From 098d3347a0df808908aab8c554cd7c4febc5e6d9 Mon Sep 17 00:00:00 2001
From: 疯狂的狮子Li <15040126243@163.com>
Date: 星期一, 26 八月 2024 11:43:59 +0800
Subject: [PATCH] !577 发布 5.2.2 正式版 安全性提升 Merge pull request !577 from 疯狂的狮子Li/dev
---
ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java | 36 ++++++++++++++++--------------------
1 files changed, 16 insertions(+), 20 deletions(-)
diff --git a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
index 38fdc44..b5a2497 100644
--- a/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
+++ b/ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java
@@ -21,7 +21,6 @@
import org.dromara.common.redis.utils.RedisUtils;
import org.dromara.common.satoken.utils.LoginHelper;
import org.dromara.common.tenant.helper.TenantHelper;
-import org.dromara.system.domain.SysClient;
import org.dromara.system.domain.SysUser;
import org.dromara.system.domain.vo.SysClientVo;
import org.dromara.system.domain.vo.SysUserVo;
@@ -51,13 +50,12 @@
String tenantId = loginBody.getTenantId();
String email = loginBody.getEmail();
String emailCode = loginBody.getEmailCode();
-
- // 閫氳繃閭鏌ユ壘鐢ㄦ埛
- SysUserVo user = loadUserByEmail(tenantId, email);
-
- loginService.checkLogin(LoginType.EMAIL, tenantId, user.getUserName(), () -> !validateEmailCode(tenantId, email, emailCode));
- // 姝ゅ鍙牴鎹櫥褰曠敤鎴风殑鏁版嵁涓嶅悓 鑷鍒涘缓 loginUser 灞炴�т笉澶熺敤缁ф壙鎵╁睍灏辫浜�
- LoginUser loginUser = loginService.buildLoginUser(user);
+ LoginUser loginUser = TenantHelper.dynamic(tenantId, () -> {
+ SysUserVo user = loadUserByEmail(email);
+ loginService.checkLogin(LoginType.EMAIL, tenantId, user.getUserName(), () -> !validateEmailCode(tenantId, email, emailCode));
+ // 姝ゅ鍙牴鎹櫥褰曠敤鎴风殑鏁版嵁涓嶅悓 鑷鍒涘缓 loginUser 灞炴�т笉澶熺敤缁ф壙鎵╁睍灏辫浜�
+ return loginService.buildLoginUser(user);
+ });
loginUser.setClientKey(client.getClientKey());
loginUser.setDeviceType(client.getDeviceType());
SaLoginModel model = new SaLoginModel();
@@ -89,18 +87,16 @@
return code.equals(emailCode);
}
- private SysUserVo loadUserByEmail(String tenantId, String email) {
- return TenantHelper.dynamic(tenantId, () -> {
- SysUserVo user = userMapper.selectVoOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getEmail, email));
- if (ObjectUtil.isNull(user)) {
- log.info("鐧诲綍鐢ㄦ埛锛歿} 涓嶅瓨鍦�.", email);
- throw new UserException("user.not.exists", email);
- } else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
- log.info("鐧诲綍鐢ㄦ埛锛歿} 宸茶鍋滅敤.", email);
- throw new UserException("user.blocked", email);
- }
- return user;
- });
+ private SysUserVo loadUserByEmail(String email) {
+ SysUserVo user = userMapper.selectVoOne(new LambdaQueryWrapper<SysUser>().eq(SysUser::getEmail, email));
+ if (ObjectUtil.isNull(user)) {
+ log.info("鐧诲綍鐢ㄦ埛锛歿} 涓嶅瓨鍦�.", email);
+ throw new UserException("user.not.exists", email);
+ } else if (UserStatus.DISABLE.getCode().equals(user.getStatus())) {
+ log.info("鐧诲綍鐢ㄦ埛锛歿} 宸茶鍋滅敤.", email);
+ throw new UserException("user.blocked", email);
+ }
+ return user;
}
}
--
Gitblit v1.9.3