代码优化

edef017d · hzh · dc194110 · edef017d · edef017d · edef017d
--- a/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java
+++ b/ruoyi-api/ruoyi-api-system/src/main/java/org/dromara/system/api/RemoteUserService.java
@@ -154,9 +154,10 @@ public interface RemoteUserService {
     * 根据手机号查询租户id集合
     *
     * @param phone 手机号
+     * @param userType 手机号
     * @return 租户id集合
     */
-    List<String> selectTenantIdsByPhone(String phone);
+    List<String> selectTenantIdsByPhone(String phone,String userType);

    /**
     * 注册用户到云上服务器

--- a/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/controller/TokenController.java
@@ -22,6 +22,7 @@ import org.dromara.auth.service.SysLoginService;
 import org.dromara.common.core.constant.UserConstants;
 import org.dromara.common.core.domain.R;
 import org.dromara.common.core.domain.model.LoginBody;
+import org.dromara.common.core.enums.UserType;
 import org.dromara.common.core.utils.*;
 import org.dromara.common.encrypt.annotation.ApiEncrypt;
 import org.dromara.common.json.utils.JsonUtils;
@@ -213,7 +214,7 @@ public class TokenController {

        //通过手机号过滤
        if (StringUtils.isNotEmpty(phone)){
-            List<String> tenantIds = remoteUserService.selectTenantIdsByPhone(phone);
+            List<String> tenantIds = remoteUserService.selectTenantIdsByPhone(phone, UserType.SYS_USER.getUserType());
            tenantList = StreamUtils.filter(tenantList, vo -> tenantIds.contains(vo.getTenantId()));
        }


--- a/ruoyi-auth/src/main/java/org/dromara/auth/form/XcxLoginBody.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/form/XcxLoginBody.java
@@ -19,6 +19,11 @@ public class XcxLoginBody extends LoginBody {
     */
    private String appid;

+    /**
+     * 手机号
+     */
+    private String phone;
+
    /**
     * 小程序code
     */

--- a/ruoyi-auth/src/main/java/org/dromara/auth/form/XcxPhoneLoginBody.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/form/XcxPhoneLoginBody.java
@@ -34,5 +34,9 @@ public class XcxPhoneLoginBody extends LoginBody {
     */
    @NotBlank(message = "用户凭证不能为空")
    private String sessionKey;
+    /**
+     * 手机号
+     */
+    private String phone;

 }
--- a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/AbstractMallStrategy.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/AbstractMallStrategy.java
@@ -6,6 +6,7 @@ import org.apache.dubbo.config.annotation.DubboReference;
 import org.dromara.auth.service.IAuthStrategy;
 import org.dromara.common.core.domain.model.LoginBody;
 import org.dromara.common.core.enums.UserType;
+import org.dromara.common.core.exception.ServiceException;
 import org.dromara.common.core.utils.StringUtils;
 import org.dromara.mall.api.domain.member.RemoteMember;
 import org.dromara.mall.api.domain.member.RemoteMemberSave;
@@ -82,4 +83,13 @@ public abstract class AbstractMallStrategy implements IAuthStrategy {
        return memberId;
    }

+    protected void validatePhone(String validatePhone, String loginPhone) {
+        if (StringUtils.isBlank(validatePhone)) {
+            return;
+        }
+        if (StringUtils.equals(validatePhone, loginPhone)) {
+            throw new ServiceException(String.format("微信授权手机号%s与您输入的员工手机号%s不匹配，请核对后登录", loginPhone, validatePhone));
+        }
+    }
+
 }
--- a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxAuthStrategy.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxAuthStrategy.java
@@ -73,6 +73,9 @@ public class XcxAuthStrategy extends AbstractMallStrategy implements IAuthStrate
        //获取会员id
        Long memberId = getMemberId(loginBody, loginUser);

+        //校验手机号
+        validatePhone(loginBody.getPhone(), loginUser.getPhone());
+
        SaLoginModel model = new SaLoginModel();
        model.setDevice(client.getDeviceType());
        // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置

--- a/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxPhoneAuthStrategy.java
+++ b/ruoyi-auth/src/main/java/org/dromara/auth/service/impl/XcxPhoneAuthStrategy.java
@@ -56,6 +56,10 @@ public class XcxPhoneAuthStrategy extends AbstractMallStrategy implements IAuthS
            .setTenantId(loginBody.getTenantId())
            .setOpenId(loginBody.getOpenId())
            .setPhonenumber(phone));
+
+        //校验手机号
+        validatePhone(loginBody.getPhone(), phone);
+
        XcxLoginUser loginUser = remoteUserService.getUserInfoByOpenid(loginBody.getOpenId(), loginBody.getTenantId());

        if (loginUser == null) {

--- a/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java
+++ b/ruoyi-modules/ruoyi-system/src/main/java/org/dromara/system/dubbo/RemoteUserServiceImpl.java
@@ -381,10 +381,11 @@ public class RemoteUserServiceImpl implements RemoteUserService {
     * 通过手机号查询租户id集合
     *
     * @param phone    手机号
+     * @param userType 手机号
     * @return 租户id集合
     */
    @Override
-    public List<String> selectTenantIdsByPhone(String phone) {
+    public List<String> selectTenantIdsByPhone(String phone, String userType) {
        return userMapper.selectList(new LambdaQueryWrapper<SysUser>().eq(SysUser::getPhonenumber, phone))
            .stream().map(SysUser::getTenantId).collect(Collectors.toList());
    }