@Override
  protected boolean executeLogin(ServletRequest request, ServletResponse response)
      throws Exception {
    SourceUsernamePasswordToken token =
        (SourceUsernamePasswordToken) createToken(request, response);
    try {
      String username = getUsername(request);
      // 写入登录账号名称用于回显
      request.setAttribute(KEY_AUTH_USERNAME_VALUE, username);

      User authAccount = userService.findByAuthTypeAndAuthUid(User.AuthTypeEnum.SYS, username);
      if (authAccount != null) {

        // 失败LOGON_FAILURE_LIMIT次,强制要求验证码验证
        if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) {
          String captcha = request.getParameter(captchaParam);
          if (StringUtils.isBlank(captcha)
              || !ImageCaptchaServlet.validateResponse((HttpServletRequest) request, captcha)) {
            throw new CaptchaValidationException("验证码不正确");
          }
        }

        Subject subject = getSubject(request, response);
        subject.login(token);
        return onLoginSuccess(token, subject, request, response);
      } else {
        return onLoginFailure(token, new UnknownAccountException("登录账号或密码不正确"), request, response);
      }
    } catch (AuthenticationException e) {
      return onLoginFailure(token, e, request, response);
    }
  }
  /** 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码 */
  @Override
  protected boolean onLoginFailure(
      AuthenticationToken token,
      AuthenticationException e,
      ServletRequest request,
      ServletResponse response) {
    if (e instanceof CaptchaValidationException) {
      request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
    } else if (e instanceof IncorrectCredentialsException) {
      // 消息友好提示
      e = new IncorrectCredentialsException("登录账号或密码不正确");
      // 失败记录
      SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token;
      User authAccount =
          userService.findByAuthTypeAndAuthUid(
              User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername());
      if (authAccount != null) {
        authAccount.setLogonTimes(authAccount.getLogonTimes() + 1);
        authAccount.setLastLogonFailureTime(DateUtils.currentDate());
        authAccount.setLogonFailureTimes(authAccount.getLogonFailureTimes() + 1);
        userService.save(authAccount);

        // 达到验证失败次数限制,传递标志属性,登录界面显示验证码输入
        if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) {
          request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
        }
      }
    }
    return super.onLoginFailure(token, e, request, response);
  }
Esempio n. 3
0
  /**
   * 消息推送处理
   *
   * @param entity
   */
  public void pushMessage(UserMessage entity) {
    // 定向用户消息处理
    User targetUser = entity.getTargetUser();

    // 邮件推送处理
    if (entity.getEmailPush() && entity.getEmailPushTime() == null) {
      String email = targetUser.getEmail();
      if (StringUtils.isNotBlank(email)) {
        mailService.sendHtmlMail(entity.getTitle(), entity.getMessage(), true, email);
        entity.setEmailPushTime(DateUtils.currentDate());
      }
    }

    // 短信推送处理
    if (entity.getSmsPush() && entity.getSmsPushTime() == null) {
      if (smsService != null) {
        String mobileNum = targetUser.getMobile();
        if (StringUtils.isNotBlank(mobileNum)) {
          String errorMessage =
              smsService.sendSMS(entity.getNotification(), mobileNum, SmsMessageTypeEnum.Default);
          if (StringUtils.isBlank(errorMessage)) {
            entity.setSmsPushTime(DateUtils.currentDate());
          }
        }
      } else {
        logger.warn("SmsService implement NOT found.");
      }
    }

    // APP推送
    if (entity.getAppPush() && entity.getAppPushTime() == null) {
      if (messagePushService != null) {
        Boolean pushResult = messagePushService.sendPush(entity);
        if (pushResult == null || pushResult) {
          entity.setAppPushTime(DateUtils.currentDate());
        }
      } else {
        logger.warn("MessagePushService implement NOT found.");
      }
    }

    userMessageDao.save(entity);
  }
  /** 重写父类方法,当登录成功后,重置失败标志 */
  @Override
  protected boolean onLoginSuccess(
      AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response)
      throws Exception {
    HttpServletResponse httpServletResponse = (HttpServletResponse) response;
    HttpServletRequest httpServletRequest = (HttpServletRequest) request;

    SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token;
    User authAccount =
        userService.findByAuthTypeAndAuthUid(
            User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername());
    Date now = DateUtils.currentDate();

    // 更新Access Token,并设置半年后过期
    if (StringUtils.isBlank(authAccount.getAccessToken())
        || authAccount.getAccessTokenExpireTime().before(now)) {
      authAccount.setAccessToken(UUID.randomUUID().toString());
      authAccount.setAccessTokenExpireTime(
          new DateTime(DateUtils.currentDate()).plusMonths(6).toDate());
      userService.save(authAccount);
    }

    // 写入登入记录信息
    UserLogonLog userLogonLog = new UserLogonLog();
    userLogonLog.setLogonTime(DateUtils.currentDate());
    userLogonLog.setLogonYearMonthDay(DateUtils.formatDate(userLogonLog.getLogoutTime()));
    userLogonLog.setRemoteAddr(httpServletRequest.getRemoteAddr());
    userLogonLog.setRemoteHost(httpServletRequest.getRemoteHost());
    userLogonLog.setRemotePort(httpServletRequest.getRemotePort());
    userLogonLog.setLocalAddr(httpServletRequest.getLocalAddr());
    userLogonLog.setLocalName(httpServletRequest.getLocalName());
    userLogonLog.setLocalPort(httpServletRequest.getLocalPort());
    userLogonLog.setServerIP(IPAddrFetcher.getGuessUniqueIP());
    userLogonLog.setHttpSessionId(httpServletRequest.getSession().getId());
    userLogonLog.setUserAgent(httpServletRequest.getHeader("User-Agent"));
    userLogonLog.setXforwardFor(IPAddrFetcher.getRemoteIpAddress(httpServletRequest));
    userLogonLog.setAuthType(authAccount.getAuthType());
    userLogonLog.setAuthUid(authAccount.getAuthUid());
    userLogonLog.setAuthGuid(authAccount.getAuthGuid());
    userService.userLogonLog(authAccount, userLogonLog);

    if (isMobileAppAccess(request)) {
      return true;
    } else {
      // 根据不同登录类型转向不同成功界面
      AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails();

      // 判断密码是否已到期,如果是则转向密码修改界面
      Date credentialsExpireTime = authAccount.getCredentialsExpireTime();
      if (credentialsExpireTime != null && credentialsExpireTime.before(DateUtils.currentDate())) {
        httpServletResponse.sendRedirect(
            httpServletRequest.getContextPath()
                + authUserDetails.getUrlPrefixBySource()
                + "/profile/credentials-expire");
        return false;
      }

      // 如果是强制转向指定successUrl则清空SavedRequest
      if (forceSuccessUrl) {
        WebUtils.getAndClearSavedRequest(httpServletRequest);
      }

      return super.onLoginSuccess(token, subject, request, httpServletResponse);
    }
  }