power2.0
/
power_gm
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

新增redis密码输入次数过多锁定账号

Browse Source
master
ALW 3 years ago
parent 001a040db3
commit 783bb6a7ce
10 changed files with 235 additions and 242 deletions
Show Stats Download Patch File Download Diff File

24
power-admin/pom.xml
Unescape Escape View File

@ -158,18 +158,18 @@
<build>
<finalName>power</finalName>
<plugins>
<!--<plugin>-->
<!--&lt;!&ndash; 指定maven编译的jdk版本,如果不指定,maven3默认用jdk 1.5 maven2默认用jdk1.3 &ndash;&gt;-->
<!--<groupId>org.apache.maven.plugins</groupId>-->
<!--<artifactId>maven-compiler-plugin</artifactId>-->
<!--<version>3.1</version>-->
<!--<configuration>-->
<!--&lt;!&ndash; 一般而言target与source是保持一致的但是有时候为了让程序能在其他版本的jdk中运行(对于低版本目标jdk源代码中不能使用低版本jdk中不支持的语法)会存在target不同于source的情况 &ndash;&gt;-->
<!--<source>1.8</source> &lt;!&ndash; 源代码使用的JDK版本 &ndash;&gt;-->
<!--<target>1.8</target> &lt;!&ndash; 需要生成的目标class文件的编译版本 &ndash;&gt;-->
<!--<encoding>UTF-8</encoding>&lt;!&ndash; 字符集编码 &ndash;&gt;-->
<!--</configuration>-->
<!--</plugin>-->
<plugin>
<!-- 指定maven编译的jdk版本,如果不指定,maven3默认用jdk 1.5 maven2默认用jdk1.3 -->
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.1</version>
<configuration>
<!-- 一般而言target与source是保持一致的但是有时候为了让程序能在其他版本的jdk中运行(对于低版本目标jdk源代码中不能使用低版本jdk中不支持的语法)会存在target不同于source的情况 -->
<source>1.8</source> <!-- 源代码使用的JDK版本 -->
<target>1.8</target> <!-- 需要生成的目标class文件的编译版本 -->
<encoding>UTF-8</encoding><!-- 字符集编码 -->
</configuration>
</plugin>
<plugin>
<groupId>org.apache.tomcat.maven</groupId>
<artifactId>tomcat7-maven-plugin</artifactId>

14
power-admin/src/main/java/com/manage/bean/LoginVoRedis.java
Unescape Escape View File

@ -1,17 +1,19 @@
package com.manage.bean;
public class LoginVoRedis {
private String username;
private String userName;
private String password;
private int loginFailureCount;
private String loginTime;
public String getUsername() {
return username;
public String getUserName() {
return userName;
}
public void setUsername(String username) {
this.username = username;
public void setUserName(String userName) {
this.userName = userName;
}
public String getPassword() {
@ -41,7 +43,7 @@ public class LoginVoRedis {
@Override
public String toString() {
return "LoginVo_Redis{" +
"username='" + username + '\'' +
"username='" + userName + '\'' +
", password='" + password + '\'' +
", loginFailureCount=" + loginFailureCount +
", loginTime='" + loginTime + '\'' +

44
power-admin/src/main/java/com/manage/controller/LoginController.java
Unescape Escape View File

@ -73,40 +73,23 @@ public class LoginController {
@RequestMapping(value = "login", method = RequestMethod.POST)
@ResponseBody
public Msg login(Power_User powerUser, HttpServletResponse response, HttpServletRequest request, Model model) {
LoginVoRedis loginVo = new LoginVoRedis();
Msg msg = new Msg();
String userName = powerUser.getUserName();
String userPwd = powerUser.getUserPwd();
if (!userName.equals("admin")) {
String s = "00" + userName;
powerUser.setUserName(s);
}
loginVo.setUsername(userName);
loginVo.setPassword(userPwd);
Date date = new Date();
SimpleDateFormat sdFormatter = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
loginVo.setLoginTime(sdFormatter.toString());
Jedis redis = JedisPoolUtil.getJedisPoolInstance().getResource();
String userInfo = redis.get(userName);
String errorPwsCount = "0";
if (userInfo == null) {
loginVo.setLoginFailureCount(0);
redis.set(userName, JSONObject.toJSONString(loginVo));
userInfo = redis.get(userName);
}
JSON json =JSONObject.parseObject(userInfo);
System.out.println(json);
LoginVoRedis userLoginInfo = JSONObject.toJavaObject(json, LoginVoRedis.class);
int loginFailCount = userLoginInfo.getLoginFailureCount();
if (loginFailCount >= 5 ) {
redis.set(userName, errorPwsCount);
}
int i = Integer.parseInt(redis.get(userName));
if (i < 5) {
try {
Power_UserVo user = powerUserService.findPowerUserByUserNameAndUserPwd(powerUser);
//添加进操作日志
Power_Log log = new Power_Log();
if (user != null) {
//存session密码置空
//是否记住密码功能
@ -168,8 +151,7 @@ public class LoginController {
int POWER_PORT = request.getLocalPort();
url = "http://" + ip + ":" + POWER_PORT + "/power/gatewayPage";
}
redis.set(userName, JSONObject.toJSONString(loginVo));
request.getSession().setAttribute("user",loginVo);
redis.del(userName);
return Msg.success().add("url", url);
} else {
//登录失败
@ -189,29 +171,27 @@ public class LoginController {
log.setRemark("已错误【" + wrongNum + "】次");
logService.insert(log);
request.setAttribute("msg", "用户名或密码不正确");
loginFailCount ++;
loginVo.setLoginFailureCount(loginFailCount);
redis.set(userName,JSONObject.toJSONString(loginVo));
request.getSession().setAttribute("user",loginVo);
redis.incr(userName);
return Msg.failUser();
}
} catch (Exception e) {
e.printStackTrace();
CacheManager.addExcCount("exc");
}
} else {
//失败次数大于五时锁十五分钟
redis.setex(userName, 900, i + "");
return Msg.failUser2();
}
return null;
}
@RequestMapping("refuse")
public String refuse() {
return "refuse";
}
//获取session所剩时间
@RequestMapping(value = "getSessionRemainingTime", method = RequestMethod.GET, produces = {"text/json;charset=UTF-8"})
@ResponseBody

2
power-admin/src/main/java/com/manage/controller/UserController.java
Unescape Escape View File

@ -168,7 +168,7 @@ public class UserController {
ServletRequestAttributes attr=(ServletRequestAttributes) RequestContextHolder.getRequestAttributes();
HttpServletRequest request =attr.getRequest();
Power_UserVo powerUser = powerUserService.selectByPrimaryKey(userId);
powerUser.setUserPwd("EUwQTRBEEE0WFxJERRVCREVEEkYQEBFBTUJATU1GR0I=");
powerUser.setUserPwd("R0QXEUNFFUNHFhAQTURMF0dNQUEVTUQRTBJDQEZNERI=");
powerUserService.updateByPrimaryKeySelective(powerUser,request);
CacheManager.addExcCount("noExc");
return Msg.success();

BIN
power-admin/src/main/webapp/static/img/login/login_bg.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 496 KiB

After

Width:  |  Height:  |  Size: 661 KiB

BIN
power-admin/src/main/webapp/static/img/login/login_logo.png
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 33 KiB

36
power-admin/src/main/webapp/static/js/login.js
Unescape Escape View File

@ -1,6 +1,3 @@
/**
* Created by ljx on 2019/4/25.
*/
@ -36,8 +33,6 @@ $(function(){
});
var banar = document.getElementById('banar');
var txt = document.getElementById('txt');
var sub = document.getElementById('sub');
@ -47,6 +42,7 @@ var allchar = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, "a", "b", "c", "d", "e",
"f", "g", "h", "i", "j", "k", "l", "m", "n", "o", "p", "q", "r",
"s", "t", "u", "v", "w", "x", "y", "z"];
var result;
function randomChar() {
result = "";//创建空的字符串,方便等下接收值
//循环找出4的字符
@ -61,15 +57,15 @@ function randomChar() {
banar.innerHTML = result;
//点击验证按钮,判断我们输入的值和随机生成的值是否一样?
//一样就弹出验证成功,不一样就弹出验证错误。
sub.onclick = function () {
if (txt.value == result) {
alert("验证成功!!!");
} else {
alert("验证错误!!!");
randomChar();//如果错误执行randomChar方法重新随机生成4个字符
txt.value = "";//如果错误,我们输入的验证码等于空,方便我们再次输入
}
};
// sub.onclick = function () {
// if (txt.value == result) {
// alert("验证成功!!!");
// } else {
// alert("验证错误!!!");
// randomChar();//如果错误执行randomChar方法重新随机生成4个字符
// txt.value = "";//如果错误,我们输入的验证码等于空,方便我们再次输入
// }
// };
}
randomChar();
@ -83,6 +79,7 @@ function login() {
var userName = $("#userName").val();
var userPwd = $("#userPwd").val();
var txt = $("#txt").val();
userPwd = hex_hmac_md5(userPwd, userPwd);
var rememberMeChecked = $("input[type='checkbox']").is(':checked');
var rememberMe = '';
if (rememberMeChecked) {
@ -96,6 +93,10 @@ function login() {
} else {
if (txt == '') {
toastr.warning("验证码不能为空!");
} else {
if (result != txt) {
toastr.warning("验证码错误!")
randomChar();
} else {
$.ajax({
type: "POST",
@ -103,14 +104,10 @@ function login() {
data: {userName: userName, userPwd: userPwd, rememberMe: rememberMe},
dataType: 'json',
success: function (data) {
if (result==txt) {
if (data.code == 100) {
window.location.href = data.extend.url;
} else {
toastr.warning(data.extend.msg);
}
}else {
toastr.warning("验证码错误!!!");
toastr.warning(data.msg);
}
}
})
@ -118,6 +115,7 @@ function login() {
}
}
}
}
var interval = "";
var qrCodeIdentity = "";

2
power-admin/src/main/webapp/static/js/user.js
Unescape Escape View File

@ -504,7 +504,7 @@ function resetPassword(){
if(ids.length == 2){
Common.confirm({
title: "提示",
message: '确定是否重置用户名'+userName[0]+'的密码为000000',
message: '确定是否重置用户名'+userName[0]+'的密码为123456',
operate: function (reselt) {
if (reselt) {
$.ajax({

6
power-foundaton/pom.xml
Unescape Escape View File

@ -51,6 +51,12 @@
<groupId>org.slf4j</groupId>
<artifactId>slf4j-log4j12</artifactId>
</dependency>
<dependency>
<groupId>redis.clients</groupId>
<artifactId>jedis</artifactId>
<version>3.1.0</version>
<scope>compile</scope>
</dependency>
</dependencies>
<build>

7
power-foundaton/src/main/java/com/manage/util/Msg.java
Unescape Escape View File

@ -45,6 +45,13 @@ public class Msg {
return result;
}
public static Msg failUser2(){
Msg result=new Msg();
result.setCode(200);
result.setMsg("账号或密码错误次数过多,请十五分钟后在尝试登录");
return result;
}
public static Msg fail(String msg){
Msg result=new Msg();
result.setCode(200);

Write Preview
Loading…
Cancel
Save