10 月之前 · 4a2be12ba6
--- a/mtp3-century/src/main/java/com/muchinfo/mtp3century/configuration/SecurityConfig.java
+++ b/mtp3-century/src/main/java/com/muchinfo/mtp3century/configuration/SecurityConfig.java
@@ -3,7 +3,9 @@ package com.muchinfo.mtp3century.configuration;
 
				 import com.muchinfo.mtp3century.filter.JwtAuthorizationFilter;
			
 
				 import com.muchinfo.mtp3century.filter.JwtLoginFilter;
			
 
				 import com.muchinfo.mtp3century.service.impl.SysUserDetailsServiceImpl;
			
 
				+import com.muchinfo.mtp3century.utils.RedisServiceUtil;
			
 
				 import com.muchinfo.mtp3common.utils.JwtUtil;
			
 
				+import com.muchinfo.mtp3interface.mapper.ISystemmanagerMapper;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.context.annotation.Configuration;
			
 
				 import org.springframework.http.HttpMethod;
			
@@ -68,7 +70,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
				     }
			
 
				 
			
 
				     @Override
			
 
				-    public void configure(AuthenticationManagerBuilder auth) throws Exception {
			
 
				+    public void configure(AuthenticationManagerBuilder auth){
			
 
				         auth.authenticationProvider(daoAuthenticationProvider());
			
 
				     }
			
 
				 
			
--- a/mtp3-century/src/main/java/com/muchinfo/mtp3century/controller/InvestorController.java
+++ b/mtp3-century/src/main/java/com/muchinfo/mtp3century/controller/InvestorController.java
@@ -481,14 +481,14 @@ public class InvestorController {
 
				         }
			
 
				     }
			
 
				 
			
 
				-    @ApiOperation("交易商管理-->交易商批量转移-->获取列表")
			
 
				+    @ApiOperation("交易商管理-->交易商销户审核-->获取列表")
			
 
				     @ApiResponse(code = 200, message = "成功", response = PageResult.class)
			
 
				     @RequestMapping(method = RequestMethod.GET, value = "/usercancelapply")
			
 
				     public PageResult<InvestorCancelApplyResult> usercancelapply(InvestorCancelApplyParam param, HttpServletRequest request) {
			
 
				         return iUseraccountService.usercancelapply(param, request);
			
 
				     }
			
 
				 
			
 
				-    @ApiOperation("交易商管理-->交易商批量转移-->详情")
			
 
				+    @ApiOperation("交易商管理-->交易商销户审核-->详情")
			
 
				     @ApiResponse(code = 200, message = "成功", response = AjaxResult.class)
			
 
				     @RequestMapping(method = RequestMethod.GET, value = "/cancelview")
			
 
				     public AjaxResult cancelview(Long autoid, HttpServletRequest request) {
			
@@ -502,7 +502,7 @@ public class InvestorController {
 
				         return iUseraccountService.getUserAccountDetail(userid, request);
			
 
				     }
			
 
				 
			
 
				-    @ApiOperation("交易商管理-->交易商批量转移-->审核")
			
 
				+    @ApiOperation("交易商管理-->交易商销户审核-->审核")
			
 
				     @ApiResponse(code = 200, message = "成功", response = AjaxResult.class)
			
 
				     @RequestMapping(method = RequestMethod.GET, value = "/cancelaudit")
			
 
				     public AjaxResult cancelaudit(Long autoid, Integer auditflag, String msg, HttpServletRequest request) {
			
--- a/mtp3-century/src/main/java/com/muchinfo/mtp3century/filter/JwtLoginFilter.java
+++ b/mtp3-century/src/main/java/com/muchinfo/mtp3century/filter/JwtLoginFilter.java
@@ -1,7 +1,9 @@
 
				 package com.muchinfo.mtp3century.filter;
			
 
				 
			
 
				+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
			
 
				 import com.muchinfo.mtp3century.utils.CenturyDecryptUtil;
			
 
				 import com.muchinfo.mtp3century.utils.RedisServiceUtil;
			
 
				+import com.muchinfo.mtp3century.utils.SpringBeanUtils;
			
 
				 import com.muchinfo.mtp3common.enumtype.Constants;
			
 
				 import com.muchinfo.mtp3common.enumtype.MessageType;
			
 
				 import com.muchinfo.mtp3common.enumtype.SysConstants;
			
@@ -20,7 +22,6 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
				 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
			
 
				 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
			
 
				 
			
 
				-import javax.annotation.Resource;
			
 
				 import javax.servlet.FilterChain;
			
 
				 import javax.servlet.ServletException;
			
 
				 import javax.servlet.http.HttpServletRequest;
			
@@ -35,12 +36,6 @@ public class JwtLoginFilter extends AbstractAuthenticationProcessingFilter {
 
				 
			
 
				     private final Logger log = LoggerFactory.getLogger(this.getClass());
			
 
				 
			
 
				-    @Resource
			
 
				-    private RedisServiceUtil redisServiceUtil;
			
 
				-
			
 
				-    @Resource
			
 
				-    private ISystemmanagerMapper iSystemmanagerMapper;
			
 
				-
			
 
				     public JwtLoginFilter(String defaultFilterProcessesUrl, AuthenticationManager authenticationManager) {
			
 
				         super(new AntPathRequestMatcher(defaultFilterProcessesUrl));
			
 
				         setAuthenticationManager(authenticationManager);
			
@@ -112,45 +107,51 @@ public class JwtLoginFilter extends AbstractAuthenticationProcessingFilter {
 
				      * @throws ServletException
			
 
				      */
			
 
				     @Override
			
 
				-    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
			
 
				-        //清理上下文
			
 
				-        SecurityContextHolder.clearContext();
			
 
				-        String loginPWDFail_msg = null;
			
 
				+    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
			
 
				+        Object cacheObject = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheObject("user-login-fail");
			
 
				         log.error("AuthenticationException", failed);
			
 
				+        String[] param = new String [4];
			
 
				         //失败超过默认次数锁定用户
			
 
				-        Systemmanager sysUser = RequestUtils.read(request, Systemmanager.class);
			
 
				+        Systemmanager sysUser = SpringBeanUtils.getBean(ISystemmanagerMapper.class).selectOne(new QueryWrapper<Systemmanager>().eq("LOGINCODE", cacheObject));
			
 
				         if (Objects.nonNull(sysUser)) {
			
 
				             sysUser.setLoginfailnum(sysUser.getLoginfailnum() + 1);
			
 
				-            Object redisParam = redisServiceUtil.getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
			
 
				+            Object redisParam = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
			
 
				                     SysConstants.SYSPARAM_CODE_PWERR_TIMES);
			
 
				-            Object errorCountTime = redisServiceUtil.getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
			
 
				+            Object errorCountTime = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
			
 
				                     SysConstants.SYSPARAM_CODE_LOCKTIME);
			
 
				             double defaultMin = errorCountTime == null ? 180d : Double.parseDouble(String.valueOf(errorCountTime));
			
 
				             int errorNum = redisParam == null ? 3 : Integer.parseInt(String.valueOf(redisParam));
			
 
				             //设置了= 0不限制 错误次数
			
 
				             if (errorNum > 0) {
			
 
				-                loginPWDFail_msg = Constants.loginPWDFail_msg.
			
 
				-                        replace("{#1}", String.valueOf(errorNum - sysUser.getLoginfailnum())).
			
 
				-                        replace("{#2}", String.valueOf(errorNum)).
			
 
				-                        replace("{#3}", String.valueOf(defaultMin));
			
 
				+                param[0] = String.valueOf(errorNum - sysUser.getLoginfailnum());
			
 
				+                param[1] = String.valueOf(errorNum);
			
 
				+                param[2] = String.valueOf(defaultMin);
			
 
				+                param[3] = ".";
			
 
				                 // 失败3次锁定
			
 
				                 if (sysUser.getLoginfailnum() >= errorNum) {
			
 
				                     sysUser.setLogintime(new Date());
			
 
				                     sysUser.setManagerstatus(SysEnums.SysStatus.lock.getCode());
			
 
				-                    iSystemmanagerMapper.updateById(sysUser);
			
 
				-                    loginPWDFail_msg = loginPWDFail_msg + "," + Constants.userlock_msg;
			
 
				+                    param[3] = "," + Constants.userlock_msg;
			
 
				                 }
			
 
				             }
			
 
				+            SpringBeanUtils.getBean(ISystemmanagerMapper.class).updateById(sysUser);
			
 
				         }
			
 
				 
			
 
				+        SpringBeanUtils.getBean(RedisServiceUtil.class).deleteByPrex("user-login-fail");
			
 
				+        //清理上下文
			
 
				+        SecurityContextHolder.clearContext();
			
 
				         //判断异常类
			
 
				         if (failed instanceof InternalAuthenticationServiceException) {
			
 
				             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM009.getCode(), request.getHeader("Accept-Language"));
			
 
				         } else if (failed instanceof UsernameNotFoundException) {
			
 
				             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM010.getCode(), request.getHeader("Accept-Language"));
			
 
				         } else if (failed instanceof BadCredentialsException) {
			
 
				-            ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, loginPWDFail_msg == null ? MessageType.MESSAGE_ERROR_CODE_SYSTEM011.getCode() : loginPWDFail_msg, request.getHeader("Accept-Language"));
			
 
				-        } else if (failed instanceof LockedException) {
			
 
				+            if(param[0] == null){
			
 
				+                ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM011.getCode(), request.getHeader("Accept-Language"));
			
 
				+            }else{
			
 
				+                ResponseUtils.writeFiledForParameters(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, param, request.getHeader("Accept-Language"));
			
 
				+            }
			
 
				+       } else if (failed instanceof LockedException) {
			
 
				             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM012.getCode(), request.getHeader("Accept-Language"));
			
 
				         } else if (failed instanceof CredentialsExpiredException) {
			
 
				             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM013.getCode(), request.getHeader("Accept-Language"));
			
--- a/mtp3-century/src/main/java/com/muchinfo/mtp3century/service/impl/SysUserDetailsServiceImpl.java
+++ b/mtp3-century/src/main/java/com/muchinfo/mtp3century/service/impl/SysUserDetailsServiceImpl.java
@@ -2,6 +2,8 @@ package com.muchinfo.mtp3century.service.impl;
 
				 
			
 
				 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
			
 
				 import com.muchinfo.mtp3century.service.ISysUserDetailsService;
			
 
				+import com.muchinfo.mtp3century.utils.RedisServiceUtil;
			
 
				+import com.muchinfo.mtp3common.enumtype.RedisConstants;
			
 
				 import com.muchinfo.mtp3interface.mapper.IRoleuserMapper;
			
 
				 import com.muchinfo.mtp3interface.mapper.ISystemmanagerMapper;
			
 
				 import com.muchinfo.mtp3pojos.entity.Roleuser;
			
@@ -15,6 +17,7 @@ import javax.annotation.Resource;
 
				 import java.util.Arrays;
			
 
				 import java.util.List;
			
 
				 import java.util.Objects;
			
 
				+import java.util.concurrent.TimeUnit;
			
 
				 
			
 
				 @Service
			
 
				 public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
			
@@ -22,6 +25,8 @@ public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
 
				     private ISystemmanagerMapper iSystemmanagerMapper;
			
 
				     @Resource
			
 
				     private IRoleuserMapper iRoleuserMapper;
			
 
				+    @Resource
			
 
				+    private RedisServiceUtil redisServiceUtil;
			
 
				 
			
 
				     @Override
			
 
				     public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
			
@@ -29,7 +34,7 @@ public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
 
				         if (Objects.isNull(systemmanager)) {
			
 
				             throw new UsernameNotFoundException("账号或密码错误！");
			
 
				         }
			
 
				-
			
 
				+        redisServiceUtil.setCacheObject("user-login-fail", systemmanager.getLogincode(), RedisConstants.LOGIN_CODE_TIME, TimeUnit.SECONDS);
			
 
				         List<Roleuser> roleuserList = iRoleuserMapper.selectList(new QueryWrapper<Roleuser>().eq("MANAGERID", systemmanager.getAutoid()));
			
 
				         Long[] roleCodeArray = roleuserList.stream().map(Roleuser::getRoleid).toArray(Long[]::new);
			
 
				 
			
--- a/mtp3-century/src/main/java/com/muchinfo/mtp3century/utils/SpringBeanUtils.java
+++ b/mtp3-century/src/main/java/com/muchinfo/mtp3century/utils/SpringBeanUtils.java
@@ -1,14 +1,15 @@
 
				 /**
			
 
				  * 版权所有 2003~2018多元世纪
			
 
				  */
			
 
				-package com.muchinfo.mtp3common.utils;
			
 
				+package com.muchinfo.mtp3century.utils;
			
 
				 
			
 
				 import org.springframework.beans.BeansException;
			
 
				 import org.springframework.context.ApplicationContext;
			
 
				 import org.springframework.context.ApplicationContextAware;
			
 
				+import org.springframework.stereotype.Component;
			
 
				 import org.springframework.stereotype.Service;
			
 
				 
			
 
				-@Service
			
 
				+@Component
			
 
				 public final class SpringBeanUtils implements ApplicationContextAware {
			
 
				     private static ApplicationContext AC;
			
 
				 
			
--- a/mtp3-century/src/main/resources/message_en.properties
+++ b/mtp3-century/src/main/resources/message_en.properties
@@ -23,6 +23,7 @@ message_code_system023=No trader fund account found
 
				 message_code_system024=Review Rejected
			
 
				 message_code_system025=Non trading account cannot be closed for review
			
 
				 message_code_system026=The fund account has not been terminated and cannot be closed
			
 
				+message_code_system027=There is still {0} chance of error left, Account or password mismatch reaches {1} times, Login account will be locked for {2} minute {3}
			
 
				 
			
 
				 message_error_code_system001=Token invalid, please log in again!
			
 
				 message_error_code_system002=operation failed
			
--- a/mtp3-century/src/main/resources/message_th.properties
+++ b/mtp3-century/src/main/resources/message_th.properties
@@ -23,6 +23,7 @@ message_code_system023=ไม่พบบัญชีเงินของผู
 
				 message_code_system024=การปฏิเสธการตรวจสอบ
			
 
				 message_code_system025=บัญชีที่ไม่ใช่ตัวแทนจำหน่ายและไม่สามารถตรวจสอบได้โดยผู้ขาย
			
 
				 message_code_system026=บัญชีเงินไม่ถูกยกเลิก ขายไม่ออก
			
 
				+message_code_system027=เหลือโอกาสผิดพลาด {0} ครั้ง หมายเลขบัญชีหรือรหัสผ่านไม่ตรงกันถึง {1} ครั้ง หมายเลขบัญชีล็อกอินจะถูกล็อกไว้ {2} นาที {3}
			
 
				 
			
 
				 message_error_code_system001=โทเค็นล้มเหลวโปรดเข้าสู่ระบบอีกครั้ง!
			
 
				 message_error_code_system002=การดำเนินการล้มเหลว!
			
--- a/mtp3-century/src/main/resources/message_zh-CN.properties
+++ b/mtp3-century/src/main/resources/message_zh-CN.properties
@@ -23,6 +23,7 @@ message_code_system023=没有找到交易商资金账户
 
				 message_code_system024=审核拒绝
			
 
				 message_code_system025=非交易商账户,不能销户审核
			
 
				 message_code_system026=资金账户未解约,不能销户
			
 
				+message_code_system027=还剩{0}次错误机会,账号或密码不匹配达到{1}次,登录账号将锁定{2}分钟{3}
			
 
				 
			
 
				 message_error_code_system001=令牌失效，请重新登录！
			
 
				 message_error_code_system002=操作失败
			
--- a/mtp3-century/src/main/resources/message_zh-HK.properties
+++ b/mtp3-century/src/main/resources/message_zh-HK.properties
@@ -23,6 +23,7 @@ message_code_system023=沒有找到交易商資金帳戶
 
				 message_code_system024=稽核拒絕
			
 
				 message_code_system025=非交易商帳戶，不能銷戶稽核
			
 
				 message_code_system026=資金帳戶未解約，不能銷戶
			
 
				+message_code_system027=還剩{0}次錯誤機會，帳號或密碼不匹配達到{1}次，登入帳號將鎖定{2}分鐘{3}
			
 
				 
			
 
				 message_error_code_system001=權杖失效，請重新登入！
			
 
				 message_error_code_system002=操作失敗
			
--- a/mtp3-century/src/main/resources/message_zh-TW.properties
+++ b/mtp3-century/src/main/resources/message_zh-TW.properties
@@ -23,6 +23,7 @@ message_code_system023=沒有找到交易商資金帳戶
 
				 message_code_system024=稽核拒絕
			
 
				 message_code_system025=非交易商帳戶，不能銷戶稽核
			
 
				 message_code_system026=資金帳戶未解約，不能銷戶
			
 
				+message_code_system027=還剩{0}次錯誤機會，帳號或密碼不匹配達到{1}次，登入帳號將鎖定{2}分鐘{3}
			
 
				 
			
 
				 message_error_code_system001=權杖失效，請重新登入！
			
 
				 message_error_code_system002=操作失敗
			
--- a/mtp3-common/src/main/java/com/muchinfo/mtp3common/enumtype/MessageType.java
+++ b/mtp3-common/src/main/java/com/muchinfo/mtp3common/enumtype/MessageType.java
@@ -30,6 +30,7 @@ public enum MessageType {
 
				     MESSAGE_CODE_SYSTEM024("message_code_system024", "审核拒绝"),
			
 
				     MESSAGE_CODE_SYSTEM025("message_code_system025", "非交易商账户,不能销户审核"),
			
 
				     MESSAGE_CODE_SYSTEM026("message_code_system026", "资金账户未解约,不能销户"),
			
 
				+    MESSAGE_CODE_SYSTEM027("message_code_system027", "还剩{0}次错误机会,账号或密码不匹配达到{1}次,登录账号将锁定{2}分钟{3}"),
			
 
				 
			
 
				     MESSAGE_ERROR_CODE_SYSTEM001("message_error_code_system001", "令牌失效，请重新登录！"),
			
 
				     MESSAGE_ERROR_CODE_SYSTEM002("message_error_code_system002", "操作失败"),
			
--- a/mtp3-common/src/main/java/com/muchinfo/mtp3common/utils/ResponseUtils.java
+++ b/mtp3-common/src/main/java/com/muchinfo/mtp3common/utils/ResponseUtils.java
@@ -1,12 +1,14 @@
 
				 package com.muchinfo.mtp3common.utils;
			
 
				 
			
 
				 
			
 
				+import com.muchinfo.mtp3common.enumtype.MessageType;
			
 
				 import com.muchinfo.mtp3common.vo.AjaxResult;
			
 
				 import org.slf4j.Logger;
			
 
				 import org.slf4j.LoggerFactory;
			
 
				 
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 import java.io.OutputStream;
			
 
				+import java.util.Arrays;
			
 
				 
			
 
				 /**
			
 
				  * 响应工具类
			
@@ -50,5 +52,20 @@ public class ResponseUtils {
 
				             logger.error("响应出错：" + msgType, e);
			
 
				         }
			
 
				     }
			
 
				+
			
 
				+    public static void writeFiledForParameters(HttpServletResponse response, int status, String [] param, String languages) {
			
 
				+        try {
			
 
				+            response.setHeader("Access-Control-Allow-Origin", "*");
			
 
				+            response.setHeader("Cache-Control", "no-cache");
			
 
				+            response.setCharacterEncoding("UTF-8");
			
 
				+            response.setContentType("application/json");
			
 
				+            response.setStatus(status);
			
 
				+            byte[] bytes = JsonUtils.toString(AjaxResult.error(status, MessageType.MESSAGE_CODE_SYSTEM027.getCode(),param, languages)).getBytes();
			
 
				+            OutputStream out = response.getOutputStream();
			
 
				+            out.write(bytes);
			
 
				+        } catch (Exception e) {
			
 
				+            logger.error("响应出错：" + Arrays.toString(param), e);
			
 
				+        }
			
 
				+    }
			
 
				 }