123

2024-04-24 23:09:31 +08:00
parent 07514b459a
commit d771783812
3 changed files with 33 additions and 3 deletions
--- a/ruoyi-cai/src/main/java/com/ruoyi/cai/auth/CaiLoginManager.java
+++ b/ruoyi-cai/src/main/java/com/ruoyi/cai/auth/CaiLoginManager.java
@@ -7,12 +7,16 @@ import cn.hutool.core.util.IdUtil;
 import cn.hutool.extra.spring.SpringUtil;
 import com.alibaba.fastjson2.JSON;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
+import com.ruoyi.cai.constant.RedisHttpConstant;
 import com.ruoyi.cai.domain.*;
+import com.ruoyi.cai.dto.admin.UserForbidDTO;
 import com.ruoyi.cai.dto.commom.ignoredata.InviteIgnoreData;
 import com.ruoyi.cai.enums.CodeEnum;
 import com.ruoyi.cai.enums.GenderEnum;
 import com.ruoyi.cai.enums.IgnoreDataTypeEnum;
 import com.ruoyi.cai.enums.SystemConfigEnum;
+import com.ruoyi.cai.enums.forbid.ForbidTimeEnum;
+import com.ruoyi.cai.enums.forbid.ForbidTypeEnum;
 import com.ruoyi.cai.executor.ExecutorConstant;
 import com.ruoyi.cai.manager.*;
 import com.ruoyi.cai.mq.AmqpHttpProducer;
@@ -33,6 +37,8 @@ import com.ruoyi.yunxin.req.UpdateTokenReq;
 import com.ruoyi.yunxin.resp.YxCommonR;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.redisson.api.RAtomicLong;
+import org.redisson.api.RBucket;
 import org.redisson.api.RLock;
 import org.redisson.api.RedissonClient;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -106,13 +112,35 @@ public class CaiLoginManager {
            notifyLogin(user.getId());
            return login(user);
        }
-        if(!BCrypt.checkpw(password, user.getPassword())){
-            throw new ServiceException("用户不存在或密码错误");
-        }
+        checkLogin(username,password,user);
        notifyLogin(user.getId());
        return login(user);
    }

+    public void checkLogin(String username,String password,User user){
+        String key = String.format(RedisHttpConstant.CHECK_LOGIN_NUM, username);
+        if(!BCrypt.checkpw(password, user.getPassword())){
+            RAtomicLong atomicLong = redissonClient.getAtomicLong(key);
+            Long passwordMaxNum = systemConfigManager.getSystemConfigOfLong(SystemConfigEnum.LOGIN_PASSWORD_ERROR_MAX_NUM);
+            long num = atomicLong.incrementAndGet();
+            if(num >= passwordMaxNum){
+                String error = String.format("密码错误次数超过%s次，账号已被封禁，请联系客服解锁", passwordMaxNum);
+                UserForbidDTO userForbid = new UserForbidDTO();
+                userForbid.setForbidTime(ForbidTimeEnum.MONTH_1.getCode());
+                userForbid.setForbidType(ForbidTypeEnum.USER.getCode());
+                userForbid.setMember(user.getUsercode());
+                userForbid.setRemark(error);
+                userForbidManager.forbid(userForbid);
+                redissonClient.getAtomicLong(key).delete();
+                throw new ServiceException(error);
+            }else{
+                String error = String.format("密码错误，已错误%s次，还剩%s次", num, passwordMaxNum-num);
+                throw new ServiceException(error);
+            }
+        }
+        redissonClient.getAtomicLong(key).delete();
+    }
+
    private void notifyLogin(Long userId){
        LoginNotifyDTO loginUserDTO = new LoginNotifyDTO();
        loginUserDTO.setUserId(userId);