diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java index 79b4f42b5..735c9d2a6 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/AbstractAuthenticationProvider.java @@ -209,10 +209,10 @@ public abstract class AbstractAuthenticationProvider { return true; } - protected boolean statusValid(LoginCredential loginCredential , UserInfo userInfo) { + protected boolean isUserExist(LoginCredential loginCredential , UserInfo userInfo) { if (null == userInfo) { String i18nMessage = WebContext.getI18nValue("login.error.username"); - _logger.debug("login user " + loginCredential.getUsername() + " not in this System ." + i18nMessage); + _logger.debug("login user {} not in this System , message {} ." ,loginCredential.getUsername(), i18nMessage); UserInfo loginUser = new UserInfo(loginCredential.getUsername()); loginUser.setId(loginUser.generateId()); loginUser.setUsername(loginCredential.getUsername()); @@ -225,26 +225,29 @@ public abstract class AbstractAuthenticationProvider { i18nMessage, WebConstants.LOGIN_RESULT.USER_NOT_EXIST); throw new BadCredentialsException(i18nMessage); - }else { - if(userInfo.getIsLocked()==ConstsStatus.LOCK) { - authenticationRealm.insertLoginHistory( - userInfo, - loginCredential.getAuthType(), - loginCredential.getProvider(), - loginCredential.getCode(), - WebConstants.LOGIN_RESULT.USER_LOCKED - ); - }else if(userInfo.getStatus()!=ConstsStatus.ACTIVE) { - authenticationRealm.insertLoginHistory( - userInfo, - loginCredential.getAuthType(), - loginCredential.getProvider(), - loginCredential.getCode(), - WebConstants.LOGIN_RESULT.USER_INACTIVE - ); - } } return true; } + + protected boolean statusValid(LoginCredential loginCredential , UserInfo userInfo) { + if(userInfo.getIsLocked()==ConstsStatus.LOCK) { + authenticationRealm.insertLoginHistory( + userInfo, + loginCredential.getAuthType(), + loginCredential.getProvider(), + loginCredential.getCode(), + WebConstants.LOGIN_RESULT.USER_LOCKED + ); + }else if(userInfo.getStatus()!=ConstsStatus.ACTIVE) { + authenticationRealm.insertLoginHistory( + userInfo, + loginCredential.getAuthType(), + loginCredential.getProvider(), + loginCredential.getCode(), + WebConstants.LOGIN_RESULT.USER_INACTIVE + ); + } + return true; + } } diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java index 4bbcab76c..58dd01ea3 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MfaAuthenticationProvider.java @@ -84,6 +84,8 @@ public class MfaAuthenticationProvider extends AbstractAuthenticationProvider { userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword()); + isUserExist(loginCredential , userInfo); + statusValid(loginCredential , userInfo); //mfa mfacaptchaValid(loginCredential.getOtpCaptcha(),userInfo); diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java index 181cd9699..08100b1b5 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/MobileAuthenticationProvider.java @@ -90,11 +90,10 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider UserInfo userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword()); + isUserExist(loginCredential , userInfo); + statusValid(loginCredential , userInfo); - //Validate PasswordPolicy 取消密码策略验证 - //authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo); - mobileCaptchaValid(loginCredential.getPassword(),userInfo); //apply PasswordSetType and resetBadPasswordCount diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java index b6b04916b..b9c6ab0f9 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/NormalAuthenticationProvider.java @@ -91,11 +91,13 @@ public class NormalAuthenticationProvider extends AbstractAuthenticationProvider UserInfo userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword()); - statusValid(loginCredential , userInfo); + isUserExist(loginCredential , userInfo); //Validate PasswordPolicy authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo); - + + statusValid(loginCredential , userInfo); + //Match password authenticationRealm.passwordMatches(userInfo, loginCredential.getPassword());