朱兆平 / agent · 提交

转到一个项目

作者 shenhailong
提交 297223bcbc1d7b51138ae7d6107d557a1fa460ae 1 个父辈 8b6637ce

添加 用户登录 密码错误5次锁定账户 账户启用禁用 用户修改密码

内嵌 并排对比
正在显示 9 个修改的文件 包含 316 行增加125 行删除
... ... @@ -154,96 +154,124 @@ public class LoginController {
@ResponseBody
public ResponseModel doLogin(String loginAccount, String password, String captcha) {
SessionUtil.putKey(Constants.CAPTCHA, "");
ResponseModel rm = new ResponseModel(200, "", null);
// 查询该账号是否被禁用
UserEntity user = new UserEntity();
user.setLoginaccount(loginAccount);
user.setPassword(password);
if (!loginAccount.equals("admin") && "true".equals(PropertiesLoader.getLogin("openRemoteLogin"))) {
// 远程登录
// 用户数据
LoginData login = FLogin.login(user);
// 登录成功!
if (login.getCode() == 20000) {
// 往数据库中插入数据
UserEntity ue = userService.findByLoginaccount(user.getLoginaccount());
// 用户存在
if (ue != null) {
// 修改密码
userService.updatePassword(ue.getLoginaccount(), MD5Tools.MD5(password));
UserEntity userEntity = userService.findLoginaccount(loginAccount);
if (userEntity.getStatus() != 0){
rm.setStatus(201);
return rm;
}else {
// 等于5次 锁定账户 admin 除外
if (userEntity.getLoginerror() != 5){
SessionUtil.putKey(Constants.CAPTCHA, "");
UserEntity user = new UserEntity();
user.setLoginaccount(loginAccount);
user.setPassword(password);
if (!loginAccount.equals("admin") && "true".equals(PropertiesLoader.getLogin("openRemoteLogin"))) {
// 远程登录
// 用户数据
LoginData login = FLogin.login(user);
// 登录成功!
if (login.getCode() == 20000) {
// 往数据库中插入数据
UserEntity ue = userService.findByLoginaccount(user.getLoginaccount());
// 用户存在
if (ue != null) {
// 修改密码
userService.updatePassword(ue.getLoginaccount(), MD5Tools.MD5(password));
} else {
// 用户不存在,插入数据
BasicAgentEntity agent = new BasicAgentEntity();
agent.setContact(login.getInfodata().getContact());
agent.setNameCn(login.getInfodata().getCompany());
agent.setCountryCode("CN");
agent.setAddress(login.getInfodata().getAddress());
int agent_id = agentSerive.save2(agent);
ue = new UserEntity();
ue.setLoginaccount(loginAccount);
// 设置用户名密码
ue.setPassword(MD5Tools.MD5(password));
ue.setRealName(login.getInfodata().getContact());
ue.setMobile(login.getInfodata().getMobile());
ue.setStatus(0);
ue.setAgent(new Long(agent_id));
RoleEntity re = new RoleEntity();
re.setId(new Long(1));
ue.setRole(re);
// 删除密码
userService.save(ue);
}
// 登录用户
Subject subject = SecurityUtils.getSubject();
subject.getSession().setAttribute("user", user);
UsernamePasswordToken token = new UsernamePasswordToken(loginAccount, MD5Tools.MD5(password));
try {
subject.login(token);
subject.getSession().setAttribute("permission", roleService
.findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
subject.getSession().setAttribute("all_function", functionService.findAll());
//登录成功 请空失败次数
userService.emptyLoginerror(loginAccount);
} catch (UnknownAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
} catch (IncorrectCredentialsException e) {
// 添加错误次数
userService.updateLoginError(loginAccount, userEntity.getLoginerror() + 1);
rm.setStatus(500);
rm.setMsg("1");
} catch (LockedAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
}
} else {
rm.setStatus(500);
rm.setMsg("1");
}
} else {
// 用户不存在,插入数据
BasicAgentEntity agent = new BasicAgentEntity();
agent.setContact(login.getInfodata().getContact());
agent.setNameCn(login.getInfodata().getCompany());
agent.setCountryCode("CN");
agent.setAddress(login.getInfodata().getAddress());
int agent_id = agentSerive.save2(agent);
ue = new UserEntity();
ue.setLoginaccount(loginAccount);
// 设置用户名密码
ue.setPassword(MD5Tools.MD5(password));
ue.setRealName(login.getInfodata().getContact());
ue.setMobile(login.getInfodata().getMobile());
ue.setStatus(0);
ue.setAgent(new Long(agent_id));
RoleEntity re = new RoleEntity();
re.setId(new Long(1));
ue.setRole(re);
// 删除密码
userService.save(ue);
// 登录用户
Subject subject = SecurityUtils.getSubject();
subject.getSession().setAttribute("user", user);
UsernamePasswordToken token = new UsernamePasswordToken(loginAccount, MD5Tools.MD5(password));
// System.out.println(loginAccount+" " + password);
try {
subject.login(token);
subject.getSession().setAttribute("permission", roleService
.findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
subject.getSession().setAttribute("all_function", functionService.findAll());
//登录成功 请空失败次数
userService.emptyLoginerror(loginAccount);
} catch (UnknownAccountException e) {
rm.setStatus(500);
System.out.println();
rm.setMsg("1");
} catch (IncorrectCredentialsException e) {
// 添加错误次数
userService.updateLoginError(loginAccount, userEntity.getLoginerror() + 1);
rm.setStatus(500);
rm.setMsg("1");
} catch (LockedAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
}
}
// 登录用户
Subject subject = SecurityUtils.getSubject();
subject.getSession().setAttribute("user", user);
UsernamePasswordToken token = new UsernamePasswordToken(loginAccount, MD5Tools.MD5(password));
try {
subject.login(token);
subject.getSession().setAttribute("permission", roleService
.findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
subject.getSession().setAttribute("all_function", functionService.findAll());
} catch (UnknownAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
} catch (IncorrectCredentialsException e) {
rm.setStatus(500);
rm.setMsg("1");
} catch (LockedAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
}
} else {
rm.setStatus(500);
rm.setMsg("1");
}
} else {
// 登录用户
Subject subject = SecurityUtils.getSubject();
subject.getSession().setAttribute("user", user);
UsernamePasswordToken token = new UsernamePasswordToken(loginAccount, MD5Tools.MD5(password));
// System.out.println(loginAccount+" " + password);
try {
subject.login(token);
subject.getSession().setAttribute("permission", roleService
.findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
subject.getSession().setAttribute("all_function", functionService.findAll());
} catch (UnknownAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
} catch (IncorrectCredentialsException e) {
rm.setStatus(500);
rm.setMsg("1");
} catch (LockedAccountException e) {
rm.setStatus(500);
rm.setMsg("1");
return rm;
}else {
userService.updateStatus(loginAccount);
rm.setStatus(201);
return rm;
}
}
return rm;
}
... ...
... ... @@ -180,7 +180,10 @@ public class UserController extends BasicController {
return model;
}
@RequestMapping(value="/changepassword",method=RequestMethod.GET)
public String changepassword(){
public String changepassword(Long id, Model model){
model.addAttribute("userid", id);
return "system/user/changepassword";
}
/**
... ... @@ -189,10 +192,10 @@ public class UserController extends BasicController {
*/
@RequestMapping(value="/verifyPassword",method=RequestMethod.GET)
@ResponseBody
public ResponseModel verifyPassword(String originalpassword){
public ResponseModel verifyPassword(Long id, String originalpassword){
ResponseModel model = new ResponseModel();
try {
UserEntity user = (UserEntity) SessionUtil.getKey("user");
UserEntity user = userService.findOne(id);
originalpassword = MD5Tools.MD5(originalpassword);
if(originalpassword.equals(user.getPassword())){
model.setStatus(200);
... ... @@ -214,25 +217,27 @@ public class UserController extends BasicController {
* @return
*/
@RequestMapping(value="/savepassword",method=RequestMethod.POST)
@ResponseBody
public ResponseModel savepassword(String originalpassword,String newpassword,String confirmnewpassword){
ResponseModel model = new ResponseModel();
try {
if(newpassword.equals(confirmnewpassword)){
UserEntity user = (UserEntity) SessionUtil.getKey("user");
user.setPassword(MD5Tools.MD5(newpassword));
this.userService.save(user);
model.setStatus(200);
model.setMsg("修改成功");
}else{
model.setStatus(500);
model.setMsg("您的两次密码不一致");
}
} catch (Exception e) {
model.setStatus(500);
model.setMsg("系统异常");
logger.error("系统异常 >>", e);
}
return model;
}
@ResponseBody
public ResponseModel savepassword(Long id, String originalpassword,String newpassword,String confirmnewpassword){
ResponseModel model = new ResponseModel();
try {
if(newpassword.equals(confirmnewpassword)){
UserEntity user = userService.findOne(id);
user.setPassword(MD5Tools.MD5(newpassword));
this.userService.save(user);
model.setStatus(200);
model.setMsg("修改成功");
}else{
model.setStatus(500);
model.setMsg("您的两次密码不一致");
}
} catch (Exception e) {
model.setStatus(500);
model.setMsg("系统异常");
logger.error("系统异常 >>", e);
}
return model;
}
}
... ...
... ... @@ -58,7 +58,7 @@ public class UserEntity extends BasicEntity {
private String description;
/**
* 0 未启用 1启
* 0 启用 1禁
*/
private int status = 0;
... ... @@ -67,6 +67,12 @@ public class UserEntity extends BasicEntity {
*/
private Long agent;
/**
* 登录失败次数
* @return
*/
private int loginerror;
@Column(name = "loginaccount", nullable = false, length = 20)
public String getLoginaccount() {
return loginaccount;
... ... @@ -154,4 +160,12 @@ public class UserEntity extends BasicEntity {
public void setAgent(Long agent) {
this.agent = agent;
}
public int getLoginerror() {
return loginerror;
}
public void setLoginerror(int loginerror) {
this.loginerror = loginerror;
}
}
... ...
... ... @@ -41,4 +41,24 @@ public interface UserRepository extends PagingAndSortingRepository<UserEntity, L
@Query(value = "select * from sys_user where LOGINACCOUNT = ?1", nativeQuery = true)
UserEntity findLoginaccount(String loginaccount);
// 锁定账户
@Transactional
@Modifying(clearAutomatically=true)
@Query(value = "UPDATE SYS_USER SET status = 1 where loginaccount=?1", nativeQuery = true)
public void updateStatus(String loginacount);
// 添加错误次数
@Transactional
@Modifying(clearAutomatically=true)
@Query(value = "UPDATE SYS_USER SET loginerror = ?2 where loginaccount=?1", nativeQuery = true)
public void updateLoginError(String logincount, int loginerror);
@Transactional
@Modifying(clearAutomatically=true)
@Query(value = "UPDATE SYS_USER SET loginerror = 0 where loginaccount=?1", nativeQuery = true)
public void emptyLoginerror(String loginaccount);
}
... ...
... ... @@ -151,4 +151,21 @@ public class UserService extends BasicService<UserEntity> {
public UserEntity findLoginaccount(String loginaccount){
return userDao.findLoginaccount(loginaccount);
}
// 锁定账户
public void updateStatus(String loginacount){
userDao.updateStatus(loginacount);
}
// 添加错误次数
public void updateLoginError(String logincount, int loginerror){
userDao.updateLoginError(logincount, loginerror);
}
public void emptyLoginerror(String loginaccount){
userDao.emptyLoginerror(loginaccount);
}
}
... ...
... ... @@ -23,7 +23,8 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
<input class="admin" type="text" placeholder="请输入账号" id="userName" maxlength="30" />
<input class="passWord" type="password" placeholder="请输入密码" id="password" maxlength="30" />
<input class="submit" type="button" onclick="doLogin()"/>
<a style="text-decoration:none;display:inline-block;
color:#fff;left:30%;position:relative;
font-size:20px;margin:0px auto;"
... ... @@ -73,18 +74,27 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
return false;
}else{
jQuery.post("<%=basePath %>doLogin",{loginAccount:userName,password:password},function(result){
if(result.status == 200){
sessionStorage.removeItem("menuid");
window.location.href="<%=basePath %>index";
}else{
if(result.msg==1) {
$("#password").val("");
$("#userName").focus();
layer.tips('用户名或密码错误', '#userName', {
tips: [1, '#0FA6D8'] //还可配置颜色
});
if (result.status == 201){
$("#userName").focus();
layer.tips('用户名已被禁用请联系管理员', '#userName', {
tips: [1, '#0FA6D8'] //还可配置颜色
});
} else{
if(result.status == 200){
sessionStorage.removeItem("menuid");
window.location.href="<%=basePath %>index";
}else{
if(result.msg==1) {
$("#password").val("");
$("#userName").focus();
layer.tips('用户名或密码错误', '#userName', {
tips: [1, '#0FA6D8'] //还可配置颜色
});
}
}
}
},"json");
}
}
... ...
... ... @@ -148,6 +148,7 @@
<table class="kv-table">
<tbody>
<tr>
<input type="hidden" id="id" name="id" value="${userid}">
<td class="kv-label"><spring:message code="user.oldpwd"/></td>
<td class="kv-content">
<input type="password" id="originalpassword" name="originalpassword" required maxlength="30">
... ... @@ -155,7 +156,7 @@
</tr>
<tr>
<td class="kv-label"><spring:message code="user.newpwd"/></td>
<td class="kv-content"><input type="password" name="newpassword" id="newpassword" required maxlength="30">
<td class="kv-content"><input type="password" name="newpassword" id="newpassword" required maxlength="30"><span id="showStrength"></span>
</td>
</tr>
<tr>
... ... @@ -248,12 +249,13 @@
var originalpassword = $("#originalpassword").val();
var newpassword = $("#newpassword").val();
var confirmnewpassword = $("#confirmnewpassword").val();
$.get("<%=basePath %>system/user/verifyPassword",{originalpassword:originalpassword},function(data){
var id = $("#id").val();
$.get("<%=basePath %>system/user/verifyPassword",{id:id, originalpassword:originalpassword},function(data){
if(data.status==500){
layer.open({content:"<spring:message code="user.differpwd"/>"});
return;
}else if(data.status==200){
$.post("<%=basePath %>system/user/savepassword",{originalpassword:originalpassword,newpassword:newpassword,confirmnewpassword:confirmnewpassword},function(data){
$.post("<%=basePath %>system/user/savepassword",{id:id, originalpassword:originalpassword,newpassword:newpassword,confirmnewpassword:confirmnewpassword},function(data){
if(data.status==200){
layer.confirm("<spring:message code="opt.savesuccess"/>",{btn:['<spring:message code="opt.confirm"/>','<spring:message code="opt.cancel"/>']},function(){
window.location.href="<%=basePath %>system/user/list";
... ... @@ -310,6 +312,90 @@
window.location.href="<%=basePath %>index?lang="+langVar;
}
// 验证密码强度
$("#newpassword")window.onload = function () {
function setCss(_this,cssOption){
//判断节点类型
if (!_this || _this.nodeType ===3 || _this.nodeType === 8 ||!_this.style) {
return;
}
for(var cs in cssOption){
_this.style[cs] = cssOption[cs];
}
return _this;
}
function trim(chars){
return (chars ||"").replace(/^(\s|\u00a0)+|(\s|\u00a0)+$/g,"");
}
function passwordStrength(newpassword,showStrength){
var self = this;
/*字符权重;
数字1,字母2,其他字符为3
当密码长度小于6时不符合标准
长度>=6,强度小于10,强度弱
长度>=6,长度>=10且<15,强度中
长度>=6,强度>=15,强*/
passwordStrength.onkeyup = function(){
var _color = ["red","yellow","orange","green"],
msgs = ["密码太短","弱","中","强"],
_strength = 0,
_v= trim(newpassword.value),
_vL= _v.length,
i=0;
var charStrength = function(char){
//计算单个字符强度
if(char>=48 && char <=57){//数字
return 1;
}
if(char>=97 && char<=122){//小写
return 2;
}else{
return 3; //特殊字符
}
}
if(_vL<8){//计算模式
showStrength.innerText = msgs[0];
setCss(showStrength,{
"color":_color[0]
})
}else{
for(;i<_vL;i++){
//遍历字符
_strength+=charStrength(_v.toLocaleLowerCase().charCodeAt(i));
}
if(_strength<10){
//强度小于10
showStrength.innerText = msgs[1];
setCss(showStrength,{
"color":_color[1]
})
}
if(_strength>=10&&_strength<15){
showStrength.innerText = msgs[2];
setCss(showStrength,{
"color":_color[2]
})
}
if(_strength>=15){
showStrength.innerText = msgs[3];
setCss(showStrength,{
"color":_color[3]
})
}
}
}
}
passwordStrength(
document.getElementById("newpassword"),
document.getElementById("showStrength"));
};
</script>
</body>
</html>
... ...
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
<%
String path = request.getContextPath();
... ... @@ -35,6 +36,10 @@
<td class="kv-content">
<input id="loginaccount" name="loginaccount" type="text" value="${entity.loginaccount}" required/>
</td>
<td class="kv-label">
<input id="true" name="status" type="radio" ${fn:contains(entity.status, 0)?"checked":""} value="0"/>启用
<input id="error" name="status" type="radio" ${fn:contains(entity.status, 1)?"checked":""} value="1"/>禁用
</td>
<c:if test="${empty entity.id}">
<td class="kv-label"><spring:message code="user.password" /></td>
<td class="kv-content"><input style="width: 220px;" type="password" id="password" name="password" value="${entity.password}" required></td>
... ...
... ... @@ -30,7 +30,7 @@
<thead>
<tr>
<th field="id" checkbox="true"></th>
<th field="." formatter="editFormat" width="25"><spring:message code="opt.edit" /></th>
<th field="." formatter="editFormat" width="50"><spring:message code="opt.edit" /></th>
<th field="loginaccount" sortable="true" width="110"><spring:message code="user.loginaccount" /></th>
<th field="realName" width="226"><spring:message code="user.fullname" /></th>
<th field="mobile" width="112"><spring:message code="user.mobile" /></th>
... ... @@ -80,13 +80,14 @@
function editFormat(val,row,index){
var html='<a href="javascript:void(0)" style="text-decoration:none;" onclick="editRow('+row.id+')"><i class="iconfont">&#xe65a;</i></a>'
html += '<a href="javascript:void(0)" style="text-decoration:none;" onclick="changepassword('+row.id+')">重置密码</a>'
return html;
}
function editRow(id){
//这个是跳转到九州的页面去修改密码
window.open("http://www.zzcargo.com/index.php?r=member%2Fsite%2Freset-pwd");
return;
// window.open("http://www.zzcargo.com/index.php?r=member%2Fsite%2Freset-pwd");
// return;
//以下内容暂时不用
if(id==undefined){
window.location.href='<%=basePath %>system/user/edit?id=';
... ... @@ -94,6 +95,11 @@
window.location.href='<%=basePath %>system/user/edit?id='+id;
}
}
function changepassword(id) {
window.location.href='<%=basePath %>system/user/changepassword?id='+id;
}
function doSearch(){
$('#dg').datagrid("options").queryParams=$("#searchForm").serializeJson();
... ...