Source/BladeX/blade-auth/src/main/java/org/springblade/auth/service/BladeUserDetailsServiceImpl.java

@@ -31,6 +31,7 @@
import org.springblade.core.tool.support.Kv;
import org.springblade.core.tool.utils.*;
import org.springblade.system.cache.ParamCache;
import org.springblade.system.entity.Strategy;
import org.springblade.system.entity.Tenant;
import org.springblade.system.feign.ISysClient;
import org.springblade.system.user.entity.User;
@@ -77,6 +78,7 @@

   private final JwtProperties jwtProperties;


   /**
    * 超级管理员信息
    */
@@ -116,16 +118,21 @@

      // 指定租户ID
      String tenantId = StringUtils.isBlank(headerTenant) ? paramTenant : headerTenant;

      Log.debug("当前登录用户的租户Id为："+tenantId+"当前登录用户名为："+username);
      Strategy strategy = sysClient.getByTenantIdAndName(tenantId, username).getData();

      // 判断登录是否锁定
      int count = getFailCount(tenantId, username);
      int failCount = Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), FAIL_COUNT);
      int failCount = Func.toInt(ParamCache.getValue(FAIL_COUNT_VALUE), Func.toInt(strategy.getLockingNum()));

      if (count >= failCount) {
         throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
      }
      //超级管理员配置文件配置账号密码，实现登录, 默认租户id为000000
      if(tenantId.equals(this.tenantId)){
         if (!this.userName.equals(username) && !password.equalsIgnoreCase(this.password)) {
            setFailCount(tenantId, username, count);
            setFailCount(tenantId, username, count,strategy.getLockingTime());
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
         }
         //如果ip比对后get抛出异常No value present就直接抛异常结束登录
@@ -180,12 +187,13 @@
            User user = userInfo.getUser();
            // 用户不存在,但提示用户名与密码错误并锁定账号
            if (user == null || user.getId() == null) {
               setFailCount(tenantId, username, count);
               setFailCount(tenantId, username, count,strategy.getLockingTime());
               throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
            }
            String hex = DigestUtil.hex(password);
            // 用户存在但密码错误,超过次数则锁定账号
            if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(DigestUtil.hex(password))) {
               setFailCount(tenantId, username, count);
            if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) {
               setFailCount(tenantId, username, count,strategy.getLockingTime());
               throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
            }
            // 用户角色不存在
@@ -210,7 +218,7 @@
            BladeUserDetails bladeUserDetails = new BladeUserDetails(user.getId(),
               user.getTenantId(), StringPool.EMPTY, user.getName(), user.getRealName(), user.getDeptId(), user.getPostId(), user.getRoleId(), Func.join(userInfo.getRoles()), Func.toStr(user.getAvatar(), TokenUtil.DEFAULT_AVATAR),
               username, AuthConstant.ENCRYPT + user.getPassword(), userInfo.getDetail(), true, true, true, true,
               AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())));
               AuthorityUtils.commaSeparatedStringToAuthorityList(Func.join(result.getData().getRoles())),user.getStrategyUpdateStatus());
            return bladeUserDetails;
         } else {
            throw new UsernameNotFoundException(result.getMsg());
@@ -279,8 +287,8 @@
    * @param username 账号
    * @param count    次数
    */
   private void setFailCount(String tenantId, String username, int count) {
      bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), count + 1, Duration.ofMinutes(30));
   private void setFailCount(String tenantId, String username, int count, Long expir) {
      bladeRedis.setEx(CacheNames.tenantKey(tenantId, CacheNames.USER_FAIL_KEY, username), count + 1, Duration.ofMinutes(expir));
   }

   /**