fix: 修复被禁用的账户可以通过短信验证码再次登录的问题

(cherry picked from commit fcfd68ac1c979374d0916ed87995030c465e9428)
This commit is contained in:
DevDengChao 2024-06-12 15:20:51 +08:00
parent 97e8c35f70
commit 30d0b10c99
1 changed files with 6 additions and 0 deletions

View File

@ -88,6 +88,12 @@ public class MemberAuthServiceImpl implements MemberAuthService {
MemberUserDO user = userService.createUserIfAbsent(reqVO.getMobile(), userIp, getTerminal()); MemberUserDO user = userService.createUserIfAbsent(reqVO.getMobile(), userIp, getTerminal());
Assert.notNull(user, "获取用户失败,结果为空"); Assert.notNull(user, "获取用户失败,结果为空");
// 校验是否禁用
if (ObjectUtil.notEqual(user.getStatus(), CommonStatusEnum.ENABLE.getStatus())) {
createLoginLog(user.getId(), reqVO.getMobile(), LoginLogTypeEnum.LOGIN_SMS, LoginResultEnum.USER_DISABLED);
throw exception(AUTH_LOGIN_USER_DISABLED);
}
// 如果 socialType 非空说明需要绑定社交用户 // 如果 socialType 非空说明需要绑定社交用户
String openid = null; String openid = null;
if (reqVO.getSocialType() != null) { if (reqVO.getSocialType() != null) {