Example 1 with RoleSet
use of io.github.ihongs.serv.auth.RoleSet in project HongsCORE by ihongs.
the class SignAction method signCreate.
/**
* 登录
* @param ah
* @throws HongsException
*/
@Action("create")
@Verify(conf = "master", form = "sign")
@CommitSuccess
public void signCreate(ActionHelper ah) throws HongsException {
String place = Synt.declare(ah.getParameter("place"), "centre");
String username = Synt.declare(ah.getParameter("username"), "");
String password = Synt.declare(ah.getParameter("password"), "");
String passcode;
DB db = DB.getInstance("master");
Table tb = db.getTable("user");
FetchCase fc;
Map ud;
String id;
String tt;
int at;
int rt;
// 检查账号
fc = new FetchCase().from(tb.tableName).filter("username = ?", username).select("password, passcode, id, name, head, state");
ud = db.fetchLess(fc);
if (ud.isEmpty()) {
ah.reply(AuthKit.getWrong("username", "core.username.invalid"));
return;
}
// 重试限制
CoreConfig cc = CoreConfig.getInstance("master");
id = (String) ud.get("id");
tt = Synt.declare(cc.getProperty("core.sign.retry.token"), "");
at = Synt.declare(cc.getProperty("core.sign.retry.times"), 5);
if (Synt.declare(Record.get("sign.retry.allow." + id), false)) {
tt = "id";
}
switch(tt) {
case "id":
break;
case "ip":
id = Core.CLIENT_ADDR.get();
break;
default:
id = id + "-" + Core.CLIENT_ADDR.get();
}
rt = Synt.declare(Record.get("sign.retry.times." + id), 0);
if (rt >= at) {
ah.reply(AuthKit.getWrong("password", "core.password.timeout"));
ah.getResponseData().put("allow_times", at);
ah.getResponseData().put("retry_times", rt);
return;
} else {
rt++;
}
// 校验密码
passcode = Synt.declare(ud.get("passcode"), "");
password = AuthKit.getCrypt(password + passcode);
if (!password.equals(ud.get("password"))) {
ah.reply(AuthKit.getWrong("password", "core.password.invalid"));
ah.getResponseData().put("allow_times", at);
ah.getResponseData().put("retry_times", rt);
// 记录错误次数
Calendar ca;
long et;
ca = Calendar.getInstance(Core.getTimezone());
ca.setTimeInMillis(Core.ACTION_TIME.get());
ca.set(Calendar.HOUR_OF_DAY, 23);
ca.set(Calendar.MINUTE, 59);
ca.set(Calendar.SECOND, 59);
et = ca.getTimeInMillis() / 1000 + 1;
Record.set("sign.retry.times." + id, rt, et);
return;
} else {
Record.del("sign.retry.times." + id);
}
String uuid = (String) ud.get("id");
String uname = (String) ud.get("name");
String uhead = (String) ud.get("head");
int state = Synt.declare(ud.get("state"), 0);
// 验证状态
if (0 >= state) {
ah.reply(AuthKit.getWrong("state", "core.sign.state.invalid"));
return;
}
// 规避自定 RoleSet 附加判断
ah.setSessibute(Cnst.UID_SES, null);
ah.setSessibute(Cnst.USK_SES, null);
ah.setSessibute(Cnst.UST_SES, null);
// 验证区域
Set rs = RoleSet.getInstance(uuid);
if (rs != null && !place.isEmpty() && !rs.contains(place)) {
ah.reply(AuthKit.getWrong("place", "core.sign.place.invalid"));
return;
}
// * 表示密码登录
Map sd = AuthKit.userSign(ah, "*", uuid, uname, uhead);
ah.reply(Synt.mapOf("info", sd));
}
Also used :
Table(io.github.ihongs.db.Table)
FetchCase(io.github.ihongs.db.util.FetchCase)
Set(java.util.Set)
RoleSet(io.github.ihongs.serv.auth.RoleSet)
CoreConfig(io.github.ihongs.CoreConfig)
Calendar(java.util.Calendar)
Map(java.util.Map)
DB(io.github.ihongs.db.DB)
Action(io.github.ihongs.action.anno.Action)
CommitSuccess(io.github.ihongs.action.anno.CommitSuccess)
Verify(io.github.ihongs.action.anno.Verify)
Aggregations
CoreConfig (io.github.ihongs.CoreConfig)1
Action (io.github.ihongs.action.anno.Action)1
CommitSuccess (io.github.ihongs.action.anno.CommitSuccess)1
Verify (io.github.ihongs.action.anno.Verify)1
DB (io.github.ihongs.db.DB)1
Table (io.github.ihongs.db.Table)1
FetchCase (io.github.ihongs.db.util.FetchCase)1
RoleSet (io.github.ihongs.serv.auth.RoleSet)1
Calendar (java.util.Calendar)1
Map (java.util.Map)1
Set (java.util.Set)1
