Merge branch 'hotfix/disable-logout-20220825' into 'master'

Hotfix/disable logout 20220825

See merge request !89

src/main/java/cn/quantgroup/xyqb/constant/UserConstant.java

@@ -2,4 +2,8 @@ package cn.quantgroup.xyqb.constant;
 
 public class UserConstant {
     public static final String USER_ERROR_OR_PASSWORD_ERROR = "帐号或密码错误";
+
+    public static final String USER_ERROR_OR_ENABLE_ERROR = "账号异常，请联系平台客服。";
+
+    public static final String USER_FREEZE_ERROR = "账号异常，已冻结。";
 }

src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java

@@ -48,6 +48,7 @@ import java.nio.charset.Charset;
 import java.util.*;
 
 import static cn.quantgroup.xyqb.Constants.VERIFICATION_CODE_FINITE_COUNT_NEW;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 
 /**
  * Http服务接口：用户注册、登录、重置密码
@@ -703,7 +704,7 @@ public class UserController implements IBaseController {
     private JsonResult loginWithHttpBasic(Long channelId, String appChannel, Long createdFrom, Merchant merchant, String dimension, Long geetestLogId, HttpServletRequest request) {
         User user = verificateUserNameAndPassword(request);
         if (user == null) {
-            return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         } else if (!wechatRelateUserIfNecessary(user, request)) {
             return JsonResult.buildErrorStateResult("登录时微信关联失败", null);
         }
@@ -787,7 +788,7 @@ public class UserController implements IBaseController {
         User user = userService.findByUuidInDb(userId);
         if (Objects.isNull(user) || !user.getEnable()) {
             log.error("用户不存在，或者已经注销，userId:{}", userId);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         } else if (!wechatRelateUserIfNecessary(user, request)) {
             return JsonResult.buildErrorStateResult("登录时微信关联失败", null);
         }
@@ -888,7 +889,7 @@ public class UserController implements IBaseController {
         User user = userService.findById(userId);
         if (Objects.isNull(user) || !user.getEnable()) {
             log.error("用户不存在，或者已经注销，userId:{}", userId);
-            return JsonResult.buildErrorStateResult("登出失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         }
 
         Merchant merchant = merchantService.findMerchantByName(key);

src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java

@@ -36,6 +36,7 @@ import org.springframework.web.bind.annotation.RestController;
 import javax.persistence.PersistenceException;
 import javax.servlet.http.HttpServletRequest;
 
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_PASSWORD_ERROR;
 
 /**
@@ -97,7 +98,7 @@ public class AppController implements IBaseController {
                 if (user == null) {
                     result = JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
                 } else if (!user.getEnable()) {
-                    result = JsonResult.buildErrorStateResult("登录失败", null);
+                    result = JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
                 } else {
                     Merchant merchant = merchantService.findMerchantByName(key);
                     if (merchant == null) {
@@ -231,7 +232,7 @@ public class AppController implements IBaseController {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
         }
         if (!user.getEnable()) {
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         }
         Merchant merchant = merchantService.findMerchantByName(key);
         if (merchant == null) {
@@ -335,7 +336,7 @@ public class AppController implements IBaseController {
             return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
         }
         if (!user.getEnable()) {
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         }
         //校验租户ID tenantId
         oauthLoginInfoService.addLoginInfo(user, tenantId);

src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java

@@ -57,6 +57,8 @@ import java.text.ParseException;
 import java.util.*;
 import java.util.stream.Collectors;
 
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
+
 
 /**
  * Created by Miraculous on 2016/12/19.
@@ -249,7 +251,7 @@ public class InnerController implements IBaseController {
         User user = userService.findByUuidWithCache(uuid);
         if (null != user) {
             if (!user.getEnable()) {
-                return JsonResult.buildSuccessResult("", null);
+                return JsonResult.buildSuccessResult(USER_ERROR_OR_ENABLE_ERROR, null);
             }
             UserDetail userDetail = userDetailService.findByUserId(user.getId());
             UserInfo info = new UserInfo(user, userDetail);
@@ -273,7 +275,7 @@ public class InnerController implements IBaseController {
         User user = userService.findByPhoneInDb(phone);
         if (null != user) {
             if (!user.getEnable()) {
-                return JsonResult.buildSuccessResult("", null);
+                return JsonResult.buildSuccessResult(USER_ERROR_OR_ENABLE_ERROR, null);
             }
             UserDetail userDetail = userDetailService.findByUserId(user.getId());
             UserInfo info = new UserInfo(user, userDetail);
@@ -329,7 +331,7 @@ public class InnerController implements IBaseController {
             //存在已注销
             if (!user.getEnable()) {
                 log.info("用户已经注销，phoneNo：{}", phoneNo);
-                return JsonResult.buildErrorStateResult("用户已经注销", null);
+                return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
             }
 
             // 插入关联数据
@@ -1316,7 +1318,7 @@ public class InnerController implements IBaseController {
         // 检查用户有效性
         if (user != null && !user.getEnable()) {
             log.error("用户不存在，或者已经注销，phoneNo:{}", phoneNo);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         }
         // 用户不存在时自动注册
         if (Objects.isNull(user)) {

src/main/java/cn/quantgroup/xyqb/controller/middleoffice/login/LoginModule.java

@@ -15,6 +15,8 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
+
 /**
  * 面向服务的聚合模块。
  */
@@ -50,7 +52,7 @@ public class LoginModule implements ILoginModule {
             //用户不存在
             log.info("用户尝试登录，已注销:{}", phoneNo);
             //todo 自定义异常
-            throw new DataException("用户名或密码不正确");
+            throw new DataException(USER_ERROR_OR_ENABLE_ERROR);
         }
 
         //验证

src/main/java/cn/quantgroup/xyqb/controller/middleoffice/user/UserController.java

@@ -3,9 +3,11 @@ package cn.quantgroup.xyqb.controller.middleoffice.user;
 import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.event.DisableActiveEvent;
 import cn.quantgroup.xyqb.model.JsonResult;
+import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.util.TenantUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.web.bind.annotation.*;
 
@@ -27,6 +29,10 @@ public class UserController {
     @Resource
     private ApplicationEventPublisher applicationEventPublisher;
 
+
+    @Autowired
+    private ISessionService sessionService;
+
     @PutMapping("/enable/{userId}")
     public JsonResult enable(@PathVariable Long userId) {
         User user = userService.findById(userId);
@@ -51,6 +57,9 @@ public class UserController {
         user.setEnable(false);
         //清理缓存
         userService.saveUser(user);
+        // 清除token缓存
+        /* 清空session */
+        sessionService.deleteByUserId(user.getId());
         //通知消息中心
         applicationEventPublisher.publishEvent(new DisableActiveEvent(this, user));
 

src/main/java/cn/quantgroup/xyqb/service/middleoffice/applet/impl/AppletServiceImpl.java

@@ -18,6 +18,8 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_FREEZE_ERROR;
+
 /**
  * @author ：dongjianhua
  * @date ：Created in 2020/5/27 17:27
@@ -85,6 +87,10 @@ public class AppletServiceImpl implements IAppletService {
                 if (null == user) {
                     user = iUserRegisterService.register(appletParamEntry.getChannelId(), appletParamEntry.getMobile());
                 }
+                if (!user.getEnable()) {
+                    log.warn("已冻结 userId--{}", user.getId());
+                    throw new AppletException(USER_FREEZE_ERROR, "0402");
+                }
                 iOauthLoginInfoService.addRegisterInfo(user, appletParamEntry);
                 wechatUserInfo.setUserId(user.getId());
             }
@@ -98,6 +104,12 @@ public class AppletServiceImpl implements IAppletService {
             if (null == user) {
                 user = iUserRegisterService.register(appletParamEntry.getChannelId(), appletParamEntry.getMobile(), appletParamEntry.getTenantId());
             }
+
+            if (!user.getEnable()) {
+                log.warn("已冻结 userId--{}", user.getId());
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
+            }
+
             iOauthLoginInfoService.addRegisterInfo(user, appletParamEntry);
             return user.getId();
         }
@@ -123,10 +135,16 @@ public class AppletServiceImpl implements IAppletService {
                 throw new AppletException("未找到此用户绑定信息","0401");
             }
             user = userService.findById(wechatUserInfo.getUserId());
-            if (null == user) {
+            if (null == user ) {
                 log.warn("未找到此用户,appName:{} ,openId:{}", appName, openId);
-                throw new AppletException("未找到此用户","0401");
+                throw new AppletException("未找到此用户", "0401");
+            }
+
+            if (!user.getEnable()) {
+                log.warn("已冻结,appName:{} ,openId:{}", appName, openId);
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
             }
+
             iOauthLoginInfoService.addLoginInfo(user, tenantId);
 
             if (unionId != null && !unionId.equals(wechatUserInfo.getUnionId()) ) {
@@ -143,7 +161,11 @@ public class AppletServiceImpl implements IAppletService {
             user = userService.findById(userId);
             if (null == user) {
                 log.warn("未找到此用户,appName:{} ,openId:{}", appName, openId);
-                throw new AppletException("未找到此用户","0401");
+                throw new AppletException("未找到此用户", "0401");
+            }
+            if (!user.getEnable()) {
+                log.warn("已冻结,appName:{} ,openId:{}", appName, openId);
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
             }
         }
 

src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java

@@ -230,6 +230,8 @@ public class SessionServiceImpl implements ISessionService {
         if (!CollectionUtils.isEmpty(useIdKeys)) {
             useIdKeys.forEach(key -> {
                 log.info("删除用户userId={}的缓存信息", userId);
+                String token = stringRedisTemplate.opsForValue().get(String.valueOf(key));
+                stringRedisTemplate.delete(getUserTokenKey(token));
                 stringRedisTemplate.delete(String.valueOf(key));
             });
             //2.删除session缓存健
@@ -237,6 +239,10 @@ public class SessionServiceImpl implements ISessionService {
         }
     }
 
+    private String getUserTokenKey(String token) {
+        return Constants.Session.USER_SESSION_CACHE + token;
+    }
+
     /**
      * 删除注销后缓存查询结果
      *

src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java

@@ -45,6 +45,8 @@ import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
 
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
+
 /**
  * Created by Miraculous on 15/7/5.
  */
@@ -374,7 +376,7 @@ public class UserServiceImpl implements IUserService, IBaseController {
         User user = findByPhoneWithCache(phoneNo);
         if (user != null && !user.getEnable()) {
             log.info("用户不存在，或者已经注销，phoneNo:{}", phoneNo);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
         }
         if (user == null) {
             // Service层会负责发送注册消息到LoanVest