多端登录

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/handler/BaseAuthenticationSuccessEventHandler.java

@@ -118,7 +118,7 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
 		sysUserLoginLogService.insert(sysUserLoginLog);
 		
 		try {
-			String clientId = request.getParameter("clientId");
+			String clientId = request.getParameter("clientId").replace("QR_", "");
 			String clientSecret = request.getParameter("clientSecret");
 			if (clientId == null || clientSecret == null) {
 				throw new UnapprovedClientAuthenticationException("请求头中client信息为空");
@@ -129,7 +129,9 @@ public class BaseAuthenticationSuccessEventHandler extends SavedRequestAwareAuth
 			headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED);
 
 			ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
-			TokenRequest tokenRequest = new TokenRequest(MapUtils.EMPTY_MAP, clientId, clientDetails.getScope(), "password");
+			Map<String, String> requestParameters = new HashMap<>();
+			requestParameters.put("client_type", request.getParameter("clientType"));
+			TokenRequest tokenRequest = new TokenRequest(requestParameters, clientId, clientDetails.getScope(), "password");
 			OAuth2Request oAuth2Request = tokenRequest.createOAuth2Request(clientDetails);
 
 			OAuth2Authentication oAuth2Authentication = new OAuth2Authentication(oAuth2Request, authentication);

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/provider/PhoneAuthenticationProvider.java

@@ -74,6 +74,7 @@ public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider
 			if (data == null) {
 				throw new LockedException("用户不存在");
 			} else {
+				redisCache.delete(loginEntity.getPhone());
 				QRLoginDto loginDto = (QRLoginDto) data;
 				if (loginDto.getPrivateKey().equals(loginEntity.getSmsCode())) {
 					userInfo = loginDto.getUserInfo();
@@ -110,7 +111,7 @@ public class PhoneAuthenticationProvider extends AbstractAuthenticationProvider
 				sysUserDeviceService.bindDevice(clientId, user.getId(), deviceNum, userInfo.getSysUser().getTenantId());
 			}
 
-			if (clientId.startsWith("QR_" )) {
+			if (clientId.startsWith("QR_")) {
 			} else  if (!userInfo.getSysUser().getUserType().contains(clientId)) {
 				if (isRegister == false || StringUtils.equals("SYSTEM", clientId)) {
 					throw new LockedException("用户不存在");

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/core/service/CustomAuthenticationKeyGenerator.java

@@ -13,6 +13,7 @@ import org.springframework.security.oauth2.provider.token.DefaultAuthenticationK
 public class CustomAuthenticationKeyGenerator extends DefaultAuthenticationKeyGenerator {
 	
 	private static final String CLIENT_ID = "client_id";
+	private static final String CLIENT_TYPE = "client_type";
 
 	private static final String SCOPE = "scope";
 
@@ -25,10 +26,16 @@ public class CustomAuthenticationKeyGenerator extends DefaultAuthenticationKeyGe
 		if (!authentication.isClientOnly()) {
 			values.put(USERNAME, StringUtils.substringAfter(authentication.getName(), ":"));
 		}
-		values.put(CLIENT_ID, authorizationRequest.getClientId());
+		String clientId = authorizationRequest.getClientId();
+		clientId = clientId.replace("QR_", "");
+		values.put(CLIENT_ID, clientId);
 		if (authorizationRequest.getScope() != null) {
 			values.put(SCOPE, OAuth2Utils.formatParameterList(new TreeSet<String>(authorizationRequest.getScope())));
 		}
+		String deviceId = authorizationRequest.getRequestParameters().get(CLIENT_TYPE);
+		if (StringUtils.isNotBlank(deviceId)) {
+			values.put(CLIENT_TYPE, deviceId);
+		}
 		return generateKey(values);
 	}
 

mec-auth/mec-auth-server/src/main/java/com/ym/mec/auth/web/controller/UserController.java

@@ -48,6 +48,7 @@ import java.util.Base64;
 import java.util.Calendar;
 import java.util.Date;
 import java.util.List;
+import java.util.Locale;
 import java.util.Map;
 import java.util.UUID;
 import java.util.concurrent.TimeUnit;
@@ -452,8 +453,14 @@ public class UserController extends BaseController {
 			qrLoginDto.setExpireFlag(true);
 			return succeed(qrLoginDto);
 		}
+
+		QRLoginDto dto = (QRLoginDto) data;
+		if (!sysUser.getUserType().contains((dto).getClientId().replace("QR_", "").toUpperCase(Locale.ROOT))) {
+			throw new BizException("登录失败");
+		}
 		redisCache.put(code,data,5*60);
-		return succeed( (QRLoginDto) data);
+		dto.setUserInfo(null);
+		return succeed(dto);
 	}
 
 	@GetMapping(value = "/doQrLogin")
@@ -477,6 +484,12 @@ public class UserController extends BaseController {
 
 		SysUserInfo userInfo = sysUserService.queryUserInfoByPhone(sysUser.getPhone());
 		QRLoginDto dto = (QRLoginDto) data;
+
+
+		if (!sysUser.getUserType().contains((dto).getClientId().replace("QR_", "").toUpperCase(Locale.ROOT))) {
+			throw new BizException("登录失败");
+		}
+
 		dto.setUserInfo(userInfo);