校验token内租户ID和传值租户ID是否一致

src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java

@@ -442,10 +442,7 @@ public class UserController implements IBaseController {
      */
     @RequestMapping("/token")
     public JsonResult token(@RequestParam String token, @RequestParam(required = false) Integer tenantId) {
-        //默认羊小咩租户
-        if (TenantUtil.validationTenantIdIsNullOrZero(tenantId)) {
-            tenantId = TenantUtil.TENANT_DEFAULT;
-        }
+
         Map<String, Object> result = new HashMap<>();
         result.put("exist", false);
         if (StringUtils.isEmpty(token)) {
@@ -459,14 +456,20 @@ public class UserController implements IBaseController {
             return JsonResult.buildSuccessResult(null, result);
         }
         User user = sessionStruct.getValues().getUser();
+        Integer sessionTenantId = sessionStruct.getValues().getLoginProperties().getTenantId();
+        //默认羊小咩租户
+        if (TenantUtil.validationTenantIdIsNullOrZero(sessionTenantId)) {
+            sessionTenantId = TenantUtil.TENANT_DEFAULT;
+        }
         //校验非羊小咩租户
-        if (!tenantId.equals(TenantUtil.TENANT_DEFAULT)) {
-            Integer sessionTenantId = sessionStruct.getValues().getLoginProperties().getTenantId();
+        if (!sessionTenantId.equals(TenantUtil.TENANT_DEFAULT)) {
             if (sessionTenantId.equals(tenantId)) {
                 user = tenantService.getTenantUser(user, tenantId);
                 if (user == null) {
                     return JsonResult.buildSuccessResult(null, result);
                 }
+            }else {
+                return JsonResult.buildSuccessResult(null, result);
             }
         }
         String phoneNo = user.getPhoneNo();