修改bug，解决登入失败未限制登入次数的问题

mtp3-century/src/main/java/com/muchinfo/mtp3century/configuration/SecurityConfig.java

@@ -3,7 +3,9 @@ package com.muchinfo.mtp3century.configuration;
 import com.muchinfo.mtp3century.filter.JwtAuthorizationFilter;
 import com.muchinfo.mtp3century.filter.JwtLoginFilter;
 import com.muchinfo.mtp3century.service.impl.SysUserDetailsServiceImpl;
+import com.muchinfo.mtp3century.utils.RedisServiceUtil;
 import com.muchinfo.mtp3common.utils.JwtUtil;
+import com.muchinfo.mtp3interface.mapper.ISystemmanagerMapper;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -68,7 +70,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
     }
 
     @Override
-    public void configure(AuthenticationManagerBuilder auth) throws Exception {
+    public void configure(AuthenticationManagerBuilder auth){
         auth.authenticationProvider(daoAuthenticationProvider());
     }
 

mtp3-century/src/main/java/com/muchinfo/mtp3century/controller/InvestorController.java

@@ -481,14 +481,14 @@ public class InvestorController {
         }
     }
 
-    @ApiOperation("交易商管理-->交易商批量转移-->获取列表")
+    @ApiOperation("交易商管理-->交易商销户审核-->获取列表")
     @ApiResponse(code = 200, message = "成功", response = PageResult.class)
     @RequestMapping(method = RequestMethod.GET, value = "/usercancelapply")
     public PageResult<InvestorCancelApplyResult> usercancelapply(InvestorCancelApplyParam param, HttpServletRequest request) {
         return iUseraccountService.usercancelapply(param, request);
     }
 
-    @ApiOperation("交易商管理-->交易商批量转移-->详情")
+    @ApiOperation("交易商管理-->交易商销户审核-->详情")
     @ApiResponse(code = 200, message = "成功", response = AjaxResult.class)
     @RequestMapping(method = RequestMethod.GET, value = "/cancelview")
     public AjaxResult cancelview(Long autoid, HttpServletRequest request) {
@@ -502,7 +502,7 @@ public class InvestorController {
         return iUseraccountService.getUserAccountDetail(userid, request);
     }
 
-    @ApiOperation("交易商管理-->交易商批量转移-->审核")
+    @ApiOperation("交易商管理-->交易商销户审核-->审核")
     @ApiResponse(code = 200, message = "成功", response = AjaxResult.class)
     @RequestMapping(method = RequestMethod.GET, value = "/cancelaudit")
     public AjaxResult cancelaudit(Long autoid, Integer auditflag, String msg, HttpServletRequest request) {

mtp3-century/src/main/java/com/muchinfo/mtp3century/filter/JwtLoginFilter.java

@@ -1,7 +1,9 @@
 package com.muchinfo.mtp3century.filter;
 
+import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.muchinfo.mtp3century.utils.CenturyDecryptUtil;
 import com.muchinfo.mtp3century.utils.RedisServiceUtil;
+import com.muchinfo.mtp3century.utils.SpringBeanUtils;
 import com.muchinfo.mtp3common.enumtype.Constants;
 import com.muchinfo.mtp3common.enumtype.MessageType;
 import com.muchinfo.mtp3common.enumtype.SysConstants;
@@ -20,7 +22,6 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 
-import javax.annotation.Resource;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -35,12 +36,6 @@ public class JwtLoginFilter extends AbstractAuthenticationProcessingFilter {
 
     private final Logger log = LoggerFactory.getLogger(this.getClass());
 
-    @Resource
-    private RedisServiceUtil redisServiceUtil;
-
-    @Resource
-    private ISystemmanagerMapper iSystemmanagerMapper;
-
     public JwtLoginFilter(String defaultFilterProcessesUrl, AuthenticationManager authenticationManager) {
         super(new AntPathRequestMatcher(defaultFilterProcessesUrl));
         setAuthenticationManager(authenticationManager);
@@ -112,45 +107,51 @@ public class JwtLoginFilter extends AbstractAuthenticationProcessingFilter {
      * @throws ServletException
      */
     @Override
-    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) throws IOException, ServletException {
-        //清理上下文
-        SecurityContextHolder.clearContext();
-        String loginPWDFail_msg = null;
+    protected void unsuccessfulAuthentication(HttpServletRequest request, HttpServletResponse response, AuthenticationException failed) {
+        Object cacheObject = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheObject("user-login-fail");
         log.error("AuthenticationException", failed);
+        String[] param = new String [4];
         //失败超过默认次数锁定用户
-        Systemmanager sysUser = RequestUtils.read(request, Systemmanager.class);
+        Systemmanager sysUser = SpringBeanUtils.getBean(ISystemmanagerMapper.class).selectOne(new QueryWrapper<Systemmanager>().eq("LOGINCODE", cacheObject));
         if (Objects.nonNull(sysUser)) {
             sysUser.setLoginfailnum(sysUser.getLoginfailnum() + 1);
-            Object redisParam = redisServiceUtil.getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
+            Object redisParam = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
                     SysConstants.SYSPARAM_CODE_PWERR_TIMES);
-            Object errorCountTime = redisServiceUtil.getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
+            Object errorCountTime = SpringBeanUtils.getBean(RedisServiceUtil.class).getCacheMapValue(Constants.REDIS_HEADER_SYSPARAM,
                     SysConstants.SYSPARAM_CODE_LOCKTIME);
             double defaultMin = errorCountTime == null ? 180d : Double.parseDouble(String.valueOf(errorCountTime));
             int errorNum = redisParam == null ? 3 : Integer.parseInt(String.valueOf(redisParam));
             //设置了= 0不限制 错误次数
             if (errorNum > 0) {
-                loginPWDFail_msg = Constants.loginPWDFail_msg.
-                        replace("{#1}", String.valueOf(errorNum - sysUser.getLoginfailnum())).
-                        replace("{#2}", String.valueOf(errorNum)).
-                        replace("{#3}", String.valueOf(defaultMin));
+                param[0] = String.valueOf(errorNum - sysUser.getLoginfailnum());
+                param[1] = String.valueOf(errorNum);
+                param[2] = String.valueOf(defaultMin);
+                param[3] = ".";
                 // 失败3次锁定
                 if (sysUser.getLoginfailnum() >= errorNum) {
                     sysUser.setLogintime(new Date());
                     sysUser.setManagerstatus(SysEnums.SysStatus.lock.getCode());
-                    iSystemmanagerMapper.updateById(sysUser);
-                    loginPWDFail_msg = loginPWDFail_msg + "," + Constants.userlock_msg;
+                    param[3] = "," + Constants.userlock_msg;
                 }
             }
+            SpringBeanUtils.getBean(ISystemmanagerMapper.class).updateById(sysUser);
         }
 
+        SpringBeanUtils.getBean(RedisServiceUtil.class).deleteByPrex("user-login-fail");
+        //清理上下文
+        SecurityContextHolder.clearContext();
         //判断异常类
         if (failed instanceof InternalAuthenticationServiceException) {
             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM009.getCode(), request.getHeader("Accept-Language"));
         } else if (failed instanceof UsernameNotFoundException) {
             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM010.getCode(), request.getHeader("Accept-Language"));
         } else if (failed instanceof BadCredentialsException) {
-            ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, loginPWDFail_msg == null ? MessageType.MESSAGE_ERROR_CODE_SYSTEM011.getCode() : loginPWDFail_msg, request.getHeader("Accept-Language"));
-        } else if (failed instanceof LockedException) {
+            if(param[0] == null){
+                ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM011.getCode(), request.getHeader("Accept-Language"));
+            }else{
+                ResponseUtils.writeFiledForParameters(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, param, request.getHeader("Accept-Language"));
+            }
+       } else if (failed instanceof LockedException) {
             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM012.getCode(), request.getHeader("Accept-Language"));
         } else if (failed instanceof CredentialsExpiredException) {
             ResponseUtils.writeFiled(response, HttpServletResponse.SC_INTERNAL_SERVER_ERROR, MessageType.MESSAGE_ERROR_CODE_SYSTEM013.getCode(), request.getHeader("Accept-Language"));

mtp3-century/src/main/java/com/muchinfo/mtp3century/service/impl/SysUserDetailsServiceImpl.java

@@ -2,6 +2,8 @@ package com.muchinfo.mtp3century.service.impl;
 
 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
 import com.muchinfo.mtp3century.service.ISysUserDetailsService;
+import com.muchinfo.mtp3century.utils.RedisServiceUtil;
+import com.muchinfo.mtp3common.enumtype.RedisConstants;
 import com.muchinfo.mtp3interface.mapper.IRoleuserMapper;
 import com.muchinfo.mtp3interface.mapper.ISystemmanagerMapper;
 import com.muchinfo.mtp3pojos.entity.Roleuser;
@@ -15,6 +17,7 @@ import javax.annotation.Resource;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Objects;
+import java.util.concurrent.TimeUnit;
 
 @Service
 public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
@@ -22,6 +25,8 @@ public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
     private ISystemmanagerMapper iSystemmanagerMapper;
     @Resource
     private IRoleuserMapper iRoleuserMapper;
+    @Resource
+    private RedisServiceUtil redisServiceUtil;
 
     @Override
     public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {
@@ -29,7 +34,7 @@ public class SysUserDetailsServiceImpl implements ISysUserDetailsService {
         if (Objects.isNull(systemmanager)) {
             throw new UsernameNotFoundException("账号或密码错误！");
         }
-
+        redisServiceUtil.setCacheObject("user-login-fail", systemmanager.getLogincode(), RedisConstants.LOGIN_CODE_TIME, TimeUnit.SECONDS);
         List<Roleuser> roleuserList = iRoleuserMapper.selectList(new QueryWrapper<Roleuser>().eq("MANAGERID", systemmanager.getAutoid()));
         Long[] roleCodeArray = roleuserList.stream().map(Roleuser::getRoleid).toArray(Long[]::new);
 

mtp3-common/src/main/java/com/muchinfo/mtp3common/utils/SpringBeanUtils.java → mtp3-century/src/main/java/com/muchinfo/mtp3century/utils/SpringBeanUtils.java

@@ -1,14 +1,15 @@
 /**
  * 版权所有 2003~2018多元世纪
  */
-package com.muchinfo.mtp3common.utils;
+package com.muchinfo.mtp3century.utils;
 
 import org.springframework.beans.BeansException;
 import org.springframework.context.ApplicationContext;
 import org.springframework.context.ApplicationContextAware;
+import org.springframework.stereotype.Component;
 import org.springframework.stereotype.Service;
 
-@Service
+@Component
 public final class SpringBeanUtils implements ApplicationContextAware {
     private static ApplicationContext AC;
 

mtp3-century/src/main/resources/message_en.properties

@@ -23,6 +23,7 @@ message_code_system023=No trader fund account found
 message_code_system024=Review Rejected
 message_code_system025=Non trading account cannot be closed for review
 message_code_system026=The fund account has not been terminated and cannot be closed
+message_code_system027=There is still {0} chance of error left, Account or password mismatch reaches {1} times, Login account will be locked for {2} minute {3}
 
 message_error_code_system001=Token invalid, please log in again!
 message_error_code_system002=operation failed

mtp3-century/src/main/resources/message_th.properties

@@ -23,6 +23,7 @@ message_code_system023=ไม่พบบัญชีเงินของผู
 message_code_system024=การปฏิเสธการตรวจสอบ
 message_code_system025=บัญชีที่ไม่ใช่ตัวแทนจำหน่ายและไม่สามารถตรวจสอบได้โดยผู้ขาย
 message_code_system026=บัญชีเงินไม่ถูกยกเลิก ขายไม่ออก
+message_code_system027=เหลือโอกาสผิดพลาด {0} ครั้ง หมายเลขบัญชีหรือรหัสผ่านไม่ตรงกันถึง {1} ครั้ง หมายเลขบัญชีล็อกอินจะถูกล็อกไว้ {2} นาที {3}
 
 message_error_code_system001=โทเค็นล้มเหลวโปรดเข้าสู่ระบบอีกครั้ง!
 message_error_code_system002=การดำเนินการล้มเหลว!

mtp3-century/src/main/resources/message_zh-CN.properties

@@ -23,6 +23,7 @@ message_code_system023=没有找到交易商资金账户
 message_code_system024=审核拒绝
 message_code_system025=非交易商账户,不能销户审核
 message_code_system026=资金账户未解约,不能销户
+message_code_system027=还剩{0}次错误机会,账号或密码不匹配达到{1}次,登录账号将锁定{2}分钟{3}
 
 message_error_code_system001=令牌失效，请重新登录！
 message_error_code_system002=操作失败

mtp3-century/src/main/resources/message_zh-HK.properties

@@ -23,6 +23,7 @@ message_code_system023=沒有找到交易商資金帳戶
 message_code_system024=稽核拒絕
 message_code_system025=非交易商帳戶，不能銷戶稽核
 message_code_system026=資金帳戶未解約，不能銷戶
+message_code_system027=還剩{0}次錯誤機會，帳號或密碼不匹配達到{1}次，登入帳號將鎖定{2}分鐘{3}
 
 message_error_code_system001=權杖失效，請重新登入！
 message_error_code_system002=操作失敗

mtp3-century/src/main/resources/message_zh-TW.properties

@@ -23,6 +23,7 @@ message_code_system023=沒有找到交易商資金帳戶
 message_code_system024=稽核拒絕
 message_code_system025=非交易商帳戶，不能銷戶稽核
 message_code_system026=資金帳戶未解約，不能銷戶
+message_code_system027=還剩{0}次錯誤機會，帳號或密碼不匹配達到{1}次，登入帳號將鎖定{2}分鐘{3}
 
 message_error_code_system001=權杖失效，請重新登入！
 message_error_code_system002=操作失敗

mtp3-common/src/main/java/com/muchinfo/mtp3common/enumtype/MessageType.java

@@ -30,6 +30,7 @@ public enum MessageType {
     MESSAGE_CODE_SYSTEM024("message_code_system024", "审核拒绝"),
     MESSAGE_CODE_SYSTEM025("message_code_system025", "非交易商账户,不能销户审核"),
     MESSAGE_CODE_SYSTEM026("message_code_system026", "资金账户未解约,不能销户"),
+    MESSAGE_CODE_SYSTEM027("message_code_system027", "还剩{0}次错误机会,账号或密码不匹配达到{1}次,登录账号将锁定{2}分钟{3}"),
 
     MESSAGE_ERROR_CODE_SYSTEM001("message_error_code_system001", "令牌失效，请重新登录！"),
     MESSAGE_ERROR_CODE_SYSTEM002("message_error_code_system002", "操作失败"),

mtp3-common/src/main/java/com/muchinfo/mtp3common/utils/ResponseUtils.java

@@ -1,12 +1,14 @@
 package com.muchinfo.mtp3common.utils;
 
 
+import com.muchinfo.mtp3common.enumtype.MessageType;
 import com.muchinfo.mtp3common.vo.AjaxResult;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import javax.servlet.http.HttpServletResponse;
 import java.io.OutputStream;
+import java.util.Arrays;
 
 /**
  * 响应工具类
@@ -50,5 +52,20 @@ public class ResponseUtils {
             logger.error("响应出错：" + msgType, e);
         }
     }
+
+    public static void writeFiledForParameters(HttpServletResponse response, int status, String [] param, String languages) {
+        try {
+            response.setHeader("Access-Control-Allow-Origin", "*");
+            response.setHeader("Cache-Control", "no-cache");
+            response.setCharacterEncoding("UTF-8");
+            response.setContentType("application/json");
+            response.setStatus(status);
+            byte[] bytes = JsonUtils.toString(AjaxResult.error(status, MessageType.MESSAGE_CODE_SYSTEM027.getCode(),param, languages)).getBytes();
+            OutputStream out = response.getOutputStream();
+            out.write(bytes);
+        } catch (Exception e) {
+            logger.error("响应出错：" + Arrays.toString(param), e);
+        }
+    }
 }