feat：系统安全功能完善

e085ac44 · 宋振民 · 75dd53d1 · e085ac44 · e085ac44 · e085ac44
Commit e085ac44 authored Mar 03, 2021 by 宋振民
15 changed files
--- a/hs-admin/src/main/java/com/hs/admin/controller/UserController.java
+++ b/hs-admin/src/main/java/com/hs/admin/controller/UserController.java
@@ -88,6 +88,17 @@ public class UserController {
            return Result.error();
    }

+    @PostMapping("unlock")
+    @Token
+    @ApiOperation("解锁用户")
+    public Object unlockUser(@RequestBody UserReq.UnlockUserReq user) throws Exception {
+        boolean result = userService.unlockUser(user);
+        if (result)
+            return Result.success(null);
+        else
+            return Result.error();
+    }
+
    @PostMapping("update")
    @Token
    @ApiOperation("修改用户")

--- a/hs-admin/src/main/java/com/hs/admin/model/SysUser.java
+++ b/hs-admin/src/main/java/com/hs/admin/model/SysUser.java
@@ -33,10 +33,14 @@ public class SysUser {

    private Date lastTime;

+    private Date lastUpdatePwdTime;
+
    private String lastIp;

    private boolean isAdmin;

+    private boolean lockFlag;
+
    public Integer getId() {
        return id;
    }
@@ -164,4 +168,20 @@ public class SysUser {
    public void setIsAdmin(boolean isAdmin) {
        this.isAdmin = isAdmin;
    }
+
+    public Date getLastUpdatePwdTime() {
+        return lastUpdatePwdTime;
+    }
+
+    public void setLastUpdatePwdTime(Date lastUpdatePwdTime) {
+        this.lastUpdatePwdTime = lastUpdatePwdTime;
+    }
+
+    public boolean getLockFlag() {
+        return lockFlag;
+    }
+
+    public void setLockFlag(boolean lockFlag) {
+        this.lockFlag = lockFlag;
+    }
 }
\ No newline at end of file
--- a/hs-admin/src/main/java/com/hs/admin/model/reqmodel/UserReq.java
+++ b/hs-admin/src/main/java/com/hs/admin/model/reqmodel/UserReq.java
@@ -165,6 +165,27 @@ public class UserReq {
        }
    }

+    public static class UnlockUserReq {
+        @ApiModelProperty(value = "用户ID", required = true)
+        @NotNull(message = "用户ID 参数必传")
+        private Integer userId;
+
+        public Integer getUserId() {
+            return userId;
+        }
+
+        public void setUserId(Integer userId) {
+            this.userId = userId;
+        }
+
+        @Override
+        public String toString() {
+            return "UnlockReq{" +
+                    "userId=" + userId +
+                    '}';
+        }
+    }
+
    public static class UpdateUserReq {
        @ApiModelProperty(value = "用户ID", required = true)
        @NotNull(message = "用户ID 参数必传")

--- a/hs-admin/src/main/java/com/hs/admin/service/UserService.java
+++ b/hs-admin/src/main/java/com/hs/admin/service/UserService.java
@@ -17,6 +17,8 @@ public interface UserService {

    boolean deleteUser(UserReq.DeleteUserReq user);

+    boolean unlockUser(UserReq.UnlockUserReq user);
+
    boolean updateUser(UpdateUserReq user);

    List<SysUserList> getAll(UserReq.GetUserReq user);

--- a/hs-admin/src/main/java/com/hs/admin/service/impl/UserServiceImpl.java
+++ b/hs-admin/src/main/java/com/hs/admin/service/impl/UserServiceImpl.java
@@ -54,6 +54,7 @@ public class UserServiceImpl implements UserService {
            sysUser.setMobile(user.getMobile());
            sysUser.setSex(user.getSex());
            sysUser.setCreateDate(new Date());
+            sysUser.setLastUpdatePwdTime(new Date());
            sysUser.setCreateUserid(userId);
            sysUser.setState((short) StateType.ON.getValue());
            sysUser.setIsAdmin(user.getIsAdmin());
@@ -84,6 +85,19 @@ public class UserServiceImpl implements UserService {
    }

    @Override
+    public boolean unlockUser(UserReq.UnlockUserReq user) {
+        if (user != null) {
+            SysUser sysUser = sysUserMapper.selectByPrimaryKey(user.getUserId());
+            if (sysUser != null) {
+                sysUser.setLockFlag(false);
+                sysUserMapper.updateByPrimaryKey(sysUser);
+                return true;
+            }
+        }
+        return false;
+    }
+
+    @Override
    @Transactional(rollbackFor = Exception.class)
    public boolean updateUser(UpdateUserReq user) {
        if (user != null) {

--- a/hs-admin/src/main/resources/mapper/SysUserMapper.xml
+++ b/hs-admin/src/main/resources/mapper/SysUserMapper.xml
@@ -18,6 +18,7 @@
        <result column="LAST_TIME" jdbcType="TIMESTAMP" property="lastTime"/>
        <result column="LAST_IP" jdbcType="VARCHAR" property="lastIp"/>
        <result column="IS_ADMIN" jdbcType="BOOLEAN" property="isAdmin"/>
+        <result column="LOCK_FLAG" jdbcType="BOOLEAN" property="lockFlag"/>
    </resultMap>
    <resultMap id="SysUserList" extends="BaseResultMap" type="com.hs.admin.model.respmodel.SysUserList">
        <result column="ROLE_ID" jdbcType="INTEGER" property="roleId"/>
@@ -61,7 +62,8 @@
            ERROR_TIME    = #{errorTime,jdbcType=TIMESTAMP},
            LAST_TIME     = #{lastTime,jdbcType=TIMESTAMP},
            LAST_IP       = #{lastIp,jdbcType=VARCHAR},
-            IS_ADMIN       = #{isAdmin,jdbcType=VARCHAR}
+            IS_ADMIN       = #{isAdmin,jdbcType=VARCHAR},
+            LOCK_FLAG       = #{lockFlag,jdbcType=VARCHAR}
        where ID = #{id,jdbcType=INTEGER}
    </update>
    <select id="selectByPrimaryKey" parameterType="java.lang.Integer" resultMap="BaseResultMap">

--- a/hs-api/src/main/java/com/hs/api/common/enums/SysConfigKeyType.java
+++ b/hs-api/src/main/java/com/hs/api/common/enums/SysConfigKeyType.java
@@ -8,18 +8,19 @@ import java.util.Map;

 public enum SysConfigKeyType {
    MAC_ADDRESS_RANGE("MAC_ADDRESS_RANGE","MAC地址范围过滤"),
-    MAC_BINDING("MAC_BINDING","MAC地址绑定");
+    MAC_BINDING("MAC_BINDING","MAC地址绑定"),
+    PWD_TIME_LIMIT("PWD_TIME_LIMIT","密码有效期");

-    private String value;
+    private String code;
    private String desc;

-    SysConfigKeyType(String value, String desc) {
-        this.value = value;
+    SysConfigKeyType(String code, String desc) {
+        this.code = code;
        this.desc = desc;
    }

-    public String getValue() {
-        return value;
+    public String getCode() {
+        return code;
    }

    public String getDesc() {
@@ -31,7 +32,7 @@ public enum SysConfigKeyType {
        for(SysConfigKeyType projectType : values()){
            Map<String,Object> map = new HashMap<String,Object>() {
                {
-                    put("value",projectType.getValue());
+                    put("code",projectType.getCode());
                    put("description",projectType.getDesc());
                }
            };

--- a/hs-api/src/main/java/com/hs/api/common/utils/DateUtils.java
+++ b/hs-api/src/main/java/com/hs/api/common/utils/DateUtils.java
--- a/hs-api/src/main/java/com/hs/api/mapper/SysLoginConfigMapper.java
+++ b/hs-api/src/main/java/com/hs/api/mapper/SysLoginConfigMapper.java
@@ -7,6 +7,6 @@ import org.apache.ibatis.annotations.Param;
 import java.util.List;
 import java.util.Map;

-public interface SysLoginConfigMapper {
+public interface SysConfigMapper {
    List<SysConfig> selectByKey(String key);
 }
\ No newline at end of file
--- a/hs-api/src/main/java/com/hs/api/model/SysUser.java
+++ b/hs-api/src/main/java/com/hs/api/model/SysUser.java
@@ -29,12 +29,16 @@ public class SysUser {

    private Date errorTime;

+    private Date lastUpdatePwdTime;
+
    private Date lastTime;

    private String lastIp;

    private String macAddress;

+    private boolean lockFlag;
+
    public Long getId() {
        return id;
    }
@@ -162,4 +166,24 @@ public class SysUser {
    public void setMacAddress(String macAddress) {
        this.macAddress = macAddress;
    }
+
+    public Date getLastUpdatePwdTime() {
+        return lastUpdatePwdTime;
+    }
+
+    public void setLastUpdatePwdTime(Date lastUpdatePwdTime) {
+        this.lastUpdatePwdTime = lastUpdatePwdTime;
+    }
+
+    public boolean isLockFlag() {
+        return lockFlag;
+    }
+
+    public void setLockFlag(boolean lockFlag) {
+        this.lockFlag = lockFlag;
+    }
+
+    public void addErrorCount() {
+        this.errorCount = this.errorCount == null ? 1 : this.errorCount + 1;
+    }
 }
\ No newline at end of file
--- a/hs-api/src/main/java/com/hs/api/service/Impl/LoginServiceImpl.java
+++ b/hs-api/src/main/java/com/hs/api/service/Impl/LoginServiceImpl.java
 package com.hs.api.service.Impl;

+import com.hs.api.common.enums.SysConfigKeyType;
 import com.hs.api.common.exceptions.DBConfigurationError;
+import com.hs.api.common.utils.DateUtils;
 import com.hs.api.common.utils.TokenUtil;
 import com.hs.api.mapper.DicOrgMapper;
 import com.hs.api.mapper.SysRoleMapper;
@@ -9,7 +11,9 @@ import com.hs.api.mapper.SysVersionMapper;
 import com.hs.api.model.*;
 import com.hs.api.model.respmodel.LoginInfo;
 import com.hs.api.service.LoginService;
+import com.hs.api.service.SysConfigService;
 import com.hs.api.service.UserService;
+import com.hs.common.utils.RedisUtil;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

@@ -24,6 +28,9 @@ public class LoginServiceImpl implements LoginService {
    @Autowired
    private UserService userServiceImpl;

+    @Autowired
+    private SysConfigService sysConfigService;
+
    @Resource
    private SysUserMapper sysUserMapper;
    @Resource
@@ -39,6 +46,14 @@ public class LoginServiceImpl implements LoginService {
        LoginInfo loginInfo = new LoginInfo();

        SysUser user = userServiceImpl.findByLoginName(logName);
+        //判断是否被锁定
+        if(user.isLockFlag())
+            throw new DBConfigurationError("该账号已被锁定请联系管理员解锁！");
+        //判断是否很久没有更改密码
+        if(sysConfigService.getSysConfigStateByKey(SysConfigKeyType.PWD_TIME_LIMIT.getCode())
+                && DateUtils.getDaysBetween(user.getLastUpdatePwdTime(), new Date()) > 90)
+            throw new DBConfigurationError("您已经超过90天没有更换密码，请修改密码后再登录！");
+
        if (user != null && user.getPassword().equals(password) && (user.getMacAddress() == null || user.getMacAddress().equals(macAddrss))) {
            String token = TokenUtil.getToken(password, user);
            //修改ip以及最后登录时间、MAC地址
@@ -64,17 +79,34 @@ public class LoginServiceImpl implements LoginService {
            //查询病案信息
            SysVersion version = sysVersionMapper.selectLastDate();
            loginInfo.setVersion(version);
+            RedisUtil.del(user.getUserCode());
        } else {
-            throw new DBConfigurationError("账号、密码或者MAC地址错误！");
+            if(user != null) checkErrorCount(user);
+            throw new DBConfigurationError("登录失败请检查用户名和密码！");
        }
        return loginInfo;
    }

+    private void checkErrorCount(SysUser user) {
+        String userCode = user.getUserCode();
+        if(RedisUtil.hasKey(userCode) && Integer.parseInt(RedisUtil.get(userCode).toString())>=5) {
+            user.setLockFlag(true);
+            sysUserMapper.updateByPrimaryKey(user);
+            return;
+        }
+        if(!RedisUtil.hasKey(userCode)) {
+            RedisUtil.set(userCode, 1, 5 * 60);
+        }else {
+            RedisUtil.incr(userCode, 1);
+        }
+    }
+
    public boolean updatePass(String logName, String oldPassword, String newPassword) {
        int result = 0;
        SysUser user = userServiceImpl.findByLoginName(logName);
        if (user != null && user.getPassword().equals(oldPassword)) {
            user.setPassword(newPassword);
+            user.setLastUpdatePwdTime(new Date());
            result = sysUserMapper.updateByPrimaryKey(user);
        } else {
            throw new DBConfigurationError("旧密码错误！");

--- a/hs-api/src/main/java/com/hs/api/service/Impl/SysConfigServiceImpl.java
+++ b/hs-api/src/main/java/com/hs/api/service/Impl/SysConfigServiceImpl.java
 package com.hs.api.service.Impl;

-import com.hs.api.common.enums.DimType;
-import com.hs.api.mapper.DicDimMapper;
-import com.hs.api.mapper.SerDimValueMapper;
-import com.hs.api.mapper.SerPageBlockRsMapper;
-import com.hs.api.mapper.SysLoginConfigMapper;
-import com.hs.api.model.DicDim;
-import com.hs.api.model.SerDimValue;
+import com.hs.api.mapper.SysConfigMapper;
 import com.hs.api.model.SysConfig;
-import com.hs.api.model.respmodel.DimValue;
-import com.hs.api.service.DicDimService;
 import com.hs.api.service.SysConfigService;
 import org.springframework.stereotype.Service;

 import javax.annotation.Resource;
-import java.util.ArrayList;
 import java.util.List;

 @Service
 public class SysConfigServiceImpl implements SysConfigService {
    @Resource
-    private SysLoginConfigMapper sysLoginConfigMapper;
+    private SysConfigMapper sysConfigMapper;

    @Override
    public boolean getSysConfigStateByKey(String key) {
-        List<SysConfig> sysConfigList = sysLoginConfigMapper.selectByKey(key);
+        List<SysConfig> sysConfigList = sysConfigMapper.selectByKey(key);
+        if(sysConfigList.size()==0) return false;
        SysConfig sysConfig = sysConfigList.get(0);
        return sysConfig.getState();
    }

+    @Override
+    public String getSysConfigValueSByKey(String key) {
+        List<SysConfig> sysConfigList = sysConfigMapper.selectByKey(key);
+        if(sysConfigList.size()==0) return null;
+        SysConfig sysConfig = sysConfigList.get(0);
+        return sysConfig.getValue();
+    }
+
 }
--- a/hs-api/src/main/java/com/hs/api/service/SysConfigService.java
+++ b/hs-api/src/main/java/com/hs/api/service/SysConfigService.java
@@ -6,4 +6,6 @@ import java.util.List;

 public interface SysConfigService {
    boolean getSysConfigStateByKey(String key);
+
+    String getSysConfigValueSByKey(String key);
 }
--- a/hs-api/src/main/resources/mapper/SysLoginConfigMapper.xml
+++ b/hs-api/src/main/resources/mapper/SysLoginConfigMapper.xml
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
-<mapper namespace="com.hs.api.mapper.SysLoginConfigMapper">
+<mapper namespace="com.hs.api.mapper.SysConfigMapper">
    <resultMap id="ResultMap" type="com.hs.api.model.SysConfig">
        <id column="ID" jdbcType="DECIMAL" property="id"/>
        <result column="CREATE_DATE" jdbcType="TIMESTAMP" property="createDate"/>

--- a/hs-api/src/main/resources/mapper/SysUserMapper.xml
+++ b/hs-api/src/main/resources/mapper/SysUserMapper.xml
@@ -18,6 +18,8 @@
        <result column="LAST_TIME" jdbcType="TIMESTAMP" property="lastTime"/>
        <result column="LAST_IP" jdbcType="VARCHAR" property="lastIp"/>
        <result column="MAC_ADDRESS" jdbcType="VARCHAR" property="macAddress"/>
+        <result column="LAST_UPDATE_PWD_TIME" jdbcType="TIMESTAMP" property="lastUpdatePwdTime"/>
+        <result column="LOCK_FLAG" jdbcType="BOOLEAN" property="lockFlag"/>
    </resultMap>
    <delete id="deleteByPrimaryKey" parameterType="java.lang.Long">
        delete
@@ -55,7 +57,9 @@
            ERROR_TIME    = #{errorTime,jdbcType=TIMESTAMP},
            LAST_TIME     = #{lastTime,jdbcType=TIMESTAMP},
            LAST_IP       = #{lastIp,jdbcType=VARCHAR},
-            MAC_ADDRESS   = #{macAddress,jdbcType=VARCHAR}
+            MAC_ADDRESS   = #{macAddress,jdbcType=VARCHAR},
+            LAST_UPDATE_PWD_TIME   = #{lastUpdatePwdTime,jdbcType=VARCHAR},
+            LOCK_FLAG   = #{lockFlag,jdbcType=VARCHAR}
        where ID = #{id,jdbcType=DECIMAL}
    </update>
    <select id="selectByPrimaryKey" parameterType="java.lang.Long" resultMap="BaseResultMap">
@@ -113,7 +117,9 @@
               ERROR_TIME,
               LAST_TIME,
               LAST_IP,
-               MAC_ADDRESS
+               MAC_ADDRESS,
+               LAST_UPDATE_PWD_TIME,
+               LOCK_FLAG
        from SYS_USER
        where USER_CODE = #{userCode,jdbcType=VARCHAR}
          and `STATE` != 0