bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

用户登录问题修改

This commit is contained in:
jiang 2024-11-11 16:17:20 +08:00
parent 0626b9c47d
commit 2635e025ca
6 changed files with 112 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
bonus-auth/src/main/java/com/bonus/auth/service/EmailOtpLoginStrategy.java
View File

@ -39,6 +39,7 @@ public class EmailOtpLoginStrategy implements LoginStrategy {
passwordValidatorService.validateApprovalStatus(email, user);
// 验证用户状态
passwordValidatorService.validateUserStatus(email, user);
passwordValidatorService.ipFilter(user);
//返回信息
return userInfo;
}

1
bonus-auth/src/main/java/com/bonus/auth/service/EmailPasswordLoginStrategy.java
View File

@ -48,6 +48,7 @@ public class EmailPasswordLoginStrategy implements LoginStrategy {
passwordService.validate(user, password, System.currentTimeMillis());
//校验用户启用状态
passwordValidatorService.validateUserStatus(user.getUserName(), user);
passwordValidatorService.ipFilter(user);
//返回信息
return userInfo;
}

105
bonus-auth/src/main/java/com/bonus/auth/service/PasswordValidatorService.java
View File

@ -1,7 +1,6 @@
package com.bonus.auth.service;
import com.bonus.common.core.constant.CacheConstants;
import com.bonus.common.core.constant.SecurityConstants;
import com.bonus.common.core.constant.UserConstants;
import com.bonus.common.core.domain.R;
import com.bonus.common.core.enums.UserStatus;
@ -16,9 +15,16 @@ import com.bonus.config.SystemConfig;
import com.bonus.system.api.RemoteUserService;
import com.bonus.system.api.domain.SysUser;
import com.bonus.system.api.model.LoginUser;
import org.apache.commons.lang3.ObjectUtils;
import org.springframework.stereotype.Component;
import javax.annotation.Resource;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.time.LocalDateTime;
import java.time.format.DateTimeFormatter;
import java.util.List;
import java.util.Map;
import java.util.concurrent.TimeUnit;
@Component
@ -274,6 +280,103 @@ public class PasswordValidatorService {
}
}
public void ipFilter(SysUser user){
List<Map<String,Object>> cacheList = redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST);
// 获取客户端的 IP 地址
String ip = IpUtils.getIpAddr();
for (Map<String,Object> map : cacheList) {
String ipAddress = map.containsKey("ipAddress") ? map.get("ipAddress").toString() : null;
String ipRangeEnd = map.containsKey("ipRangeEnd") ?map.get("ipRangeEnd").toString(): null;
String ipRangeStart = map.containsKey("ipRangeStart")?map.get("ipRangeStart").toString():null;
String accessStartTime =map.containsKey("accessStartTime")? map.get("accessStartTime").toString():null;
String accessEndTime = map.containsKey("accessEndTime")?map.get("accessEndTime").toString():null;
if (ObjectUtils.isEmpty(ipAddress)){
if (isIpInRange(ip, ipRangeStart, ipRangeEnd)){
if (ObjectUtils.isNotEmpty(accessStartTime)){
boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime);
if (!currentTimeInRange){
// 异常处理
}else {
//正常处理
}
}else {
//正常处理
}
}
}else {
if (ipAddress.equals(ip)){
if (ObjectUtils.isNotEmpty(accessStartTime)){
boolean currentTimeInRange = isCurrentTimeInRange(accessStartTime, accessEndTime);
if (!currentTimeInRange){
// 异常处理
}else {
//正常处理
}
}else {
//正常处理
}
}
}
}
//异常处理
}
/**
* 检查给定的IP地址是否在指定的网段区间内
*
* @param ip 要检查的IP地址例如 "192.168.1.10"
* @param startIp 区间开始的IP地址例如 "192.168.1.0"
* @param endIp 区间结束的IP地址例如 "192.168.1.255"
* @return true 如果IP在区间内否则返回 false
*/
public static boolean isIpInRange(String ip, String startIp, String endIp) {
try {
// IP 地址起始 IP 和结束 IP 转换为整数
long ipToCheck = ipToLong(InetAddress.getByName(ip));
long start = ipToLong(InetAddress.getByName(startIp));
long end = ipToLong(InetAddress.getByName(endIp));
// 检查 IP 是否在区间内
return ipToCheck >= start && ipToCheck <= end;
} catch (UnknownHostException e) {
e.printStackTrace();
return false;
}
}
/**
* 将IP地址转换为整数
*
* @param inetAddress IP地址对象
* @return 转换后的长整数
*/
private static long ipToLong(InetAddress inetAddress) {
byte[] octets = inetAddress.getAddress();
long result = 0;
for (byte octet : octets) {
result = (result << 8) | (octet & 0xFF);
}
return result;
}
public static boolean isCurrentTimeInRange(String startDateTime, String endDateTime) {
// 定义日期时间格式
DateTimeFormatter formatter = DateTimeFormatter.ofPattern("yyyy-MM-dd HH:mm:ss");
// 将字符串转换为 LocalDateTime
LocalDateTime start = LocalDateTime.parse(startDateTime, formatter);
LocalDateTime end = LocalDateTime.parse(endDateTime, formatter);
// 获取当前日期和时间
LocalDateTime currentDateTime = LocalDateTime.now();
// 检查当前日期和时间是否在指定的范围内
return !currentDateTime.isBefore(start) && !currentDateTime.isAfter(end);
}
public void validateApprovalStatus(String username, SysUser user) {
if ("0".equals(user.getApprovalStatus())) {
logAndThrowError(username, "账号未审批", "用户不存在");

2
bonus-auth/src/main/java/com/bonus/auth/service/PhoneOtpLoginStrategy.java
View File

@ -41,6 +41,8 @@ public class PhoneOtpLoginStrategy implements LoginStrategy {
passwordValidatorService.validateApprovalStatus(phone, user);
// 验证用户状态
passwordValidatorService.validateUserStatus(phone, user);
passwordValidatorService.ipFilter(user);
//返回信息
return userInfo;
}

2
bonus-auth/src/main/java/com/bonus/auth/service/PhonePasswordLoginStrategy.java
View File

@ -50,6 +50,8 @@ public class PhonePasswordLoginStrategy implements LoginStrategy {
passwordService.validate(user, password, System.currentTimeMillis());
//校验用户启用状态
passwordValidatorService.validateUserStatus(user.getUserName(), user);
passwordValidatorService.ipFilter(user);
//返回信息
return userInfo;
}

2
bonus-auth/src/main/java/com/bonus/auth/service/UsernamePasswordLoginStrategy.java
View File

@ -50,6 +50,8 @@ public class UsernamePasswordLoginStrategy implements LoginStrategy {
passwordService.validate(user, password, System.currentTimeMillis());
// 处理IP校验
passwordValidatorService.handleIpValidation(username, user);
passwordValidatorService.ipFilter(user);
//返回信息
return userInfo;
}