统一业务系统系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
xiejun
2023-10-18 e40973680e8842a0797ca2e1cd45ec5e6bf0f3d8 
 Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java


@@ -40,11 +40,13 @@


import com.vci.ubcs.system.entity.Tenant;


import com.vci.ubcs.system.feign.ISysClient;


import org.springframework.beans.factory.annotation.Value;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.AuthorityUtils;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.core.userdetails.UsernameNotFoundException;


import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;


import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;


import org.springframework.stereotype.Service;




@@ -132,17 +134,18 @@


         throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);


      }




      //超级管理员配置文件配置账号密码,实现登录, 默认租户id为000000


      if(tenantId.equals(this.tenantId)){


      //超级管理员配置文件配置账号密码,实现登录, 默认租户id和超管为配置出来的


      if(tenantId.equals(this.tenantId) && userName.equals(username)){


         if (!this.userName.equals(username) && !password.equalsIgnoreCase(this.password)) {


            setFailCount(tenantId, username, count,strategy.getLockingTime());


            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);


         }


         //如果ip比对后get抛出异常No value present就直接抛异常结束登录


         if(ipEnable){


            Log.debug("当前访问IP:"+getIpAddress(request));


            // Log.debug("当前访问IP:"+getIpAddress(request));


            Log.debug("当前访问IP:"+WebUtil.getIP(request));


            try {


               ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();


               ips.stream().filter(s -> s.equals(WebUtil.getIP(request))).findFirst().get();


            } catch (Exception e){


               throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);


            }


@@ -193,6 +196,10 @@


               setFailCount(tenantId, username, count,strategy.getLockingTime());


               throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);


            }


            // 用户状态为1时说明该用户被锁定


            if(user.getUserStatus() == 1){


               throw new InvalidGrantException(TokenUtil.USER_LOCK);


            }


            String hex = DigestUtil.hex(password);


            // 用户存在但密码错误,超过次数则锁定账号


            if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) {