/** 重写父类方法,当登录失败次数大于allowLoginNum(允许登录次)时,将显示验证码 */ @Override protected boolean onLoginFailure( AuthenticationToken token, AuthenticationException e, ServletRequest request, ServletResponse response) { if (e instanceof CaptchaValidationException) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } else if (e instanceof IncorrectCredentialsException) { // 消息友好提示 e = new IncorrectCredentialsException("登录账号或密码不正确"); // 失败记录 SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); if (authAccount != null) { authAccount.setLogonTimes(authAccount.getLogonTimes() + 1); authAccount.setLastLogonFailureTime(DateUtils.currentDate()); authAccount.setLogonFailureTimes(authAccount.getLogonFailureTimes() + 1); userService.save(authAccount); // 达到验证失败次数限制,传递标志属性,登录界面显示验证码输入 if (authAccount.getLogonFailureTimes() > LOGON_FAILURE_LIMIT) { request.setAttribute(KEY_AUTH_CAPTCHA_REQUIRED, Boolean.TRUE); } } } return super.onLoginFailure(token, e, request, response); }
protected AuthenticationToken createToken( String username, String password, ServletRequest request, ServletResponse response) { boolean rememberMe = isRememberMe(request); String host = getHost(request); SourceUsernamePasswordToken token = new SourceUsernamePasswordToken(username, password, rememberMe, host); String source = request.getParameter("source"); // 获取设备ID标识 String uuid = request.getParameter("uuid"); token.setUuid(uuid); if (StringUtils.isNotBlank(source)) { token.setSource(Enum.valueOf(AuthSourceEnum.class, source)); } else { if (isMobileAppAccess(request)) { token.setSource(AuthSourceEnum.P); } } return token; }
/** 重写父类方法,当登录成功后,重置失败标志 */ @Override protected boolean onLoginSuccess( AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception { HttpServletResponse httpServletResponse = (HttpServletResponse) response; HttpServletRequest httpServletRequest = (HttpServletRequest) request; SourceUsernamePasswordToken sourceUsernamePasswordToken = (SourceUsernamePasswordToken) token; User authAccount = userService.findByAuthTypeAndAuthUid( User.AuthTypeEnum.SYS, sourceUsernamePasswordToken.getUsername()); Date now = DateUtils.currentDate(); // 更新Access Token,并设置半年后过期 if (StringUtils.isBlank(authAccount.getAccessToken()) || authAccount.getAccessTokenExpireTime().before(now)) { authAccount.setAccessToken(UUID.randomUUID().toString()); authAccount.setAccessTokenExpireTime( new DateTime(DateUtils.currentDate()).plusMonths(6).toDate()); userService.save(authAccount); } // 写入登入记录信息 UserLogonLog userLogonLog = new UserLogonLog(); userLogonLog.setLogonTime(DateUtils.currentDate()); userLogonLog.setLogonYearMonthDay(DateUtils.formatDate(userLogonLog.getLogoutTime())); userLogonLog.setRemoteAddr(httpServletRequest.getRemoteAddr()); userLogonLog.setRemoteHost(httpServletRequest.getRemoteHost()); userLogonLog.setRemotePort(httpServletRequest.getRemotePort()); userLogonLog.setLocalAddr(httpServletRequest.getLocalAddr()); userLogonLog.setLocalName(httpServletRequest.getLocalName()); userLogonLog.setLocalPort(httpServletRequest.getLocalPort()); userLogonLog.setServerIP(IPAddrFetcher.getGuessUniqueIP()); userLogonLog.setHttpSessionId(httpServletRequest.getSession().getId()); userLogonLog.setUserAgent(httpServletRequest.getHeader("User-Agent")); userLogonLog.setXforwardFor(IPAddrFetcher.getRemoteIpAddress(httpServletRequest)); userLogonLog.setAuthType(authAccount.getAuthType()); userLogonLog.setAuthUid(authAccount.getAuthUid()); userLogonLog.setAuthGuid(authAccount.getAuthGuid()); userService.userLogonLog(authAccount, userLogonLog); if (isMobileAppAccess(request)) { return true; } else { // 根据不同登录类型转向不同成功界面 AuthUserDetails authUserDetails = AuthContextHolder.getAuthUserDetails(); // 判断密码是否已到期,如果是则转向密码修改界面 Date credentialsExpireTime = authAccount.getCredentialsExpireTime(); if (credentialsExpireTime != null && credentialsExpireTime.before(DateUtils.currentDate())) { httpServletResponse.sendRedirect( httpServletRequest.getContextPath() + authUserDetails.getUrlPrefixBySource() + "/profile/credentials-expire"); return false; } // 如果是强制转向指定successUrl则清空SavedRequest if (forceSuccessUrl) { WebUtils.getAndClearSavedRequest(httpServletRequest); } return super.onLoginSuccess(token, subject, request, httpServletResponse); } }