新增ip地区限制

accompany-base/accompany-basic/accompany-basic-service/src/main/java/com/accompany/core/mybatismapper/AccountLoginRecordMapperExpand.java

@@ -25,4 +25,12 @@ public interface AccountLoginRecordMapperExpand {
      * @return
      */
     AccountLoginRecord getLastLogin(@Param("uid") Long uid);
+
+    /**
+     * 判断是否在ip限制访问列表
+     *
+     * @param uid
+     * @return
+     */
+    Integer isExists(@Param("uid") Long uid);
 }

accompany-base/accompany-basic/accompany-basic-service/src/main/resources/oauth/AccountLoginRecordMapperExpand.xml

@@ -49,4 +49,8 @@
     <select id="getLastLogin" resultType="com.accompany.core.model.AccountLoginRecord">
         select * from account_login_record where uid = #{uid} order by record_id desc limit 1;
     </select>
+
+    <select id="isExists" resultType="java.lang.Integer">
+        select count(1) from ip_region_limit_record where uid = #{uid}
+    </select>
 </mapper>

accompany-oauth2/accompany-oauth2-service/src/main/java/com/accompany/oauth2/service/account/AccountH5LoginService.java

@@ -14,6 +14,7 @@ import com.accompany.core.exception.ServiceException;
 import com.accompany.core.model.Account;
 import com.accompany.core.model.AccountH5LoginRecord;
 import com.accompany.core.mybatismapper.AccountH5LoginRecordMapper;
+import com.accompany.core.mybatismapper.AccountLoginRecordMapperExpand;
 import com.accompany.core.service.account.AccountService;
 import com.accompany.core.service.common.JedisService;
 import com.accompany.core.util.JwtUtils;
@@ -48,6 +49,8 @@ public class AccountH5LoginService {
     @Autowired
     private AccountH5LoginRecordMapper accountH5LoginRecordMapper;
     @Autowired
+    private AccountLoginRecordMapperExpand accountLoginRecordMapperExpand;
+    @Autowired
     private JedisService jedisService;
     @Autowired
     private AccountService accountService;
@@ -167,6 +170,10 @@ public class AccountH5LoginService {
         jedisService.hset(RedisKey.h5loginjwtoken.getKey(), uid.toString(), jwtToken);
     }
 
+    private void deleteH5LoginJwtToken(Long uid) {
+        jedisService.hdel(RedisKey.h5loginjwtoken.getKey(), uid.toString());
+    }
+
     public void register(String mobile, String code, String inviteCode, Long inviteUid, DeviceInfo deviceInfo, String ipAddress, String phoneAreaCode) {
         // 校验验证码
         if (!smsService.verifySmsCode(mobile, code)) {
@@ -214,7 +221,16 @@ public class AccountH5LoginService {
         Map<String, H5TokenGranter> tokenGranterMap = SpringContextHolder.getApplicationContext().getBeansOfType(H5TokenGranter.class);
         for (H5TokenGranter tokenGranter : tokenGranterMap.values()) {
             if (tokenGranter.getGrantType().equals(grantType)) {
-                return tokenGranter.getAuthentication(request);
+                H5AccessToken token = tokenGranter.getAuthentication(request);
+                if (token != null) {
+                    Long uid = token.getUid();
+                    Integer isExists = accountLoginRecordMapperExpand.isExists(uid);
+                    if (isExists > 0) {
+                        deleteH5LoginJwtToken(uid);
+                        throw new ApiException(403, "暂未在你所在的地区开放");
+                    }
+                }
+                return token;
             }
         }
         return null;