Merge branch 'hotfix/disable-logout-20220825' into 'master'

Hotfix/disable logout 20220825 See merge request !89

Merge branch 'hotfix/disable-logout-20220825' into 'master'
Hotfix/disable logout 20220825 See merge request !89
3dfb34e5 · 李健华 · bee82863 · e4f9d438 · 3dfb34e5 · 3dfb34e5
Commit 3dfb34e5 authored Aug 29, 2022 by 李健华
9 changed files
--- a/src/main/java/cn/quantgroup/xyqb/constant/UserConstant.java
+++ b/src/main/java/cn/quantgroup/xyqb/constant/UserConstant.java
@@ -2,4 +2,8 @@ package cn.quantgroup.xyqb.constant;
 public class UserConstant {
    public static final String USER_ERROR_OR_PASSWORD_ERROR = "帐号或密码错误";
+    public static final String USER_ERROR_OR_ENABLE_ERROR = "账号异常，请联系平台客服。";
+    public static final String USER_FREEZE_ERROR = "账号异常，已冻结。";
 }
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
@@ -48,6 +48,7 @@ import java.nio.charset.Charset;
 import java.util.*;
 import static cn.quantgroup.xyqb.Constants.VERIFICATION_CODE_FINITE_COUNT_NEW;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 /**
 * Http服务接口：用户注册、登录、重置密码
@@ -703,7 +704,7 @@ public class UserController implements IBaseController {
    private JsonResult loginWithHttpBasic(Long channelId, String appChannel, Long createdFrom, Merchant merchant, String dimension, Long geetestLogId, HttpServletRequest request) {
        User user = verificateUserNameAndPassword(request);
        if (user == null) {
-            return JsonResult.buildErrorStateResult("用户名或密码不正确", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        } else if (!wechatRelateUserIfNecessary(user, request)) {
            return JsonResult.buildErrorStateResult("登录时微信关联失败", null);
        }
@@ -787,7 +788,7 @@ public class UserController implements IBaseController {
        User user = userService.findByUuidInDb(userId);
        if (Objects.isNull(user) || !user.getEnable()) {
            log.error("用户不存在，或者已经注销，userId:{}", userId);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        } else if (!wechatRelateUserIfNecessary(user, request)) {
            return JsonResult.buildErrorStateResult("登录时微信关联失败", null);
        }
@@ -888,7 +889,7 @@ public class UserController implements IBaseController {
        User user = userService.findById(userId);
        if (Objects.isNull(user) || !user.getEnable()) {
            log.error("用户不存在，或者已经注销，userId:{}", userId);
-            return JsonResult.buildErrorStateResult("登出失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        }
        Merchant merchant = merchantService.findMerchantByName(key);

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/AppController.java
@@ -36,6 +36,7 @@ import org.springframework.web.bind.annotation.RestController;
 import javax.persistence.PersistenceException;
 import javax.servlet.http.HttpServletRequest;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_PASSWORD_ERROR;
 /**
@@ -97,7 +98,7 @@ public class AppController implements IBaseController {
                if (user == null) {
                    result = JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
                } else if (!user.getEnable()) {
-                    result = JsonResult.buildErrorStateResult("登录失败", null);
+                    result = JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
                } else {
                    Merchant merchant = merchantService.findMerchantByName(key);
                    if (merchant == null) {
@@ -231,7 +232,7 @@ public class AppController implements IBaseController {
            return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
        }
        if (!user.getEnable()) {
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        }
        Merchant merchant = merchantService.findMerchantByName(key);
        if (merchant == null) {
@@ -335,7 +336,7 @@ public class AppController implements IBaseController {
            return JsonResult.buildErrorStateResult(USER_ERROR_OR_PASSWORD_ERROR, null);
        }
        if (!user.getEnable()) {
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        }
        //校验租户ID tenantId
        oauthLoginInfoService.addLoginInfo(user, tenantId);

--- a/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/internal/user/InnerController.java
@@ -57,6 +57,8 @@ import java.text.ParseException;
 import java.util.*;
 import java.util.stream.Collectors;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 /**
 * Created by Miraculous on 2016/12/19.
@@ -249,7 +251,7 @@ public class InnerController implements IBaseController {
        User user = userService.findByUuidWithCache(uuid);
        if (null != user) {
            if (!user.getEnable()) {
-                return JsonResult.buildSuccessResult("", null);
+                return JsonResult.buildSuccessResult(USER_ERROR_OR_ENABLE_ERROR, null);
            }
            UserDetail userDetail = userDetailService.findByUserId(user.getId());
            UserInfo info = new UserInfo(user, userDetail);
@@ -273,7 +275,7 @@ public class InnerController implements IBaseController {
        User user = userService.findByPhoneInDb(phone);
        if (null != user) {
            if (!user.getEnable()) {
-                return JsonResult.buildSuccessResult("", null);
+                return JsonResult.buildSuccessResult(USER_ERROR_OR_ENABLE_ERROR, null);
            }
            UserDetail userDetail = userDetailService.findByUserId(user.getId());
            UserInfo info = new UserInfo(user, userDetail);
@@ -329,7 +331,7 @@ public class InnerController implements IBaseController {
            //存在已注销
            if (!user.getEnable()) {
                log.info("用户已经注销，phoneNo：{}", phoneNo);
-                return JsonResult.buildErrorStateResult("用户已经注销", null);
+                return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
            }
            // 插入关联数据
@@ -1316,7 +1318,7 @@ public class InnerController implements IBaseController {
        // 检查用户有效性
        if (user != null && !user.getEnable()) {
            log.error("用户不存在，或者已经注销，phoneNo:{}", phoneNo);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        }
        // 用户不存在时自动注册
        if (Objects.isNull(user)) {

--- a/src/main/java/cn/quantgroup/xyqb/controller/middleoffice/login/LoginModule.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/middleoffice/login/LoginModule.java
@@ -15,6 +15,8 @@ import org.springframework.stereotype.Service;
 import javax.annotation.Resource;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 /**
 * 面向服务的聚合模块。
 */
@@ -50,7 +52,7 @@ public class LoginModule implements ILoginModule {
            //用户不存在
            log.info("用户尝试登录，已注销:{}", phoneNo);
            //todo 自定义异常
-            throw new DataException("用户名或密码不正确");
+            throw new DataException(USER_ERROR_OR_ENABLE_ERROR);
        }
        //验证

--- a/src/main/java/cn/quantgroup/xyqb/controller/middleoffice/user/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/middleoffice/user/UserController.java
@@ -3,9 +3,11 @@ package cn.quantgroup.xyqb.controller.middleoffice.user;
 import cn.quantgroup.xyqb.entity.User;
 import cn.quantgroup.xyqb.event.DisableActiveEvent;
 import cn.quantgroup.xyqb.model.JsonResult;
+import cn.quantgroup.xyqb.service.session.ISessionService;
 import cn.quantgroup.xyqb.service.user.IUserService;
 import cn.quantgroup.xyqb.util.TenantUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.web.bind.annotation.*;
@@ -27,6 +29,10 @@ public class UserController {
    @Resource
    private ApplicationEventPublisher applicationEventPublisher;
+    @Autowired
+    private ISessionService sessionService;
    @PutMapping("/enable/{userId}")
    public JsonResult enable(@PathVariable Long userId) {
        User user = userService.findById(userId);
@@ -51,6 +57,9 @@ public class UserController {
        user.setEnable(false);
        //清理缓存
        userService.saveUser(user);
+        // 清除token缓存
+        /* 清空session */
+        sessionService.deleteByUserId(user.getId());
        //通知消息中心
        applicationEventPublisher.publishEvent(new DisableActiveEvent(this, user));

--- a/src/main/java/cn/quantgroup/xyqb/service/middleoffice/applet/impl/AppletServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/middleoffice/applet/impl/AppletServiceImpl.java
@@ -18,6 +18,8 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_FREEZE_ERROR;
 /**
 * @author ：dongjianhua
 * @date ：Created in 2020/5/27 17:27
@@ -85,6 +87,10 @@ public class AppletServiceImpl implements IAppletService {
                if (null == user) {
                    user = iUserRegisterService.register(appletParamEntry.getChannelId(), appletParamEntry.getMobile());
                }
+                if (!user.getEnable()) {
+                    log.warn("已冻结 userId--{}", user.getId());
+                    throw new AppletException(USER_FREEZE_ERROR, "0402");
+                }
                iOauthLoginInfoService.addRegisterInfo(user, appletParamEntry);
                wechatUserInfo.setUserId(user.getId());
            }
@@ -98,6 +104,12 @@ public class AppletServiceImpl implements IAppletService {
            if (null == user) {
                user = iUserRegisterService.register(appletParamEntry.getChannelId(), appletParamEntry.getMobile(), appletParamEntry.getTenantId());
            }
+            if (!user.getEnable()) {
+                log.warn("已冻结 userId--{}", user.getId());
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
+            }
            iOauthLoginInfoService.addRegisterInfo(user, appletParamEntry);
            return user.getId();
        }
@@ -123,10 +135,16 @@ public class AppletServiceImpl implements IAppletService {
                throw new AppletException("未找到此用户绑定信息","0401");
            }
            user = userService.findById(wechatUserInfo.getUserId());
-            if (null == user) {
+            if (null == user ) {
                log.warn("未找到此用户,appName:{} ,openId:{}", appName, openId);
-                throw new AppletException("未找到此用户","0401");
+                throw new AppletException("未找到此用户", "0401");
+            }
+            if (!user.getEnable()) {
+                log.warn("已冻结,appName:{} ,openId:{}", appName, openId);
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
            }
            iOauthLoginInfoService.addLoginInfo(user, tenantId);
            if (unionId != null && !unionId.equals(wechatUserInfo.getUnionId()) ) {
@@ -143,7 +161,11 @@ public class AppletServiceImpl implements IAppletService {
            user = userService.findById(userId);
            if (null == user) {
                log.warn("未找到此用户,appName:{} ,openId:{}", appName, openId);
-                throw new AppletException("未找到此用户","0401");
+                throw new AppletException("未找到此用户", "0401");
+            }
+            if (!user.getEnable()) {
+                log.warn("已冻结,appName:{} ,openId:{}", appName, openId);
+                throw new AppletException(USER_FREEZE_ERROR, "0402");
            }
        }

--- a/src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/session/impl/SessionServiceImpl.java
@@ -230,6 +230,8 @@ public class SessionServiceImpl implements ISessionService {
        if (!CollectionUtils.isEmpty(useIdKeys)) {
            useIdKeys.forEach(key -> {
                log.info("删除用户userId={}的缓存信息", userId);
+                String token = stringRedisTemplate.opsForValue().get(String.valueOf(key));
+                stringRedisTemplate.delete(getUserTokenKey(token));
                stringRedisTemplate.delete(String.valueOf(key));
            });
            //2.删除session缓存健
@@ -237,6 +239,10 @@ public class SessionServiceImpl implements ISessionService {
        }
    }
+    private String getUserTokenKey(String token) {
+        return Constants.Session.USER_SESSION_CACHE + token;
+    }
    /**
     * 删除注销后缓存查询结果
     *

--- a/src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/user/impl/UserServiceImpl.java
@@ -45,6 +45,8 @@ import java.util.*;
 import java.util.concurrent.TimeUnit;
 import java.util.stream.Collectors;
+import static cn.quantgroup.xyqb.constant.UserConstant.USER_ERROR_OR_ENABLE_ERROR;
 /**
 * Created by Miraculous on 15/7/5.
 */
@@ -374,7 +376,7 @@ public class UserServiceImpl implements IUserService, IBaseController {
        User user = findByPhoneWithCache(phoneNo);
        if (user != null && !user.getEnable()) {
            log.info("用户不存在，或者已经注销，phoneNo:{}", phoneNo);
-            return JsonResult.buildErrorStateResult("登录失败", null);
+            return JsonResult.buildErrorStateResult(USER_ERROR_OR_ENABLE_ERROR, null);
        }
        if (user == null) {
            // Service层会负责发送注册消息到LoanVest