加密

puzhibing

2025-01-15 e5a94c9d747fa73ec7eb16b284ed5bc4b057bacc

 ruoyi-auth/src/main/java/com/ruoyi/auth/service/SysLoginService.java

@@ -91,7 +91,61 @@
      if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "用户已停用，请联系管理员");
//         throw new ServiceException("对不起，您的账号：" + username + " 已停用");
         throw new ServiceException("您所属门店已被冻结，请联系平台");
         throw new ServiceException("您的账号已被禁用，请联系平台");
      }
      passwordService.validate(user, password, request);
      recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_SUCCESS_STATUS, "登录成功");
      return userInfo;
   }
   public LoginUser loginShop(String username, String password, HttpServletRequest request) {
      username = username.trim();
      // 查询用户信息
      R<LoginUser> userResult = remoteUserService.infoShop(username, SecurityConstants.INNER);

      if (StringUtils.isNull(userResult) || StringUtils.isNull(userResult.getData())) {
         recordLogService.recordLogininfor(request, null, username, Constants.LOGIN_FAIL_STATUS, "登录用户不存在");
         throw new ServiceException("登录用户：" + username + " 不存在");
      }
      LoginUser userInfo = userResult.getData();
      SysUser user = userResult.getData().getSysUser();

      // 用户名或密码为空 错误
      if (StringUtils.isAnyBlank(username, password)) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "用户/密码必须填写");
         throw new ServiceException("用户/密码必须填写");
      }
      // 密码如果不在指定范围内 错误
      if (password.length() < UserConstants.PASSWORD_MIN_LENGTH
            || password.length() > UserConstants.PASSWORD_MAX_LENGTH) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "用户密码不在指定范围");
         throw new ServiceException("用户密码不在指定范围");
      }
      // 用户名不在指定范围内 错误
      if (username.length() < UserConstants.USERNAME_MIN_LENGTH
            || username.length() > UserConstants.USERNAME_MAX_LENGTH) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "用户名不在指定范围");
         throw new ServiceException("用户名不在指定范围");
      }
      // IP黑名单校验
      String blackStr = Convert.toStr(redisService.getCacheObject(CacheConstants.SYS_LOGIN_BLACKIPLIST));
      if (IpUtils.isMatchedIp(blackStr, IpUtils.getIpAddr())) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "很遗憾，访问IP已被列入系统黑名单");
         throw new ServiceException("很遗憾，访问IP已被列入系统黑名单");
      }

      if (R.FAIL == userResult.getCode()) {
         throw new ServiceException(userResult.getMsg());
      }


      if (UserStatus.DELETED.getCode().equals(user.getDelFlag())) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "对不起，您的账号已被删除");
         throw new ServiceException("对不起，您的账号：" + username + " 已被删除");
      }
      if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
         recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_FAIL_STATUS, "用户已停用，请联系管理员");
//         throw new ServiceException("对不起，您的账号：" + username + " 已停用");
         throw new ServiceException("您的账号已被禁用，请联系平台");
      }
      passwordService.validate(user, password, request);
      recordLogService.recordLogininfor(request, user.getUserId().intValue(), username, Constants.LOGIN_SUCCESS_STATUS, "登录成功");