用户登录限制功能后台完善。

doc-admin/src/main/java/com/doc/web/controller/system/SysLoginController.java

@@ -70,7 +70,7 @@ public class SysLoginController {
         ajax.put("user", user);
         ajax.put("roles", roles);
         ajax.put("permissions", permissions);
-
+        ajax.put("repass", loginService.isRepass(user.getUserId()));
         //做个冗余，登录获取用户信息时初始化空间
         docSpaceService.initUserSpace(user);
 

doc-admin/src/main/resources/i18n/messages.properties

@@ -11,12 +11,11 @@ user.blocked=用户已封禁，请联系管理员
 role.blocked=角色已封禁，请联系管理员
 login.blocked=很遗憾，访问IP已被列入系统黑名单
 user.logout.success=退出成功
-
 length.not.valid=长度必须在{min}到{max}个字符之间
-
+user.ip.limit=该账号与IP不匹配
+user.time.limit=该账号当前时段不能登录
 user.username.not.valid=* 2到20个汉字、字母、数字或下划线组成，且必须以非数字开头
 user.password.not.valid=* 5-50个字符
- 
 user.email.not.valid=邮箱格式错误
 user.mobile.phone.number.not.valid=手机号格式错误
 user.login.success=登录成功
@@ -24,11 +23,9 @@ user.register.success=注册成功
 user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
-
 ##文件上传消息
 upload.exceed.maxSize=上传的文件大小超出限制的文件大小！<br/>允许的文件最大大小是：{0}MB！
 upload.filename.exceed.length=上传的文件名最长{0}个字符
-
 ##权限
 no.permission=您没有数据的权限，请联系管理员添加权限 [{0}]
 no.create.permission=您没有创建数据的权限，请联系管理员添加权限 [{0}]

doc-common/src/main/java/com/doc/common/exception/user/UserIpLimitException.java

@@ -0,0 +1,16 @@
+package com.doc.common.exception.user;
+
+/**
+ * 黑名单IP异常类
+ * 
+ * @author ruoyi
+ */
+public class UserIpLimitException extends UserException
+{
+    private static final long serialVersionUID = 1L;
+
+    public UserIpLimitException()
+    {
+        super("user.ip.limit", null);
+    }
+}

doc-common/src/main/java/com/doc/common/exception/user/UserTimeLimitException.java

@@ -0,0 +1,16 @@
+package com.doc.common.exception.user;
+
+/**
+ * 黑名单IP异常类
+ * 
+ * @author ruoyi
+ */
+public class UserTimeLimitException extends UserException
+{
+    private static final long serialVersionUID = 1L;
+
+    public UserTimeLimitException()
+    {
+        super("user.time.limit", null);
+    }
+}

doc-common/src/main/java/com/doc/common/utils/DateUtils.java

@@ -10,11 +10,10 @@ import java.util.Date;
 
 /**
  * 时间工具类
- * 
+ *
  * @author ruoyi
  */
-public class DateUtils extends org.apache.commons.lang3.time.DateUtils
-{
+public class DateUtils extends org.apache.commons.lang3.time.DateUtils {
     public static String YYYY = "yyyy";
 
     public static String YYYY_MM = "yyyy-MM";
@@ -26,63 +25,52 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     public static String YYYY_MM_DD_HH_MM_SS = "yyyy-MM-dd HH:mm:ss";
 
     private static String[] parsePatterns = {
-            "yyyy-MM-dd", "yyyy-MM-dd HH:mm:ss", "yyyy-MM-dd HH:mm", "yyyy-MM", 
+            "yyyy-MM-dd", "yyyy-MM-dd HH:mm:ss", "yyyy-MM-dd HH:mm", "yyyy-MM",
             "yyyy/MM/dd", "yyyy/MM/dd HH:mm:ss", "yyyy/MM/dd HH:mm", "yyyy/MM",
             "yyyy.MM.dd", "yyyy.MM.dd HH:mm:ss", "yyyy.MM.dd HH:mm", "yyyy.MM"};
 
     /**
      * 获取当前Date型日期
-     * 
+     *
      * @return Date() 当前日期
      */
-    public static Date getNowDate()
-    {
+    public static Date getNowDate() {
         return new Date();
     }
 
     /**
      * 获取当前日期, 默认格式为yyyy-MM-dd
-     * 
+     *
      * @return String
      */
-    public static String getDate()
-    {
+    public static String getDate() {
         return dateTimeNow(YYYY_MM_DD);
     }
 
-    public static final String getTime()
-    {
+    public static final String getTime() {
         return dateTimeNow(YYYY_MM_DD_HH_MM_SS);
     }
 
-    public static final String dateTimeNow()
-    {
+    public static final String dateTimeNow() {
         return dateTimeNow(YYYYMMDDHHMMSS);
     }
 
-    public static final String dateTimeNow(final String format)
-    {
+    public static final String dateTimeNow(final String format) {
         return parseDateToStr(format, new Date());
     }
 
-    public static final String dateTime(final Date date)
-    {
+    public static final String dateTime(final Date date) {
         return parseDateToStr(YYYY_MM_DD, date);
     }
 
-    public static final String parseDateToStr(final String format, final Date date)
-    {
+    public static final String parseDateToStr(final String format, final Date date) {
         return new SimpleDateFormat(format).format(date);
     }
 
-    public static final Date dateTime(final String format, final String ts)
-    {
-        try
-        {
+    public static final Date dateTime(final String format, final String ts) {
+        try {
             return new SimpleDateFormat(format).parse(ts);
-        }
-        catch (ParseException e)
-        {
+        } catch (ParseException e) {
             throw new RuntimeException(e);
         }
     }
@@ -90,8 +78,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 日期路径 即年/月/日 如2018/08/08
      */
-    public static final String datePath()
-    {
+    public static final String datePath() {
         Date now = new Date();
         return DateFormatUtils.format(now, "yyyy/MM/dd");
     }
@@ -99,8 +86,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 日期路径 即年/月/日 如20180808
      */
-    public static final String dateTime()
-    {
+    public static final String dateTime() {
         Date now = new Date();
         return DateFormatUtils.format(now, "yyyyMMdd");
     }
@@ -108,18 +94,13 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 日期型字符串转化为日期 格式
      */
-    public static Date parseDate(Object str)
-    {
-        if (str == null)
-        {
+    public static Date parseDate(Object str) {
+        if (str == null) {
             return null;
         }
-        try
-        {
+        try {
             return parseDate(str.toString(), parsePatterns);
-        }
-        catch (ParseException e)
-        {
+        } catch (ParseException e) {
             return null;
         }
     }
@@ -127,8 +108,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 获取服务器启动时间
      */
-    public static Date getServerStartDate()
-    {
+    public static Date getServerStartDate() {
         long time = ManagementFactory.getRuntimeMXBean().getStartTime();
         return new Date(time);
     }
@@ -136,20 +116,18 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 计算相差天数
      */
-    public static int differentDaysByMillisecond(Date date1, Date date2)
-    {
+    public static int differentDaysByMillisecond(Date date1, Date date2) {
         return Math.abs((int) ((date2.getTime() - date1.getTime()) / (1000 * 3600 * 24)));
     }
 
     /**
      * 计算时间差
      *
-     * @param endDate 最后时间
+     * @param endDate   最后时间
      * @param startTime 开始时间
      * @return 时间差（天/小时/分钟）
      */
-    public static String timeDistance(Date endDate, Date startTime)
-    {
+    public static String timeDistance(Date endDate, Date startTime) {
         long nd = 1000 * 24 * 60 * 60;
         long nh = 1000 * 60 * 60;
         long nm = 1000 * 60;
@@ -170,8 +148,7 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 增加 LocalDateTime ==> Date
      */
-    public static Date toDate(LocalDateTime temporalAccessor)
-    {
+    public static Date toDate(LocalDateTime temporalAccessor) {
         ZonedDateTime zdt = temporalAccessor.atZone(ZoneId.systemDefault());
         return Date.from(zdt.toInstant());
     }
@@ -179,10 +156,20 @@ public class DateUtils extends org.apache.commons.lang3.time.DateUtils
     /**
      * 增加 LocalDate ==> Date
      */
-    public static Date toDate(LocalDate temporalAccessor)
-    {
+    public static Date toDate(LocalDate temporalAccessor) {
         LocalDateTime localDateTime = LocalDateTime.of(temporalAccessor, LocalTime.of(0, 0, 0));
         ZonedDateTime zdt = localDateTime.atZone(ZoneId.systemDefault());
         return Date.from(zdt.toInstant());
     }
+
+    public static Boolean isInTime(String start, String end) {
+        LocalTime localTime = LocalTime.now();
+        boolean isBefore = localTime.isBefore(LocalTime.parse(end));
+        boolean isAfter = localTime.isAfter(LocalTime.parse(start));
+        return isAfter && isBefore;
+    }
+
+    public static void main(String[] args) {
+        System.err.println(isInTime("08:00", "16:55"));
+    }
 }

doc-framework/src/main/java/com/doc/framework/web/service/SysLoginService.java

@@ -25,6 +25,7 @@ import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Component;
 
 import javax.annotation.Resource;
+import java.util.Date;
 
 /**
  * 登录校验方法
@@ -155,6 +156,26 @@ public class SysLoginService {
             AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("login.blocked")));
             throw new BlackListException();
         }
+
+        SysUser user = userService.selectUserByUserName(username);
+        if (user.getExpand() != null) {
+            //验证是否允许登录的IP
+            if (StringUtils.isNotEmpty(user.getExpand().getLoginIp())) {
+                if (!IpUtils.isMatchedIp(user.getExpand().getLoginIp(), IpUtils.getIpAddr())) {
+                    AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.ip.limit")));
+                    throw new UserIpLimitException();
+                }
+            }
+            //验证是否允许的登录时段
+            if (StringUtils.isNotEmpty(user.getExpand().getLoginTime())) {
+                String[] time = user.getExpand().getLoginTime().split("-");
+                if (!DateUtils.isInTime(time[0], time[1])) {
+                    AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.time.limit")));
+                    throw new UserTimeLimitException();
+                }
+            }
+        }
+
     }
 
     /**
@@ -169,4 +190,22 @@ public class SysLoginService {
         sysUser.setLoginDate(DateUtils.getNowDate());
         userService.updateUserProfile(sysUser);
     }
+
+    public boolean isRepass(Long userId) {
+        SysUser sysUser = userService.selectUserById(userId);
+        if (sysUser.getExpand() == null) {
+            //如果没有扩展信息，则代表初始化进入，强制修改密码
+            return true;
+        } else if (sysUser.getExpand().getLastUpdateTime() == null) {
+            //同上
+            return true;
+        } else {
+            //判断是否超时未修改密码
+            Date d = sysUser.getExpand().getLastUpdateTime();
+            String day = configService.selectConfigByKey("pass.expiration.date");
+            Date expiration = DateUtils.addDays(d, Integer.parseInt(day));
+
+            return expiration.before(new Date());
+        }
+    }
 }