hy/mdc_hyjs_gk_new.git

			@@ -6,9 +6,11 @@
			import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
			import com.baomidou.mybatisplus.core.conditions.update.UpdateWrapper;
			import com.baomidou.mybatisplus.core.toolkit.IdWorker;
			import com.baomidou.mybatisplus.core.toolkit.StringPool;
			import io.swagger.annotations.Api;
			import io.swagger.annotations.ApiOperation;
			import lombok.extern.slf4j.Slf4j;
			import org.apache.commons.lang3.StringUtils;
			import org.apache.shiro.SecurityUtils;
			import org.jeecg.common.api.vo.Result;
			import org.jeecg.common.constant.CacheConstant;
			@@ -70,6 +72,8 @@
			private JeecgBaseConfig jeecgBaseConfig;

			private final String BASE_CHECK_CODES = "qwertyuiplkjhgfdsazxcvbnmQWERTYUPLKJHGFDSAZXCVBNM1234567890";
			private final String TERMINAL = "terminal";
			private final String PCR0001 = "PCR0001";

			@ApiOperation("登录接口")
			@RequestMapping(value = "/login", method = RequestMethod.POST)
			@@ -77,6 +81,8 @@
			Result<JSONObject> result = new Result<JSONObject>();
			String username = sysLoginModel.getUsername();
			String password = sysLoginModel.getPassword();
			String workNo = sysLoginModel.getWorkNo();
			String loginType = sysLoginModel.getLoginType();
			//update-begin--Author:scott Date:20190805 for：暂时注释掉密码加密逻辑，有点问题
			//前端密码加密，后端进行密码解密
			//password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
			@@ -108,18 +114,29 @@
			//1. 校验用户是否有效
			//update-begin-author:wangshuai date:20200601 for: 登录代码验证用户是否注销bug，if条件永远为false
			LambdaQueryWrapper<SysUser> queryWrapper = new LambdaQueryWrapper<>();
			queryWrapper.eq(SysUser::getUsername,username);
			if (StringUtils.isNotBlank(workNo)) {
			queryWrapper.eq(SysUser::getWorkNo,workNo);
			}else {
			queryWrapper.eq(SysUser::getUsername,username);
			}
			SysUser sysUser = sysUserService.getOne(queryWrapper);
			//update-end-author:wangshuai date:20200601 for: 登录代码验证用户是否注销bug，if条件永远为false
			result = sysUserService.checkUserIsEffective(sysUser);
			result = sysUserService.checkUserIsEffective(sysUser, loginType);
			if(!result.isSuccess()) {
			return result;
			}

			//校验操作工终端登录账号是否为操作工
			if (TERMINAL.equals(loginType) && !PCR0001.equals(sysUser.getPost())) {
			result.error500("当前登录账号岗位非操作工，请调整岗位或切换操作工账号登录");
			return result;
			}

			username = sysUser.getUsername();
			//2. 校验用户名或密码是否正确
			String userpassword = PasswordUtil.encrypt(username, password, sysUser.getSalt());
			String userpassword = StringUtils.isBlank(workNo) ? PasswordUtil.encrypt(username, password, sysUser.getSalt()) : StringPool.EMPTY;
			String syspassword = sysUser.getPassword();
			if (!syspassword.equals(userpassword)) {
			if (StringUtils.isBlank(workNo) && !syspassword.equals(userpassword)) {
			// 获取用户失败最大次数
			//Integer maxAttempts = CommonConstant.MAX_ATTEMPTS;
			List<DictModel> dictModels = sysDictService.queryEnableDictItemsByCode(CommonConstant.DICT_MAX_ATTEMPTS);
			@@ -380,7 +397,7 @@
			}else {
			//登录模式，校验用户有效性
			SysUser sysUser = sysUserService.getUserByPhone(mobile);
			result = sysUserService.checkUserIsEffective(sysUser);
			result = sysUserService.checkUserIsEffective(sysUser, null);
			if(!result.isSuccess()) {
			String message = result.getMessage();
			String userNotExist="该用户不存在，请注册";
			@@ -441,7 +458,7 @@

			//校验用户有效性
			SysUser sysUser = sysUserService.getUserByPhone(phone);
			result = sysUserService.checkUserIsEffective(sysUser);
			result = sysUserService.checkUserIsEffective(sysUser, null);
			if(!result.isSuccess()) {
			return result;
			}
			@@ -609,7 +626,7 @@

			//1. 校验用户是否有效
			SysUser sysUser = sysUserService.getUserByName(username);
			result = sysUserService.checkUserIsEffective(sysUser);
			result = sysUserService.checkUserIsEffective(sysUser, null);
			if(!result.isSuccess()) {
			return result;
			}