👍 优化后台登录逻辑

2018-06-02 16:04:31 +08:00 · 2018-06-02 16:04:31 +08:00 · 369f97d375
parent d4ae4614b6
commit 369f97d375
5 changed files with 63 additions and 66 deletions
--- a/src/main/java/cc/ryanc/halo/repository/UserRepository.java
+++ b/src/main/java/cc/ryanc/halo/repository/UserRepository.java
@ -3,8 +3,6 @@ package cc.ryanc.halo.repository;
 import cc.ryanc.halo.model.domain.User;
 import org.springframework.data.jpa.repository.JpaRepository;

-import java.util.List;
-
 /**
 * @author : RYAN0UP
 * @date : 2017/11/14
@ -19,7 +17,7 @@ public interface UserRepository extends JpaRepository<User,Long>{
     * @param userPass userPass
     * @return list
     */
-    List<User> findByUserNameAndUserPass(String userName, String userPass);
+    User findByUserNameAndUserPass(String userName, String userPass);

    /**
     * 根据邮箱和密码查询
@ -28,7 +26,7 @@ public interface UserRepository extends JpaRepository<User,Long>{
     * @param userPass userPass
     * @return list
     */
-    List<User> findByUserEmailAndUserPass(String userEmail,String userPass);
+    User findByUserEmailAndUserPass(String userEmail,String userPass);

    /**
     * 根据用户编号和密码查询
--- a/src/main/java/cc/ryanc/halo/service/UserService.java
+++ b/src/main/java/cc/ryanc/halo/service/UserService.java
@ -3,7 +3,6 @@ package cc.ryanc.halo.service;
 import cc.ryanc.halo.model.domain.User;

 import java.util.Date;
-import java.util.List;

 /**
 * @author : RYAN0UP
@ -26,7 +25,7 @@ public interface UserService {
     * @param userPass userPass
     * @return User
     */
-    List<User> userLoginByName(String userName, String userPass);
+    User userLoginByName(String userName, String userPass);

    /**
     * 根据邮箱和密码查询，用户登录
@ -35,7 +34,7 @@ public interface UserService {
     * @param userPass  userPass
     * @return list
     */
-    List<User> userLoginByEmail(String userEmail, String userPass);
+    User userLoginByEmail(String userEmail, String userPass);

    /**
     * 查询所有用户
@ -63,19 +62,22 @@ public interface UserService {
    /**
     * 修改最后登录时间
     *
-     * @param lastDate lastDate
+     * @param lastDate 最后登录时间
+     * @return User
     */
    User updateUserLoginLast(Date lastDate);

    /**
     * 增加登录错误次数
     *
-     * @param error error
+     * @return 登录错误次数
     */
    Integer updateUserLoginError();

    /**
     * 修改用户的状态为正常
+     *
+     * @return User
     */
    User updateUserNormal();
 }
--- a/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java
+++ b/src/main/java/cc/ryanc/halo/service/impl/UserServiceImpl.java
@ -38,7 +38,7 @@ public class UserServiceImpl implements UserService {
     * @return user
     */
    @Override
-    public List<User> userLoginByName(String userName, String userPass) {
+    public User userLoginByName(String userName, String userPass) {
        return userRepository.findByUserNameAndUserPass(userName, userPass);
    }

@ -50,7 +50,7 @@ public class UserServiceImpl implements UserService {
     * @return list
     */
    @Override
-    public List<User> userLoginByEmail(String userEmail, String userPass) {
+    public User userLoginByEmail(String userEmail, String userPass) {
        return userRepository.findByUserEmailAndUserPass(userEmail, userPass);
    }

@ -96,7 +96,8 @@ public class UserServiceImpl implements UserService {
    /**
     * 修改最后登录时间
     *
-     * @param lastDate lastDate
+     * @param lastDate 最后登录时间
+     * @return User
     */
    @Override
    public User updateUserLoginLast(Date lastDate) {
@ -107,9 +108,9 @@ public class UserServiceImpl implements UserService {
    }

    /**
-     * 修改登录错误次数
+     * 增加登录错误次数
     *
-     * @param error error
+     * @return 登录错误次数
     */
    @Override
    public Integer updateUserLoginError() {
@ -121,6 +122,8 @@ public class UserServiceImpl implements UserService {

    /**
     * 修改用户的状态为正常
+     *
+     * @return User
     */
    @Override
    public User updateUserNormal() {
--- a/src/main/java/cc/ryanc/halo/web/controller/admin/AdminController.java
+++ b/src/main/java/cc/ryanc/halo/web/controller/admin/AdminController.java
@ -5,6 +5,7 @@ import cc.ryanc.halo.model.domain.Logs;
 import cc.ryanc.halo.model.domain.Post;
 import cc.ryanc.halo.model.domain.User;
 import cc.ryanc.halo.model.dto.HaloConst;
+import cc.ryanc.halo.model.dto.JsonResult;
 import cc.ryanc.halo.model.dto.LogsRecord;
 import cc.ryanc.halo.service.CommentService;
 import cc.ryanc.halo.service.LogsService;
@ -12,7 +13,10 @@ import cc.ryanc.halo.service.PostService;
 import cc.ryanc.halo.service.UserService;
 import cc.ryanc.halo.utils.HaloUtils;
 import cc.ryanc.halo.web.controller.core.BaseController;
+import cn.hutool.core.date.DateUnit;
+import cn.hutool.core.date.DateUtil;
 import cn.hutool.core.lang.Validator;
+import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.crypto.SecureUtil;
 import cn.hutool.http.HtmlUtil;
 import lombok.extern.slf4j.Slf4j;
@ -116,40 +120,49 @@ public class AdminController extends BaseController {
     */
    @PostMapping(value = "/getLogin")
    @ResponseBody
-    public String getLogin(@ModelAttribute("loginName") String loginName,
-                           @ModelAttribute("loginPwd") String loginPwd,
-                           HttpSession session) {
-        String status = "false";
-        try {
-            User aUser = userService.findUser();
-            User user = null;
-            if (StringUtils.equals(aUser.getLoginEnable(), "false")) {
-                status = "disable";
-            } else {
-                if (Validator.isEmail(loginName)) {
-                    user = userService.userLoginByEmail(loginName, SecureUtil.md5(loginPwd)).get(0);
-                } else {
-                    user = userService.userLoginByName(loginName, SecureUtil.md5(loginPwd)).get(0);
-                }
-                if (aUser == user) {
-                    session.setAttribute(HaloConst.USER_SESSION_KEY, user);
-                    //重置用户的登录状态为正常
-                    userService.updateUserNormal();
-                    userService.updateUserLoginLast(new Date());
-                    logsService.saveByLogs(new Logs(LogsRecord.LOGIN, LogsRecord.LOGIN_SUCCESS, HaloUtils.getIpAddr(request), new Date()));
-                    status = "true";
-                }
-            }
-        } catch (Exception e) {
+    public JsonResult getLogin(@ModelAttribute("loginName") String loginName,
+                               @ModelAttribute("loginPwd") String loginPwd,
+                               HttpSession session) {
+        //已注册账号，单用户，只有一个
+        User aUser = userService.findUser();
+        //首先判断是否已经被禁用已经是否已经过了10分钟
+        Date loginLast = aUser.getLoginLast();
+        Long between = DateUtil.between(loginLast, new Date(), DateUnit.MINUTE);
+        if (StringUtils.equals(aUser.getLoginEnable(), "false") && (between < 10)) {
+            return new JsonResult(0, "已禁止登录，请10分钟后再试");
+        }
+        //验证用户名和密码
+        User user = null;
+        if (Validator.isEmail(loginName)) {
+            user = userService.userLoginByEmail(loginName, SecureUtil.md5(loginPwd));
+        } else {
+            user = userService.userLoginByName(loginName, SecureUtil.md5(loginPwd));
+        }
+        userService.updateUserLoginLast(new Date());
+        //判断User对象是否相等
+        if (ObjectUtil.equal(aUser, user)) {
+            session.setAttribute(HaloConst.USER_SESSION_KEY, aUser);
+            //重置用户的登录状态为正常
+            userService.updateUserNormal();
+            logsService.saveByLogs(new Logs(LogsRecord.LOGIN, LogsRecord.LOGIN_SUCCESS, HaloUtils.getIpAddr(request), new Date()));
+            return new JsonResult(1, "登录成功！");
+        } else {
+            //更新失败次数
            Integer errorCount = userService.updateUserLoginError();
+            //超过五次禁用账户
            if (errorCount >= 5) {
                userService.updateUserLoginEnable("false");
            }
-            userService.updateUserLoginLast(new Date());
-            logsService.saveByLogs(new Logs(LogsRecord.LOGIN, LogsRecord.LOGIN_ERROR + "[" + HtmlUtil.encode(loginName) + "," + HtmlUtil.encode(loginPwd) + "]", HaloUtils.getIpAddr(request), new Date()));
-            log.error("登录失败！：{0}", e.getMessage());
+            logsService.saveByLogs(
+                    new Logs(
+                            LogsRecord.LOGIN,
+                            LogsRecord.LOGIN_ERROR + "[" + HtmlUtil.encode(loginName) + "," + HtmlUtil.encode(loginPwd) + "]",
+                            HaloUtils.getIpAddr(request),
+                            new Date()
+                    )
+            );
+            return new JsonResult(0, "登录失败，你还有" + (5 - errorCount) + "次机会。");
        }
-        return status;
    }

    /**
--- a/src/main/resources/static/js/login.js
+++ b/src/main/resources/static/js/login.js
@ -14,10 +14,10 @@ function btn_login() {
                'loginName': name,
                'loginPwd': pwd
            },
-            success: function (status) {
-                if(status=="true"){
+            success: function (data) {
+                if(data.code==1){
                    $.toast({
-                        text: "登录成功！",
+                        text: data.msg,
                        heading: '提示',
                        icon: 'success',
                        showHideTransition: 'fade',
@ -32,29 +32,10 @@ function btn_login() {
                            window.location.href="/admin";
                        }
                    });
-                }else if(status=="disable"){
-                    $('.login-body').addClass('animate shake');
-                    $.toast({
-                        text: "密码错误已达到5次，请10分钟后再试！",
-                        heading: '提示',
-                        icon: 'error',
-                        showHideTransition: 'fade',
-                        allowToastClose: true,
-                        hideAfter: 2000,
-                        stack: 1,
-                        position: 'top-center',
-                        textAlign: 'left',
-                        loader: true,
-                        loaderBg: '#ffffff',
-                        afterHidden: function () {
-                            $('.login-body').removeClass('animate shake');
-                        }
-                    });
-                    $('#btn-login').button('reset');
                }else{
                    $('.login-body').addClass('animate shake');
                    $.toast({
-                        text: "用户名或者密码错误！",
+                        text: data.msg,
                        heading: '提示',
                        icon: 'error',
                        showHideTransition: 'fade',