|
|
|
@ -1,6 +1,7 @@
|
|
|
|
package com.tamguo.config.shiro;
|
|
|
|
package com.tamguo.config.shiro;
|
|
|
|
|
|
|
|
|
|
|
|
import java.util.Set;
|
|
|
|
import java.util.Set;
|
|
|
|
|
|
|
|
|
|
|
|
import org.apache.shiro.authc.AuthenticationException;
|
|
|
|
import org.apache.shiro.authc.AuthenticationException;
|
|
|
|
import org.apache.shiro.authc.AuthenticationInfo;
|
|
|
|
import org.apache.shiro.authc.AuthenticationInfo;
|
|
|
|
import org.apache.shiro.authc.AuthenticationToken;
|
|
|
|
import org.apache.shiro.authc.AuthenticationToken;
|
|
|
|
@ -12,61 +13,87 @@ import org.apache.shiro.authz.AuthorizationInfo;
|
|
|
|
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
|
|
|
import org.apache.shiro.authz.SimpleAuthorizationInfo;
|
|
|
|
import org.apache.shiro.crypto.hash.Sha256Hash;
|
|
|
|
import org.apache.shiro.crypto.hash.Sha256Hash;
|
|
|
|
import org.apache.shiro.realm.AuthorizingRealm;
|
|
|
|
import org.apache.shiro.realm.AuthorizingRealm;
|
|
|
|
import org.apache.shiro.subject.PrincipalCollection;
|
|
|
|
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
|
|
|
|
|
|
|
|
import com.tamguo.modules.member.model.MemberEntity;
|
|
|
|
import com.tamguo.modules.member.model.MemberEntity;
|
|
|
|
import com.tamguo.modules.member.service.IMemberService;
|
|
|
|
import com.tamguo.modules.member.service.IMemberService;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* 认证
|
|
|
|
* 认证 Realm 类
|
|
|
|
*
|
|
|
|
*
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
public class MemberRealm extends AuthorizingRealm {
|
|
|
|
public class MemberRealm extends AuthorizingRealm {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 依赖注入 MemberService 实例
|
|
|
|
@Autowired
|
|
|
|
@Autowired
|
|
|
|
private IMemberService iMemberService;
|
|
|
|
private IMemberService iMemberService;
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* 授权(验证权限时调用)
|
|
|
|
* 授权方法(验证权限时调用)
|
|
|
|
*/
|
|
|
|
*
|
|
|
|
|
|
|
|
* @param principals 主体集合
|
|
|
|
|
|
|
|
* @return 授权信息
|
|
|
|
|
|
|
|
*/
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
|
|
|
|
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
|
|
|
|
Set<String > permsSet = null;
|
|
|
|
// 权限集合
|
|
|
|
|
|
|
|
Set<String> permsSet = null;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 创建简单授权信息对象
|
|
|
|
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
|
|
|
|
SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 设置权限集合
|
|
|
|
info.setStringPermissions(permsSet);
|
|
|
|
info.setStringPermissions(permsSet);
|
|
|
|
|
|
|
|
|
|
|
|
return info;
|
|
|
|
return info;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
/**
|
|
|
|
* 认证(登录时调用)
|
|
|
|
* 认证方法(登录时调用)
|
|
|
|
|
|
|
|
*
|
|
|
|
|
|
|
|
* @param token 认证令牌
|
|
|
|
|
|
|
|
* @return 认证信息
|
|
|
|
|
|
|
|
* @throws AuthenticationException 认证异常
|
|
|
|
*/
|
|
|
|
*/
|
|
|
|
@Override
|
|
|
|
@Override
|
|
|
|
protected AuthenticationInfo doGetAuthenticationInfo(
|
|
|
|
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
|
|
|
|
AuthenticationToken token) throws AuthenticationException {
|
|
|
|
// 获取用户名
|
|
|
|
String username = (String) token.getPrincipal();
|
|
|
|
String username = (String) token.getPrincipal();
|
|
|
|
String password = new String((char[]) token.getCredentials());
|
|
|
|
|
|
|
|
|
|
|
|
// 获取密码
|
|
|
|
MemberEntity member = iMemberService.findByUsername(username);
|
|
|
|
String password = new String((char[]) token.getCredentials());
|
|
|
|
if(member == null) {
|
|
|
|
|
|
|
|
throw new UnknownAccountException("用户名或密码有误,请重新输入或找回密码");
|
|
|
|
// 根据用户名查询 MemberEntity 对象
|
|
|
|
}
|
|
|
|
MemberEntity member = iMemberService.findByUsername(username);
|
|
|
|
Integer loginFailureCount = iMemberService.getLoginFailureCount(member);
|
|
|
|
|
|
|
|
if(loginFailureCount > 10) {
|
|
|
|
// 如果用户不存在
|
|
|
|
throw new LockedAccountException("账号被锁定");
|
|
|
|
if (member == null) {
|
|
|
|
}
|
|
|
|
throw new UnknownAccountException("用户名或密码有误,请重新输入或找回密码");
|
|
|
|
|
|
|
|
}
|
|
|
|
if(!new Sha256Hash(password).toHex().equals(member.getPassword())){
|
|
|
|
|
|
|
|
|
|
|
|
// 获取登录失败次数
|
|
|
|
|
|
|
|
Integer loginFailureCount = iMemberService.getLoginFailureCount(member);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 如果登录失败次数大于 10
|
|
|
|
|
|
|
|
if (loginFailureCount > 10) {
|
|
|
|
|
|
|
|
throw new LockedAccountException("账号被锁定");
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
// 如果密码不匹配
|
|
|
|
|
|
|
|
if (!new Sha256Hash(password).toHex().equals(member.getPassword())) {
|
|
|
|
loginFailureCount++;
|
|
|
|
loginFailureCount++;
|
|
|
|
iMemberService.updateLoginFailureCount(member , loginFailureCount);
|
|
|
|
iMemberService.updateLoginFailureCount(member, loginFailureCount);
|
|
|
|
|
|
|
|
|
|
|
|
throw new IncorrectCredentialsException("用户名或密码有误,请重新输入或找回密码");
|
|
|
|
throw new IncorrectCredentialsException("用户名或密码有误,请重新输入或找回密码");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// 更新登录时间
|
|
|
|
// 更新登录时间
|
|
|
|
iMemberService.updateLastLoginTime(member.getId());
|
|
|
|
iMemberService.updateLastLoginTime(member.getId());
|
|
|
|
|
|
|
|
|
|
|
|
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(member, password, getName());
|
|
|
|
|
|
|
|
return info;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
// 创建简单认证信息对象
|
|
|
|
|
|
|
|
SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(member, password, getName());
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
return info;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
}
|
