1 lună în urmă · a4c0670345
--- a/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/controller/user/UserController.java
+++ b/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/controller/user/UserController.java
@@ -6,6 +6,7 @@
 
				 package org.eco.vip.auth.controller.user;
			
 
				 
			
 
				 
			
 
				+import cn.hutool.crypto.digest.BCrypt;
			
 
				 import jakarta.annotation.Resource;
			
 
				 import jakarta.validation.Valid;
			
 
				 import jakarta.validation.constraints.NotEmpty;
			
@@ -57,6 +58,7 @@ public class UserController {
 
				 
			
 
				     @PostMapping("/add")
			
 
				     public CommonResult<String> add(@RequestBody @Valid UserBO userBO) {
			
 
				+        userBO.setPassword(BCrypt.hashpw(userBO.getPassword()));
			
 
				         boolean result = userService.insert(userBO);
			
 
				         if (!result) {
			
 
				             return fail("新增用户失败！");
			
--- a/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/service/auth/LoginService.java
+++ b/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/service/auth/LoginService.java
@@ -11,9 +11,12 @@ import lombok.RequiredArgsConstructor;
 
				 import lombok.extern.slf4j.Slf4j;
			
 
				 import org.eco.vip.auth.domain.user.pojo.UserVO;
			
 
				 import org.eco.vip.auth.service.permission.IPermissionService;
			
 
				+import org.eco.vip.orm.exception.BusinessException;
			
 
				 import org.eco.vip.orm.pojo.LoginUser;
			
 
				 import org.springframework.stereotype.Service;
			
 
				 
			
 
				+import java.util.function.Supplier;
			
 
				+
			
 
				 /**
			
 
				  * @description LoginService
			
 
				  *
			
@@ -42,4 +45,11 @@ public class LoginService {
 
				         loginUser.setRoleCodes(permissionService.getRoleCodes(user.getUserId()));
			
 
				         return loginUser;
			
 
				     }
			
 
				+
			
 
				+    public void checkLogin(Supplier<Boolean> supplier) {
			
 
				+        if (supplier.get()) {
			
 
				+            throw new BusinessException("账号或密码错误");
			
 
				+        }
			
 
				+
			
 
				+    }
			
 
				 }
			
--- a/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/service/auth/PasswordAuthStrategy.java
+++ b/eco-nexus-core/auth-biz/src/main/java/org/eco/vip/auth/service/auth/PasswordAuthStrategy.java
@@ -8,6 +8,7 @@ package org.eco.vip.auth.service.auth;
 
				 
			
 
				 import cn.dev33.satoken.stp.StpUtil;
			
 
				 import cn.dev33.satoken.stp.parameter.SaLoginParameter;
			
 
				+import cn.hutool.crypto.digest.BCrypt;
			
 
				 import jakarta.annotation.Resource;
			
 
				 import lombok.RequiredArgsConstructor;
			
 
				 import lombok.extern.slf4j.Slf4j;
			
@@ -50,10 +51,10 @@ public class PasswordAuthStrategy implements IAuthStrategy {
 
				         // String code = authQuery.getCode();
			
 
				 
			
 
				         UserVO userVO = buildUserVO(tenantId, account);
			
 
				+        loginService.checkLogin(() -> !BCrypt.checkpw(password, userVO.getPassword()));
			
 
				         LoginUser loginUser = loginService.buildLoginUser(userVO);
			
 
				         loginUser.setClientKey(clientVO.getClientKey());
			
 
				         loginUser.setDeviceType(clientVO.getDeviceType());
			
 
				-
			
 
				         SaLoginParameter loginParameter = createLoginModel(clientVO);
			
 
				         LoginHelper.login(loginUser, loginParameter);
			
 
				         return AuthVO.builder().accessToken(StpUtil.getTokenValue()).expireIn(StpUtil.getTokenTimeout()).build();