场景:用户连续登录错误次数达到5次后,账号被锁定。需要等待5分钟才能登录
建表sql
-- Create table create table W_LOGIN_RECORD ( id NUMBER(15) not null, username VARCHAR2(40), lock_flag VARCHAR2(10), failure_num VARCHAR2(10), login_date DATE, userloginip VARCHAR2(50) ) -- Add comments to the columns comment on column W_LOGIN_RECORD.id is '主键id'; comment on column W_LOGIN_RECORD.username is '登录用户名'; comment on column W_LOGIN_RECORD.lock_flag is '锁定标志,1代表锁定状态 0未锁定状态'; comment on column W_LOGIN_RECORD.failure_num is '登录错误,次数'; comment on column W_LOGIN_RECORD.login_date is '登录时间,默认为当前时间'; comment on column W_LOGIN_RECORD.userloginip is '用户登录ip';
javaBean
package com.loginRecord.model.loginRecord; /** * 对象功能:W_LOGIN_RECORD Model对象 */ public class LoginRecord { // 主键 protected Long id; /** * USERNAME */ protected String username; /** * 锁定标志,1代表锁定状态 0未锁定状态 */ protected String lock_flag; /** * FAILURE_NUM */ protected String failure_num; /** * 登录时间,默认为当前时间 */ protected java.util.Date login_date; /** * userLoginIp */ protected String userLoginIp; public String getUserLoginIp() { return userLoginIp; } public void setUserLoginIp(String userLoginIp) { this.userLoginIp = userLoginIp; } public Long getId() { return id; } public void setId(Long id) { this.id = id; } public void setUsername(String username) { this.username = username; } /** * 返回 USERNAME * * @return */ public String getUsername() { return this.username; } public void setLock_flag(String lock_flag) { this.lock_flag = lock_flag; } /** * 返回 锁定标志,1代表锁定状态 0未锁定状态 * * @return */ public String getLock_flag() { return this.lock_flag; } public void setFailure_num(String failure_num) { this.failure_num = failure_num; } /** * 返回 FAILURE_NUM * * @return */ public String getFailure_num() { return this.failure_num; } public void setLogin_date(java.util.Date login_date) { this.login_date = login_date; } /** * 返回 登录时间,默认为当前时间 * * @return */ public java.util.Date getLogin_date() { return this.login_date; } @Override public int hashCode() { final int prime = 31; int result = 1; result = prime * result + ((failure_num == null) ? 0 : failure_num.hashCode()); result = prime * result + ((id == null) ? 0 : id.hashCode()); result = prime * result + ((lock_flag == null) ? 0 : lock_flag.hashCode()); result = prime * result + ((login_date == null) ? 0 : login_date.hashCode()); result = prime * result + ((userLoginIp == null) ? 0 : userLoginIp.hashCode()); result = prime * result + ((username == null) ? 0 : username.hashCode()); return result; } @Override public boolean equals(Object obj) { if (this == obj) return true; if (obj == null) return false; if (getClass() != obj.getClass()) return false; LoginRecord other = (LoginRecord) obj; if (failure_num == null) { if (other.failure_num != null) return false; } else if (!failure_num.equals(other.failure_num)) return false; if (id == null) { if (other.id != null) return false; } else if (!id.equals(other.id)) return false; if (lock_flag == null) { if (other.lock_flag != null) return false; } else if (!lock_flag.equals(other.lock_flag)) return false; if (login_date == null) { if (other.login_date != null) return false; } else if (!login_date.equals(other.login_date)) return false; if (userLoginIp == null) { if (other.userLoginIp != null) return false; } else if (!userLoginIp.equals(other.userLoginIp)) return false; if (username == null) { if (other.username != null) return false; } else if (!username.equals(other.username)) return false; return true; } @Override public String toString() { return "LoginRecord [id=" + id + ", username=" + username + ", lock_flag=" + lock_flag + ", failure_num=" + failure_num + ", login_date=" + login_date + ", userLoginIp=" + userLoginIp + "]"; } }
dao层
dao层
package com.xxx.loginRecord.dao.loginRecord; import java.util.List; import org.eclipse.jdt.core.dom.ThisExpression; import org.springframework.stereotype.Repository; import com.hotent.core.db.BaseDao; import com.xxx.loginRecord.model.loginRecord.LoginRecord; import com.hotent.core.db.BaseDao; @Repository public class LoginRecordDao extends BaseDao<LoginRecord> { @Override public Class<?> getEntityClass() { return LoginRecord.class; } public List<LoginRecord> getByUserName(String name) { return this.getBySqlKey("getByUserName", name); } public void unLock(LoginRecord e) { this.update("unLock", e); } }
controller主要方法
@RequestMapping({ "list" })
@Action(description = "查看W_LOGIN_RECORD分页列表")
public ModelAndView list(HttpServletRequest request, HttpServletResponse response) throws Exception {
List<LoginRecord> list = this.wLoginRecordService.getAll(new QueryFilter(request, "wLoginRecordItem"));
String isAdmin = "unOk";
SysUser su = ContextUtil.getCurrentUser();
if ((su != null) && (su.getUserId().longValue() == 1L)) {
isAdmin = "ok";
}
ModelAndView mv = getAutoView().addObject("wLoginRecordList", list).addObject("isAdmin", isAdmin);
return mv;
}
@RequestMapping({ "unLock" })
@ResponseBody
public String unLock(HttpServletRequest request, HttpServletResponse response) throws Exception {
String flag = "unOk";
String idString = RequestUtil.getString(request, "id");
LoginRecord e = new LoginRecord();
if (idString != null) {
e.setId(Long.valueOf(Long.parseLong(idString)));
this.wLoginRecordService.unLock(e);
flag = "ok";
}
return flag;
}
mybaties --> sql
<update id="unLock" parameterType="com.xxx.loginRecord.model.loginRecord.LoginRecord"> UPDATE w_login_record SET LOCK_FLAG='0', FAILURE_NUM='0' WHERE ID=#{id} </update> <select id="getByUserName" parameterType="String" resultMap="LoginRecord"> SELECT <include refid="columns"/> FROM w_login_record WHERE USERNAME=#{name} order by login_date desc </select>
service层主要代码
public List<LoginRecord> getByUserName(String name){ return dao.getByUserName(name); } public void unLock(LoginRecord e){ dao.unLock(e); } /** *判断当前时间与给定时间差是否大于5分钟 * @param date * @return 大于5分钟返回true * @throws Exception */ public boolean isMaxFiveMin(Date date) { Date now=new Date(); if(now.getTime()-date.getTime()>=5*60*1000){ return true; } else{ return false; } } /** * * @param date1,date2 * @return 返回时间差, * @throws Exception */ public String handleDate(Date date){ Date now=new Date(); long x = now.getTime()-date.getTime(); x=x/1000; x=60*5-x; DecimalFormat df1 = new DecimalFormat("0"); return df1.format(Math.floor(x/60))+"分"+(x%60)+"秒"; } /** *判断当前时间与给定时间差是否大于一天 * @param date * @return 大于一天返回true * @throws Exception */ public boolean localdateLtDate2(String date) throws Exception{ SimpleDateFormat sdf=new SimpleDateFormat("yyyyMMdd HH:mm:ss"); Date date1=sdf.parse(date); Date now=new Date(); if(now.getTime()-date1.getTime()>24*60*60*1000){ return true; } else{ return false; } }
关键逻辑判断代码(loginController中)
// 是否被锁定 实体类 LoginRecord lr = this.getLoginRecordByUserName(username); boolean locked = this.isLocked(lr); //如果被锁定 if (locked) { msg = "账号被锁定请在" + loginRecordService.handleDate(lr.getLogin_date()) + "后登录"; Date now = new Date(); long x = now.getTime() - lr.getLogin_date().getTime(); x = x / 1000; x = 5 * 60 - x; request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, x); error = true; throw new AccessDeniedException(msg); } int num = Integer.parseInt(lr.getFailure_num()); // 账号未被锁定,继续往下执行 //其他登录错误处理(只提醒下面中文部分即可) msg ="输入错误!还剩" + (5 - num - 1) + "次输入机会!"; // 添加错误次数 lr.setFailure_num((Integer.parseInt(lr.getFailure_num() == null ? "0" : lr.getFailure_num()) + 1) + ""); //如果超过5次,状态改为1锁定 if (Integer.parseInt(lr.getFailure_num() == null ? "0" : lr.getFailure_num()) >= 5) { lr.setLock_flag("1"); } loginRecordService.update(lr); return ; if (num <= 3 && num >= 0) { // 添加错误次数 lr.setFailure_num((Integer.parseInt(lr.getFailure_num() == null ? "0" : lr.getFailure_num()) + 1) + ""); msg = "输入错误!还剩" + (5 - num - 1) + "次输入机会"; loginRecordService.update(lr); request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, msg); } else if (num == 4) { // 添加错误次数 lr.setFailure_num((Integer.parseInt(lr.getFailure_num() == null ? "0" : lr.getFailure_num()) + 1) + ""); lr.setLock_flag("1"); // 登录时间 设置为第五次,输入错误的时间 lr.setLogin_date(new Date()); loginRecordService.update(lr); msg = "账号被锁定请在" + loginRecordService.handleDate(lr.getLogin_date()) + "后登录"; long x = 0l; x = x / 1000; x = 5 * 60 - x; request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, x); error = true; } else { lr.setLock_flag("1"); msg = "账号被锁定请在" + loginRecordService.handleDate(lr.getLogin_date()) + "后登录"; Date now = new Date(); long x = now.getTime() - lr.getLogin_date().getTime(); x = x / 1000; x = 5 * 60 - x; request.getSession().setAttribute(WebAttributes.AUTHENTICATION_EXCEPTION, x); } loginRecordService.update(lr); // 成功登陆后,错误次数重置为0 if (lr != null && !error) { lr.setFailure_num("0"); lr.setLogin_date(new Date()); loginRecordService.update(lr); }