• Home
• com.haoxuer.discover
• discover-common-user
• 3.3.16-20220327
• source code
• RetryLimitHashedCredentialsMatcher.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.haoxuer.discover.user.shiro.realm.RetryLimitHashedCredentialsMatcher Maven / Gradle / Ivy

package com.haoxuer.discover.user.shiro.realm;

import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.ExcessiveAttemptsException;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.Cache;
import org.apache.shiro.cache.CacheManager;

import java.util.concurrent.atomic.AtomicInteger;

/**
 * 密码多次登陆失败
 */
public class RetryLimitHashedCredentialsMatcher extends
    HashedCredentialsMatcher {

  private Cache passwordRetryCache;

  public RetryLimitHashedCredentialsMatcher(CacheManager cacheManager) {
    passwordRetryCache = cacheManager.getCache("passwordRetryCache");
  }

  @Override
  public boolean doCredentialsMatch(AuthenticationToken token,
                                    AuthenticationInfo info) {
    String username = (String) token.getPrincipal();
    // retry count + 1
    AtomicInteger retryCount = passwordRetryCache.get(username);
    if (retryCount == null) {
      retryCount = new AtomicInteger(0);
      passwordRetryCache.put(username, retryCount);
    }
    if (retryCount.incrementAndGet() > 5) {
      // if retry count > 5 throw
      throw new ExcessiveAttemptsException();
    }

    boolean matches = super.doCredentialsMatch(token, info);
    if (matches) {
      // clear retry count
      passwordRetryCache.remove(username);
    }
    return matches;
  }
}