1 年間前 · 1cc41d1d23
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java
@@ -209,10 +209,10 @@ public abstract class AbstractAuthenticationProvider {
 
				         return true;
			
 
				     }
			
 
				 
			
 
				-    protected boolean statusValid(LoginCredential loginCredential , UserInfo userInfo) {
			
 
				+    protected boolean isUserExist(LoginCredential loginCredential , UserInfo userInfo) {
			
 
				         if (null == userInfo) {
			
 
				             String i18nMessage = WebContext.getI18nValue("login.error.username");
			
 
				-            _logger.debug("login user  " + loginCredential.getUsername() + " not in this System ." + i18nMessage);
			
 
				+            _logger.debug("login user  {} not in this System , message {} ." ,loginCredential.getUsername(), i18nMessage);
			
 
				             UserInfo loginUser = new UserInfo(loginCredential.getUsername());
			
 
				             loginUser.setId(loginUser.generateId());
			
 
				             loginUser.setUsername(loginCredential.getUsername());
			
@@ -225,26 +225,29 @@ public abstract class AbstractAuthenticationProvider {
 
				             			i18nMessage,
			
 
				             			WebConstants.LOGIN_RESULT.USER_NOT_EXIST);
			
 
				             throw new BadCredentialsException(i18nMessage);
			
 
				-        }else {
			
 
				-        	if(userInfo.getIsLocked()==ConstsStatus.LOCK) {
			
 
				-        		authenticationRealm.insertLoginHistory( 
			
 
				-        				userInfo, 
			
 
				-                        loginCredential.getAuthType(), 
			
 
				-                        loginCredential.getProvider(), 
			
 
				-                        loginCredential.getCode(), 
			
 
				-                        WebConstants.LOGIN_RESULT.USER_LOCKED
			
 
				-                    );
			
 
				-        	}else if(userInfo.getStatus()!=ConstsStatus.ACTIVE) {
			
 
				-        		authenticationRealm.insertLoginHistory( 
			
 
				-        				userInfo, 
			
 
				-                        loginCredential.getAuthType(), 
			
 
				-                        loginCredential.getProvider(), 
			
 
				-                        loginCredential.getCode(), 
			
 
				-                        WebConstants.LOGIN_RESULT.USER_INACTIVE
			
 
				-                    );
			
 
				-        	}
			
 
				         }
			
 
				         return true;
			
 
				     }
			
 
				+    
			
 
				+    protected boolean statusValid(LoginCredential loginCredential , UserInfo userInfo) {
			
 
				+    	if(userInfo.getIsLocked()==ConstsStatus.LOCK) {
			
 
				+    		authenticationRealm.insertLoginHistory( 
			
 
				+    				userInfo, 
			
 
				+                    loginCredential.getAuthType(), 
			
 
				+                    loginCredential.getProvider(), 
			
 
				+                    loginCredential.getCode(), 
			
 
				+                    WebConstants.LOGIN_RESULT.USER_LOCKED
			
 
				+                );
			
 
				+    	}else if(userInfo.getStatus()!=ConstsStatus.ACTIVE) {
			
 
				+    		authenticationRealm.insertLoginHistory( 
			
 
				+    				userInfo, 
			
 
				+                    loginCredential.getAuthType(), 
			
 
				+                    loginCredential.getProvider(), 
			
 
				+                    loginCredential.getCode(), 
			
 
				+                    WebConstants.LOGIN_RESULT.USER_INACTIVE
			
 
				+                );
			
 
				+    	}
			
 
				+        return true;
			
 
				+    }
			
 
				 
			
 
				 }
			
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java
@@ -84,6 +84,8 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider {
 
				 	
			
 
				 	        userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
			
 
				 	
			
 
				+	        isUserExist(loginCredential , userInfo);
			
 
				+	        
			
 
				 	        statusValid(loginCredential , userInfo);
			
 
				 	        //mfa 
			
 
				 	        mfacaptchaValid(loginCredential.getOtpCaptcha(),userInfo);
			
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java
@@ -90,11 +90,10 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
 
				 
			
 
				             UserInfo userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
			
 
				 
			
 
				+            isUserExist(loginCredential , userInfo);
			
 
				+            
			
 
				             statusValid(loginCredential , userInfo);
			
 
				 
			
 
				-            //Validate PasswordPolicy 取消密码策略验证
			
 
				-            //authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
			
 
				-
			
 
				             mobileCaptchaValid(loginCredential.getPassword(),userInfo);
			
 
				 
			
 
				             //apply PasswordSetType and resetBadPasswordCount
			
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java
@@ -91,11 +91,13 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider
 
				 	
			
 
				 	        UserInfo userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
			
 
				 	
			
 
				-	        statusValid(loginCredential , userInfo);
			
 
				+	        isUserExist(loginCredential , userInfo);
			
 
				 	        
			
 
				 	        //Validate PasswordPolicy
			
 
				 	        authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
			
 
				-	             
			
 
				+	        
			
 
				+	        statusValid(loginCredential , userInfo);
			
 
				+	        
			
 
				 	        //Match password 
			
 
				 	        authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword());