add: 配置文件增加redis 密码认证.

用户实体类增加过期时间字段. 数据库用户表增加过期时间字段. 登录认证增加用户过期校验.

add: 配置文件增加redis 密码认证.
用户实体类增加过期时间字段. 数据库用户表增加过期时间字段. 登录认证增加用户过期校验.
朱兆平
config/application.yml
src/main/java/com/tianbo/warehouse/model/KakoUser.java
src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationFailHandler.java
src/main/java/com/tianbo/warehouse/security/handel/kakologin/MyLoginAuthenticationProvider.java
src/main/resources/mapping/KakoUserMapper.xml
--- a/config/application.yml
查看文件 @6d0d4a7
+++ b/config/application.yml
查看文件 @6d0d4a7
@@ -28,6 +28,7 @@ spring:
 #    host: 127.0.0.1
     host: 192.168.1.53
     port: 6379
+    password: vmvnv1v2VV.
   jackson:
     serialization:
       FAIL_ON_EMPTY_BEANS: false
--- a/src/main/java/com/tianbo/warehouse/model/KakoUser.java
查看文件 @6d0d4a7
+++ b/src/main/java/com/tianbo/warehouse/model/KakoUser.java
查看文件 @6d0d4a7
@@ -71,6 +71,8 @@ public class KakoUser implements UserDetails {
     private Boolean online;
+    private Date expiryDate;
+
     @JSONField(serialzeFeatures= {SerializerFeature.WriteMapNullValue,SerializerFeature.WriteNullStringAsEmpty})
     private List<ROLE> roles;
@@ -281,13 +283,31 @@ public class KakoUser implements UserDetails {
         this.online = online;
     }
+    public Date getExpiryDate() {
+        return expiryDate;
+    }
+
+    public void setExpiryDate(Date expiryDate) {
+        this.expiryDate = expiryDate;
+    }
+
     /**
      *
      * @return 账户未过期
+     * 未过期为true,已过期为false
      */
     @Override
     public boolean isAccountNonExpired(){
-        return true;
+        // 无过期时间字段时视为永不过期
+        if(expiryDate == null) {
+            return true;
+        }else {
+            Boolean check = new Date().before(expiryDate);
+            return check;
+        }
+
+        // 当前时间在过期时间之前视为未过期
+
     }
     /**
--- a/src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationFailHandler.java
查看文件 @6d0d4a7
+++ b/src/main/java/com/tianbo/warehouse/security/handel/MyAuthenticationFailHandler.java
查看文件 @6d0d4a7
@@ -7,8 +7,10 @@ import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
+import org.springframework.security.authentication.AccountExpiredException;
 import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.DisabledException;
+import org.springframework.security.authentication.LockedException;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.DefaultRedirectStrategy;
@@ -69,6 +71,8 @@ public class MyAuthenticationFailHandler extends SimpleUrlAuthenticationFailureH
             response.sendError(HttpStatus.UNAUTHORIZED.value(),"用户不存在或者密码错误");
         } else if (exception instanceof DisabledException) {
             response.sendError(HttpStatus.UNAUTHORIZED.value(),"账户被禁用，登录失败，请联系管理员!");
+        } else if (exception instanceof AccountExpiredException) {
+            response.sendError(HttpStatus.UNAUTHORIZED.value(),"账户已过期，登录失败，请联系管理员!");
         } else {
             response.sendError(HttpStatus.UNAUTHORIZED.value(),"登录失败");
         }
--- a/src/main/java/com/tianbo/warehouse/security/handel/kakologin/MyLoginAuthenticationProvider.java
查看文件 @6d0d4a7
+++ b/src/main/java/com/tianbo/warehouse/security/handel/kakologin/MyLoginAuthenticationProvider.java
查看文件 @6d0d4a7
@@ -11,10 +11,7 @@ import org.apache.shiro.crypto.hash.Hash;
 import org.apache.shiro.crypto.hash.SimpleHash;
 import org.apache.shiro.util.ByteSource;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationProvider;
-import org.springframework.security.authentication.BadCredentialsException;
-import org.springframework.security.authentication.DisabledException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.authentication.*;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.userdetails.UserDetails;
@@ -63,6 +60,11 @@ public class MyLoginAuthenticationProvider extends CodecSupport implements Authe
             throw new DisabledException("用户被禁用");
         }
+        // 过期判定
+        if (!userInfo.isAccountNonExpired()){
+            throw new AccountExpiredException("用户已过期");
+        }
+
         //取盐规则
         byte[] salt = PasswordSaltUtils.getSalt16(userInfo.getPassword());
         //真实密码
--- a/src/main/resources/mapping/KakoUserMapper.xml
查看文件 @6d0d4a7
+++ b/src/main/resources/mapping/KakoUserMapper.xml
查看文件 @6d0d4a7
@@ -24,11 +24,12 @@
     <result column="remarks" property="remarks" jdbcType="VARCHAR" />
     <result column="del_flag" property="delFlag" jdbcType="CHAR" />
     <result column="online" property="online" jdbcType="BOOLEAN" />
+    <result column="expiry_date" property="expiryDate" jdbcType="TIMESTAMP" />
   </resultMap>
   <sql id="Base_Column_List" >
     id, company_id, office_id, login_name, password, no, name, email, phone, mobile,
     user_type, photo, login_ip, login_date, login_flag, create_by, create_date, update_by,
-    update_date, remarks, del_flag, online
+    update_date, remarks, del_flag, online, expiry_date
   </sql>
   <select id="selectByPrimaryKey" resultMap="BaseResultMap" parameterType="java.lang.String" >
     select
@@ -83,7 +84,7 @@
       mobile, user_type, photo,
       login_ip, login_date, login_flag,
       create_by, create_date, update_by,
-      update_date, remarks, del_flag
+      update_date, remarks, del_flag, expiry_date
       )
     values (#{id,jdbcType=VARCHAR}, #{companyId,jdbcType=VARCHAR}, #{officeId,jdbcType=VARCHAR},
       #{loginName,jdbcType=VARCHAR}, #{password,jdbcType=VARCHAR}, #{no,jdbcType=VARCHAR},
@@ -91,7 +92,7 @@
       #{mobile,jdbcType=VARCHAR}, #{userType,jdbcType=CHAR}, #{photo,jdbcType=VARCHAR},
       #{loginIp,jdbcType=VARCHAR}, #{loginDate,jdbcType=TIMESTAMP}, #{loginFlag,jdbcType=VARCHAR},
       #{createBy,jdbcType=VARCHAR}, #{createDate,jdbcType=TIMESTAMP}, #{updateBy,jdbcType=VARCHAR},
-      #{updateDate,jdbcType=TIMESTAMP}, #{remarks,jdbcType=VARCHAR}, #{delFlag,jdbcType=CHAR}
+      #{updateDate,jdbcType=TIMESTAMP}, #{remarks,jdbcType=VARCHAR}, #{delFlag,jdbcType=CHAR}, #{expiryDate,jdbcType=TIMESTAMP}
       )
   </insert>
   <insert id="insertSelective" parameterType="com.tianbo.warehouse.model.KakoUser" >
@@ -160,6 +161,9 @@
       <if test="delFlag != null" >
         del_flag,
       </if>
+      <if test="expiryDate != null" >
+        expiry_date,
+      </if>
     </trim>
     <trim prefix="values (" suffix=")" suffixOverrides="," >
       <if test="id != null" >
@@ -225,6 +229,9 @@
       <if test="delFlag != null" >
         #{delFlag,jdbcType=CHAR},
       </if>
+      <if test="expiryDate != null" >
+        #{expiryDate,jdbcType=TIMESTAMP},
+      </if>
     </trim>
   </insert>
   <update id="updateByPrimaryKeySelective" parameterType="com.tianbo.warehouse.model.KakoUser" >
@@ -293,6 +300,9 @@
       <if test="online != null" >
         online = #{online,jdbcType=BOOLEAN},
       </if>
+      <if test="expiryDate != null" >
+        expiry_date = #{expiryDate,jdbcType=TIMESTAMP},
+      </if>
     </set>
     where id = #{id,jdbcType=VARCHAR}
   </update>
@@ -318,7 +328,8 @@
       update_date = #{updateDate,jdbcType=TIMESTAMP},
       remarks = #{remarks,jdbcType=VARCHAR},
       del_flag = #{delFlag,jdbcType=CHAR},
-      online = #{online,jdbcType=BOOLEAN}
+      online = #{online,jdbcType=BOOLEAN},
+      expiry_date = #{expiryDate,jdbcType=TIMESTAMP}
     where id = #{id,jdbcType=VARCHAR}
   </update>