVo user = powerUserService.findPowerUserByUserNameAndUserPwd(powerUser);
//添加进操作日志 //添加进操作日志
Power_Log log = new Power_Log(); Power_Log log = new Power_Log();
if (user != null) { if (user != null) {
//存session密码置空 //存session密码置空
//是否记住密码功能 //是否记住密码功能
@ -168,8 +151,7 @@ public class LoginController {
int POWER_PORT = request.getLocalPort(); int POWER_PORT = request.getLocalPort();
url = "http://" + ip + ":" + POWER_PORT + "/power/gatewayPage"; url = "http://" + ip + ":" + POWER_PORT + "/power/gatewayPage";
} }
redis.set(userName, JSONObject.toJSONString(loginVo)); redis.del(userName);
request.getSession().setAttribute("user",loginVo);
return Msg.success().add("url", url); return Msg.success().add("url", url);
} else { } else {
//登录失败 //登录失败
@ -189,29 +171,27 @@ public class LoginController {
log.setRemark("已错误【" + wrongNum + "】次"); log.setRemark("已错误【" + wrongNum + "】次");
logService.insert(log); logService.insert(log);
request.setAttribute("msg", "用户名或密码不正确"); request.setAttribute("msg", "用户名或密码不正确");
loginFailCount ++; redis.incr(userName);
loginVo.setLoginFailureCount(loginFailCount);
redis.set(userName,JSONObject.toJSONString(loginVo));
request.getSession().setAttribute("user",loginVo);
return Msg.failUser(); return Msg.failUser();
} }
} catch (Exception e) { } catch (Exception e) {
e.printStackTrace(); e.printStackTrace();
CacheManager.addExcCount("exc"); CacheManager.addExcCount("exc");
} }
} else {
//失败次数大于五时锁十五分钟
redis.setex(userName, 900, i + "");
return Msg.failUser2();
}
return null; return null;
} }
@RequestMapping("refuse") @RequestMapping("refuse")
public String refuse() { public String refuse() {
return "refuse"; return "refuse";
} }
//获取session所剩时间 //获取session所剩时间
@RequestMapping(value = "getSessionRemainingTime", method = RequestMethod.GET, produces = {"text/json;charset=UTF-8"}) @RequestMapping(value = "getSessionRemainingTime", method = RequestMethod.GET, produces = {"text/json;charset=UTF-8"})
@ResponseBody @ResponseBody

2
power-admin/src/main/java/com/manage/controller/UserController.java
Unescape Escape View File

@ -168,7 +168,7 @@ public class UserController {
ServletRequestAttributes attr=(ServletRequestAttributes) RequestContextHolder.getRequestAttributes(); ServletRequestAttributes attr=(ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request =attr.getRequest(); HttpServletRequest request =attr.getRequest();
Power_UserVo powerUser = powerUserService.selectByPrimaryKey(userId); Power_UserVo powerUser = powerUserService.selectByPrimaryKey(userId);
powerUser.setUserPwd("EUwQTRBEEE0WFxJERRVCREVEEkYQEBFBTUJATU1GR0I="); powerUser.setUserPwd("R0QXEUNFFUNHFhAQTURMF0dNQUEVTUQRTBJDQEZNERI=");
powerUserService.updateByPrimaryKeySelective(powerUser,request); powerUserService.updateByPrimaryKeySelective(powerUser,request);
CacheManager.addExcCount("noExc"); CacheManager.addExcCount("noExc");
return Msg.success(); return Msg.success();

BIN
power-admin/src/main/webapp/static/img/login/login_bg.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 496 KiB

After

Width:  |  Height:  |  Size: 661 KiB

BIN
power-admin/src/main/webapp/static/img/login/login_logo.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

36
power-admin/src/main/webapp/static/js/login.js
Unescape Escape View File

@ -1,6 +1,3 @@
/** /**
* Created by ljx on 2019/4/25. * Created by ljx on 2019/4/25.
*/ */
@ -36,8 +33,6 @@ $(function(){
}); });
var banar = document.getElementById('banar'); var banar = document.getElementById('banar');
var txt = document.getElementById('txt'); var txt = document.getElementById('txt');
var sub = document.getElementById('sub'); var sub = document.getElementById('sub');
@ -47,6 +42,7 @@ var allchar = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e",
"f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r",
"s", "t", "u", "v", "w", "x", "y", "z"]; "s", "t", "u", "v", "w", "x", "y", "z"];
var result; var result;
function randomChar() { function randomChar() {
result = "";//创建空的字符串,方便等下接收值 result = "";//创建空的字符串,方便等下接收值
//循环找出4的字符 //循环找出4的字符
@ -61,15 +57,15 @@ function randomChar() {
banar.innerHTML = result; banar.innerHTML = result;
//点击验证按钮,判断我们输入的值和随机生成的值是否一样? //点击验证按钮,判断我们输入的值和随机生成的值是否一样?
//一样就弹出验证成功,不一样就弹出验证错误。 //一样就弹出验证成功,不一样就弹出验证错误。
sub.onclick = function () { // sub.onclick = function () {
if (txt.value == result) { // if (txt.value == result) {
alert("验证成功!!!"); // alert("验证成功!!!");
} else { // } else {
alert("验证错误!!!"); // alert("验证错误!!!");
randomChar();//如果错误执行randomChar方法重新随机生成4个字符 // randomChar();//如果错误执行randomChar方法重新随机生成4个字符
txt.value = "";//如果错误,我们输入的验证码等于空,方便我们再次输入 // txt.value = "";//如果错误,我们输入的验证码等于空,方便我们再次输入
} // }
}; // };
} }
randomChar(); randomChar();
@ -83,6 +79,7 @@ function login() {
var userName = $("#userName").val(); var userName = $("#userName").val();
var userPwd = $("#userPwd").val(); var userPwd = $("#userPwd").val();
var txt = $("#txt").val(); var txt = $("#txt").val();
userPwd = hex_hmac_md5(userPwd, userPwd);
var rememberMeChecked = $("input[type='checkbox']").is(':checked'); var rememberMeChecked = $("input[type='checkbox']").is(':checked');
var rememberMe = ''; var rememberMe = '';
if (rememberMeChecked) { if (rememberMeChecked) {
@ -96,6 +93,10 @@ function login() {
} else { } else {
if (txt == '') { if (txt == '') {
toastr.warning("验证码不能为空!"); toastr.warning("验证码不能为空!");
} else {
if (result != txt) {
toastr.warning("验证码错误!")
randomChar();
} else { } else {
$.ajax({ $.ajax({
type: "POST", type: "POST",
@ -103,14 +104,10 @@ function login() {
data: {userName: userName, userPwd: userPwd, rememberMe: rememberMe}, data: {userName: userName, userPwd: userPwd, rememberMe: rememberMe},
dataType: 'json', dataType: 'json',
success: function (data) { success: function (data) {
if (result==txt) {
if (data.code == 100) { if (data.code == 100) {
window.location.href = data.extend.url; window.location.href = data.extend.url;
} else { } else {
toastr.warning(data.extend.msg); toastr.warning(data.msg);
}
}else {
toastr.warning("验证码错误!!!");
} }
} }
}) })
@ -118,6 +115,7 @@ function login() {
} }
} }
} }
}
var interval = ""; var interval = "";
var qrCodeIdentity = ""; var qrCodeIdentity = "";

2
power-admin/src/main/webapp/static/js/user.js
Unescape Escape View File

@ -504,7 +504,7 @@ function resetPassword(){
if(ids.length == 2){ if(ids.length == 2){
Common.confirm({ Common.confirm({
title: "提示", title: "提示",
message: '确定是否重置用户名'+userName[0]+'的密码为000000', message: '确定是否重置用户名'+userName[0]+'的密码为123456',
operate: function (reselt) { operate: function (reselt) {
if (reselt) { if (reselt) {
$.ajax({ $.ajax({

6
power-foundaton/pom.xml
Unescape Escape View File

@ -51,6 +51,12 @@
<groupId>org.slf4j</groupId> <groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId> <artifactId>slf4j-log4j12</artifactId>
</dependency> </dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>3.1.0</version>
<scope>compile</scope>
</dependency>
</dependencies> </dependencies>
<build> <build>

7
power-foundaton/src/main/java/com/manage/util/Msg.java
Unescape Escape View File

@ -45,6 +45,13 @@ public class Msg {
return result; return result;
} }
public static Msg failUser2(){
Msg result=new Msg();
result.setCode(200);
result.setMsg("账号或密码错误次数过多,请十五分钟后在尝试登录");
return result;
}
public static Msg fail(String msg){ public static Msg fail(String msg){
Msg result=new Msg(); Msg result=new Msg();
result.setCode(200); result.setCode(200);

Write Preview
Loading…
Cancel
Save