SocialVerifyLogin.jsp
33.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
<%@ page language="java" contentType="text/html; charset=UTF-8" %>
<%@page import="net.sf.json.*"%>
<%@page import="weaver.mobile.plugin.ecology.service.HrmResourceService"%>
<%@ page import="weaver.file.*" %>
<%@ page import="weaver.general.*" %>
<%@ page import="weaver.hrm.*" %>
<%@ page import="weaver.hrm.settings.*" %>
<%@ page import="weaver.systeminfo.SystemEnv"%>
<%@page import="weaver.social.service.SocialIMService"%>
<%@page import="weaver.social.im.SocialImLogin"%>
<%@page import="weaver.social.SocialUtil"%>
<%@page import="weaver.social.util.SocialCodeUtil"%>
<%@page import="weaver.conn.RecordSet"%>
<%@page import="java.util.*"%>
<%@page import="weaver.login.VerifyPasswdCheck"%>
<%@page import="weaver.login.VerifyLogin"%>
<%@page import="weaver.login.CheckIpNetWork"%>
<%@page import="weaver.conn.ConnStatement"%>
<%@page import="weaver.general.BaseBean"%>
<jsp:useBean id="ResourceComInfo" class="weaver.hrm.resource.ResourceComInfo" scope="page" />
<jsp:useBean id="rs" class="weaver.conn.RecordSet" scope="page" />
<%@ page import="weaver.social.po.SocialClientProp" %>
<%@ page import="java.lang.reflect.*" %>
<%!
// 检测系统是否支持language类型语言
public boolean judgeLanguage(int language) {
RecordSet rs = new RecordSet();
rs.executeQuery("select language, activable from syslanguage where activable = 1 and id = " + language);
return rs.next();
}
%>
<%
request.setCharacterEncoding("UTF-8");
response.setContentType("application/json;charset=UTF-8");
String method = Util.null2String(request.getParameter("method"));
if(method.isEmpty()) {
method = "login"; // 默认是采用登录方"
}
BaseBean log = new BaseBean();
FileUpload fu = new FileUpload(request);
// 用户登录
if("login".equals(method)) {
String loginId = Util.null2String(fu.getParameter("loginid"));
String password = Util.null2String(fu.getParameter("password"));
String pubkey = Util.null2String(fu.getParameter("pubkey"));
if (!pubkey.equals("")) {
password = SocialCodeUtil.decrypt(password);
}
JSONObject result = new JSONObject();
if (SocialCodeUtil.ERR_CODE.equals(password)) {
result.put("status", 3);
result.put("errorMsg", SocialIMService.getErrorMsg(3, 7));
SocialImLogin.recordFailedLogin(loginId,SocialIMService.getErrorMsg(3, 7),"e-message");
out.println(result);
return;
}
String beforePwd = password;
String user_token = "";
try{
Class<?> clazz = Class.forName("weaver.sm.SM4Utils");
Object sm4 = clazz.newInstance();
BaseBean bb = new BaseBean();
String key = Util.null2String(bb.getPropValue("weaver_client_pwd","key"));
//解密
Class [] paramtype = {java.lang.String.class,java.lang.String.class};
Method method_decrypt = clazz.getMethod("decrypt", paramtype);
Method method_encrypt = clazz.getMethod("encrypt", paramtype);
//传输进来是密"
if(password.endsWith("_random_")){
password = password.substring(0, password.lastIndexOf("_random_"));
password = (String)method_decrypt.invoke(sm4,password,key);
user_token = beforePwd;
}else{
user_token = (String)method_encrypt.invoke(sm4,beforePwd,key)+"_random_";
if(user_token.startsWith("null")){
user_token = "";
}
}
}catch(Exception e){
log.writeLog(e.getMessage());
}
String dynapass = Util.null2String(fu.getParameter("dynapass"));
String tokenpass = Util.null2String(fu.getParameter("tokenpass"));
int language = Util.getIntValue(fu.getParameter("language"), 7);
String ipaddress = Util.null2String(fu.getParameter("ipaddress"));
int policy = Util.getIntValue(Util.null2String(fu.getParameter("policy")), 0);
String auth = Util.null2String(fu.getParameter("auth"));
Map<String, String> map = SocialImLogin.getBuildVersion();
result.put("buildversion", map.get("buildversion"));
result.put("osxBuildVersion", map.get("osxBuildVersion"));
result.put("xpbuildVersion", map.get("xpbuildVersion"));
result.put("runtimeVersion", map.get("runtimeVersion"));
if(loginId == null || "".equals(loginId) || password == null || "".equals(password)){
result.put("error", "no loginid or password!");
}
if(!judgeLanguage(language) && language != 7) {
result.put("status", 999);
result.put("errorMsg", "系统不支持该语言,请选择其他语言");
SocialImLogin.recordFailedLogin(loginId,"系统不支持该语言,请选择其他语言","e-message");
}
else{
//先验证验证码
ChgPasswdReminder validCodeReminder = new ChgPasswdReminder();
RemindSettings validCodeSettings=validCodeReminder.getRemindSettings();
int needvalidate= validCodeSettings.getNeedvalidate();//0: "1: "
int validatetype=validCodeSettings.getValidatetype();
String validCode = Util.null2String(fu.getParameter("validCode"));
String commonUsbType = Util.null2String(fu.getParameter("userUsbType"));
/*
log.writeLog("socialVerfylogin----validCode---"+validCode);
log.writeLog("socialVerfylogin----needvalidate---"+needvalidate);
log.writeLog("socialVerfylogin----validatetype---"+validatetype);
log.writeLog("socialVerfylogin----commonUsbType---"+commonUsbType);
*/
if(needvalidate==1 && !commonUsbType.equals("") && !commonUsbType.equals("3")){
String validateRand=Util.null2String((String)request.getSession(true).getAttribute("validateRand"));
//获取后清除session里面的验证码值
request.getSession(true).removeAttribute("validateRand");
//log.writeLog("socialVerfylogin----validateRand---"+validateRand);
if(validCode.equals("") || !validCode.toLowerCase().equals(validateRand.toLowerCase())){
result.put("status", -1);
result.put("errorMsg", "验证码错误,请重新输");
SocialImLogin.recordFailedLogin(loginId,"验证码错误,请重新输","e-message");
out.println(result);
return;
}
}
HrmResourceService hrs = new HrmResourceService();
String userid = "" + hrs.getUserId(loginId);
boolean forbitLogin = SocialImLogin.checkForbitLogin(userid);
boolean permitLoginByNetworkSeg = SocialImLogin.checkIpSegByForbidLogin(request, loginId);
// 校验emessage网段策略限制
//新开"默认是开着"
//boolean isAllowNewWin = "0".equals(SocialClientProp.getPropValue(SocialClientProp.FORBIT_WINDOWDEPART));
boolean isAllowNewWin = false;
//旧开"
boolean isOld = SocialImLogin.checkAllowWindowDepart(userid);
int isAllowNewWinNum = 0;
if(isOld){
isAllowNewWinNum = 1;
}else{
isAllowNewWinNum = 0;
}
if(isAllowNewWin){
JSONObject obj = SocialUtil.getUserConfig(userid);
result.put("config",obj);
result.put("isNew",1);
}else{
result.put("isNew",0);
}
if(!forbitLogin){
result.put("status", -1); //禁止登录
result.put("errorMsg","当前账号已被禁止登录e-message");
SocialImLogin.recordFailedLogin(loginId,"当前账号已被禁止登录e-message","e-message");
}else if(!permitLoginByNetworkSeg){
result.put("status", -1); // 被网段限制,禁止登录
result.put("errorMsg", SystemEnv.getHtmlLabelName(389986,language));
SocialImLogin.recordFailedLogin(loginId,SystemEnv.getHtmlLabelName(81628,language),"e-message");
}else{
HrmSettingsComInfo sci = new HrmSettingsComInfo();
String needdynapass_sys = sci.getNeeddynapass();
String needtokenpass_sys = sci.getNeedusbDt();
String validitySec = sci.getValiditySec();
String openPasswordLock = Util.null2String(sci.getOpenPasswordLock());
// 检查登录类"
rs.executeQuery("select userUsbType, usbstate, status, needdynapass, needusb from hrmresource where loginid =?",loginId );
if(rs.next()){
String userUsbType = Util.null2String(rs.getString("userUsbType"));
String usbstate = Util.null2String(rs.getString("usbstate"));
String status = Util.null2String(rs.getString("status"));
String needdynapass_user = Util.null2String(rs.getString("needdynapass"));
String needtokenpass_user = Util.null2String(rs.getString("needusb"));
// 屏蔽离职人员
if(status.equals("4") || status.equals("5") || status.equals("6") || status.equals("7")) {
result.put("status", -1); //禁止登录
result.put("errorMsg","账号已被禁止登录");
SocialImLogin.recordFailedLogin(loginId,"账号已被禁止登录","e-message");
out.println(result);
return;
}
// log.writeLog("socialVerfylogin----userUsbType---"+userUsbType);
// log.writeLog("socialVerfylogin----usbstate---"+usbstate);
if(!userUsbType.isEmpty() && (usbstate.equals("0") || usbstate.equals("2"))) {
// userUsbType 2 海泰key 3 动态令"4 动态密"其他表示未开启辅助校"
// 手机接口policy 0 不启"1 验证"2 动态密"3 动态令"
if(userUsbType.equals("4")) {
policy = 2;
}
if(userUsbType.equals("3")) {
policy = 3;
}
}
// 判断动态密码是否开"
if(policy == 2) {
// 总开关未开"
// log.writeLog("socialVerfylogin----needdynapass_sys---"+needdynapass_sys);
if(needdynapass_sys != null && needdynapass_sys.equals("0")) {
policy = 0;
}
// 个人开关未开"
// log.writeLog("socialVerfylogin----needdynapass_user---"+needdynapass_user);
if(!needdynapass_user.equals("1")) {
policy = 0;
}
}
// 判断动态令牌是否开" 总开关可以同时开启两种校验,但个人只能设置一"
if(policy == 3) {
// 总开关未开"
// log.writeLog("socialVerfylogin----needtokenpass_sys---"+needtokenpass_sys);
if(needtokenpass_sys != null && needtokenpass_sys.equals("0")) {
policy = 0;
}
// 个人开关未开"
// log.writeLog("socialVerfylogin----needtokenpass_user---"+needtokenpass_user);
if(!needtokenpass_user.equals("1")) {
policy = 0;
}
}
// 判断网段策略的情况: usbstate: 0 启用 1 禁用 2 网段策略
// 只需考虑动态密码和动态令牌的情况
if(usbstate.equals("2") && (policy == 2 || policy == 3)) {
String clientIP = Util.getIpAddr(request);
// log.writeLog("socialVerfylogin----clientIP---"+clientIP);
CheckIpNetWork checkipnetwork = new CheckIpNetWork();
boolean checkOutter = checkipnetwork.checkIpSeg(clientIP);
// 网段内跳过辅助校"
// log.writeLog("socialVerfylogin----checkOutter---"+checkOutter);
if(!checkOutter) {
policy = 0;
}
}
}
// 检查密码锁"
boolean isWhite = false;
rs.executeQuery("select passwordlock from hrmresource where passwordlock>0 and loginid=?",loginId);
//先判定该用户密码是否已被锁定
if(rs.next()){
//获取白名单参数,是否开启白名单
String isopen = Prop.getPropValue("EMobileWhiteList", "WhiteListOpen");
if(isopen != null && "true".equals(isopen)){
String iplist = Prop.getPropValue("EMobileWhiteList", "ips");
if(iplist != null && iplist.length() > 0){
String[] ips = iplist.split(",");
for(int i=0;i<ips.length;i++){
if(ipaddress.equals(ips[i])){
isWhite=true;
break;
}
}
}
}
if(!isWhite && openPasswordLock.equals("1")){
result.put("status", 2);
result.put("errorMsg", SystemEnv.getHtmlLabelName(24594,7));
SocialImLogin.recordFailedLogin(loginId,SystemEnv.getHtmlLabelName(24594,7),"e-message");
out.println(result);
return;
}
}
// 检查密码锁"end
// log.writeLog("socialVerfylogin----loginId---"+loginId);
// log.writeLog("socialVerfylogin----password---"+password);
// log.writeLog("socialVerfylogin----dynapass---"+dynapass);
// log.writeLog("socialVerfylogin----tokenpass---"+tokenpass);
// log.writeLog("socialVerfylogin----policy---"+policy);
int status = hrs.checkLogin(loginId, password, dynapass, tokenpass, policy);
BirthdayReminder birth_reminder = new BirthdayReminder();
RemindSettings settings=birth_reminder.getRemindSettings();
String userHead = "";
String userName = "";
if(status == 1){
if(settings==null){
result.put("status", status);
result.put("errorMsg", SocialIMService.getErrorMsg(status, 7));
SocialImLogin.recordFailedLogin(loginId,SocialIMService.getErrorMsg(status, 7),"e-message");
}
String OpenPasswordLock = settings.getOpenPasswordLock();
if("1".equals(OpenPasswordLock)){
RecordSet rsPwd = new RecordSet();
String updatepwdSql = "update HrmResource set sumpasswordwrong=? where loginid=?";
rsPwd.executeUpdate(updatepwdSql,0,loginId);
}
// 校验license是否正确
int checkLicense = SocialImLogin.checkLience();
User user = hrs.getUserById(hrs.getUserId(loginId));
// 授权信息不正"或"不是pc其他地点登录,不允许登录
if(checkLicense == 1 || (checkLicense == 6 && SocialImLogin.checkOnlineStatus(user.getUID(), SocialImLogin.CLIENT_TYPE_PC) == 1)) {
user.setLanguage(language);
//需要给user设置ip信息,否则会导致门户某些功能受限
user.setLoginip(Util.getIpAddr(request));
session.setAttribute("weaver_user@bean",user);
//添加密码到缓存中
try {
HashMap<Integer, String> socialUserpwdCache = new HashMap<Integer, String>();
Object pwdObject = StaticObj.getInstance().getObject("socialUserpwdCache");
if (pwdObject != null) {
socialUserpwdCache = (HashMap<Integer, String>) pwdObject;
}
socialUserpwdCache.put(user.getUID(), password);
StaticObj.getInstance().putObject("socialUserpwdCache", socialUserpwdCache);
} catch (Exception e) {
log.writeLog("socialUserpwdCache 添加失败" + e.getMessage());
}
//将用户id保存到cookie
//Util.setCookie(response, "loginidweaver", userid);
//userHead=ResourceComInfo.getMessagerUrls(userid);
userHead = SocialUtil.getUserHeadImage(user.getUID()+"");
userName = ResourceComInfo.getLastname(user.getUID()+"");
String sessionKey = session.getId();
//登录时写入cookies
Util.setCookie(response, "sessionkey", sessionKey);
SocialImLogin.recordSocialIMSessionkey(user.getUID(), sessionKey, SocialImLogin.CLIENT_TYPE_PC);
SocialImLogin.updateLoginTime(user.getUID(), SocialImLogin.CLIENT_TYPE_PC);
//SocialImLogin.setSysLogInfo(request, response);
//检查用户是否需要修改OA密码
//if(SocialImLogin.checkIsNeedResetPassword(Integer.parseInt(userid))) {
// result.put("status", -2); //需要用户修改密码后才能登陆
// result.put("errorMsg", "请您提高密码强度,密码不少于8位(并需含字母,数字及特殊字符)");
// result.put("url", "/hrm/HrmTab.jsp?_fromURL=HrmResourcePassword");
// result.put("sessionkey", sessionKey);
//} else {
result.put("userName",userName);
result.put("userHead",userHead);
result.put("status", status);
result.put("errorMsg", SocialIMService.getErrorMsg(status, 7));
result.put("sessionkey", sessionKey);
result.put("isAllowNewWin", isAllowNewWinNum);
result.put("user_token",user_token);
SocialImLogin.recordLogin(user.getUID(),userName,"e-message");
//}
} else {
result.put("status", -1); //license错误
result.put("errorMsg",SocialImLogin.getCheckLienceMsg(checkLicense, 7));
SocialImLogin.recordFailedLogin(loginId,SocialImLogin.getCheckLienceMsg(checkLicense, 7),"e-message");
}
} else {
// ‘登录密码不正确" ‘用户名或密码错误" ‘用户不存在’的提示统一成‘用户名或密码错误" status统一"
// log.writeLog("socialVerfylogin----status---"+status);
if(status == 3 || status == 4) {
//用户名不存在
// log.writeLog("socialVerfylogin----status---"+status);
result.put("status", status);
result.put("errorMsg", SocialIMService.getErrorMsg(status, 7));
SocialImLogin.recordFailedLogin(loginId,SocialIMService.getErrorMsg(status, 7),"e-message");
out.println(result);
return;
}
// 检查密码锁"
String errorMsg = "";
Boolean isLock = false;
if(status==2 && !isWhite){
RecordSet rs2 = new RecordSet();
RecordSet rs1 = new RecordSet();
if(settings==null){
result.put("status", status);
result.put("errorMsg", SocialIMService.getErrorMsg(status, 7));
//log.writeLog("settings==="+SocialIMService.getErrorMsg(status, 7));
}
String OpenPasswordLock = settings.getOpenPasswordLock();
//log.writeLog("OpenPasswordLock==="+OpenPasswordLock);
if("1".equals(OpenPasswordLock)){
rs2.executeQuery("select id from HrmResourceManager where loginid=?",loginId);
if(!rs2.next()){
//log.writeLog("socialVerfylogin----sumpasswordwrong---check--start--");
String sql = "select sumpasswordwrong from hrmresource where loginid=?";
//log.writeLog("socialVerfylogin----sumpasswordwrong---sql="+sql);
rs1.executeQuery(sql,loginId);
int sumpasswordwrong = 0;
if(rs1.next()) sumpasswordwrong = Util.getIntValue(rs1.getString(1));
//log.writeLog("socialVerfylogin----sumpasswordwrong---sumpasswordwrong="+sumpasswordwrong);
int sumPasswordLock = Util.getIntValue(settings.getSumPasswordLock(),3);
//log.writeLog("socialVerfylogin----sumpasswordwrong---sumPasswordLock="+sumPasswordLock);
int leftChance = sumPasswordLock-sumpasswordwrong;
//log.writeLog("socialVerfylogin----sumpasswordwrong---leftChance="+leftChance);
ConnStatement statement = new ConnStatement();
if(leftChance==1){
String updateSql = "update HrmResource set passwordlock=1,sumpasswordwrong=0 where loginid=?";
// log.writeLog("socialVerfylogin----sumpasswordwrong---updateSql="+updateSql);
try{
statement.setStatementSql(updateSql);
statement.setString(1,loginId);
statement.executeUpdate();
}catch(Exception e) {
// log.writeLog("socialVerfylogin----sumpasswordwrong--更新失败--");
}finally {
try {
if(statement!=null) statement.close();
// log.writeLog("socialVerfylogin----statement.close--");
}catch(Exception ex) {}
}
status = 19;
isLock = true;
}else{
String updateSql = "update HrmResource set sumpasswordwrong=? where loginid=?";
// log.writeLog("socialVerfylogin----sumpasswordwrong---updateSql="+updateSql);
try{
statement.setStatementSql(updateSql);
int setPasswd =sumpasswordwrong +1 ;
statement.setInt(1,setPasswd);
statement.setString(2,loginId);
statement.executeUpdate();
}catch(Exception e) {
// log.writeLog("socialVerfylogin----sumpasswordwrong--更新失败--");
}finally {
try {
if(statement!=null) statement.close();
// log.writeLog("socialVerfylogin----statement.close--");
}catch(Exception ex) {}
}
errorMsg = SystemEnv.getHtmlLabelName(24466,language) + (leftChance-1) + SystemEnv.getHtmlLabelName(24467,language);
//log.writeLog("errorMsg==isLock==false="+errorMsg);
}
}
}
}
// 检查密码锁"-end
result.put("status", status);
result.put("errorMsg", errorMsg.isEmpty()?SocialIMService.getErrorMsg(status, 7):errorMsg);
/* log.writeLog(errorMsg.isEmpty()?SocialIMService.getErrorMsg(status, 7):errorMsg);
log.writeLog("isLock==="+isLock);
log.writeLog("status==="+status);
log.writeLog("isWhite==="+isWhite); */
if(isLock){
SocialImLogin.recordPasswordLock(loginId,"e-message");
}else{
if(errorMsg.isEmpty()){
SocialImLogin.recordFailedLogin(loginId,SocialIMService.getErrorMsg(status, 7),"e-message");
}else{
SocialImLogin.recordFailedLogin(loginId,errorMsg,"e-message");
}
}
if(status == 0){
result.put("validitySec", validitySec);
}
}
}
}
String callback = Util.null2String(request.getParameter("callback"));
if(callback.isEmpty()) {
out.println(result);
} else {
out.println(callback + "(" + result.toString() + ")");
}
}
// 扫码登陆后,获得版本和sessionkey
else if("afterQRLogin".equals(method)) {
JSONObject result = new JSONObject();
User user = HrmUserVarify.checkUser(request, response);
boolean permitLoginByNetworkSeg = SocialImLogin.checkIpSegByForbidLogin(request, user.getLoginid());
boolean forbitLogin = SocialImLogin.checkForbitLogin(user.getUID()+"");
if(!forbitLogin){
result.put("status", -1); //禁止登录
result.put("errorMsg","当前账号已被禁止登录e-message");
SocialImLogin.recordFailedLogin(user.getLoginid(),"当前账号已被禁止登录e-message","e-message");
} else if(!permitLoginByNetworkSeg){
result.put("status", -1); // 被网段限制,禁止登录
result.put("errorMsg", SystemEnv.getHtmlLabelName(81628, user.getLanguage()));
SocialImLogin.recordFailedLogin(user.getLoginid(),SystemEnv.getHtmlLabelName(81628, user.getLanguage()),"e-message");
} else{
if(user != null) {
// 校验license是否正确
int checkLicense = SocialImLogin.checkLience();
// 授权信息不正"或"不是pc其他地点登录,不允许登录
if(checkLicense == 1 || (checkLicense == 6 && SocialImLogin.checkOnlineStatus(user.getUID(), SocialImLogin.CLIENT_TYPE_PC) == 1)) {
int userid = user.getUID();
SocialImLogin.recordSocialIMSessionkey(userid, session.getId(), SocialImLogin.CLIENT_TYPE_PC);
SocialImLogin.updateLoginTime(user.getUID(), SocialImLogin.CLIENT_TYPE_PC);
SocialImLogin.setSysLogInfo(request, response);
//检查用户是否需要修改OA密码
//if(SocialImLogin.checkIsNeedResetPassword(userid)) {
// result.put("status", -2); //需要用户修改密码后才能登陆
// result.put("errorMsg", "请您提高密码强度,密码不少于8位(并需含字母,数字及特殊字符)");
// result.put("url", "/hrm/HrmTab.jsp?_fromURL=HrmResourcePassword");
// result.put("sessionkey", session.getId());
//} else {
//String userHead=ResourceComInfo.getMessagerUrls(String.valueOf(userid));
String userHead = SocialUtil.getUserHeadImage(String.valueOf(userid));
String userName = ResourceComInfo.getLastname(String.valueOf(userid));
//boolean isAllowNewWin = "0".equals(SocialClientProp.getPropValue(SocialClientProp.FORBIT_WINDOWDEPART));
boolean isAllowNewWin = false;
boolean isOld = SocialImLogin.checkAllowWindowDepart(String.valueOf(userid));
int isAllowNewWinNum = 0;
if(isOld){
isAllowNewWinNum = 1;
}else{
isAllowNewWinNum = 0;
}
if(isAllowNewWin){
JSONObject obj = SocialUtil.getUserConfig(String.valueOf(userid));
result.put("config",obj);
result.put("isNew",1);
}else{
result.put("isNew",0);
}
result.put("userName",userName);
result.put("userHead",userHead);
result.put("status", 1);
result.put("errorMsg", SocialIMService.getErrorMsg(1, 7));
result.put("sessionkey", session.getId());
result.put("isAllowNewWin", isAllowNewWinNum);
result.put("user_token","");
SocialImLogin.recordLogin(userid,userName,"e-message");
//}
} else {
result.put("status", -1); //license错误
result.put("errorMsg",SocialImLogin.getCheckLienceMsg(checkLicense, 7));
SocialImLogin.recordFailedLogin(user.getLoginid(),SocialImLogin.getCheckLienceMsg(checkLicense, 7),"e-message");
}
} else {
result.put("status", 999);
result.put("errorMsg", "服务器处理扫码登录异");
SocialImLogin.recordFailedLogin(user.getLoginid(),"服务器处理扫码登录异","e-message");
}
}
Map<String, String> map = SocialImLogin.getBuildVersion();
result.put("buildversion", map.get("buildversion"));
result.put("osxBuildVersion", map.get("osxBuildVersion"));
result.put("xpbuildVersion", map.get("xpbuildVersion"));
result.put("runtimeVersion", map.get("runtimeVersion"));
String callback = Util.null2String(request.getParameter("callback"));
if(callback.isEmpty()) {
out.println(result);
} else {
out.println(callback + "(" + result.toString() + ")");
}
}else if("getLanguage".equals(method)){
RecordSet recordSet = new RecordSet();
recordSet.execute("select language, id from syslanguage where activable = 1");
JSONArray lanAry = new JSONArray();
JSONObject lanObj = null;
while(recordSet.next()){
lanObj = new JSONObject();
lanObj.put("value",recordSet.getString("id"));
lanObj.put("text",recordSet.getString("language"));
lanAry.add(lanObj);
}
out.write(lanAry.toString());
}else if("checkPwd".equals(method)){
String loginId = Util.null2String(fu.getParameter("loginid"));
String sessionKey = Util.null2String(fu.getParameter("sessionKey"));
HrmResourceService hrs = new HrmResourceService();
int id = hrs.getUserId(loginId);
User user = hrs.getUserById(id);
String userid = "" + id;
JSONObject result = new JSONObject();
ChgPasswdReminder reminder=new ChgPasswdReminder();
RemindSettings settings=reminder.getRemindSettings();
String loginMustUpPswd = Util.null2String(settings.getLoginMustUpPswd());
String PasswordChangeReminderstr = Util.null2String(settings.getPasswordChangeReminder());
// log.writeLog("===========================loginMustUpPswd===="+loginMustUpPswd);
// log.writeLog("===========================PasswordChangeReminderstr===="+PasswordChangeReminderstr);
boolean PasswordChangeReminder = false;
if("1".equals(PasswordChangeReminderstr)){
PasswordChangeReminder = true;
}
int passwdReminder = 0;
if(PasswordChangeReminder){
passwdReminder = 1;
}
result.put("passwdReminder",passwdReminder+"");
String ChangePasswordDays = settings.getChangePasswordDays();
String DaysToRemind = settings.getDaysToRemind();
//User user= new User(id);
//设置session
//request.getSession(true).setAttribute("weaver_user@bean",user);
//设置sessionKey
//SocialImLogin.recordSocialIMSessionkey(id,sessionKey,1);
String passwdchgdate = "";
int passwdchgeddate = 0;
int passwdreminddatenum = 0;
int passwdelse = 0;
String passwdreminddate = "";
String canpass = "0";
String canremind = "0";
boolean isUpPswd = false;
RecordSet recordSet = new RecordSet();
//判断是否开启强制修改密"
if("1".equals(loginMustUpPswd)){
//String loginSql="select COUNT(id) from HrmSysMaintenanceLog where relatedid = "+id+" and operatetype = 6 and operateitem = 60 and exists (select 1 from HrmResource where id = "+id+") and CAST(operatedesc as varchar"+(recordSet.getDBType().equals("oracle")?"2":"")+"(100)) = 'y'";
String loginSql = "select count(*) from hrmresource where haschangepwd = 'y' and id = "+id;
// log.writeLog("===========================loginSql===="+loginSql);
try{
boolean execFlag = recordSet.executeSql(loginSql);
if(!execFlag){
loginSql="select COUNT(id) from HrmSysMaintenanceLog where relatedid = "+id+" and operatetype = 6 and operateitem = 60 and exists (select 1 from HrmResource where id = "+id+") and CAST(operatedesc as varchar"+(recordSet.getDBType().equals("oracle")?"2":"")+"(100)) = 'y'";
recordSet.executeSql(loginSql);
}
}catch(Exception e){
loginSql="select COUNT(id) from HrmSysMaintenanceLog where relatedid = "+id+" and operatetype = 6 and operateitem = 60 and exists (select 1 from HrmResource where id = "+id+") and CAST(operatedesc as varchar"+(recordSet.getDBType().equals("oracle")?"2":"")+"(100)) = 'y'";
recordSet.executeSql(loginSql);
}
if(recordSet.next()) isUpPswd = recordSet.getInt(1) <= 0;
}
if(isUpPswd){
result.put("isUpPswd","1");
}else
{
result.put("isUpPswd","0");
}
if(user.isAdmin()){
result.put("isAdmin","1");
}else{
result.put("isAdmin","0");
}
String isadaccount="";
RecordSet recordSet1 = new RecordSet();
recordSet1.executeSql("select isadaccount from HrmResource where id = "+id);
if(recordSet1.next()){
isadaccount=Util.null2String(recordSet1.getString("isadaccount"));
}
if(isadaccount.equals("1")){ //ad用户 不用提醒
result.put("isAdaccount","1");
}else{
result.put("isAdaccount","0");
}
if(!isUpPswd){
if(PasswordChangeReminder){
RecordSet recordSet2 = new RecordSet();
recordSet2.executeSql("select passwdchgdate from hrmresource where id = "+id);
if(recordSet2.next()){
passwdchgdate = recordSet2.getString(1);
passwdchgeddate = TimeUtil.dateInterval(passwdchgdate,TimeUtil.getCurrentDateString());
if(passwdchgeddate < Integer.parseInt(ChangePasswordDays)){
canpass = "1";
result.put("canpass","1");
}
passwdreminddate = TimeUtil.dateAdd(passwdchgdate,Integer.parseInt(ChangePasswordDays)-Integer.parseInt(DaysToRemind));
try {
passwdreminddatenum = TimeUtil.dateInterval(passwdreminddate,TimeUtil.getCurrentDateString());
} catch(Exception ex) {
passwdreminddatenum = 0;
}
passwdelse = Integer.parseInt(DaysToRemind) - passwdreminddatenum;
result.put("passwdelse",passwdelse);
if(passwdreminddatenum >= 0){
canremind = "1";
result.put("canremind","1");
}
}else{
result.put("canremind","0");
result.put("canpass","0");
result.put("passwdelse","0");
}
}else{
result.put("canremind","0");
result.put("canpass","0");
result.put("passwdelse","0");
}
}
out.println(result);
}else if("isNeedValidCode".equals(method)){
JSONObject result = new JSONObject();
try{
ChgPasswdReminder reminder = new ChgPasswdReminder();
RemindSettings settings=reminder.getRemindSettings();
int needvalidate=settings.getNeedvalidate();//0: "1: "
int validatetype=settings.getValidatetype();//验证码类型,0:数字;1:字母;2:汉"
result.put("needvalidate",needvalidate+"");
result.put("validatetype",validatetype+"");
}catch(Exception e){
result.put("needvalidate","0");
result.put("validatetype","0");
}
out.println(result);
} else if("getPubKey".equals(method)){
String pubkey = SocialCodeUtil.getRSAPublicKeyBase64();
out.println(pubkey);
}
%>