sccg_server.git

			@@ -1,6 +1,7 @@
			package com.ycl.service.user.impl;

			import cn.hutool.core.collection.CollUtil;
			import cn.hutool.core.date.DateTime;
			import cn.hutool.core.util.PageUtil;
			import cn.hutool.core.util.StrUtil;
			import com.alibaba.druid.sql.PagerUtils;
			@@ -49,6 +50,7 @@
			import javax.annotation.Resource;
			import javax.servlet.http.HttpServletRequest;
			import java.text.SimpleDateFormat;
			import java.time.LocalDateTime;
			import java.util.*;
			import java.util.function.Consumer;
			import java.util.stream.Collectors;
			@@ -258,12 +260,31 @@
			//密码需要客户端加密后传递
			try {
			AdminUserDetails userDetails = (AdminUserDetails) loadUserByUsername(username);

			UmsAdmin admin = userDetails.getUmsAdmin();
			LocalDateTime nowTime = LocalDateTime.now();
			nowTime = nowTime.plusMinutes(-15);
			if (admin.getPasswordErrorNum() != null && admin.getPasswordErrorNum() >= 5
			&& admin.getPasswordErrorLastTime().isAfter(nowTime)) {
			admin.setPasswordErrorLastTime(LocalDateTime.now());
			updateById(admin);
			Asserts.fail("登录失败超过5次，此账号被锁定，请15分钟后再试。");
			}
			if (!passwordEncoder.matches(password, userDetails.getPassword())) {
			if (admin.getPasswordErrorNum() == null) {
			admin.setPasswordErrorNum(1);
			} else {
			admin.setPasswordErrorNum(admin.getPasswordErrorNum() + 1);
			}
			admin.setPasswordErrorLastTime(LocalDateTime.now());
			updateById(admin);
			Asserts.fail("密码不正确");
			}
			if (!userDetails.isEnabled()) {
			Asserts.fail("帐号已被禁用");
			}
			admin.setPasswordErrorNum(0);
			updateById(admin);

			UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities());
			SecurityContextHolder.getContext().setAuthentication(authentication);
			@@ -430,7 +451,7 @@
			List<UmsMenu> resourceList = getResourceList(admin.getId());
			return new AdminUserDetails(admin, resourceList);
			}
			throw new UsernameNotFoundException("用户名或密码错误");
			throw new UsernameNotFoundException("用户不存在");
			}

			@Override