diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginFilter.java b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginFilter.java index e411f6f..098ff03 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginFilter.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginFilter.java @@ -47,14 +47,9 @@ public class AuthCodeLoginFilter extends AbstractAuthenticationProcessingFilter if (StrUtil.isBlank(userId)) { throw new BadCredentialsException("授权码无效"); } - try { - AuthCodeToken authRequest = new AuthCodeToken(userId, userId); - authRequest.setDetails(new WebRequestDetails(request)); - return this.getAuthenticationManager().authenticate(authRequest); - } catch (Exception e) { - logger.error(e.getMessage(), e); - throw new BadCredentialsException("授权失败"); - } + AuthCodeToken authRequest = new AuthCodeToken(userId, userId); + authRequest.setDetails(new WebRequestDetails(request)); + return this.getAuthenticationManager().authenticate(authRequest); } } diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginUserDetailService.java b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginUserDetailService.java index ea7599b..b2eac0d 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginUserDetailService.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/user/security/auth/code/AuthCodeLoginUserDetailService.java @@ -1,6 +1,7 @@ package com.hz.pm.api.user.security.auth.code; +import cn.hutool.core.collection.CollUtil; import com.hz.pm.api.common.helper.UserInfoHelper; import com.hz.pm.api.user.convert.UserInfoConvertor; import com.hz.pm.api.user.model.enumeration.UserAvailableEnum; @@ -38,6 +39,9 @@ public class AuthCodeLoginUserDetailService implements UserDetailsService { if (UserAvailableEnum.DISABLE.equals(ufi.getAvailable())) { throw new CommonLoginException("账号已禁用"); } + if (CollUtil.isEmpty(ufi.getUserRoleList())) { + throw new CommonLoginException("账号未配置角色"); + } return UserInfoConvertor.convert(ufi); } diff --git a/hz-pm-api/src/main/java/com/hz/pm/api/user/util/LoginUserUtil.java b/hz-pm-api/src/main/java/com/hz/pm/api/user/util/LoginUserUtil.java index 80be75f..e6b765c 100644 --- a/hz-pm-api/src/main/java/com/hz/pm/api/user/util/LoginUserUtil.java +++ b/hz-pm-api/src/main/java/com/hz/pm/api/user/util/LoginUserUtil.java @@ -5,6 +5,7 @@ import com.hz.pm.api.sys.model.entity.Role; import com.hz.pm.api.user.model.enumeration.RoleEnum; import com.hz.pm.api.user.security.model.UserInfoDetails; +import java.util.Collections; import java.util.List; import java.util.stream.Collectors; @@ -26,6 +27,9 @@ public class LoginUserUtil extends AbstractLoginUserUtil { public static List getRoleIdList() { UserInfoDetails userInfoDetails = loginUserDetail(); List userRoleList = userInfoDetails.getUserRoleList(); + if (userRoleList == null) { + return Collections.emptyList(); + } return userRoleList.stream().map(Role::getId).collect(Collectors.toList()); }