From 3a46aae0a8e9e4bd3cb8dcd1185a69a74668995b Mon Sep 17 00:00:00 2001
From: kaiyu <404897439@qq.com>
Date: Tue, 15 Dec 2020 14:08:47 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java |   14 +++++++++-----
 1 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java b/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
index 46dc354..999813a 100644
--- a/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
+++ b/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
@@ -1,9 +1,11 @@
 package com.moral.security.auth.login;
 
 import com.moral.entity.Account;
+import com.moral.entity.Role;
 import com.moral.security.exceptions.AccountExpiredBadCredentialsException;
 import com.moral.security.model.UserContext;
 import com.moral.service.AccountService;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -17,6 +19,7 @@
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Component;
 import org.springframework.util.Assert;
+import org.springframework.util.CollectionUtils;
 
 import java.util.Date;
 import java.util.List;
@@ -54,7 +57,8 @@
         String password = (String) authentication.getCredentials();
         LoginMode mode = (LoginMode) authentication.getDetails();
         Account account = accountService.queryAccountByName(accountName).orElseThrow(() -> new UsernameNotFoundException("User not found: " + accountName));
-        Date expireTime = Optional.of(account.getExpireTime())
+        List<Role> roleList = accountService.getRolesByAccountName(accountName);
+        Date expireTime = Optional.ofNullable(account.getExpireTime())
                 .orElseThrow(
         ()-> new AccountExpiredBadCredentialsException("Authentication Failed. Account has expired.")
                 );
@@ -66,11 +70,11 @@
             throw new BadCredentialsException("Authentication Failed. Username or Password not valid.");
         }
 
-        if (account.getRoles() == null) {
-            throw new InsufficientAuthenticationException("User has no roles assigned");
+        if (CollectionUtils.isEmpty(roleList)) {
+            throw new InsufficientAuthenticationException("Authentication Failed. User has no roles assigned");
         }
-        List<GrantedAuthority> authorities = account.getRoles().stream()
-                .map(authority -> new SimpleGrantedAuthority(authority.getName()))
+        List<GrantedAuthority> authorities = roleList.stream()
+                .map(authority -> new SimpleGrantedAuthority(authority.getRoleName()))
                 .collect(Collectors.toList());
 
         UserContext userContext = UserContext.create(account.getAccountName(),mode,account.getOrganizationId(),authorities);

--
Gitblit v1.8.0