简柏林 / thingskit · Commits

Commit 61f4b8fa0c6e9b0e17438c49370c800e71887794

Authored by xp.Huang
1 parent 777b1b44

fix: 检查租户或账号登录时是否过期

Inline Side-by-side
Showing 3 changed files with 46 additions and 4 deletions
@@ -16,18 +16,17 @@ import org.thingsboard.server.common.data.id.UserId; @@ -16,18 +16,17 @@ import org.thingsboard.server.common.data.id.UserId;
16 import org.thingsboard.server.common.data.security.Authority; 16 import org.thingsboard.server.common.data.security.Authority;
17 import org.thingsboard.server.common.data.security.UserCredentials; 17 import org.thingsboard.server.common.data.security.UserCredentials;
18 import org.thingsboard.server.common.data.yunteng.common.DeleteGroup; 18 import org.thingsboard.server.common.data.yunteng.common.DeleteGroup;
  19 +import org.thingsboard.server.common.data.yunteng.core.exception.TkDataValidationException;
19 import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage; 20 import org.thingsboard.server.common.data.yunteng.core.message.ErrorMessage;
20 import org.thingsboard.server.common.data.yunteng.core.utils.AccountProperties; 21 import org.thingsboard.server.common.data.yunteng.core.utils.AccountProperties;
21 -import org.thingsboard.server.common.data.yunteng.dto.AuthorizeDTO;  
22 -import org.thingsboard.server.common.data.yunteng.dto.UserDTO;  
23 -import org.thingsboard.server.common.data.yunteng.dto.UserDetailsDTO;  
24 -import org.thingsboard.server.common.data.yunteng.dto.TkThirdUserDTO; 22 +import org.thingsboard.server.common.data.yunteng.dto.*;
25 import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum; 23 import org.thingsboard.server.common.data.yunteng.enums.OrderTypeEnum;
26 import org.thingsboard.server.common.data.yunteng.enums.ThirdPlatformEnum; 24 import org.thingsboard.server.common.data.yunteng.enums.ThirdPlatformEnum;
27 import org.thingsboard.server.common.data.yunteng.utils.tools.TkPageData; 25 import org.thingsboard.server.common.data.yunteng.utils.tools.TkPageData;
28 import org.thingsboard.server.controller.BaseController; 26 import org.thingsboard.server.controller.BaseController;
29 import org.thingsboard.server.dao.exception.DataValidationException; 27 import org.thingsboard.server.dao.exception.DataValidationException;
30 import org.thingsboard.server.dao.yunteng.entities.TkThirdUserEntity; 28 import org.thingsboard.server.dao.yunteng.entities.TkThirdUserEntity;
  29 +import org.thingsboard.server.dao.yunteng.service.TkTenantService;
31 import org.thingsboard.server.dao.yunteng.service.TkThirdPlatformService; 30 import org.thingsboard.server.dao.yunteng.service.TkThirdPlatformService;
32 import org.thingsboard.server.dao.yunteng.service.TkUserService; 31 import org.thingsboard.server.dao.yunteng.service.TkUserService;
33 import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository; 32 import org.thingsboard.server.service.security.auth.jwt.RefreshTokenRepository;
@@ -36,7 +35,9 @@ import org.thingsboard.server.service.security.model.SecurityUser; @@ -36,7 +35,9 @@ import org.thingsboard.server.service.security.model.SecurityUser;
36 import org.thingsboard.server.service.security.model.UserPrincipal; 35 import org.thingsboard.server.service.security.model.UserPrincipal;
37 import org.thingsboard.server.service.security.model.token.JwtTokenFactory; 36 import org.thingsboard.server.service.security.model.token.JwtTokenFactory;
38 37
  38 +import java.time.LocalDateTime;
39 import java.util.List; 39 import java.util.List;
  40 +import java.util.Optional;
40 import java.util.UUID; 41 import java.util.UUID;
41 42
42 import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*; 43 import static org.thingsboard.server.common.data.yunteng.constant.QueryConstant.*;
@@ -55,6 +56,7 @@ public class TkThirdPlatformController extends BaseController { @@ -55,6 +56,7 @@ public class TkThirdPlatformController extends BaseController {
55 private final TkThirdPlatformService thirdService; 56 private final TkThirdPlatformService thirdService;
56 private final TkUserService tkUserService; 57 private final TkUserService tkUserService;
57 private final AccountProperties accountProperties; 58 private final AccountProperties accountProperties;
  59 + private final TkTenantService tenantService;
58 @GetMapping(params = {PAGE_SIZE, PAGE}) 60 @GetMapping(params = {PAGE_SIZE, PAGE})
59 @ApiOperation("分页") 61 @ApiOperation("分页")
60 public TkPageData<TkThirdUserDTO> pageAlarmProfile( 62 public TkPageData<TkThirdUserDTO> pageAlarmProfile(
@@ -130,6 +132,7 @@ public class TkThirdPlatformController extends BaseController { @@ -130,6 +132,7 @@ public class TkThirdPlatformController extends BaseController {
130 132
131 @NotNull 133 @NotNull
132 private TkLoginResponse buildJwtToken(UserDTO userDto, String thirdUserId) { 134 private TkLoginResponse buildJwtToken(UserDTO userDto, String thirdUserId) {
  135 + checkTenantExpireTime(userDto);
133 String accessToken = ""; 136 String accessToken = "";
134 String refreshToken = ""; 137 String refreshToken = "";
135 if (userDto != null) { 138 if (userDto != null) {
@@ -168,4 +171,31 @@ public class TkThirdPlatformController extends BaseController { @@ -168,4 +171,31 @@ public class TkThirdPlatformController extends BaseController {
168 result.setRefreshToken(refreshToken); 171 result.setRefreshToken(refreshToken);
169 return result.setThirdUserId(thirdUserId); 172 return result.setThirdUserId(thirdUserId);
170 } 173 }
  174 +
  175 + private void checkTenantExpireTime(UserDTO user)
  176 + {
  177 + LocalDateTime nowDateTime = LocalDateTime.now();
  178 + //租户和客户检查租户是否有效
  179 + if(user.getLevel()>=2){
  180 + TenantDTO tenant = tenantService.findTenantByTenantId(user.getTenantId());
  181 + Optional.ofNullable(tenant).map(obj->{
  182 + LocalDateTime tenantExpireTime = obj.getTenantExpireTime();
  183 + if(null !=tenantExpireTime && nowDateTime.isAfter(tenantExpireTime)){
  184 + throw new TkDataValidationException(ErrorMessage.ACCOUNT_HAS_EXPIRED.getMessage());
  185 + }
  186 + return obj;
  187 + }).orElseThrow(()->{
  188 + throw new TkDataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
  189 + });
  190 + }
  191 + //检查账号是否过期
  192 + if(!user.isEnabled()){
  193 + throw new TkDataValidationException(ErrorMessage.ACCOUNT_DISABLED.getMessage());
  194 + }
  195 + if(null != user.getAccountExpireTime()){
  196 + if(nowDateTime.isAfter(user.getAccountExpireTime())){
  197 + throw new TkDataValidationException(ErrorMessage.ACCOUNT_HAS_EXPIRED.getMessage());
  198 + }
  199 + }
  200 + }
171 } 201 }
@@ -349,6 +349,16 @@ public class TkTenantServiceImpl extends AbstractBaseService<TenantMapper, SysTe @@ -349,6 +349,16 @@ public class TkTenantServiceImpl extends AbstractBaseService<TenantMapper, SysTe
349 .orElse(null); 349 .orElse(null);
350 } 350 }
351 351
  352 + @Override
  353 + public TenantDTO findTenantByTenantId(String id) {
  354 + if(StringUtils.isEmpty(id)){
  355 + throw new TkDataValidationException(ErrorMessage.INVALID_PARAMETER.getMessage());
  356 + }
  357 + SysTenantEntity entity = baseMapper.selectOne(new LambdaQueryWrapper<SysTenantEntity>()
  358 + .eq(SysTenantEntity::getTenantId,id));
  359 + return Optional.ofNullable(entity).map(obj->obj.getDTO(TenantDTO.class)).orElse(null);
  360 + }
  361 +
352 /** 362 /**
353 * 保存租户与菜单、角色的映射关系 363 * 保存租户与菜单、角色的映射关系
354 * 364 *
@@ -36,4 +36,6 @@ public interface TkTenantService { @@ -36,4 +36,6 @@ public interface TkTenantService {
36 CompletableFuture<TsValue> findTenantsByTs(LocalDateTime startTs, LocalDateTime endTs,long ts); 36 CompletableFuture<TsValue> findTenantsByTs(LocalDateTime startTs, LocalDateTime endTs,long ts);
37 37
38 List<TenantDTO> checkTenantProfileIdUsedByTenants(String tenantProfileId); 38 List<TenantDTO> checkTenantProfileIdUsedByTenants(String tenantProfileId);
  39 +
  40 + TenantDTO findTenantByTenantId(String id);
39 } 41 }