feats

pom.xml

@@ -10,7 +10,7 @@
 	</parent>
 	<groupId>com.huiju</groupId>
 	<artifactId>xiangsong</artifactId>
-	<version>1.0.53</version>
+	<version>1.0.54</version>
 	<name>xiangsong</name>
 	<description>香颂</description>
 

src/main/java/com/huiju/estateagents/center/taUser/controller/TaUserController.java

@@ -18,6 +18,7 @@ import com.huiju.estateagents.service.*;
 import io.swagger.annotations.ApiImplicitParam;
 import io.swagger.annotations.ApiImplicitParams;
 import io.swagger.annotations.ApiOperation;
+import org.checkerframework.checker.units.qual.A;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,6 +27,7 @@ import org.springframework.web.bind.annotation.*;
 import javax.servlet.http.HttpServletRequest;
 
 import java.text.SimpleDateFormat;
+import java.time.Duration;
 import java.time.LocalDateTime;
 import java.util.*;
 
@@ -85,6 +87,9 @@ public class TaUserController extends BaseController {
     @Autowired
     public CaptchaUtils captchaUtils;
 
+    @Autowired
+    LoginLocker loginLocker;
+
     /**
      * 分页查询列表
      * @param pageNum
@@ -342,6 +347,18 @@ public class TaUserController extends BaseController {
         String captcha = params.getString("captcha");
         String captchaKey = params.getString("captchaKey");
 
+        // 试错 3 次被锁定
+        int maxTryTimes = 3;
+        if (null != userName) {
+            LoginLocker.LogInfo logInfo = loginLocker.get("admin-" + userName);
+            if (null != logInfo) {
+                if (logInfo.getTimes() >= maxTryTimes) {
+                    String errMsg = String.format("该账号被锁定, 请 %d 分钟后重试", Duration.between(LocalDateTime.now(), logInfo.getExpire()).toMinutes() + 1);
+                    return ResponseBean.error(errMsg, ResponseBean.ERROR_UNAVAILABLE);
+                }
+            }
+        }
+
         if (!captchaUtils.valid(captchaKey, captcha)) {
             return ResponseBean.error("验证码不正确或者已过期", ResponseBean.ERROR_ILLEGAL_PARAMS);
         }
@@ -352,9 +369,14 @@ public class TaUserController extends BaseController {
         sysUserQueryWrapper.eq("login_password", MD5Utils.md5(userPassword));
         TaUser taUser = iTaUserService.getOne(sysUserQueryWrapper);
         if (taUser == null) {
-            return ResponseBean.error("用户名或密码错误", ResponseBean.ERROR_ILLEGAL_PARAMS);
+            LoginLocker.LogInfo logInfo = loginLocker.add("admin-" + userName);
+            String errMsg = String.format("用户名或密码错误, 您还有 %d 次机会", maxTryTimes - logInfo.getTimes());
+            return ResponseBean.error(errMsg, ResponseBean.ERROR_ILLEGAL_PARAMS);
         }
 
+        // 解除锁定
+        loginLocker.remove("admin-"+userName);
+
         QueryWrapper<TaUser> taUserQueryWrapper = new QueryWrapper<>();
         taUserQueryWrapper.eq("org_id", taUser.getOrgId());
         taUserQueryWrapper.eq("is_admin", 1);

src/main/java/com/huiju/estateagents/common/CaptchaUtils.java

@@ -10,7 +10,6 @@ import org.springframework.stereotype.Component;
 
 import java.time.LocalDateTime;
 import java.util.Hashtable;
-import java.util.Map;
 import java.util.UUID;
 
 @Slf4j
@@ -70,7 +69,7 @@ public class CaptchaUtils {
     }
 
     /**
-     * 定时任务 每半小时 清除一次不用的手机号
+     * 定时任务 每半小时 清除一次不用的缓存
      */
     @Scheduled(fixedRate = 1000 * 60 * 30)
     public void clearUnused() {

src/main/java/com/huiju/estateagents/common/LoginLocker.java

@@ -0,0 +1,75 @@
+package com.huiju.estateagents.common;
+
+import lombok.Data;
+import lombok.experimental.Accessors;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Component;
+
+import java.time.LocalDateTime;
+import java.util.Hashtable;
+
+@Slf4j
+@Component
+@EnableScheduling
+public class LoginLocker {
+    // 锁定时长 分钟
+    public static final int lockTime = 5;
+
+    Hashtable<String, LogInfo> allLogs = new Hashtable<>();
+
+    public LogInfo get(String name) {
+        return allLogs.get(name);
+    }
+
+    public LogInfo add(String name) {
+        if (null == name) {
+            return null;
+        }
+
+        LogInfo logInfo = allLogs.get(name);
+        if (null == logInfo) {
+            logInfo = new LogInfo()
+                    .setKey(name)
+                    .setTimes(1)
+                    .setExpire(LocalDateTime.now().plusMinutes(lockTime));
+            allLogs.put(name, logInfo);
+        } else {
+            logInfo.setTimes(logInfo.getTimes() + 1)
+                    .setExpire(LocalDateTime.now().plusMinutes(lockTime));
+        }
+
+        return logInfo;
+    }
+
+    public void remove(String name) {
+        try {
+            allLogs.remove(name);
+        } catch (Exception e) {}
+    }
+
+    private boolean checkExpire(LogInfo log) {
+        return LocalDateTime.now().isAfter(log.getExpire());
+    }
+
+    /**
+     * 定时任务 每分钟 清除一次不用的缓存
+     */
+    @Scheduled(fixedRate = 1000 * 60)
+    public void clearUnused() {
+        for (LogInfo log: allLogs.values()) {
+            if (checkExpire(log)) {
+                allLogs.remove(log.getKey());
+            }
+        }
+    }
+
+    @Data
+    @Accessors(chain = true)
+    public static class LogInfo {
+        String key;
+        int times;
+        LocalDateTime expire;
+    }
+}