异常处理优化

7 years ago · 6a521dee37
parent e1233e9361
commit 6a521dee37
4 changed files with 64 additions and 65 deletions
--- a/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
+++ b/modules/i3plus-core-api/src/main/java/cn/estsh/i3plus/core/api/iservice/base/ISystemLoginService.java
@ -4,9 +4,6 @@ import cn.estsh.i3plus.pojo.base.shirotoken.AdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.SaAdminToken;
 import cn.estsh.i3plus.pojo.base.shirotoken.UserToken;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
-import cn.estsh.i3plus.pojo.platform.bean.SysUser;
-
-import java.util.List;

 /**
 * @Description : 用户登陆方法，平台统一登陆
@ -27,5 +24,5 @@ public interface ISystemLoginService {

    SessionUser queryCheckSaAdminLogin(SaAdminToken authenticationToken);

-    Integer doLoginPasswordError(SysUser user);
+    void doLoginPasswordError(String loginName);
 }
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/AuthController.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/controller/base/AuthController.java
@ -5,20 +5,22 @@ import cn.estsh.i3plus.core.api.iservice.busi.ICoreTreeService;
 import cn.estsh.i3plus.core.api.iservice.busi.ISysUserService;
 import cn.estsh.i3plus.core.apiservice.controller.DemoAuthController;
 import cn.estsh.i3plus.core.apiservice.serviceimpl.busi.SysLocaleLanguageService;
+import cn.estsh.i3plus.platform.common.util.CommonConstWords;
+import cn.estsh.i3plus.pojo.base.enumutil.CommonEnumUtil;
 import cn.estsh.i3plus.pojo.base.enumutil.ResourceEnumUtil;
 import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.i3plus.pojo.platform.bean.SysLocaleLanguage;
 import cn.estsh.i3plus.pojo.platform.bean.SysMenu;
-import cn.estsh.impp.framework.base.controller.BaseController;
 import cn.estsh.impp.framework.base.controller.CoreBaseController;
 import cn.estsh.impp.framework.boot.auth.AuthUtil;
 import cn.estsh.impp.framework.boot.exception.ImppBusiException;
+import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionEnum;
 import cn.estsh.impp.framework.boot.util.ResultBean;
 import cn.estsh.impp.framework.boot.util.ValidatorBean;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
-import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -58,6 +60,7 @@ public class AuthController extends CoreBaseController {
    @ApiOperation(value="登陆",notes="登陆")
    public ResultBean login(HttpServletRequest request, String loginName, String loginPwd, String languageCode){
        LOGGER.info("用户登陆 loginName:{} loginPwd:{} languageCode:{}",loginName,loginPwd,languageCode);
+        ResultBean result = null;
        try {
            ValidatorBean.checkNotNull(loginName,"用户名不能为空");
            ValidatorBean.checkNotNull(loginPwd,"密码不能为空");
@ -65,27 +68,38 @@ public class AuthController extends CoreBaseController {

            SessionUser user = userService.queryUserLogin(loginName,loginPwd,languageCode);

+            String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getUser().getId();
+            redisCore.deleteKey(redisKey);
+
            LOGGER.info("会员登陆：{}",user);
            AuthUtil.setSessionObject("languageCode",languageCode);
-            ResultBean result = new ResultBean(true, "", AuthUtil.getSessionUser());
+            result = new ResultBean(true, "", AuthUtil.getSessionUser());
            result.setUrl("/");
-            return result;
+        } catch (IncorrectCredentialsException e) {
+            // 密码错误
+            systemLoginService.doLoginPasswordError(loginName);
+            result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_PASSWORD);
+            result.setErrorMsg("密码输入错误。如果输错次数超过" + CommonConstWords.USER_LOGIN_ERROR_MAX_NUM + "次，用户将被锁定。");
+        } catch (CredentialsException e) {
+            // 用户名或密码错误
+            result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_NAME);
+        } catch (LockedAccountException e) {
+            // 账号已锁定
+            result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_LOCKING);
+        } catch (UnknownAccountException e) {
+            // 用户信息不存在
+            result = ResultBean.fail(ImppExceptionEnum.LOGIN_EXCEPTION_USER_INFO_NULL);
        } catch (AuthenticationException e) {
-            ResultBean result = ResultBean.fail();
-            Throwable cause = e.getCause();
-            if(cause instanceof ImppBusiException ){
-                ImppBusiException exception = (ImppBusiException) cause;
-                result.setErrorMsg(exception.getMessage() + exception.getErrorSolution());
-            }else {
+            // 系统异常
            result = ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode());
            result.setErrorMsg(e.getMessage());
-            }
-            return result;
        } catch (ImppBusiException e) {
-            return ResultBean.fail(e);
+            result = ResultBean.fail(e);
        } catch (Exception e) {
-            return ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode());
+            result = ResultBean.fail(e.getMessage()).setCode(ImppExceptionEnum.SYSTEM_EXCEPTION.getCode())
+                        .setErrorMsg(ImppExceptionEnum.SYSTEM_EXCEPTION.getDescription());
        }
+        return result;
    }

    /**
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/base/SystemLoginService.java
@ -11,11 +11,15 @@ import cn.estsh.i3plus.pojo.platform.bean.SessionUser;
 import cn.estsh.i3plus.pojo.platform.bean.SysUser;
 import cn.estsh.i3plus.pojo.platform.repository.SysUserRepository;
 import cn.estsh.impp.framework.boot.auth.AuthUtil;
+import cn.estsh.impp.framework.boot.exception.ImppBusiException;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionEnum;
 import cn.estsh.impp.framework.boot.util.ImppRedis;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.CredentialsException;
+import org.apache.shiro.authc.IncorrectCredentialsException;
+import org.apache.shiro.authc.LockedAccountException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -24,6 +28,8 @@ import org.springframework.transaction.annotation.Propagation;
 import org.springframework.transaction.annotation.Transactional;

 import javax.annotation.Resource;
+z
+import static org.springframework.transaction.annotation.Propagation.NOT_SUPPORTED;

 /**
 * @Description : 用户登陆方法
@ -92,23 +98,21 @@ public class SystemLoginService implements ISystemLoginService {
    }

    @Override
-//    @Transactional(propagation = Propagation.NOT_SUPPORTED)
-    public Integer doLoginPasswordError(SysUser user) {
+    public void doLoginPasswordError(String loginName) {
+        SysUser user = sysUserRDao.getByProperty("userLoginName",loginName);
+        if(user != null){
            String redisKey = CommonConstWords.USER_LOGIN_ERROR + "_" + user.getId();
-//        Object redisValue = redisCore.getObject(redisKey);
-        Object redisValue = AuthUtil.getSessionAttribute(redisKey);
+            Object redisValue = redisCore.getObject(redisKey);
            Integer num = redisValue == null ? 1 : Integer.parseInt(redisValue.toString()) + 1;

-
            if(num >= CommonConstWords.USER_LOGIN_ERROR_MAX_NUM){
-//            user.setUserStatus(CommonEnumUtil.USER_STATUS.LOCKING.getValue());
-            redisCore.putObject(redisKey,num,0); // 账号锁定后移除锁
+                user.setUserStatus(CommonEnumUtil.USER_STATUS.LOCKING.getValue());
+                redisCore.deleteKey(redisKey);
                sysUserRDao.update(user);
-        }
-
+            }else{
                redisCore.putObject(redisKey,num,24 * 60 * 60);
-        AuthUtil.setSessionObject(redisKey,num);
-        return num;
+            }
+        }
    }

    /**
@ -120,29 +124,21 @@ public class SystemLoginService implements ISystemLoginService {
    public SysUser getUserLoginInfo(String loginName,String pwd) {
        SysUser user = sysUserRDao.getByProperty("userLoginName",loginName);
        if(user == null){    //用户不存在
-            throw new AuthenticationException("用户不存在");
+            throw new CredentialsException("用户不存在");
        }else {
            if(user.getUserStatus() != CommonEnumUtil.USER_STATUS.ENABLE.getValue()){
-                throw ImppExceptionBuilder.newInstance()
-                        .setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
-                        .setErrorCode(ImppExceptionEnum.LOGIN_USER_NAME_EXCEPTION.getCode())
-                        .setErrorDetail("账号状态:"+CommonEnumUtil.USER_STATUS.valueOf(user.getUserStatus()))
-                        .setErrorSolution("请联系管理员")
-                        .build();
+                throw new LockedAccountException("账号已被锁定");
            }
            try {
                // 密码加密
                pwd = EncryptTool.hexMD5(pwd);
            } catch (Exception e) {
                LOGGER.error("登录密码加密出错。");
-                throw new AuthenticationException("登陆密码错误");
-//                doLoginPasswordError( user);
-//                throw new AuthenticationException("密码输入错误。如果输错次数超过"+CommonConstWords.USER_LOGIN_ERROR_MAX_NUM+"次，用户将被锁定。");
+                throw new IncorrectCredentialsException("登陆密码错误");
            }
            if (!StringUtils.equals(user.getUserLoginPassword(), pwd)) {    //密码不符
-                throw new AuthenticationException("登陆密码错误");
-//                doLoginPasswordError( user);
-//                throw new AuthenticationException("密码输入错误。如果输错次数超过"+CommonConstWords.USER_LOGIN_ERROR_MAX_NUM+"次，用户将被锁定。");
+                LOGGER.error("密码验证错误。");
+                throw new IncorrectCredentialsException("登陆密码错误");
            }

            return user;
--- a/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java
+++ b/modules/i3plus-core-apiservice/src/main/java/cn/estsh/i3plus/core/apiservice/serviceimpl/busi/SysUserService.java
@ -19,6 +19,8 @@ import cn.estsh.impp.framework.boot.exception.ImppExceptionBuilder;
 import cn.estsh.impp.framework.boot.exception.ImppExceptionEnum;
 import io.swagger.annotations.ApiOperation;
 import org.apache.shiro.authc.AuthenticationException;
+import org.apache.shiro.authc.CredentialsException;
+import org.apache.shiro.authc.UnknownAccountException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@ -82,12 +84,7 @@ public class SysUserService implements ISysUserService {
        SysUser user = this.getSysUserByLoginName(loginName);

        if(user == null){
-            throw ImppExceptionBuilder.newInstance()
-                    .setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
-                    .setErrorCode(ImppExceptionEnum.LOGIN_USER_NAME_EXCEPTION.getCode())
-                    .setErrorDetail("用户名不存在")
-                    .setErrorSolution("请重新输入用户名")
-                    .build();
+            throw new CredentialsException("用户不存在");
        }


@ -144,7 +141,7 @@ public class SysUserService implements ISysUserService {
            }else {
                throw ImppExceptionBuilder.newInstance()
                        .setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
-                        .setErrorCode(ImppExceptionEnum.LOGIN_USER_NAME_PASSWORD_UPDATE_EXCEPTION.getCode())
+                        .setErrorCode(ImppExceptionEnum.LOGIN_EXCEPTION_USER_LOCKING.getCode())
                        .setErrorDetail("旧密码错误")
                        .setErrorSolution("请重新输入")
                        .build();
@ -425,12 +422,7 @@ public class SysUserService implements ISysUserService {
        SysUserInfo userInfo = sysUserInfoRDao.getById(user.getUserInfoId());

        if(userInfo == null){
-            throw ImppExceptionBuilder.newInstance()
-                    .setSystemID(CommonEnumUtil.SOFT_TYPE.CORE.getCode())
-                    .setErrorCode(ImppExceptionEnum.VARIFY_EXCEPTION_DATA_NOT_EXIT.getCode())
-                    .setErrorDetail("用户信息不存在")
-                    .setErrorSolution("请联系管理员")
-                    .build();
+            throw new UnknownAccountException("用户信息不存在");
        }

        packSysUserRole(sessionUser,user);      //封装用户角色信息