From a9dcd4da075b0d62236486e8b56a2e0e0b0d8709 Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期五, 27 十二月 2024 09:46:26 +0800
Subject: [PATCH] 123

---
 applet/src/main/java/com/jilongda/applet/security/AuthenticationProvider.java |   24 ++++++++++++------------
 1 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/applet/src/main/java/com/jilongda/applet/security/AuthenticationProvider.java b/applet/src/main/java/com/jilongda/applet/security/AuthenticationProvider.java
index f8e8011..d44a5cf 100644
--- a/applet/src/main/java/com/jilongda/applet/security/AuthenticationProvider.java
+++ b/applet/src/main/java/com/jilongda/applet/security/AuthenticationProvider.java
@@ -42,24 +42,24 @@
         // [1] 获取 username 和 password
         String userName = (String) authentication.getPrincipal();
         String password = (String) authentication.getCredentials();
+        log.info("用户数据查询======================================");
         // [2] 使用用户名从数据库读取用户信息
         SecurityUserDetails userDetails = this.loadUserDetailsService.loadUserByUsername(userName);
+        log.info("用户数据查询======================================:{}", userDetails);
         // 判断是否被封禁
-//        userDetails.setEnabled(userDetails.getStatus());
+//        userDetails.setEnabled(userDetails.getState());
         // [3] 检查用户信息
         if (Objects.isNull(userDetails)) {
             throw new UsernameNotFoundException("用户账户不存在");
+//        } else if (userDetails.isEnabled() || userDetails.getState()) {
+//            throw new DisabledException(userName + " 用户已被禁用或删除，请联系管理员");
+        } else if (!userDetails.isAccountNonExpired()) {
+            throw new AccountExpiredException(userName + " 账号已过期");
+        } else if (!userDetails.isAccountNonLocked()) {
+            throw new LockedException(userName + " 账号已被锁定");
+        } else if (!userDetails.isCredentialsNonExpired()) {
+            throw new LockedException(userName + " 凭证已过期");
         }
-        else if (userDetails.getState()) {
-            throw new DisabledException("用户已被禁用或删除，请联系管理员");
-        }
-//        else if (!userDetails.isAccountNonExpired()) {
-//            throw new AccountExpiredException(userName + " 账号已过期");
-//        } else if (!userDetails.isAccountNonLocked()) {
-//            throw new LockedException(userName + " 账号已被锁定");
-//        } else if (!userDetails.isCredentialsNonExpired()) {
-//            throw new LockedException(userName + " 凭证已过期");
-//        }
         // [4] 数据库用户的密码，一般都是加密过的
         String encryptedPassword = userDetails.getPassword();
 
@@ -71,7 +71,7 @@
         // 把 userDetails 作为 principal 的好处是可以放自定义的 UserDetails，这样可以存储更多有用的信息，而不只是 username，
         // 默认只有 username，这里的密码使用数据库中保存的密码，而不是用户输入的明文密码，否则就暴露了密码的明文
         // 不暴露密码
-        userDetails.setPassword(null);
+//        userDetails.setPassword(null);
         UsernamePasswordAuthenticationToken usernamePasswordAuthenticationToken = new UsernamePasswordAuthenticationToken(userDetails.getUsername(), null, null);
         // 设置详情
         //String userInfo = JsonUtils.toJsonString(userDetails);

--
Gitblit v1.7.1