igor/org.ccalm.jwt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

+функция

Browse Source
This commit is contained in:
igor
2024-12-19 07:59:13 +06:00
parent db513f8f17
commit 0623ce539a
1 changed files with 73 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
src/main/java/org/ccalm/jwt/MainController.java
View File

@ -730,7 +730,12 @@ public class MainController implements ServletContextAware {
} }
//I check that there are no more than 5 failed authorization errors in 5 minutes //I check that there are no more than 5 failed authorization errors in 5 minutes
String sql = ""; Map<String, Integer> bResult = userIsBlocked(trt, loginModel.getLogin(), ipAddress);
int attempt_count = bResult.get("attempt_count");
int attempt_limit = bResult.get("attempt_limit");
//attempt_duration=0;
/*String sql = "";
int attempt_count=0, attempt_limit=0, attempt_duration=0; int attempt_count=0, attempt_limit=0, attempt_duration=0;
MapSqlParameterSource parameters = null; MapSqlParameterSource parameters = null;
List<String> ret = null; List<String> ret = null;
@ -760,7 +765,12 @@ public class MainController implements ServletContextAware {
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error("Функция main.user_is_blocked не вернула результата!", uuid, ex); logger.error("Функция main.user_is_blocked не вернула результата!", uuid, ex);
throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid); throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid);
} }*/
MapSqlParameterSource parameters = null;
String sql = "";
List<String> ret = null;
//I'm trying to log in //I'm trying to log in
json = null; json = null;
@ -969,6 +979,44 @@ public class MainController implements ServletContextAware {
return json.toString(); return json.toString();
} }
Map<String, Integer> userIsBlocked(Translation trt, String login,String ip) throws CustomException {
int attempt_count=0, attempt_limit=0;//, attempt_duration=0;
MapSqlParameterSource parameters = null;
List<java.lang.String> ret = null;
try {
java.lang.String sql = "select * from main.user_is_blocked(:login,:ip)";
parameters = new MapSqlParameterSource();
parameters.addValue("login", login);
parameters.addValue("ip", ip);
ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
for (int i = 0; i < ret.size(); i++) {
JSONObject json = new JSONObject(ret.get(i));
if (!json.has("result") || json.getBoolean("result")) {
if(json.getInt("count")==0)
{
throw new CustomException(10000, trt.trt("The_user_account_is_blocked"),null);
}else{
throw new CustomException(10000, java.lang.String.format(trt.trt("The_limit_of_authorization_attempts_has_been_exceeded_please_wait_s_minutes"), json.getInt("limit_duration")),null);
}
}
if(json.has("count") && json.has("limit_count") && json.has("limit_duration")) {
attempt_count = json.getInt("count");
attempt_limit = json.getInt("limit_count");
//attempt_duration = json.getInt("limit_duration");
}
}
}catch (DataAccessException ex){
java.lang.String uuid = UUID.randomUUID().toString();
logger.error("Error executing SQL query", uuid, ex);
throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid);
}
Map<String, Integer> result = new HashMap<>();
result.put("attempt_count", attempt_count);
result.put("attempt_limit", attempt_limit);
return result;
}
//Функция для генерации нового TOTP ключа (немного похожа на логин, но не логин). //Функция для генерации нового TOTP ключа (немного похожа на логин, но не логин).
//Если это первое получение TOTP, то старый TOTP не нужен если последующее, то нужен! //Если это первое получение TOTP, то старый TOTP не нужен если последующее, то нужен!
@RequestMapping(value = "/newtotp",method = {RequestMethod.POST},produces = "application/json;charset=utf-8") @RequestMapping(value = "/newtotp",method = {RequestMethod.POST},produces = "application/json;charset=utf-8")
@ -996,7 +1044,12 @@ public class MainController implements ServletContextAware {
} }
//I check that there are no more than 5 failed authorization errors in 5 minutes //I check that there are no more than 5 failed authorization errors in 5 minutes
String sql = ""; Map<String, Integer> bResult = userIsBlocked(trt, loginModel.getLogin(), ipAddress);
int attempt_count = bResult.get("attempt_count");
int attempt_limit = bResult.get("attempt_limit");
//attempt_duration=0;
/*String sql = "";
int attempt_count=0, attempt_limit=0, attempt_duration=0; int attempt_count=0, attempt_limit=0, attempt_duration=0;
MapSqlParameterSource parameters = null; MapSqlParameterSource parameters = null;
List<String> ret = null; List<String> ret = null;
@ -1024,10 +1077,13 @@ public class MainController implements ServletContextAware {
} }
}catch (DataAccessException ex){ }catch (DataAccessException ex){
String uuid = UUID.randomUUID().toString(); String uuid = UUID.randomUUID().toString();
logger.error("Функция main.user_is_blocked не вернула результата!", uuid, ex); logger.error("Error executing SQL query", uuid, ex);
throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid); throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),uuid);
} }*/
String sql = "";
MapSqlParameterSource parameters = null;
List<String> ret = null;
//I'm trying to log in //I'm trying to log in
json = null; json = null;
try { try {
@ -1415,8 +1471,14 @@ public class MainController implements ServletContextAware {
if (ipAddress == null) { if (ipAddress == null) {
ipAddress = request.getRemoteAddr(); ipAddress = request.getRemoteAddr();
} }
Map<String, Integer> bResult = userIsBlocked(trt, update.getLogin(), ipAddress);
int attempt_count = bResult.get("attempt_count");
int attempt_limit = bResult.get("attempt_limit");
//attempt_duration=0;
//String sql = "select main.user_is_blocked(:login,:ip) as block"; //String sql = "select main.user_is_blocked(:login,:ip) as block";
String sql = "select * from main.user_is_blocked(:login,:ip)"; /*String sql = "select * from main.user_is_blocked(:login,:ip)";
MapSqlParameterSource parameters = new MapSqlParameterSource(); MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("login", update.getLogin()); parameters.addValue("login", update.getLogin());
parameters.addValue("ip", ipAddress); parameters.addValue("ip", ipAddress);
@ -1431,15 +1493,15 @@ public class MainController implements ServletContextAware {
if(rows==null) { if(rows==null) {
logger.error("Функция main.user_is_blocked не вернула результата!"); logger.error("Функция main.user_is_blocked не вернула результата!");
throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),null); throw new CustomException(10000, trt.trt("Error_executing_SQL_query"),null);
} }*/
//Получаю id пользователя //Получаю id пользователя
sql="select id from main._users where del=false and password=crypt(:password, password) and email=:email"; String sql = "select id from main._users where del=false and password=crypt(:password, password) and email=:email";
parameters = new MapSqlParameterSource(); MapSqlParameterSource parameters = new MapSqlParameterSource();
parameters.addValue("email", update.getLogin()); parameters.addValue("email", update.getLogin());
parameters.addValue("password", update.getPassword()); parameters.addValue("password", update.getPassword());
ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper()); List<String> ret = jdbcTemplate.query(sql, parameters, new DBTools.JsonRowMapper());
rows = null; JSONObject rows=null;
for (int i = 0; i < ret.size(); i++) { for (int i = 0; i < ret.size(); i++) {
rows = new JSONObject(ret.get(i)); rows = new JSONObject(ret.get(i));
} }