From e40973680e8842a0797ca2e1cd45ec5e6bf0f3d8 Mon Sep 17 00:00:00 2001
From: xiejun <xj@2023>
Date: 星期三, 18 十月 2023 13:47:44 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java |    6 ++++++
 1 files changed, 6 insertions(+), 0 deletions(-)

diff --git a/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java b/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
index 1320bca..18730fb 100644
--- a/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
+++ b/Source/UBCS/ubcs-auth/src/main/java/com/vci/ubcs/auth/service/BladeUserDetailsServiceImpl.java
@@ -40,11 +40,13 @@
 import com.vci.ubcs.system.entity.Tenant;
 import com.vci.ubcs.system.feign.ISysClient;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.security.oauth2.common.exceptions.InvalidGrantException;
 import org.springframework.security.oauth2.common.exceptions.UserDeniedAuthorizationException;
 import org.springframework.stereotype.Service;
 
@@ -194,6 +196,10 @@
 					setFailCount(tenantId, username, count,strategy.getLockingTime());
 					throw new UsernameNotFoundException(TokenUtil.USER_NOT_FOUND);
 				}
+				// 鐢ㄦ埛鐘舵�佷负1鏃惰鏄庤鐢ㄦ埛琚攣瀹�
+				if(user.getUserStatus() == 1){
+					throw new InvalidGrantException(TokenUtil.USER_LOCK);
+				}
 				String hex = DigestUtil.hex(password);
 				// 鐢ㄦ埛瀛樺湪浣嗗瘑鐮侀敊璇�,瓒呰繃娆℃暟鍒欓攣瀹氳处鍙�
 				if (grantType != null && !grantType.equals(TokenUtil.REFRESH_TOKEN_KEY) && !user.getPassword().equals(hex)) {

--
Gitblit v1.9.3