@Override protected boolean executeLogin(ServletRequest request, ServletResponse response) throws Exception { SourceUsernamePasswordToken token = (SourceUsernamePasswordToken) createToken(request, response); try { String username = getUsername(request); // 写入登录账号名称用于回显 request.setAttribute(KEY_AUTH_USERNAME_VALUE, username); User authAccount = userService.findByAuthTypeAndAuthUid(User.AuthTypeEnum.SYS, username); if (authAccount != null) { // 失败LOGON_FAILURE_LIMIT次,强制要求验证码验证 if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) { String captcha = request.getParameter(captchaParam); if (StringUtils.isBlank(captcha) || !ImageCaptchaServlet.validateResponse((HttpServletRequest) request, captcha)) { throw new CaptchaValidationException("验证码不正确"); } } Subject subject = getSubject(request, response); subject.login(token); return onLoginSuccess(token, subject, request, response); } else { return onLoginFailure(token, new UnknownAccountException("登录账号或密码不正确"), request, response); } } catch (AuthenticationException e) { return onLoginFailure(token, e, request, response); } }
/** 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码 */ @Override protected boolean onLoginFailure( AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { if (e instanceof CaptchaValidationException) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } else if (e instanceof IncorrectCredentialsException) { // 消息友好提示 e = new IncorrectCredentialsException("登录账号或密码不正确"); // 失败记录 SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); if (authAccount != null) { authAccount.setLogonTimes(authAccount.getLogonTimes() + 1); authAccount.setLastLogonFailureTime(DateUtils.currentDate()); authAccount.setLogonFailureTimes(authAccount.getLogonFailureTimes() + 1); userService.save(authAccount); // 达到验证失败次数限制,传递标志属性,登录界面显示验证码输入 if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } } } return super.onLoginFailure(token, e, request, response); }
/** * 消息推送处理 * * @param entity */ public void pushMessage(UserMessage entity) { // 定向用户消息处理 User targetUser = entity.getTargetUser(); // 邮件推送处理 if (entity.getEmailPush() && entity.getEmailPushTime() == null) { String email = targetUser.getEmail(); if (StringUtils.isNotBlank(email)) { mailService.sendHtmlMail(entity.getTitle(), entity.getMessage(), true, email); entity.setEmailPushTime(DateUtils.currentDate()); } } // 短信推送处理 if (entity.getSmsPush() && entity.getSmsPushTime() == null) { if (smsService != null) { String mobileNum = targetUser.getMobile(); if (StringUtils.isNotBlank(mobileNum)) { String errorMessage = smsService.sendSMS(entity.getNotification(), mobileNum, SmsMessageTypeEnum.Default); if (StringUtils.isBlank(errorMessage)) { entity.setSmsPushTime(DateUtils.currentDate()); } } } else { logger.warn("SmsService implement NOT found."); } } // APP推送 if (entity.getAppPush() && entity.getAppPushTime() == null) { if (messagePushService != null) { Boolean pushResult = messagePushService.sendPush(entity); if (pushResult == null || pushResult) { entity.setAppPushTime(DateUtils.currentDate()); } } else { logger.warn("MessagePushService implement NOT found."); } } userMessageDao.save(entity); }
/** 重写父类方法,当登录成功后,重置失败标志 */ @Override protected boolean onLoginSuccess( AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception { HttpServletResponse httpServletResponse = (HttpServletResponse) response; HttpServletRequest httpServletRequest = (HttpServletRequest) request; SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); Date now = DateUtils.currentDate(); // 更新Access Token,并设置半年后过期 if (StringUtils.isBlank(authAccount.getAccessToken()) || authAccount.getAccessTokenExpireTime().before(now)) { authAccount.setAccessToken(UUID.randomUUID().toString()); authAccount.setAccessTokenExpireTime( new DateTime(DateUtils.currentDate()).plusMonths(6).toDate()); userService.save(authAccount); } // 写入登入记录信息 UserLogonLog userLogonLog = new UserLogonLog(); userLogonLog.setLogonTime(DateUtils.currentDate()); userLogonLog.setLogonYearMonthDay(DateUtils.formatDate(userLogonLog.getLogoutTime())); userLogonLog.setRemoteAddr(httpServletRequest.getRemoteAddr()); userLogonLog.setRemoteHost(httpServletRequest.getRemoteHost()); userLogonLog.setRemotePort(httpServletRequest.getRemotePort()); userLogonLog.setLocalAddr(httpServletRequest.getLocalAddr()); userLogonLog.setLocalName(httpServletRequest.getLocalName()); userLogonLog.setLocalPort(httpServletRequest.getLocalPort()); userLogonLog.setServerIP(IPAddrFetcher.getGuessUniqueIP()); userLogonLog.setHttpSessionId(httpServletRequest.getSession().getId()); userLogonLog.setUserAgent(httpServletRequest.getHeader("User-Agent")); userLogonLog.setXforwardFor(IPAddrFetcher.getRemoteIpAddress(httpServletRequest)); userLogonLog.setAuthType(authAccount.getAuthType()); userLogonLog.setAuthUid(authAccount.getAuthUid()); userLogonLog.setAuthGuid(authAccount.getAuthGuid()); userService.userLogonLog(authAccount, userLogonLog); if (isMobileAppAccess(request)) { return true; } else { // 根据不同登录类型转向不同成功界面 AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails(); // 判断密码是否已到期,如果是则转向密码修改界面 Date credentialsExpireTime = authAccount.getCredentialsExpireTime(); if (credentialsExpireTime != null && credentialsExpireTime.before(DateUtils.currentDate())) { httpServletResponse.sendRedirect( httpServletRequest.getContextPath() + authUserDetails.getUrlPrefixBySource() + "/profile/credentials-expire"); return false; } // 如果是强制转向指定successUrl则清空SavedRequest if (forceSuccessUrl) { WebUtils.getAndClearSavedRequest(httpServletRequest); } return super.onLoginSuccess(token, subject, request, httpServletResponse); } }