| | |
|---|
| | | import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper; |
|---|
| | | import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper; |
|---|
| | | import com.baomidou.mybatisplus.core.toolkit.IdWorker; |
|---|
| | | import com.baomidou.mybatisplus.core.toolkit.StringPool; |
|---|
| | | import io.swagger.annotations.Api; |
|---|
| | | import io.swagger.annotations.ApiOperation; |
|---|
| | | import lombok.extern.slf4j.Slf4j; |
|---|
| | | import org.apache.commons.lang3.StringUtils; |
|---|
| | | import org.apache.shiro.SecurityUtils; |
|---|
| | | import org.jeecg.common.api.vo.Result; |
|---|
| | | import org.jeecg.common.constant.CacheConstant; |
|---|
| | |
|---|
| | | private JeecgBaseConfig jeecgBaseConfig; |
|---|
| | | |
|---|
| | | private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890"; |
|---|
| | | private final String TERMINAL = "terminal"; |
|---|
| | | private final String PCR0001 = "PCR0001"; |
|---|
| | | |
|---|
| | | @ApiOperation("登录接口") |
|---|
| | | @RequestMapping(value = "/login", method = RequestMethod.POST) |
|---|
| | |
|---|
| | | Result<JSONObject> result = new Result<JSONObject>(); |
|---|
| | | String username = sysLoginModel.getUsername(); |
|---|
| | | String password = sysLoginModel.getPassword(); |
|---|
| | | String workNo = sysLoginModel.getWorkNo(); |
|---|
| | | String loginType = sysLoginModel.getLoginType(); |
|---|
| | | //update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题 |
|---|
| | | //前端密码加密,后端进行密码解密 |
|---|
| | | //password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密 |
|---|
| | |
|---|
| | | //1. 校验用户是否有效 |
|---|
| | | //update-begin-author:wangshuai date:20200601 for: 登录代码验证用户是否注销bug,if条件永远为false |
|---|
| | | LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>(); |
|---|
| | | queryWrapper.eq(SysUser::getUsername,username); |
|---|
| | | if (StringUtils.isNotBlank(workNo)) { |
|---|
| | | queryWrapper.eq(SysUser::getWorkNo,workNo); |
|---|
| | | }else { |
|---|
| | | queryWrapper.eq(SysUser::getUsername,username); |
|---|
| | | } |
|---|
| | | SysUser sysUser = sysUserService.getOne(queryWrapper); |
|---|
| | | //update-end-author:wangshuai date:20200601 for: 登录代码验证用户是否注销bug,if条件永远为false |
|---|
| | | result = sysUserService.checkUserIsEffective(sysUser); |
|---|
| | |
|---|
| | | return result; |
|---|
| | | } |
|---|
| | | |
|---|
| | | //校验操作工终端登录账号是否为操作工 |
|---|
| | | if (TERMINAL.equals(loginType) && !PCR0001.equals(sysUser.getPost())) { |
|---|
| | | result.error500("当前登录账号岗位非操作工,请调整岗位或切换操作工账号登录"); |
|---|
| | | return result; |
|---|
| | | } |
|---|
| | | |
|---|
| | | username = sysUser.getUsername(); |
|---|
| | | //2. 校验用户名或密码是否正确 |
|---|
| | | String userpassword = PasswordUtil.encrypt(username, password, sysUser.getSalt()); |
|---|
| | | String userpassword = StringUtils.isBlank(workNo) ? PasswordUtil.encrypt(username, password, sysUser.getSalt()) : StringPool.EMPTY; |
|---|
| | | String syspassword = sysUser.getPassword(); |
|---|
| | | if (!syspassword.equals(userpassword)) { |
|---|
| | | if (StringUtils.isBlank(workNo) && !syspassword.equals(userpassword)) { |
|---|
| | | // 获取用户失败最大次数 |
|---|
| | | //Integer maxAttempts = CommonConstant.MAX_ATTEMPTS; |
|---|
| | | List<DictModel> dictModels = sysDictService.queryEnableDictItemsByCode(CommonConstant.DICT_MAX_ATTEMPTS); |
|---|
