From dd29fcb8eff0fe9d442b98bd47738c79f3db136a Mon Sep 17 00:00:00 2001
From: 李宇 <986321569@qq.com>
Date: Thu, 25 Feb 2021 09:56:37 +0800
Subject: [PATCH] 修改密码次数和时间

---
 src/main/java/com/nanometer/smartlab/controller/LoginController.java |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/nanometer/smartlab/controller/LoginController.java b/src/main/java/com/nanometer/smartlab/controller/LoginController.java
index 0882071..b5a72da 100644
--- a/src/main/java/com/nanometer/smartlab/controller/LoginController.java
+++ b/src/main/java/com/nanometer/smartlab/controller/LoginController.java
@@ -6,6 +6,7 @@
 import com.nanometer.smartlab.util.FacesUtils;
 import org.apache.log4j.Logger;
 import org.apache.shiro.authc.DisabledAccountException;
+import org.apache.shiro.authc.ExcessiveAttemptsException;
 import org.apache.shiro.authc.UnknownAccountException;
 import org.apache.shiro.authc.UsernamePasswordToken;
 import org.apache.shiro.subject.Subject;
@@ -42,6 +43,9 @@
         } catch (UnknownAccountException e) {
             FacesUtils.warn("用户名不存在");
             return null;
+        }  catch (ExcessiveAttemptsException e) {
+            FacesUtils.warn("登陆失败,密码连续输入错误超过8次,锁定1分钟！");
+            return null;
         } catch (Exception e) {
             logger.error("登陆失败", e);
         }
@@ -50,9 +54,11 @@
             SysUser user = this.sysUserService.getSysUserByAccount(loginAcct);
             currentUser.getSession(true).setAttribute(Constants.SESSION_USER, user);
 
-            String PW_PATTERN = "^(?![A-Za-z0-9]+$)(?![a-z0-9\\W]+$)(?![A-Za-z\\W]+$)(?![A-Z0-9\\W]+$)[a-zA-Z0-9\\W]{8,}$";
+            String PW_PATTERN = "(?=.*[A-Z])(?=.*[a-z])(?=.*[0-9])(?=.*[~!@#$%^&*_.]).{8,}";
             if (!loginPwd.matches(PW_PATTERN)) {
                 ischange = 1;
+            }else {
+                ischange = 0;
             }
 
             this.menuController.initPage();

--
Gitblit v1.9.2