/** 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码 */
@Override
protected boolean onLoginFailure(
AuthenticationToken token,
AuthenticationException e,
ServletRequest request,
ServletResponse response) {
if (e instanceof CaptchaValidationException) {
request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
} else if (e instanceof IncorrectCredentialsException) {
// 消息友好提示
e = new IncorrectCredentialsException("登录账号或密码不正确");
// 失败记录
SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token;
User authAccount =
userService.findByAuthTypeAndAuthUid(
User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername());
if (authAccount != null) {
authAccount.setLogonTimes(authAccount.getLogonTimes() + 1);
authAccount.setLastLogonFailureTime(DateUtils.currentDate());
authAccount.setLogonFailureTimes(authAccount.getLogonFailureTimes() + 1);
userService.save(authAccount);
// 达到验证失败次数限制,传递标志属性,登录界面显示验证码输入
if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) {
request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE);
}
}
}
return super.onLoginFailure(token, e, request, response);
}
