朱兆平 / agent · 提交

转到一个项目

作者 shenhailong
提交 297223bcbc1d7b51138ae7d6107d557a1fa460ae 1 个父辈 8b6637ce

添加 用户登录 密码错误5次锁定账户 账户启用禁用 用户修改密码

内嵌 并排对比
正在显示 9 个修改的文件 包含 204 行增加13 行删除
@@ -154,8 +154,19 @@ public class LoginController { @@ -154,8 +154,19 @@ public class LoginController {
154 @ResponseBody 154 @ResponseBody
155 public ResponseModel doLogin(String loginAccount, String password, String captcha) { 155 public ResponseModel doLogin(String loginAccount, String password, String captcha) {
156 156
157 - SessionUtil.putKey(Constants.CAPTCHA, "");  
158 ResponseModel rm = new ResponseModel(200, "", null); 157 ResponseModel rm = new ResponseModel(200, "", null);
  158 + // 查询该账号是否被禁用
  159 +
  160 + UserEntity userEntity = userService.findLoginaccount(loginAccount);
  161 +
  162 + if (userEntity.getStatus() != 0){
  163 +
  164 + rm.setStatus(201);
  165 + return rm;
  166 + }else {
  167 + // 等于5次 锁定账户 admin 除外
  168 + if (userEntity.getLoginerror() != 5){
  169 + SessionUtil.putKey(Constants.CAPTCHA, "");
159 170
160 UserEntity user = new UserEntity(); 171 UserEntity user = new UserEntity();
161 user.setLoginaccount(loginAccount); 172 user.setLoginaccount(loginAccount);
@@ -206,10 +217,14 @@ public class LoginController { @@ -206,10 +217,14 @@ public class LoginController {
206 subject.getSession().setAttribute("permission", roleService 217 subject.getSession().setAttribute("permission", roleService
207 .findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole())); 218 .findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
208 subject.getSession().setAttribute("all_function", functionService.findAll()); 219 subject.getSession().setAttribute("all_function", functionService.findAll());
  220 + //登录成功 请空失败次数
  221 + userService.emptyLoginerror(loginAccount);
209 } catch (UnknownAccountException e) { 222 } catch (UnknownAccountException e) {
210 rm.setStatus(500); 223 rm.setStatus(500);
211 rm.setMsg("1"); 224 rm.setMsg("1");
212 } catch (IncorrectCredentialsException e) { 225 } catch (IncorrectCredentialsException e) {
  226 + // 添加错误次数
  227 + userService.updateLoginError(loginAccount, userEntity.getLoginerror() + 1);
213 rm.setStatus(500); 228 rm.setStatus(500);
214 rm.setMsg("1"); 229 rm.setMsg("1");
215 } catch (LockedAccountException e) { 230 } catch (LockedAccountException e) {
@@ -231,10 +246,16 @@ public class LoginController { @@ -231,10 +246,16 @@ public class LoginController {
231 subject.getSession().setAttribute("permission", roleService 246 subject.getSession().setAttribute("permission", roleService
232 .findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole())); 247 .findAllFunctionByRole(((UserEntity) subject.getSession().getAttribute("user")).getRole()));
233 subject.getSession().setAttribute("all_function", functionService.findAll()); 248 subject.getSession().setAttribute("all_function", functionService.findAll());
  249 +
  250 + //登录成功 请空失败次数
  251 + userService.emptyLoginerror(loginAccount);
234 } catch (UnknownAccountException e) { 252 } catch (UnknownAccountException e) {
235 rm.setStatus(500); 253 rm.setStatus(500);
  254 + System.out.println();
236 rm.setMsg("1"); 255 rm.setMsg("1");
237 } catch (IncorrectCredentialsException e) { 256 } catch (IncorrectCredentialsException e) {
  257 + // 添加错误次数
  258 + userService.updateLoginError(loginAccount, userEntity.getLoginerror() + 1);
238 rm.setStatus(500); 259 rm.setStatus(500);
239 rm.setMsg("1"); 260 rm.setMsg("1");
240 } catch (LockedAccountException e) { 261 } catch (LockedAccountException e) {
@@ -244,6 +265,13 @@ public class LoginController { @@ -244,6 +265,13 @@ public class LoginController {
244 } 265 }
245 266
246 return rm; 267 return rm;
  268 + }else {
  269 +
  270 + userService.updateStatus(loginAccount);
  271 + rm.setStatus(201);
  272 + return rm;
  273 + }
  274 + }
247 } 275 }
248 276
249 277
@@ -180,7 +180,10 @@ public class UserController extends BasicController { @@ -180,7 +180,10 @@ public class UserController extends BasicController {
180 return model; 180 return model;
181 } 181 }
182 @RequestMapping(value="/changepassword",method=RequestMethod.GET) 182 @RequestMapping(value="/changepassword",method=RequestMethod.GET)
183 - public String changepassword(){ 183 + public String changepassword(Long id, Model model){
  184 +
  185 + model.addAttribute("userid", id);
  186 +
184 return "system/user/changepassword"; 187 return "system/user/changepassword";
185 } 188 }
186 /** 189 /**
@@ -189,10 +192,10 @@ public class UserController extends BasicController { @@ -189,10 +192,10 @@ public class UserController extends BasicController {
189 */ 192 */
190 @RequestMapping(value="/verifyPassword",method=RequestMethod.GET) 193 @RequestMapping(value="/verifyPassword",method=RequestMethod.GET)
191 @ResponseBody 194 @ResponseBody
192 - public ResponseModel verifyPassword(String originalpassword){ 195 + public ResponseModel verifyPassword(Long id, String originalpassword){
193 ResponseModel model = new ResponseModel(); 196 ResponseModel model = new ResponseModel();
194 try { 197 try {
195 - UserEntity user = (UserEntity) SessionUtil.getKey("user"); 198 + UserEntity user = userService.findOne(id);
196 originalpassword = MD5Tools.MD5(originalpassword); 199 originalpassword = MD5Tools.MD5(originalpassword);
197 if(originalpassword.equals(user.getPassword())){ 200 if(originalpassword.equals(user.getPassword())){
198 model.setStatus(200); 201 model.setStatus(200);
@@ -215,11 +218,11 @@ public class UserController extends BasicController { @@ -215,11 +218,11 @@ public class UserController extends BasicController {
215 */ 218 */
216 @RequestMapping(value="/savepassword",method=RequestMethod.POST) 219 @RequestMapping(value="/savepassword",method=RequestMethod.POST)
217 @ResponseBody 220 @ResponseBody
218 - public ResponseModel savepassword(String originalpassword,String newpassword,String confirmnewpassword){ 221 + public ResponseModel savepassword(Long id, String originalpassword,String newpassword,String confirmnewpassword){
219 ResponseModel model = new ResponseModel(); 222 ResponseModel model = new ResponseModel();
220 try { 223 try {
221 if(newpassword.equals(confirmnewpassword)){ 224 if(newpassword.equals(confirmnewpassword)){
222 - UserEntity user = (UserEntity) SessionUtil.getKey("user"); 225 + UserEntity user = userService.findOne(id);
223 user.setPassword(MD5Tools.MD5(newpassword)); 226 user.setPassword(MD5Tools.MD5(newpassword));
224 this.userService.save(user); 227 this.userService.save(user);
225 model.setStatus(200); 228 model.setStatus(200);
@@ -235,4 +238,6 @@ public class UserController extends BasicController { @@ -235,4 +238,6 @@ public class UserController extends BasicController {
235 } 238 }
236 return model; 239 return model;
237 } 240 }
  241 +
  242 +
238 } 243 }
@@ -58,7 +58,7 @@ public class UserEntity extends BasicEntity { @@ -58,7 +58,7 @@ public class UserEntity extends BasicEntity {
58 private String description; 58 private String description;
59 59
60 /** 60 /**
61 - * 0 未启用 1启 61 + * 0 启用 1禁
62 */ 62 */
63 private int status = 0; 63 private int status = 0;
64 64
@@ -67,6 +67,12 @@ public class UserEntity extends BasicEntity { @@ -67,6 +67,12 @@ public class UserEntity extends BasicEntity {
67 */ 67 */
68 private Long agent; 68 private Long agent;
69 69
  70 + /**
  71 + * 登录失败次数
  72 + * @return
  73 + */
  74 + private int loginerror;
  75 +
70 @Column(name = "loginaccount", nullable = false, length = 20) 76 @Column(name = "loginaccount", nullable = false, length = 20)
71 public String getLoginaccount() { 77 public String getLoginaccount() {
72 return loginaccount; 78 return loginaccount;
@@ -154,4 +160,12 @@ public class UserEntity extends BasicEntity { @@ -154,4 +160,12 @@ public class UserEntity extends BasicEntity {
154 public void setAgent(Long agent) { 160 public void setAgent(Long agent) {
155 this.agent = agent; 161 this.agent = agent;
156 } 162 }
  163 +
  164 + public int getLoginerror() {
  165 + return loginerror;
  166 + }
  167 +
  168 + public void setLoginerror(int loginerror) {
  169 + this.loginerror = loginerror;
  170 + }
157 } 171 }
@@ -41,4 +41,24 @@ public interface UserRepository extends PagingAndSortingRepository<UserEntity, L @@ -41,4 +41,24 @@ public interface UserRepository extends PagingAndSortingRepository<UserEntity, L
41 @Query(value = "select * from sys_user where LOGINACCOUNT = ?1", nativeQuery = true) 41 @Query(value = "select * from sys_user where LOGINACCOUNT = ?1", nativeQuery = true)
42 UserEntity findLoginaccount(String loginaccount); 42 UserEntity findLoginaccount(String loginaccount);
43 43
  44 + // 锁定账户
  45 + @Transactional
  46 + @Modifying(clearAutomatically=true)
  47 + @Query(value = "UPDATE SYS_USER SET status = 1 where loginaccount=?1", nativeQuery = true)
  48 + public void updateStatus(String loginacount);
  49 +
  50 +
  51 + // 添加错误次数
  52 + @Transactional
  53 + @Modifying(clearAutomatically=true)
  54 + @Query(value = "UPDATE SYS_USER SET loginerror = ?2 where loginaccount=?1", nativeQuery = true)
  55 + public void updateLoginError(String logincount, int loginerror);
  56 +
  57 +
  58 + @Transactional
  59 + @Modifying(clearAutomatically=true)
  60 + @Query(value = "UPDATE SYS_USER SET loginerror = 0 where loginaccount=?1", nativeQuery = true)
  61 + public void emptyLoginerror(String loginaccount);
  62 +
  63 +
44 } 64 }
@@ -151,4 +151,21 @@ public class UserService extends BasicService<UserEntity> { @@ -151,4 +151,21 @@ public class UserService extends BasicService<UserEntity> {
151 public UserEntity findLoginaccount(String loginaccount){ 151 public UserEntity findLoginaccount(String loginaccount){
152 return userDao.findLoginaccount(loginaccount); 152 return userDao.findLoginaccount(loginaccount);
153 } 153 }
  154 +
  155 + // 锁定账户
  156 + public void updateStatus(String loginacount){
  157 +
  158 + userDao.updateStatus(loginacount);
  159 + }
  160 +
  161 + // 添加错误次数
  162 + public void updateLoginError(String logincount, int loginerror){
  163 + userDao.updateLoginError(logincount, loginerror);
  164 + }
  165 +
  166 + public void emptyLoginerror(String loginaccount){
  167 +
  168 + userDao.emptyLoginerror(loginaccount);
  169 + }
  170 +
154 } 171 }
@@ -24,6 +24,7 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. @@ -24,6 +24,7 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
24 <input class="passWord" type="password" placeholder="请输入密码" id="password" maxlength="30" /> 24 <input class="passWord" type="password" placeholder="请输入密码" id="password" maxlength="30" />
25 <input class="submit" type="button" onclick="doLogin()"/> 25 <input class="submit" type="button" onclick="doLogin()"/>
26 26
  27 +
27 <a style="text-decoration:none;display:inline-block; 28 <a style="text-decoration:none;display:inline-block;
28 color:#fff;left:30%;position:relative; 29 color:#fff;left:30%;position:relative;
29 font-size:20px;margin:0px auto;" 30 font-size:20px;margin:0px auto;"
@@ -73,6 +74,13 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. @@ -73,6 +74,13 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
73 return false; 74 return false;
74 }else{ 75 }else{
75 jQuery.post("<%=basePath %>doLogin",{loginAccount:userName,password:password},function(result){ 76 jQuery.post("<%=basePath %>doLogin",{loginAccount:userName,password:password},function(result){
  77 +
  78 + if (result.status == 201){
  79 + $("#userName").focus();
  80 + layer.tips('用户名已被禁用请联系管理员', '#userName', {
  81 + tips: [1, '#0FA6D8'] //还可配置颜色
  82 + });
  83 + } else{
76 if(result.status == 200){ 84 if(result.status == 200){
77 sessionStorage.removeItem("menuid"); 85 sessionStorage.removeItem("menuid");
78 window.location.href="<%=basePath %>index"; 86 window.location.href="<%=basePath %>index";
@@ -85,6 +93,8 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request. @@ -85,6 +93,8 @@ String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.
85 }); 93 });
86 } 94 }
87 } 95 }
  96 + }
  97 +
88 },"json"); 98 },"json");
89 } 99 }
90 } 100 }
@@ -148,6 +148,7 @@ @@ -148,6 +148,7 @@
148 <table class="kv-table"> 148 <table class="kv-table">
149 <tbody> 149 <tbody>
150 <tr> 150 <tr>
  151 + <input type="hidden" id="id" name="id" value="${userid}">
151 <td class="kv-label"><spring:message code="user.oldpwd"/></td> 152 <td class="kv-label"><spring:message code="user.oldpwd"/></td>
152 <td class="kv-content"> 153 <td class="kv-content">
153 <input type="password" id="originalpassword" name="originalpassword" required maxlength="30"> 154 <input type="password" id="originalpassword" name="originalpassword" required maxlength="30">
@@ -155,7 +156,7 @@ @@ -155,7 +156,7 @@
155 </tr> 156 </tr>
156 <tr> 157 <tr>
157 <td class="kv-label"><spring:message code="user.newpwd"/></td> 158 <td class="kv-label"><spring:message code="user.newpwd"/></td>
158 - <td class="kv-content"><input type="password" name="newpassword" id="newpassword" required maxlength="30"> 159 + <td class="kv-content"><input type="password" name="newpassword" id="newpassword" required maxlength="30"><span id="showStrength"></span>
159 </td> 160 </td>
160 </tr> 161 </tr>
161 <tr> 162 <tr>
@@ -248,12 +249,13 @@ @@ -248,12 +249,13 @@
248 var originalpassword = $("#originalpassword").val(); 249 var originalpassword = $("#originalpassword").val();
249 var newpassword = $("#newpassword").val(); 250 var newpassword = $("#newpassword").val();
250 var confirmnewpassword = $("#confirmnewpassword").val(); 251 var confirmnewpassword = $("#confirmnewpassword").val();
251 - $.get("<%=basePath %>system/user/verifyPassword",{originalpassword:originalpassword},function(data){ 252 + var id = $("#id").val();
  253 + $.get("<%=basePath %>system/user/verifyPassword",{id:id, originalpassword:originalpassword},function(data){
252 if(data.status==500){ 254 if(data.status==500){
253 layer.open({content:"<spring:message code="user.differpwd"/>"}); 255 layer.open({content:"<spring:message code="user.differpwd"/>"});
254 return; 256 return;
255 }else if(data.status==200){ 257 }else if(data.status==200){
256 - $.post("<%=basePath %>system/user/savepassword",{originalpassword:originalpassword,newpassword:newpassword,confirmnewpassword:confirmnewpassword},function(data){ 258 + $.post("<%=basePath %>system/user/savepassword",{id:id, originalpassword:originalpassword,newpassword:newpassword,confirmnewpassword:confirmnewpassword},function(data){
257 if(data.status==200){ 259 if(data.status==200){
258 layer.confirm("<spring:message code="opt.savesuccess"/>",{btn:['<spring:message code="opt.confirm"/>','<spring:message code="opt.cancel"/>']},function(){ 260 layer.confirm("<spring:message code="opt.savesuccess"/>",{btn:['<spring:message code="opt.confirm"/>','<spring:message code="opt.cancel"/>']},function(){
259 window.location.href="<%=basePath %>system/user/list"; 261 window.location.href="<%=basePath %>system/user/list";
@@ -310,6 +312,90 @@ @@ -310,6 +312,90 @@
310 window.location.href="<%=basePath %>index?lang="+langVar; 312 window.location.href="<%=basePath %>index?lang="+langVar;
311 } 313 }
312 314
  315 +
  316 + // 验证密码强度
  317 + $("#newpassword")window.onload = function () {
  318 + function setCss(_this,cssOption){
  319 + //判断节点类型
  320 + if (!_this || _this.nodeType ===3 || _this.nodeType === 8 ||!_this.style) {
  321 + return;
  322 + }
  323 + for(var cs in cssOption){
  324 + _this.style[cs] = cssOption[cs];
  325 + }
  326 + return _this;
  327 + }
  328 +
  329 + function trim(chars){
  330 + return (chars ||"").replace(/^(\s|\u00a0)+|(\s|\u00a0)+$/g,"");
  331 + }
  332 + function passwordStrength(newpassword,showStrength){
  333 + var self = this;
  334 +
  335 + /*字符权重;
  336 + 数字1,字母2,其他字符为3
  337 + 当密码长度小于6时不符合标准
  338 + 长度>=6,强度小于10,强度弱
  339 + 长度>=6,长度>=10且<15,强度中
  340 + 长度>=6,强度>=15,强*/
  341 + passwordStrength.onkeyup = function(){
  342 + var _color = ["red","yellow","orange","green"],
  343 + msgs = ["密码太短","弱","中","强"],
  344 + _strength = 0,
  345 + _v= trim(newpassword.value),
  346 + _vL= _v.length,
  347 + i=0;
  348 +
  349 + var charStrength = function(char){
  350 + //计算单个字符强度
  351 + if(char>=48 && char <=57){//数字
  352 + return 1;
  353 + }
  354 + if(char>=97 && char<=122){//小写
  355 + return 2;
  356 + }else{
  357 + return 3; //特殊字符
  358 + }
  359 + }
  360 +
  361 + if(_vL<8){//计算模式
  362 + showStrength.innerText = msgs[0];
  363 + setCss(showStrength,{
  364 + "color":_color[0]
  365 + })
  366 + }else{
  367 + for(;i<_vL;i++){
  368 + //遍历字符
  369 + _strength+=charStrength(_v.toLocaleLowerCase().charCodeAt(i));
  370 + }
  371 + if(_strength<10){
  372 + //强度小于10
  373 + showStrength.innerText = msgs[1];
  374 + setCss(showStrength,{
  375 + "color":_color[1]
  376 + })
  377 + }
  378 + if(_strength>=10&&_strength<15){
  379 + showStrength.innerText = msgs[2];
  380 + setCss(showStrength,{
  381 + "color":_color[2]
  382 + })
  383 + }
  384 + if(_strength>=15){
  385 + showStrength.innerText = msgs[3];
  386 + setCss(showStrength,{
  387 + "color":_color[3]
  388 + })
  389 + }
  390 + }
  391 + }
  392 + }
  393 + passwordStrength(
  394 + document.getElementById("newpassword"),
  395 + document.getElementById("showStrength"));
  396 +
  397 + };
  398 +
313 </script> 399 </script>
314 </body> 400 </body>
315 </html> 401 </html>
1 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> 1 <%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
2 <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %> 2 <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
  3 +<%@ taglib uri="http://java.sun.com/jsp/jstl/functions" prefix="fn" %>
3 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%> 4 <%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
4 <% 5 <%
5 String path = request.getContextPath(); 6 String path = request.getContextPath();
@@ -35,6 +36,10 @@ @@ -35,6 +36,10 @@
35 <td class="kv-content"> 36 <td class="kv-content">
36 <input id="loginaccount" name="loginaccount" type="text" value="${entity.loginaccount}" required/> 37 <input id="loginaccount" name="loginaccount" type="text" value="${entity.loginaccount}" required/>
37 </td> 38 </td>
  39 + <td class="kv-label">
  40 + <input id="true" name="status" type="radio" ${fn:contains(entity.status, 0)?"checked":""} value="0"/>启用
  41 + <input id="error" name="status" type="radio" ${fn:contains(entity.status, 1)?"checked":""} value="1"/>禁用
  42 + </td>
38 <c:if test="${empty entity.id}"> 43 <c:if test="${empty entity.id}">
39 <td class="kv-label"><spring:message code="user.password" /></td> 44 <td class="kv-label"><spring:message code="user.password" /></td>
40 <td class="kv-content"><input style="width: 220px;" type="password" id="password" name="password" value="${entity.password}" required></td> 45 <td class="kv-content"><input style="width: 220px;" type="password" id="password" name="password" value="${entity.password}" required></td>
@@ -30,7 +30,7 @@ @@ -30,7 +30,7 @@
30 <thead> 30 <thead>
31 <tr> 31 <tr>
32 <th field="id" checkbox="true"></th> 32 <th field="id" checkbox="true"></th>
33 - <th field="." formatter="editFormat" width="25"><spring:message code="opt.edit" /></th> 33 + <th field="." formatter="editFormat" width="50"><spring:message code="opt.edit" /></th>
34 <th field="loginaccount" sortable="true" width="110"><spring:message code="user.loginaccount" /></th> 34 <th field="loginaccount" sortable="true" width="110"><spring:message code="user.loginaccount" /></th>
35 <th field="realName" width="226"><spring:message code="user.fullname" /></th> 35 <th field="realName" width="226"><spring:message code="user.fullname" /></th>
36 <th field="mobile" width="112"><spring:message code="user.mobile" /></th> 36 <th field="mobile" width="112"><spring:message code="user.mobile" /></th>
@@ -80,13 +80,14 @@ @@ -80,13 +80,14 @@
80 80
81 function editFormat(val,row,index){ 81 function editFormat(val,row,index){
82 var html='<a href="javascript:void(0)" style="text-decoration:none;" onclick="editRow('+row.id+')"><i class="iconfont">&#xe65a;</i></a>' 82 var html='<a href="javascript:void(0)" style="text-decoration:none;" onclick="editRow('+row.id+')"><i class="iconfont">&#xe65a;</i></a>'
  83 + html += '<a href="javascript:void(0)" style="text-decoration:none;" onclick="changepassword('+row.id+')">重置密码</a>'
83 return html; 84 return html;
84 } 85 }
85 86
86 function editRow(id){ 87 function editRow(id){
87 //这个是跳转到九州的页面去修改密码 88 //这个是跳转到九州的页面去修改密码
88 - window.open("http://www.zzcargo.com/index.php?r=member%2Fsite%2Freset-pwd");  
89 - return; 89 +// window.open("http://www.zzcargo.com/index.php?r=member%2Fsite%2Freset-pwd");
  90 +// return;
90 //以下内容暂时不用 91 //以下内容暂时不用
91 if(id==undefined){ 92 if(id==undefined){
92 window.location.href='<%=basePath %>system/user/edit?id='; 93 window.location.href='<%=basePath %>system/user/edit?id=';
@@ -95,6 +96,11 @@ @@ -95,6 +96,11 @@
95 } 96 }
96 } 97 }
97 98
  99 +
  100 + function changepassword(id) {
  101 + window.location.href='<%=basePath %>system/user/changepassword?id='+id;
  102 + }
  103 +
98 function doSearch(){ 104 function doSearch(){
99 $('#dg').datagrid("options").queryParams=$("#searchForm").serializeJson(); 105 $('#dg').datagrid("options").queryParams=$("#searchForm").serializeJson();
100 $('#dg').datagrid("reload"); 106 $('#dg').datagrid("reload");