mdc_430后端
上一版本: a8b7758c | 补丁 | 提交 | 忽略空白
Lius
2023-12-11 7bb8e0d58700a8fb758861ade40195a271e2e5ce 
登录密码安全策略完善
已修改1个文件
16 ■■■■ 文件已修改
lxzn-module-system/lxzn-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java 16 ●●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 lxzn-module-system/lxzn-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java


@@ -154,14 +154,24 @@


                    redisUtil.set(CommonConstant.PREFIX_LOGIN_COUNT + username, 1, 300);


                    result.error500("用户名或密码错误,请重新尝试。剩余尝试次数:" + (maxAttempts - 1));


                }


            } else {


                result.error500("用户名或密码错误");


            }






            //result.error500("用户名或密码错误");


            return result;


        } else {


            if (redisUtil.hasKey(CommonConstant.PREFIX_LOGIN_COUNT + username)) {


                redisUtil.del(CommonConstant.PREFIX_LOGIN_COUNT + username);


                List<DictModel> dictModels = sysDictService.queryEnableDictItemsByCode(CommonConstant.DICT_MAX_ATTEMPTS);


                if (dictModels != null && !dictModels.isEmpty()) {


                    Integer maxAttempts = Integer.valueOf(dictModels.get(0).getValue());


                    Integer loginCount = (Integer) redisUtil.get(CommonConstant.PREFIX_LOGIN_COUNT + username);


                    if (loginCount < maxAttempts) {


                        redisUtil.del(CommonConstant.PREFIX_LOGIN_COUNT + username);


                    } else {


                        result.error500("您的账户已锁定,请稍后尝试!");


                        return result;


                    }


                }


            }


        }