账号输错密码五次冻结

src/main/java/com/caimei365/user/mapper/LoginMapper.java

@@ -1,10 +1,14 @@
 package com.caimei365.user.mapper;
 
+import com.caimei365.user.model.vo.LoginFailRecordVo;
 import com.caimei365.user.model.vo.ServiceProviderVo;
 import com.caimei365.user.model.vo.UserLoginVo;
 import org.apache.ibatis.annotations.Mapper;
 import org.apache.ibatis.annotations.Param;
 
+import java.util.Date;
+import java.util.List;
+
 /**
  * Description
  *
@@ -119,4 +123,12 @@ public interface LoginMapper {
      * 会员机构类型：1医美，2生
      */
     Integer getClubTypeById(Integer userId);
+
+    void insertLoginFailRecord(@Param("time") Date time,@Param("userId")Integer userId);
+
+    List<LoginFailRecordVo> findLoginFailRecord(@Param("userId")Integer userId,@Param("time") Date time);
+
+    Integer findTimes(@Param("id")Integer id,@Param("time") Date time);
+
+    void updateLoginFailRecord(@Param("dbUserId")Integer dbUserId,@Param("time") Date time);
 }

src/main/java/com/caimei365/user/model/vo/LoginFailRecordVo.java

@@ -0,0 +1,15 @@
+package com.caimei365.user.model.vo;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import lombok.Data;
+
+import java.io.Serializable;
+import java.util.Date;
+
+@Data
+public class LoginFailRecordVo implements Serializable {
+    private Integer id;
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss", timezone = "GMT+8")
+    private Date loginTime;
+    private Integer userId;
+}

src/main/java/com/caimei365/user/service/impl/BaseServiceImpl.java

@@ -26,9 +26,7 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 import java.text.SimpleDateFormat;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.util.*;
 
 
 /**
@@ -393,6 +391,11 @@ public class BaseServiceImpl implements BaseService {
         // 设置密码
         String dbPassword = Md5Util.md5(passWord);
         baseMapper.updatePasswordByUserId(dbPassword, dbUserId);
+        //重新设置密码后将登录失败表中近30分钟记录置为删除
+        Calendar c = Calendar.getInstance();
+        c.setTime(new Date());
+        c.add(Calendar.MINUTE,-30);
+        loginMapper.updateLoginFailRecord(dbUserId,c.getTime());
         return ResponseJson.success("密码修改成功", "");
     }
 

src/main/java/com/caimei365/user/service/impl/LoginServiceImpl.java

@@ -16,6 +16,7 @@ import com.caimei365.user.model.dto.ScanBindDto;
 import com.caimei365.user.model.dto.SuperVipDto;
 import com.caimei365.user.model.po.OperationPo;
 import com.caimei365.user.model.po.SuperVipPo;
+import com.caimei365.user.model.vo.LoginFailRecordVo;
 import com.caimei365.user.model.vo.UserLoginVo;
 import com.caimei365.user.service.LoginService;
 import com.caimei365.user.utils.JwtUtil;
@@ -87,6 +88,15 @@ public class LoginServiceImpl implements LoginService {
         UserLoginVo baseUser = loginMapper.getLoginUserByMobileOrEmail(mobileOrEmail);
 
         if (baseUser != null) {
+            //如果30分钟内输入错误记录>=5,return该账号暂时被冻结，请（30-最前一次时间）分钟后重试或直接修改密码
+            Calendar c = Calendar.getInstance();
+            c.setTime(new Date());
+            c.add(Calendar.MINUTE, -30);
+            List<LoginFailRecordVo> fail = loginMapper.findLoginFailRecord(baseUser.getUserId(), c.getTime());
+            if (null != fail && fail.size() >= 5) {
+                Integer minutes = loginMapper.findTimes(fail.get(0).getId(),new Date());
+                return ResponseJson.error("该账号暂时被冻结，请" + (30 - minutes) + "分钟后重试或直接修改密码", null);
+            }
             // 如果前端传入unionId，则存入返回前端
             baseUser.setUnionId(unionId);
             // 比对密码
@@ -100,6 +110,12 @@ public class LoginServiceImpl implements LoginService {
                     // 返回登录校验结果
                     return logonVerify(baseUser);
                 }
+            } else {
+                // 增加一次错误输入密码记录，30分钟内连续五次冻结
+                loginMapper.insertLoginFailRecord(new Date(),baseUser.getUserId());
+                if (null != fail && 4 ==fail.size() ) {
+                    return ResponseJson.error("您已连续输错5次密码，账号被暂时冻结，请于30分钟后重试或直接修改密码",null);
+                }
             }
         }
 

src/main/resources/mapper/LoginMapper.xml

@@ -1,6 +1,10 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
 <mapper namespace="com.caimei365.user.mapper.LoginMapper">
+    <insert id="insertLoginFailRecord">
+        insert into cm_loginfail_record (logintime, userid)
+        values (#{time}, #{userId})
+    </insert>
     <select id="getLoginUserByUserId" resultType="com.caimei365.user.model.vo.UserLoginVo">
         select u.userID             as userId,
                u.clubID             as clubId,
@@ -182,6 +186,12 @@
         set loginTime = now()
         where userID = #{userId}
     </update>
+    <update id="updateLoginFailRecord">
+        UPDATE cm_loginfail_record
+        SET delFlag = 1
+        WHERE loginTime <![CDATA[ > ]]> #{time}
+          AND userId = #{dbUserId}
+    </update>
     <select id="getUserIdByOpenId" resultType="java.lang.Integer">
         select o.userID as userId
         from
@@ -254,8 +264,21 @@
         FROM user
     </select>
     <select id="getClubTypeById" resultType="java.lang.Integer">
-        SELECT firstClubType FROM club WHERE userID = #{userId}
+        SELECT firstClubType
+        FROM club
+        WHERE userID = #{userId}
+    </select>
+    <select id="findLoginFailRecord" resultType="com.caimei365.user.model.vo.LoginFailRecordVo">
+        select id, loginTime, userId
+        from cm_loginfail_record
+        where userId = #{userId}
+          and loginTime <![CDATA[ > ]]> #{time}
+          and delFlag = 0
+        order by loginTime asc
+    </select>
+    <select id="findTimes" resultType="java.lang.Integer">
+        SELECT TIMESTAMPDIFF(MINUTE, loginTime, #{time}) AS times
+        FROM cm_loginfail_record
+        WHERE id = #{id}
     </select>
-
-
 </mapper>