From 9e1db983254a475fd7a069937c3f706fe2efe9b4 Mon Sep 17 00:00:00 2001
From: 沈斌 <bluelazysb@hotmail.com>
Date: Thu, 08 Feb 2018 11:41:08 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java |   12 +++++++++++-
 1 files changed, 11 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java b/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
index 7f403c4..46dc354 100644
--- a/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
+++ b/src/main/java/com/moral/security/auth/login/LoginAuthenticationProvider.java
@@ -1,6 +1,7 @@
 package com.moral.security.auth.login;
 
 import com.moral.entity.Account;
+import com.moral.security.exceptions.AccountExpiredBadCredentialsException;
 import com.moral.security.model.UserContext;
 import com.moral.service.AccountService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -19,6 +20,7 @@
 
 import java.util.Date;
 import java.util.List;
+import java.util.Optional;
 import java.util.stream.Collectors;
 
 /**
@@ -52,7 +54,15 @@
         String password = (String) authentication.getCredentials();
         LoginMode mode = (LoginMode) authentication.getDetails();
         Account account = accountService.queryAccountByName(accountName).orElseThrow(() -> new UsernameNotFoundException("User not found: " + accountName));
-        if (!encoder.matches(password, account.getPassword()) || account.getExpireTime().before(new Date())) {
+        Date expireTime = Optional.of(account.getExpireTime())
+                .orElseThrow(
+        ()-> new AccountExpiredBadCredentialsException("Authentication Failed. Account has expired.")
+                );
+        Date nowTime = new Date();
+        if(expireTime.getTime()<nowTime.getTime()){
+            throw new AccountExpiredBadCredentialsException("Authentication Failed. Account has expired.");
+        }
+        if (!encoder.matches(password, account.getPassword())) {
             throw new BadCredentialsException("Authentication Failed. Username or Password not valid.");
         }
 

--
Gitblit v1.8.0