9 miesięcy temu · 91384d6293
--- a/src/main/java/com/fdkankan/ucenter/common/RedisKeyUtil.java
+++ b/src/main/java/com/fdkankan/ucenter/common/RedisKeyUtil.java
@@ -21,4 +21,7 @@ public class RedisKeyUtil {
 
				 
			
 
				     public static String loginAuthCode = "ucenter:login:auth:%s";
			
 
				     public static String checkUserCount = "ucenter:checkUser:count:%s";
			
 
				+
			
 
				+    public static final String loginNum= "ucenter:login:lock:userName:%s";
			
 
				+
			
 
				 }
			
--- a/src/main/java/com/fdkankan/ucenter/constant/LoginConstant.java
+++ b/src/main/java/com/fdkankan/ucenter/constant/LoginConstant.java
@@ -123,4 +123,7 @@ public class LoginConstant {
 
				 
			
 
				     public static final int FAILURE_CODE_3038 = 3038;
			
 
				     public static final String FAILURE_MSG_3038 = "次数限制";
			
 
				+
			
 
				+    public static final int FAILURE_CODE_3039 = 3039;
			
 
				+    public static final String FAILURE_MSG_3039 = "频繁登录失败，用户已锁定!";
			
 
				 }
			
--- a/src/main/java/com/fdkankan/ucenter/controller/LoginController.java
+++ b/src/main/java/com/fdkankan/ucenter/controller/LoginController.java
@@ -3,6 +3,7 @@ package com.fdkankan.ucenter.controller;
 
				 import cn.hutool.captcha.CaptchaUtil;
			
 
				 import cn.hutool.captcha.LineCaptcha;
			
 
				 import cn.hutool.captcha.generator.MathGenerator;
			
 
				+import cn.hutool.extra.servlet.ServletUtil;
			
 
				 import com.alibaba.fastjson.JSONObject;
			
 
				 import com.fdkankan.common.exception.BusinessException;
			
 
				 import com.fdkankan.common.util.JwtUtil;
			
@@ -48,33 +49,31 @@ public class LoginController extends BaseController {
 
				      */
			
 
				     @PostMapping("/login")
			
 
				     public Result login(@RequestBody LoginParam param){
			
 
				-        if(StringUtils.isBlank(param.getAuthCode())){
			
 
				+
			
 
				+        if (StringUtils.isBlank(param.getAuthCode()) ||StringUtils.isEmpty(param.getPassword()) || StringUtils.isEmpty(param.getPhoneNum())){
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3001, LoginConstant.FAILURE_MSG_3001);
			
 
				         }
			
 
				+        String userName = param.getPhoneNum();
			
 
				+        loginService.checkLoginNum(param.getPhoneNum());
			
 
				+
			
 
				         String id = request.getSession().getId();
			
 
				         String redisKey = String.format(RedisKeyUtil.loginAuthCode,id);
			
 
				         String redisCode = redisUtil.get(redisKey);
			
 
				         if(!redisUtil.hasKey(redisKey)){
			
 
				+            loginService.addLoginErrorNum(userName);
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3006, LoginConstant.FAILURE_MSG_3006);
			
 
				         }
			
 
				         redisUtil.del(redisKey);
			
 
				         MathGenerator mathGenerator = new MathGenerator(2);
			
 
				         boolean verify = mathGenerator.verify(redisCode,param.getAuthCode());
			
 
				         if(!verify){
			
 
				+            loginService.addLoginErrorNum(userName);
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3006, LoginConstant.FAILURE_MSG_3006);
			
 
				         }
			
 
				-
			
 
				         return Result.success(loginService.login(param));
			
 
				     }
			
 
				-    /**
			
 
				-     * 登录
			
 
				-     * phoneNum 用户名
			
 
				-     * password 密码
			
 
				-     */
			
 
				-    @PostMapping("/loginClear")
			
 
				-    public Result loginClear(@RequestBody LoginParam param){
			
 
				-        return Result.success(loginService.loginClear(param));
			
 
				-    }
			
 
				+
			
 
				+
			
 
				 
			
 
				     /**
			
 
				      * 相机扫码登录 获取二维码
			
@@ -122,15 +121,16 @@ public class LoginController extends BaseController {
 
				         if(!verify){
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3006, LoginConstant.FAILURE_MSG_3006);
			
 
				         }
			
 
				-
			
 
				-//        if(redisUtil.hasKey(String.format(RedisKeyUtil.checkUserCount,id))){
			
 
				-//            String countStr = redisUtil.get(String.format(RedisKeyUtil.checkUserCount, id));
			
 
				-//            if(Integer.valueOf(countStr) >=5){
			
 
				-//                throw new BusinessException(LoginConstant.FAILURE_CODE_3006, LoginConstant.FAILURE_MSG_3006);
			
 
				-//            }
			
 
				-//        }else {
			
 
				-//            redisUtil.set(String.format(RedisKeyUtil.checkUserCount,id),"1",60);
			
 
				-//        }
			
 
				+        Integer count = 0;
			
 
				+        if(redisUtil.hasKey(String.format(RedisKeyUtil.checkUserCount,id))){
			
 
				+            String countStr = redisUtil.get(String.format(RedisKeyUtil.checkUserCount, id));
			
 
				+            count = Integer.valueOf(countStr);
			
 
				+            if(count >=5){
			
 
				+                throw new BusinessException(LoginConstant.FAILURE_CODE_3038, LoginConstant.FAILURE_MSG_3038);
			
 
				+            }
			
 
				+        }
			
 
				+        count ++;
			
 
				+        redisUtil.set(String.format(RedisKeyUtil.checkUserCount,id),count+"",60);
			
 
				         loginService.checkUser(param.getPhoneNum(),true);
			
 
				         return Result.success();
			
 
				     }
			
--- a/src/main/java/com/fdkankan/ucenter/service/impl/LoginService.java
+++ b/src/main/java/com/fdkankan/ucenter/service/impl/LoginService.java
@@ -89,14 +89,44 @@ public class LoginService {
 
				         String passwordCode = SecurityUtil.MD5(password);
			
 
				         User user = userService.getByUserName(param.getPhoneNum());
			
 
				         if(user == null){
			
 
				+            this.addLoginErrorNum(param.getPhoneNum());
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3015, LoginConstant.FAILURE_MSG_3015);
			
 
				         }
			
 
				         if(!user.getPassword().equals(passwordCode)){
			
 
				+            this.addLoginErrorNum(param.getPhoneNum());
			
 
				             throw new BusinessException(LoginConstant.FAILURE_CODE_3014, LoginConstant.FAILURE_MSG_3014);
			
 
				         }
			
 
				         return login(user);
			
 
				     }
			
 
				 
			
 
				+    public void checkLoginNum( String userName) {
			
 
				+        if(StringUtils.isNotBlank(userName)){
			
 
				+            String redisKey = String.format(RedisKeyUtil.loginNum,userName);
			
 
				+            if(redisUtil.hasKey(redisKey)){
			
 
				+                String value = redisUtil.get(redisKey);
			
 
				+                if("5".equals(value)){
			
 
				+                    throw new BusinessException(LoginConstant.FAILURE_CODE_3039,LoginConstant.FAILURE_MSG_3039);
			
 
				+                }
			
 
				+            }
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				+    public void addLoginErrorNum( String userName) {
			
 
				+        if(StringUtils.isNotBlank(userName)){
			
 
				+            String redisKey = String.format(RedisKeyUtil.loginNum,userName);
			
 
				+            if(redisUtil.hasKey(redisKey)){
			
 
				+                String value = redisUtil.get(redisKey);
			
 
				+                if("5".equals(value)){
			
 
				+                    throw new BusinessException(LoginConstant.FAILURE_CODE_3039,LoginConstant.FAILURE_MSG_3039);
			
 
				+                }
			
 
				+                Integer num = Integer.parseInt(value) + 1;
			
 
				+                redisUtil.set(redisKey,num.toString());
			
 
				+            }else {
			
 
				+                redisUtil.set(redisKey,"1");
			
 
				+            }
			
 
				+        }
			
 
				+    }
			
 
				+
			
 
				     public void logout(String token) {
			
 
				         String redisKey = String.format(RedisKey.TOKEN_V3,token);
			
 
				         if(redisUtil.hasKey(redisKey)){