简柏林 / thingskit · Commits

Commit b6e996f277c213b774924c6856e35e87623ce1dc

Authored by 云中非
1 parent 2da86ccb

feat(DEFECT-765): 手机验证码登录,账号已过期任然可以登录问题

Inline Side-by-side
Showing 3 changed files with 7 additions and 1 deletions
@@ -340,6 +340,9 @@ public class RestAuthenticationProvider implements AuthenticationProvider { @@ -340,6 +340,9 @@ public class RestAuthenticationProvider implements AuthenticationProvider {
340 User user = new User(); 340 User user = new User();
341 String tbEmail = optionalUser.get().getUsername() + "@" + accountProperties.getEmailSuffix(); 341 String tbEmail = optionalUser.get().getUsername() + "@" + accountProperties.getEmailSuffix();
342 UserDetailsDTO ytDetailDTO = optionalUser.get(); 342 UserDetailsDTO ytDetailDTO = optionalUser.get();
  343 + if(ytDetailDTO.getAccountExpireTime() != null && ytDetailDTO.getAccountExpireTime().isBefore(LocalDateTime.now())){
  344 + throw new AccountExpiredException(ErrorMessage.ACCOUNT_HAS_EXPIRED.getMessage());
  345 + }
343 //如果是平台管理员 346 //如果是平台管理员
344 if(isPlatFormUser(ytDetailDTO)){ 347 if(isPlatFormUser(ytDetailDTO)){
345 user.setAuthority(Authority.PLATFORM_USER); 348 user.setAuthority(Authority.PLATFORM_USER);
@@ -17,7 +17,6 @@ public enum ErrorMessage { @@ -17,7 +17,6 @@ public enum ErrorMessage {
17 USERNAME_PASSWORD_INCORRECT(401001, "用户名或密码错误"), 17 USERNAME_PASSWORD_INCORRECT(401001, "用户名或密码错误"),
18 TOKEN_EXPIRED(401002, "token已过期,请重新登录"), 18 TOKEN_EXPIRED(401002, "token已过期,请重新登录"),
19 NONE_TENANT_ASSET(401003, "非当前租户资产"), 19 NONE_TENANT_ASSET(401003, "非当前租户资产"),
20 - AUTHENTICATION_FAILED_ACCOUNT_EXPIRED(401003, "账号已过期,请联系你的管理员"),  
21 BAD_PARAMETER(400000, "查询参数无效"), 20 BAD_PARAMETER(400000, "查询参数无效"),
22 INVALID_PARAMETER(400001, "无效参数"), 21 INVALID_PARAMETER(400001, "无效参数"),
23 TOO_MANY_REQUEST(429001, "请求过多"), 22 TOO_MANY_REQUEST(429001, "请求过多"),
@@ -8,6 +8,7 @@ import lombok.RequiredArgsConstructor; @@ -8,6 +8,7 @@ import lombok.RequiredArgsConstructor;
8 import lombok.extern.slf4j.Slf4j; 8 import lombok.extern.slf4j.Slf4j;
9 import org.apache.commons.lang3.RandomStringUtils; 9 import org.apache.commons.lang3.RandomStringUtils;
10 import org.apache.commons.lang3.StringUtils; 10 import org.apache.commons.lang3.StringUtils;
  11 +import org.springframework.security.authentication.BadCredentialsException;
11 import org.springframework.stereotype.Service; 12 import org.springframework.stereotype.Service;
12 import org.springframework.transaction.annotation.Transactional; 13 import org.springframework.transaction.annotation.Transactional;
13 import org.thingsboard.common.util.JacksonUtil; 14 import org.thingsboard.common.util.JacksonUtil;
@@ -133,6 +134,9 @@ public class YtSmsServiceImpl implements YtSmsService { @@ -133,6 +134,9 @@ public class YtSmsServiceImpl implements YtSmsService {
133 if (users.isEmpty()) { 134 if (users.isEmpty()) {
134 throw new YtDataValidationException("电话号码未在系统注册,请联系你的管理员"); 135 throw new YtDataValidationException("电话号码未在系统注册,请联系你的管理员");
135 } 136 }
  137 + if(users.get(0).getAccountExpireTime() != null && users.get(0).getAccountExpireTime().isBefore(LocalDateTime.now())){
  138 + throw new YtDataValidationException(ErrorMessage.ACCOUNT_HAS_EXPIRED.getMessage());
  139 + }
136 // 获取是否有验证码存在,防止发送数量过多 140 // 获取是否有验证码存在,防止发送数量过多
137 String key = 141 String key =
138 purpose.name() 142 purpose.name()