Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java

@@ -40,11 +40,13 @@
import com.vci.ubcs.system.entity.Tenant;
import com.vci.ubcs.system.feign.ISysClient;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
import org.springframework.stereotype.Service;

@@ -132,8 +134,8 @@
         throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
      }

      //超级管理员配置文件配置账号密码，实现登录, 默认租户id为000000
      if(tenantId.equals(this.tenantId)){
      //超级管理员配置文件配置账号密码，实现登录, 默认租户id和超管为配置出来的
      if(tenantId.equals(this.tenantId) && userName.equals(username)){
         if (!this.userName.equals(username) && !password.equalsIgnoreCase(this.password)) {
            setFailCount(tenantId, username, count,strategy.getLockingTime());
            throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
@@ -194,6 +196,10 @@
               setFailCount(tenantId, username, count,strategy.getLockingTime());
               throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
            }
            // 用户状态为1时说明该用户被锁定
            if(user.getUserStatus() == 1){
               throw new InvalidGrantException(TokenUtil.USER_LOCK);
            }
            String hex = DigestUtil.hex(password);
            // 用户存在但密码错误,超过次数则锁定账号
            if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) {