登录次数过多锁定

src/main/java/com/zhiqiyun/open/router/apis/Oauth2Api.java

@@ -8,17 +8,22 @@ import com.dliyun.oap.framework.response.OapResponse;
 import com.zhiqiyun.open.core.service.SystemConfigService;
 import com.zhiqiyun.open.router.request.EmptyRequest;
 import com.zhiqiyun.open.router.request.oauth2.*;
+import com.zhiqiyun.open.utils.DateUtil;
 import lombok.extern.slf4j.Slf4j;
 import okhttp3.*;
 import org.apache.commons.codec.digest.DigestUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.time.DateUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.StringRedisTemplate;
 
+import javax.annotation.Resource;
 import java.io.IOException;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Objects;
+import java.util.concurrent.TimeUnit;
 
 @Slf4j
 @ServiceMethodBean
@@ -30,6 +35,13 @@ public class Oauth2Api {
     @Autowired
     private SystemConfigService systemConfigService;
 
+    @Autowired
+    private StringRedisTemplate stringRedisTemplate;
+
+    private final String OAUTH_FAIL_COUNT = "OAUTH_FAIL_COUNT:%s";
+
+    private final String OAUTH_FAIL_LOCK_TIME = "OAUTH_FAIL_LOCK_TIME:%s";
+
     /**
      * 调试成功
      *
@@ -51,7 +63,13 @@ public class Oauth2Api {
         paramValues.put("login_type", request.getLoginType());
         paramValues.put("type", "account");
 
+        String redisFailCountKey = String.format(OAUTH_FAIL_COUNT, request.getUserName());
+        String redisFailTimeKey = String.format(OAUTH_FAIL_LOCK_TIME, request.getUserName());
         log.info(JSON.toJSONString(paramValues));
+        String lockTime = this.stringRedisTemplate.boundValueOps(redisFailTimeKey).get();
+        if (lockTime != null) {
+            return OapResponse.fail("NETWORK_ERROR", "由于你登录失败次数过多，你的账号已经被锁定");
+        }
 
         FormBody.Builder formBuilder = new FormBody.Builder();
         paramValues.forEach(formBuilder::add);
@@ -64,10 +82,18 @@ public class Oauth2Api {
         builder.post(formBuilder.build());
         Response resp = this.okHttpClient.newCall(builder.build()).execute();
         if (resp.isSuccessful()) {
+            this.stringRedisTemplate.delete(redisFailCountKey);
             String result = Objects.requireNonNull(resp.body()).string();
             JSONObject jsonObject = JSON.parseObject(result);
             return OapResponse.success().setBody(jsonObject);
         } else {
+            Long failCount = this.stringRedisTemplate.boundValueOps(redisFailCountKey).increment();
+            if (failCount != null && failCount >= 3 && failCount < 5) {
+                this.stringRedisTemplate.boundValueOps(redisFailTimeKey).set(DateUtil.format("yyyyMMddHHmmss"), 5, TimeUnit.MINUTES);
+            }
+            if (failCount != null && failCount >= 5) {
+                this.stringRedisTemplate.boundValueOps(redisFailTimeKey).set(DateUtil.format("yyyyMMddHHmmss"), 24, TimeUnit.HOURS);
+            }
             try {
                 String result = Objects.requireNonNull(resp.body()).string();
                 log.error(result);