Merge branch '5.X' into future/flowable

ruoyi-admin/src/main/java/org/dromara/web/controller/AuthController.java

@@ -10,6 +10,7 @@ import me.zhyd.oauth.model.AuthResponse;
 import me.zhyd.oauth.model.AuthUser;
 import me.zhyd.oauth.request.AuthRequest;
 import me.zhyd.oauth.utils.AuthStateUtils;
+import org.dromara.common.core.constant.UserConstants;
 import org.dromara.common.core.domain.R;
 import org.dromara.common.core.domain.model.LoginBody;
 import org.dromara.common.core.domain.model.RegisterBody;
@@ -78,6 +79,8 @@ public class AuthController {
         if (ObjectUtil.isNull(client) || !StringUtils.contains(client.getGrantType(), grantType)) {
             log.info("客户端id: {} 认证类型：{} 异常!.", clientId, grantType);
             return R.fail(MessageUtils.message("auth.grant.type.error"));
+        } else if (!UserConstants.NORMAL.equals(client.getStatus())) {
+            return R.fail(MessageUtils.message("auth.grant.type.blocked"));
         }
         // 校验租户
         loginService.checkTenant(loginBody.getTenantId());

ruoyi-admin/src/main/java/org/dromara/web/service/SysRegisterService.java

@@ -1,6 +1,8 @@
 package org.dromara.web.service;
 
 import cn.dev33.satoken.secure.BCrypt;
+import cn.hutool.core.util.ObjectUtil;
+import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import org.dromara.common.core.constant.Constants;
 import org.dromara.common.core.constant.GlobalConstants;
 import org.dromara.common.core.domain.model.RegisterBody;
@@ -14,8 +16,11 @@ import org.dromara.common.core.utils.SpringUtils;
 import org.dromara.common.core.utils.StringUtils;
 import org.dromara.common.log.event.LogininforEvent;
 import org.dromara.common.redis.utils.RedisUtils;
+import org.dromara.common.tenant.helper.TenantHelper;
 import org.dromara.common.web.config.properties.CaptchaProperties;
+import org.dromara.system.domain.SysUser;
 import org.dromara.system.domain.bo.SysUserBo;
+import org.dromara.system.mapper.SysUserMapper;
 import org.dromara.system.service.ISysUserService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.stereotype.Service;
@@ -30,6 +35,7 @@ import org.springframework.stereotype.Service;
 public class SysRegisterService {
 
     private final ISysUserService userService;
+    private final SysUserMapper userMapper;
     private final CaptchaProperties captchaProperties;
 
     /**
@@ -53,7 +59,11 @@ public class SysRegisterService {
         sysUser.setPassword(BCrypt.hashpw(password));
         sysUser.setUserType(userType);
 
-        if (!userService.checkUserNameUnique(sysUser)) {
+        boolean exist = userMapper.exists(new LambdaQueryWrapper<SysUser>()
+            .eq(TenantHelper.isEnable(), SysUser::getTenantId, tenantId)
+            .eq(SysUser::getUserName, sysUser.getUserName())
+            .ne(ObjectUtil.isNotNull(sysUser.getUserId()), SysUser::getUserId, sysUser.getUserId()));
+        if (exist) {
             throw new UserException("user.register.save.error", username);
         }
         boolean regFlag = userService.registerUser(sysUser, tenantId);

ruoyi-admin/src/main/java/org/dromara/web/service/impl/EmailAuthStrategy.java

@@ -60,6 +60,8 @@ public class EmailAuthStrategy implements IAuthStrategy {
         loginService.checkLogin(LoginType.EMAIL, tenantId, user.getUserName(), () -> !validateEmailCode(tenantId, email, emailCode));
         // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
         LoginUser loginUser = loginService.buildLoginUser(user);
+        loginUser.setClientKey(client.getClientKey());
+        loginUser.setDeviceType(client.getDeviceType());
         SaLoginModel model = new SaLoginModel();
         model.setDevice(client.getDeviceType());
         // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置

ruoyi-admin/src/main/java/org/dromara/web/service/impl/PasswordAuthStrategy.java

@@ -70,6 +70,8 @@ public class PasswordAuthStrategy implements IAuthStrategy {
         loginService.checkLogin(LoginType.PASSWORD, tenantId, username, () -> !BCrypt.checkpw(password, user.getPassword()));
         // 此处可根据登录用户的数据不同 自行创建 loginUser
         LoginUser loginUser = loginService.buildLoginUser(user);
+        loginUser.setClientKey(client.getClientKey());
+        loginUser.setDeviceType(client.getDeviceType());
         SaLoginModel model = new SaLoginModel();
         model.setDevice(client.getDeviceType());
         // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置

ruoyi-admin/src/main/java/org/dromara/web/service/impl/SmsAuthStrategy.java

@@ -60,6 +60,8 @@ public class SmsAuthStrategy implements IAuthStrategy {
         loginService.checkLogin(LoginType.SMS, tenantId, user.getUserName(), () -> !validateSmsCode(tenantId, phonenumber, smsCode));
         // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
         LoginUser loginUser = loginService.buildLoginUser(user);
+        loginUser.setClientKey(client.getClientKey());
+        loginUser.setDeviceType(client.getDeviceType());
         SaLoginModel model = new SaLoginModel();
         model.setDevice(client.getDeviceType());
         // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置

ruoyi-admin/src/main/java/org/dromara/web/service/impl/SocialAuthStrategy.java

@@ -97,6 +97,8 @@ public class SocialAuthStrategy implements IAuthStrategy {
 
         // 此处可根据登录用户的数据不同 自行创建 loginUser 属性不够用继承扩展就行了
         LoginUser loginUser = loginService.buildLoginUser(user);
+        loginUser.setClientKey(client.getClientKey());
+        loginUser.setDeviceType(client.getDeviceType());
         SaLoginModel model = new SaLoginModel();
         model.setDevice(client.getDeviceType());
         // 自定义分配 不同用户体系 不同 token 授权时间 不设置默认走全局 yml 配置

ruoyi-admin/src/main/java/org/dromara/web/service/impl/XcxAuthStrategy.java

@@ -54,6 +54,8 @@ public class XcxAuthStrategy implements IAuthStrategy {
         loginUser.setUsername(user.getUserName());
         loginUser.setNickname(user.getNickName());
         loginUser.setUserType(user.getUserType());
+        loginUser.setClientKey(client.getClientKey());
+        loginUser.setDeviceType(client.getDeviceType());
         loginUser.setOpenid(openid);
 
         SaLoginModel model = new SaLoginModel();

ruoyi-admin/src/main/resources/i18n/messages.properties

@@ -29,6 +29,7 @@ user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
 auth.grant.type.error=认证权限类型错误
+auth.grant.type.blocked=认证权限类型已禁用
 auth.grant.type.not.blank=认证权限类型不能为空
 auth.clientid.not.blank=认证客户端id不能为空
 ##文件上传消息

ruoyi-admin/src/main/resources/i18n/messages_en_US.properties

@@ -29,6 +29,7 @@ user.notfound=Please login again
 user.forcelogout=The administrator is forced to exit，please login again
 user.unknown.error=Unknown error, please login again
 auth.grant.type.error=Auth grant type error
+auth.grant.type.blocked=Auth grant type disabled
 auth.grant.type.not.blank=Auth grant type cannot be blank
 auth.clientid.not.blank=Auth clientid cannot be blank
 ##文件上传消息

ruoyi-admin/src/main/resources/i18n/messages_zh_CN.properties

@@ -29,6 +29,7 @@ user.notfound=请重新登录
 user.forcelogout=管理员强制退出，请重新登录
 user.unknown.error=未知错误，请重新登录
 auth.grant.type.error=认证权限类型错误
+auth.grant.type.blocked=认证权限类型已禁用
 auth.grant.type.not.blank=认证权限类型不能为空
 auth.clientid.not.blank=认证客户端id不能为空
 ##文件上传消息