java一分钟三次登录错误信息限制
一、功能
java一分钟三次登录错误信息限制
二、伪代码
检测登录名是否是在库用户:
false:提示错误信息无用户
true:检查是否加入过错误登陆列表
false:新建一个,id1=当前时间戳,id2=0,id3=0,loginname=loginname
true:检测loginname为loginname的用户的id2
false:为0,更新此条数据库信息,id2=当前时间戳
true:不为0,检测loginname为loginname的用户的id3
false:为0,更新此条数据库信息,id3=当前时间戳
true:不为0,判断id3-id2=1>60
true:禁用该用户
false:判断d3-d2>60
true:d1=d3,d2=0,d3=0
false:d1=d2,d2=d3,d3=0
没看错就是六层if-else嵌套(尬笑哈哈哈,等我学会了cookie我再回来更新)
三、数据库
四、代码
Controller
@RequestMapping(value = "managers_check_login") public String managers_check_login(String loginname, String password, HttpServletRequest request) throws SocketException, UnknownHostException, ParseException { String msg = ""; SysManagers s = new SysManagers(); s.setLoginname(loginname.trim()); s.setPassword(ShaEncrypt.shaEncode(password)); if(managers_service.find_check_loginname(loginname).isEmpty()){ msg="error"; }else { request.setAttribute("na",loginname); List<SysManagers> check_login = managers_service.select_check_login(s); if(check_login.isEmpty()){ //切入代码片段 LoginInfoSave(loginname,"1"); //先查出错历史里有没有,有就继续增加一个,没有就创建一个 List<SysManagersWrongLoginHistory> wronghis_list=wronghis_service.find_wrong_by_loginname(loginname); //非法用户 msg = "error"; if(wronghis_list.isEmpty()) { //新建一个 SysManagersWrongLoginHistory wronghis = new SysManagersWrongLoginHistory(); wronghis.setId(CreateUUID.getuuid()); wronghis.setD1(System.currentTimeMillis()); wronghis.setLoginname(loginname); wronghis_service.save_new_wrong_by_loginname(wronghis); //非法用户 msg = "error"; }else { if(wronghis_list.get(0).getD2()==0&&wronghis_list.get(0).getD3()==0){ SysManagersWrongLoginHistory wronghis = new SysManagersWrongLoginHistory(); wronghis.setId(CreateUUID.getuuid()); wronghis.setD1(0); wronghis.setD2(System.currentTimeMillis()); wronghis.setD3(0); wronghis.setLoginname(loginname); wronghis_service.update_new_wrong_by_loginname(wronghis); //非法用户 msg = "error"; } else{ if(wronghis_list.get(0).getD3()==0){ SysManagersWrongLoginHistory wronghis = new SysManagersWrongLoginHistory(); wronghis.setId(CreateUUID.getuuid()); wronghis.setD1(0); wronghis.setD3(System.currentTimeMillis()); wronghis.setD2(0); wronghis.setLoginname(loginname); wronghis_service.update_new_wrong_by_loginname(wronghis); List<SysManagersWrongLoginHistory> wronghis_list_inner=wronghis_service.find_wrong_by_loginname(loginname); long a = wronghis_list_inner.get(0).getD1(); long b = wronghis_list_inner.get(0).getD2(); long c = wronghis_list_inner.get(0).getD3(); long d13 = c - a ; long d23 = c - b ; System.out.println("31之间的秒数差为:"+d13/1000); System.out.println("1:"+a); System.out.println("3:"+c); if(d13/1000>60){ if(d23/1000>60){ SysManagersWrongLoginHistory wronghis_change = new SysManagersWrongLoginHistory(); wronghis_change.setD1(c); wronghis_change.setD2(0); wronghis_change.setD3(0); wronghis_change.setLoginname(loginname); wronghis_service.change_new_wrong_by_loginname(wronghis_change); System.out.println("1删去"); }else{ SysManagersWrongLoginHistory wronghis_change = new SysManagersWrongLoginHistory(); wronghis_change.setD1(b); wronghis_change.setD2(c); wronghis_change.setD3(0); wronghis_change.setLoginname(loginname); wronghis_service.change_new_wrong_by_loginname(wronghis_change); System.out.println("12删去"); } } //非法用户 msg = "error"; }else { msg="账户被锁定,请联系管理员"; } } } }else{ //正常用户 String logname = ""; for(SysManagers m:check_login){ logname = m.getLoginname(); } List<SysDic> dic_list = dic_service.selectAll(); for(SysDic d:dic_list){ request.getSession().setAttribute(d.getDickeys(),d.getDicdes()); } request.getSession().setAttribute("loginname",logname); request.getSession().setMaxInactiveInterval(18200); //切入代码片段 LoginInfoSave(loginname,"0"); msg = "success"; } } request.setAttribute("msg",msg); return "index/login"; }
@RequestMapping(value = "lock_users")
public String lock_users(String loginname) {
List<SysManagers> list=managers_service.find_check_loginname(loginname);
String id=list.get(0).getId();
SysManagers s=new SysManagers();
s.setId(id);
s.setFlag("1");
managers_service.update_flag(s);
return "index/login";
}
JSP:
<script type="text/javascript"> function check_msg(){ var msg = '${msg}'; if(msg=='error'){ alert("系统提示:您的账号或者密码不正确,导致登录失败!一分钟内同一个账号密码填错三次,账号会被冻结!"); } if(msg=="success"){ window.location.href = "index"; } if (msg=="账户被锁定,请联系管理员"){ alert("账户被锁定,请联系管理员"); window.location.href = "lock_users?loginname=${na}"; } } </script>
五、展示
