Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/granter/CaptchaTokenGranter.java
@@ -47,7 +47,7 @@ Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password); ((AbstractAuthenticationToken) userAuth).setDetails(parameters); try { userAuth = authenticationManager.authenticate(userAuth); userAuth = authenticationManager.authenticate(userAuth); } catch (AccountStatusException | BadCredentialsException ase) { //covers expired, locked, disabled cases (mentioned in section 5.2, draft 31) Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/granter/PwdFreeLoginTokenGranter.java
@@ -85,6 +85,10 @@ // 构建授权信息 User user = result.getData().getUser(); // 判断当前用户是否被停用 if(user.getUserStatus() == 1){ throw new InvalidGrantException(TokenUtil.USER_LOCK); } Kv detail = result.getData().getDetail(); if (user == null || user.getId() == null) { throw new InvalidGrantException("passwordfree grant failure, user is null"); Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
@@ -40,11 +40,13 @@ import com.vci.ubcs.system.entity.Tenant; import com.vci.ubcs.system.feign.ISysClient; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.oauth2.common.exceptions.InvalidGrantException; import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException; import org.springframework.stereotype.Service; @@ -194,6 +196,10 @@ setFailCount(tenantId, username, count,strategy.getLockingTime()); throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND); } // 用户状态为1时说明该用户被锁定 if(user.getUserStatus() == 1){ throw new InvalidGrantException(TokenUtil.USER_LOCK); } String hex = DigestUtil.hex(password); // 用户存在但密码错误,超过次数则锁定账号 if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) { Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/utils/TokenUtil.java
@@ -85,6 +85,7 @@ public final static String PASSWORD_KEY = "password"; public final static String GRANT_TYPE_KEY = "grant_type"; public final static String REFRESH_TOKEN_KEY = "refresh_token"; public final static String USER_LOCK = "当前登录用户已被停用,请联系管理解封账号。"; private static BladeTenantProperties tenantProperties;
@@ -54,6 +54,9 @@ */ @Override public List<MdmCount> getMdmCounts(String userId) throws ServiceException{ if(Func.isBlank(userId)){ throw new ServiceException("必传参数用户id不能为空"); } /** 1、先查询出各分类顶层节点有哪些主数据,拿到业务类型名称,相当于拿到主数据表名 顶层节点的btmtypeid还需要用作查询条件对应的菜单表的code字段 但是为了减少查询次数,就需在查询是使用btmtypeid字段进行排序 Source/UBCS/ubcs-service/ubcs-system/src/main/java/com/vci/ubcs/system/service/impl/MdmCountConfigServiceImpl.java
@@ -44,8 +44,8 @@ MdmCountConfig mdmCountConfigDB = getMdmCountConfig(mdmCountConfigVO.getUserId().toString()); MdmCountConfig mdmCountConfig = new MdmCountConfig(); //新增 if(Func.isBlank(mdmCountConfigVO.getId().toString())){ Func.copy(mdmCountConfigVO,mdmCountConfig); if(Func.isEmpty(mdmCountConfigDB)){ mdmCountConfig.setUserId(mdmCountConfigVO.getUserId()); }else { //修改 Func.copy(mdmCountConfigDB,mdmCountConfig);
