bonus
/
Bonus-Cloud
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

用户登录问题修改

This commit is contained in:
jiang 2024-09-10 09:46:04 +08:00
parent 9fb868b93b
commit d0100bb092
1 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
bonus-auth/src/main/java/com/bonus/auth/controller/TokenController.java
View File

@ -16,10 +16,11 @@ import com.bonus.common.security.auth.AuthUtil;
import com.bonus.common.security.service.TokenService; import com.bonus.common.security.service.TokenService;
import com.bonus.common.security.utils.SecurityUtils; import com.bonus.common.security.utils.SecurityUtils;
import com.bonus.system.api.RemoteUserService; import com.bonus.system.api.RemoteUserService;
import com.bonus.system.api.domain.SysUser;
import com.bonus.system.api.model.LoginUser; import com.bonus.system.api.model.LoginUser;
import lombok.extern.slf4j.Slf4j; import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.ObjectUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.bind.annotation.DeleteMapping; import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestBody;
@ -36,6 +37,10 @@ import java.util.Set;
@RestController @RestController
@Slf4j @Slf4j
public class TokenController { public class TokenController {
@Value("${isAdmin}")
private boolean isAdmin;
@Autowired @Autowired
private TokenService tokenService; private TokenService tokenService;
@ -56,19 +61,27 @@ public class TokenController {
@PostMapping("isAdmin") @PostMapping("isAdmin")
public R<?> isAdmin(@RequestBody LoginBody form) { public R<?> isAdmin(@RequestBody LoginBody form) {
if (!isAdmin){
return R.ok(false);
}
passwordValidatorService.validateLoginParameters(form.getUsername(), form.getPassword());
//通过用户名获取人员信息 //通过用户名获取人员信息
R<LoginUser> userResult = remoteUserService.getUserInfo(form.getUsername(), SecurityConstants.INNER); R<LoginUser> userResult = remoteUserService.getUserInfo(form.getUsername(), SecurityConstants.INNER);
// 验证用户查询结果
passwordValidatorService.validateUserResult(form.getUsername(), userResult);
LoginUser userInfo = userResult.getData();
SysUser user = userInfo.getSysUser();
passwordValidatorService.validateApprovalStatus(form.getUsername(), user);
// 验证用户状态
passwordValidatorService.validateUserStatus(form.getUsername(), user);
// 验证密码
passwordService.validate(user, form.getPassword(), System.currentTimeMillis());
// 处理IP校验
passwordValidatorService.handleIpValidation(form.getUsername(), user);
if (userResult == null || userResult.getData() == null || R.FAIL == userResult.getCode()) { if (userResult == null || userResult.getData() == null || R.FAIL == userResult.getCode()) {
return R.fail("登录用户不存在"); return R.fail("登录用户不存在");
} }
Set<String> roles = userResult.getData().getRoles(); Set<String> roles = userResult.getData().getRoles();
if (roles.contains("admin")) {
if (ObjectUtils.isNotEmpty(userResult.getData().getSysUser().getPhonenumber())) {
passwordService.createPhoneCaptcha(userResult.getData().getSysUser().getPhonenumber());
} else {
R.fail(roles.contains("admin"));
}
}
return R.ok(roles.contains("admin")); return R.ok(roles.contains("admin"));
} }