meng
parent
f9d7eca6c8
commit
8f99e1b247
|
|
@ -7,10 +7,8 @@ import com.len.base.BaseController;
|
||||||
import com.len.entity.BlogTag;
|
import com.len.entity.BlogTag;
|
||||||
import com.len.service.BlogArticleService;
|
import com.len.service.BlogArticleService;
|
||||||
import com.len.service.BlogTagService;
|
import com.len.service.BlogTagService;
|
||||||
import com.len.util.JsonUtil;
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.web.bind.annotation.GetMapping;
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
import org.springframework.web.bind.annotation.PathVariable;
|
|
||||||
import org.springframework.web.bind.annotation.RequestMapping;
|
import org.springframework.web.bind.annotation.RequestMapping;
|
||||||
import org.springframework.web.bind.annotation.RestController;
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -31,15 +31,6 @@ public class BlogRealm extends AuthorizingRealm {
|
||||||
@Autowired
|
@Autowired
|
||||||
private SysUserService userService;
|
private SysUserService userService;
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private MenuService menuService;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private RoleUserService roleUserService;
|
|
||||||
|
|
||||||
@Autowired
|
|
||||||
private RoleMenuService roleMenuService;
|
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public boolean supports(AuthenticationToken token) {
|
public boolean supports(AuthenticationToken token) {
|
||||||
|
|
|
||||||
|
|
@ -1,72 +0,0 @@
|
||||||
package com.len.core;
|
|
||||||
|
|
||||||
import cn.hutool.core.util.StrUtil;
|
|
||||||
import com.len.util.CustomUsernamePasswordToken;
|
|
||||||
import com.len.util.JWTUtil;
|
|
||||||
import lombok.extern.slf4j.Slf4j;
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
|
||||||
import org.apache.shiro.authc.AuthenticationInfo;
|
|
||||||
import org.apache.shiro.authc.AuthenticationToken;
|
|
||||||
import org.apache.shiro.authc.ExcessiveAttemptsException;
|
|
||||||
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
|
||||||
import org.apache.shiro.cache.Cache;
|
|
||||||
import org.apache.shiro.cache.CacheManager;
|
|
||||||
|
|
||||||
import java.util.concurrent.atomic.AtomicInteger;
|
|
||||||
|
|
||||||
/**
|
|
||||||
* 验证器,增加了登录次数校验功能
|
|
||||||
* 限制尝试登陆次数,防止暴力破解
|
|
||||||
*/
|
|
||||||
@Slf4j
|
|
||||||
public class BlogRetryLimitCredentialsMatcher extends HashedCredentialsMatcher {
|
|
||||||
|
|
||||||
/* private Cache<String, AtomicInteger> loginRetryCache;
|
|
||||||
|
|
||||||
private int maxRetryCount = 5;
|
|
||||||
|
|
||||||
*//*public void setMaxRetryCount(int maxRetryCount) {
|
|
||||||
this.maxRetryCount = maxRetryCount;
|
|
||||||
}
|
|
||||||
public BlogRetryLimitCredentialsMatcher(){
|
|
||||||
}*//*
|
|
||||||
|
|
||||||
*//**
|
|
||||||
* @param cacheManager
|
|
||||||
* @param maxRetryCount 最大尝试次数
|
|
||||||
*//*
|
|
||||||
public BlogRetryLimitCredentialsMatcher(CacheManager cacheManager, int maxRetryCount) {
|
|
||||||
this.maxRetryCount = maxRetryCount;
|
|
||||||
this.loginRetryCache = cacheManager.getCache("loginRetryCache");
|
|
||||||
}
|
|
||||||
|
|
||||||
public BlogRetryLimitCredentialsMatcher(CacheManager cacheManager) {
|
|
||||||
this(cacheManager, 5);
|
|
||||||
}
|
|
||||||
|
|
||||||
@Override
|
|
||||||
public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
|
|
||||||
CustomUsernamePasswordToken token1 = (CustomUsernamePasswordToken) token;
|
|
||||||
String username = token1.getUsername();
|
|
||||||
if (StringUtils.isEmpty(username) && !StringUtils.isEmpty(token1.getToken())) {
|
|
||||||
username = JWTUtil.getUsername(token1.getToken());
|
|
||||||
}
|
|
||||||
//retry count + 1
|
|
||||||
AtomicInteger retryCount = loginRetryCache.get(username) == null
|
|
||||||
? new AtomicInteger(0) : loginRetryCache.get(username);
|
|
||||||
log.info("retryCount:{}, username:{}", retryCount, username);
|
|
||||||
if (retryCount.incrementAndGet() > this.maxRetryCount) {
|
|
||||||
log.warn("username: {} tried to login more than {} times in perid", username, this.maxRetryCount);
|
|
||||||
throw new ExcessiveAttemptsException(StrUtil.format("username: {} tried to login more than {} times in perid", username, this.maxRetryCount));
|
|
||||||
}
|
|
||||||
boolean matches = super.doCredentialsMatch(token1, info);
|
|
||||||
|
|
||||||
if (matches) {
|
|
||||||
loginRetryCache.remove(username);
|
|
||||||
} else {
|
|
||||||
loginRetryCache.put(username, retryCount);
|
|
||||||
log.info(String.valueOf(retryCount.get()));
|
|
||||||
}
|
|
||||||
return matches;
|
|
||||||
}*/
|
|
||||||
}
|
|
||||||
|
|
@ -26,11 +26,8 @@ public class MyBasicHttpAuthenticationFilter extends BasicHttpAuthenticationFilt
|
||||||
executeLogin(request, response);
|
executeLogin(request, response);
|
||||||
return true;
|
return true;
|
||||||
} catch (Exception e) {
|
} catch (Exception e) {
|
||||||
// throw new RuntimeException(e.getMessage());
|
|
||||||
}
|
}
|
||||||
} /*else {
|
}
|
||||||
throw new UnauthorizedException("禁止访问");
|
|
||||||
}*/
|
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue