用户表增加登录日期和登录ip，系统增加定时扫描未使用的账号及参数设定

backend/src/main/java/com/jiayue/ssi/entity/SysUser.java

@@ -59,7 +59,12 @@ public class SysUser extends BaseEntity implements UserDetails {
     /** 最后修改密码时间 */
     @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
     private Date lastUpdatePwdTime;
+    /** 最后登录IP */
+    private String loginIp;
 
+    /** 最后登录时间 */
+    @JsonFormat(pattern = "yyyy-MM-dd HH:mm:ss")
+    private Date loginDate;
 
     @Override
     public boolean isEnabled() {

backend/src/main/java/com/jiayue/ssi/handler/CustomAuthenticationSuccessHandler.java

@@ -1,6 +1,7 @@
 package com.jiayue.ssi.handler;
 
 import java.io.IOException;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -13,8 +14,7 @@ import com.jiayue.ssi.constant.Constants;
 import com.jiayue.ssi.constant.SecretKeyConstants;
 import com.jiayue.ssi.factory.LoginFactory;
 import com.jiayue.ssi.service.SysUserService;
-import com.jiayue.ssi.util.LocalCache;
-import com.jiayue.ssi.util.SM2CryptUtils;
+import com.jiayue.ssi.util.*;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -22,8 +22,6 @@ import org.springframework.security.web.authentication.SavedRequestAwareAuthenti
 import org.springframework.stereotype.Component;
 
 import com.jiayue.ssi.entity.SysUser;
-import com.jiayue.ssi.util.JwtTokenUtil;
-import com.jiayue.ssi.util.ResponseVO;
 
 import cn.hutool.json.JSONUtil;
 
@@ -47,12 +45,15 @@ public class CustomAuthenticationSuccessHandler extends SavedRequestAwareAuthent
         LocalCache.remove(CacheConstants.MAIL_CODE_KEY + username);
         SysUser sysUser = (SysUser) authentication.getPrincipal();
         if (sysUser.getErrNum()>0){
+            // 清除之前失败次数
             sysUser.setErrNum(0);
             sysUser.setLockTime(0L);
             sysUser.setStatus("0");
-            sysUserService.updateUser(sysUser);
         }
-
+        // 加入登录IP和时间
+        sysUser.setLoginIp(IPUtils.getIpAddr(request));
+        sysUser.setLoginDate(new Date());
+        sysUserService.updateUser(sysUser);
 
         SecurityContextHolder.getContext().setAuthentication(authentication);
 

backend/src/main/java/com/jiayue/ssi/job/AutoScanAccount.java

@@ -0,0 +1,66 @@
+package com.jiayue.ssi.job;
+
+import com.jiayue.ssi.entity.SysUser;
+import com.jiayue.ssi.service.SysParameterService;
+import com.jiayue.ssi.service.SysUserService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.scheduling.annotation.EnableScheduling;
+import org.springframework.scheduling.annotation.Scheduled;
+import org.springframework.stereotype.Service;
+
+import java.util.Calendar;
+import java.util.List;
+
+/**
+* 系统定时扫描未使用的账号
+*
+* @author xsl
+* @since 2023/04/06
+*/
+@Service
+@EnableScheduling
+@Slf4j
+public class AutoScanAccount {
+    @Autowired
+    SysParameterService sysParameterService;
+    @Autowired
+    SysUserService sysUserService;
+
+    /**
+     * 每30分钟执行一次扫描
+     */
+    @Scheduled(cron = "0 0/10 * * * ?")
+    public void scanNotUsedAccount() throws Exception{
+        // 获取参数配置,未设置默认3个月
+        int autoScanAccount = Integer.parseInt(sysParameterService.queryByKey("autoScanAccount", "3"));
+        if (autoScanAccount>0){
+            log.info("自动扫描长期未使用的账号开始。。。");
+            // 进行扫描
+            List<SysUser> sysUsers = sysUserService.queryAllUsers();
+            for (SysUser sysUser:sysUsers){
+                Calendar calendar = Calendar.getInstance();
+                if (sysUser.getLoginDate()==null){
+                    calendar.setTime(sysUser.getLoginDate());
+                }
+                else{
+                    calendar.setTime(sysUser.getCreateTime());
+                }
+                calendar.add(Calendar.MONTH, autoScanAccount);
+                if (calendar.getTimeInMillis()<System.currentTimeMillis()){
+                    // 上次登录后N月没有使用，锁定账号
+                    sysUser.setLockTime(System.currentTimeMillis());
+                    sysUser.setStatus("1");
+                    Boolean bo = sysUserService.updateUser(sysUser);
+                    if (!bo){
+                        log.info(sysUser.getUsername()+",超过"+autoScanAccount+"个月未使用,锁定账号失败");
+                    }
+                    else{
+                        log.info(sysUser.getUsername()+",超过"+autoScanAccount+"个月未使用,锁定账号成功");
+                    }
+                }
+            }
+            log.info("自动扫描长期未使用的账号完成");
+        }
+    }
+}