From e13278606d3facef443c5c65e07b42c52c7a38d5 Mon Sep 17 00:00:00 2001
From: ludc
Date: 星期三, 22 十一月 2023 17:12:46 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java |   15 +++++++++++----
 1 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java b/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
index 8962a59..18730fb 100644
--- a/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
+++ b/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
@@ -40,11 +40,13 @@
 import com.vci.ubcs.system.entity.Tenant;
 import com.vci.ubcs.system.feign.ISysClient;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
 import org.springframework.stereotype.Service;
 
@@ -132,17 +134,18 @@
 			throw new UserDeniedAuthorizationException(TokenUtil.USER_HAS_TOO_MANY_FAILS);
 		}
 
-		//瓒呯骇绠＄悊鍛橀厤缃枃浠堕厤缃处鍙峰瘑鐮侊紝瀹炵幇鐧诲綍, 榛樿绉熸埛id涓�000000
-		if(tenantId.equals(this.tenantId)){
+		//瓒呯骇绠＄悊鍛橀厤缃枃浠堕厤缃处鍙峰瘑鐮侊紝瀹炵幇鐧诲綍, 榛樿绉熸埛id鍜岃秴绠′负閰嶇疆鍑烘潵鐨�
+		if(tenantId.equals(this.tenantId) && userName.equals(username)){
 			if (!this.userName.equals(username) && !password.equalsIgnoreCase(this.password)) {
 				setFailCount(tenantId, username, count,strategy.getLockingTime());
 				throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
 			}
 			//濡傛灉ip姣斿鍚巊et鎶涘嚭寮傚父No value present灏辩洿鎺ユ姏寮傚父缁撴潫鐧诲綍
 			if(ipEnable){
-				Log.debug("褰撳墠璁块棶IP锛�"+getIpAddress(request));
+				// Log.debug("褰撳墠璁块棶IP锛�"+getIpAddress(request));
+				Log.debug("褰撳墠璁块棶IP锛�"+WebUtil.getIP(request));
 				try {
-					ips.stream().filter(s -> s.equals(getIpAddress(request))).findFirst().get();
+					ips.stream().filter(s -> s.equals(WebUtil.getIP(request))).findFirst().get();
 				} catch (Exception e){
 					throw new UserDeniedAuthorizationException(TokenUtil.IP_NOT_FOND);
 				}
@@ -193,6 +196,10 @@
 					setFailCount(tenantId, username, count,strategy.getLockingTime());
 					throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
 				}
+				// 鐢ㄦ埛鐘舵�佷负1鏃惰鏄庤鐢ㄦ埛琚攣瀹�
+				if(user.getUserStatus() == 1){
+					throw new InvalidGrantException(TokenUtil.USER_LOCK);
+				}
 				String hex = DigestUtil.hex(password);
 				// 鐢ㄦ埛瀛樺湪浣嗗瘑鐮侀敊璇�,瓒呰繃娆℃暟鍒欓攣瀹氳处鍙�
 				if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) {

--
Gitblit v1.9.3