"Web Development" ★☆ based on the map implementation (user login three failed) within 24 hours limit login!

"Web Development" ★☆ based on the map implementation (user login three failed) within 24 hours limit login!

Recently in the change of an old project (struts1 do ), the customer now want to achieve the following effect, the user after logging failed three times , lock the user, need information Department management personnel to unlock! My first idea is to add a field to the database user table to record the number of login failures, but the database Add field requires remote operation of the database, and the other side of the database is surrounded by various encryption software! Not very convenient, so think about the solution, the use of map to deal with!

First say a train of thought, new entity class, only two properties, login failures, login time, implement Get,set Method!

As follows:

public class Usererrorloginrecord {    private String logintime;    private int errornumber;    Public String Getlogintime () {        return logintime;    }    public void Setlogintime (String logintime) {        this.logintime = logintime;    }    public int Geterrornumber () {        return errornumber;    }    public void Seterrornumber (int errornumber) {        this.errornumber = errornumber;    }}

Step two: We are in the login login.action a new map comes out, as follows

Rivate static map<string, usererrorloginrecord> Log_map = new hashmap<string, usererrorloginrecord> ();

Create a time calendar

Calendar nowdate = Calendar.getinstance ();

When the user logs on Login.action, then

                    Usererrorloginrecord usererror = null;                    String account = Loginform.getaccount ();//user name String password = Loginform.getpassword ();//password                        Usererror = Log_map.get (account);//Gets the login information object by username if (Usererror = = null) { If the queried user object is empty, then direct to user==null this method user = This.usersService.checkLoginIn (account, Md5.generat                    E (password));                        } else {String logintime = Usererror.getlogintime ();                        int loginnumber = Usererror.geterrornumber ();  Get time String datestr = string.valueof (Nowdate.get (calendar.year)) + (Nowdate.get (calendar.month) +                        1) + (Nowdate.get (calendar.day_of_month)); If this is not the same format as the login time (20140401) stored in map, then it is clear that the time has been 24 hours, then the login information in the map is cleared directly according to the user name if (!datestr.equals (logintime )) {Log_map.remOve (account);                            user = This.usersService.checkLoginIn (account, md5.generate (password)); Otherwise, if the number of logins is less than 3 then allow it to query the user object, otherwise directly set the user to null} else {if (Loginnumber &lt ;                            3) {user = This.usersService.checkLoginIn (account, md5.generate (password));                            } else {user = null;                        }}}//user is empty if (username = = null) { String datestr = string.valueof (Nowdate.get (calendar.year)) + (Nowdate.get (calendar.month) + 1) + (nowdate.g                        ET (calendar.day_of_month));                        Usererror = Log_map.get (account);                            if (Usererror = = null) {Usererror = new Usererrorloginrecord ();                      Usererror.seterrornumber (1);      Usererror.setlogintime (DATESTR);                        Log_map.put (account, usererror);                            } else {int loginnumber = Usererror.geterrornumber ();                            Usererror.seterrornumber (Loginnumber + 1);                        Log_map.put (account, usererror);                        } Usererror = Log_map.get (account); if (Usererror.geterrornumber () < 4) {Request.setattribute ("errorloginmessage", "Sorry, your login failed [ "+ usererror.geterrornumber () +"]. You have no access to the system, or the user name and password do not match!                        "); } else {Request.setattribute ("errorloginmessage", "Sorry, your login failed too many times, the system has not allowed you to continue to login, please contact the Administrator, or tomorrow in the attempt to login ！                        "); }}} if (user! = null) {//can clear the login error message or not clear//LOG_MAP.R                    Emove (User.getaccount ());  usersession US = new usersession ();                  Us.setuserid (User.getuserid (). toString ());                    Us.setusername (User.getname ());                    Us.setvipuser (TRUE);                    Us.setlogintime (Calendar.getinstance (). GetTime ());                    Us.setaccount (User.getaccount ());                    Us.setclientip (Request.getremoteaddr ());                Set set = User.getsfmuserdepartrels (); Return success} return error;

As for, the system administrator how to unlock the account, in fact, it is very simple, that is in the background, the user account with (this should not be difficult) to write a method!

Usererror = Log_map.get (account1);//pass over the user name                if (usererror!=null) {                int  errnumber = Usererror.geterrornumber ();                if (errnumber!=0) {                     log_map.remove (account1);                }

OK, to here, basically completed the user's needs, as for the loophole, that is, after the server restart, login failure information will disappear, but, after the project on-line in addition to the abnormal situation and the need for maintenance, the server basically will not stop, so, this method is still feasible!

Have a suggestion, raise your hand! 3q!

This article from "Promise always attached to the small wood 、、、" blog, please be sure to keep this source http://1936625305.blog.51cto.com/6410597/1412726