diff --git a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java index bf4b6d5..4f3c73d 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java +++ b/bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java @@ -35,8 +35,7 @@ public class TokenController private SysLoginService sysLoginService; @PostMapping("login") - public R login(@RequestBody LoginBody form) - { + public R login(@RequestBody LoginBody form) { // 用户登录 LoginUser userInfo = sysLoginService.login(form.getUsername(), form.getPassword()); // 获取登录token diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java index be525c1..a73e7ec 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysLoginService.java @@ -1,6 +1,7 @@ package com.bonus.auth.service; import com.bonus.common.core.constant.*; +import org.apache.ibatis.jdbc.Null; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import com.bonus.common.core.domain.R; @@ -15,6 +16,8 @@ import com.bonus.system.api.RemoteUserService; import com.bonus.system.api.domain.SysUser; import com.bonus.system.api.model.LoginUser; +import java.util.concurrent.TimeUnit; + /** * 登录校验方法 * @@ -40,52 +43,61 @@ public class SysLoginService */ public LoginUser login(String username, String password) { // 用户名或密码为空 错误 + long startTime = System.currentTimeMillis(); if (StringUtils.isAnyBlank(username, password)) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户名/密码为空","用户名/密码必须填写",null,null); + recordLogService.saveLogs(username, startTime, "用户名/密码为空","用户名/密码必须填写",null,null); throw new ServiceException("用户名/密码必须填写"); } // 密码如果不在指定范围内 错误 if (password.length() < ValidateUtils.MIN_LENGTH || password.length() > ValidateUtils.MAX_LENGTH) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "密码格式不正确","用户名/密码格式不正确",null,null); + recordLogService.saveLogs(username,startTime, "密码格式不正确","用户名/密码格式不正确",null,null); throw new ServiceException("用户名/密码格式不正确"); } // 用户名不在指定范围内 错误 if (username.length() < UserConstants.USERNAME_MIN_LENGTH || username.length() > UserConstants.USERNAME_MAX_LENGTH) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户名格式不正确","用户名/密码格式不正确",null,null); + recordLogService.saveLogs(username, startTime, "用户名格式不正确","用户名/密码格式不正确",null,null); throw new ServiceException("用户名/密码格式不正确"); } // IP黑名单校验 String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST)); if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "访问IP已被列入系统黑名单","很遗憾,访问IP已被列入系统黑名单",null,null); + recordLogService.saveLogs(username, startTime, "访问IP已被列入系统黑名单","很遗憾,访问IP已被列入系统黑名单",null,null); throw new ServiceException("很遗憾,访问IP已被列入系统黑名单"); } // 查询用户信息 R userResult = remoteUserService.getUserInfo(username, SecurityConstants.INNER); if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "登录用户不存在","用户名/密码错误",null,null); + recordLogService.saveLogs(username,startTime, "登录用户不存在","用户名/密码错误",null,null); throw new ServiceException("用户名/密码错误"); } if (R.FAIL == userResult.getCode()) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "系统错误",userResult.getMsg(),null,null); + recordLogService.saveLogs(username, startTime, "系统错误",userResult.getMsg(),null,null); throw new ServiceException(userResult.getMsg()); } LoginUser userInfo = userResult.getData(); SysUser user = userResult.getData().getSysUser(); if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "账号已被删除","用户不存在",null,null); + recordLogService.saveLogs(username, startTime, "账号已被删除","用户不存在",null,null); throw new ServiceException("用户不存在"); } if (UserStatus.DISABLE.getCode().equals(user.getStatus())) { - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户已停用","用户不存在",null,null); + recordLogService.saveLogs(username, startTime, "用户已停用","用户不存在",null,null); throw new ServiceException("用户不存在"); } - passwordService.validate(user, password); - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "登陆成功","登陆成功",user.getUserId().toString(),"登陆成功"); + passwordService.validate(user, password,startTime); + //登录成功 5分钟 会进行ip校验 + String nowIp=IpUtils.getIpAddr(); + Long times= 5L; + String hisIp=redisService.getCacheObject("IP:"+user.getUserId().toString()); + if(StringUtils.isNotEmpty(nowIp) && !nowIp.equals(hisIp)){ + recordLogService.saveErrorLogs(username, startTime,user.getUserId().toString()); + } + redisService.setCacheObject("IP:"+user.getUserId().toString(),nowIp,times, TimeUnit.MINUTES); + recordLogService.saveLogs(username, startTime, "登陆成功","登陆成功",user.getUserId().toString(),"登陆成功"); return userInfo; } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java index 0968d21..46f5e00 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysPasswordService.java @@ -39,7 +39,7 @@ public class SysPasswordService return CacheConstants.PWD_ERR_CNT_KEY + username; } - public void validate(SysUser user, String password) { + public void validate(SysUser user, String password,long startTime) { String username = user.getUserName(); Integer retryCount = redisService.getCacheObject(getCacheKey(username)); if (retryCount == null) { @@ -50,12 +50,12 @@ public class SysPasswordService long time=redisService.getExpire(getCacheKey(username)); long times=time/60 +1; String errMsg = String.format("密码输入错误%s次,帐户锁定,请%s分钟后重试", maxRetryCount, times); - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "用户账号锁定","用户账号已锁定,请"+times+"后重试",null,null); + recordLogService.saveLogs(username, startTime, "用户账号锁定","用户账号已锁定,请"+times+"后重试",null,null); throw new ServiceException(errMsg); } if (!matches(user, password)) { retryCount = retryCount + 1; - recordLogService.saveLogs(username, Constants.LOGIN_FAIL, "密码输入错误","用户不存在/密码错误",null,null); + recordLogService.saveLogs(username,startTime, "密码输入错误","用户不存在/密码错误",null,null); redisService.setCacheObject(getCacheKey(username), retryCount, lockTime, TimeUnit.MINUTES); throw new ServiceException("用户不存在/密码错误"); } diff --git a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java index 101b33b..e02ac79 100644 --- a/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java +++ b/bonus-auth/src/main/java/com/bonus/auth/service/SysRecordLogService.java @@ -58,11 +58,12 @@ public class SysRecordLogService * 记录登录信息 * * @param username 用户名 - * @param status 状态 + * @param * @param message 消息内容 * @return */ - public void saveLogs(String username, String status, String message,String resultData,String userId,String result) { + public void saveLogs(String username, long startTime, String message,String resultData,String userId,String result) { + long endTime = System.currentTimeMillis(); SysLogsVo sysLogsVo = new SysLogsVo(); String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); sysLogsVo.setLogId(uuid); @@ -89,17 +90,58 @@ public class SysRecordLogService sysLogsVo.setTitle("系统登陆"); sysLogsVo.setResultData(resultData); try{ + long times=endTime-startTime; + sysLogsVo.setTimes(times+""); remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); }catch (Exception e){ log.error(e.toString(),e); } } - + /** + * 记录IP异常信息 + * + * @param username 用户名 + * @param + * @param + * @return + */ + public void saveErrorLogs(String username, long startTime,String userId) { + long endTime = System.currentTimeMillis(); + SysLogsVo sysLogsVo = new SysLogsVo(); + sysLogsVo.setGrade("高"); + String uuid= UUID.randomUUID().toString().replace("-","").toUpperCase(); + sysLogsVo.setOperaType("登陆"); + sysLogsVo.setOperaUri("/login"); + sysLogsVo.setLogType(2); + sysLogsVo.setResult("成功"); + if (StringUtils.isNotEmpty(userId)){ + sysLogsVo.setUserId(userId); + } + sysLogsVo.setResultData("用户登陆成功"); + sysLogsVo.setTitle("系统登陆"); + sysLogsVo.setModel("系统登陆"); + sysLogsVo.setOperaTime(DateUtils.getTime()); + sysLogsVo.setMethodType(SystemGlobal.POST); + sysLogsVo.setMethod("login()"); + sysLogsVo.setLogId(uuid); + sysLogsVo.setOperaUserName(username); + sysLogsVo.setIp(IpUtils.getIpAddr()); + sysLogsVo.setParams("{\"username\":\""+username+"\"}"); + sysLogsVo.setOperateDetail("用户登陆系统"); + sysLogsVo.setErrType("IP异常"); + try{ + long times=endTime-startTime; + sysLogsVo.setTimes(times+""); + remoteLogService.addLogs(sysLogsVo, SecurityConstants.INNER); + }catch (Exception e){ + log.error(e.toString(),e); + } + } /** * 记录登录信息 * * @param username 用户名 - * @param status 状态 + * @param * @param message 消息内容 * @return */