1、优化账户禁用和密码锁定提示

2、增加忘记密码解锁账户状态操作

menduner/menduner-system-api/src/main/java/com/citu/module/menduner/system/enums/ErrorCodeConstants.java

@@ -154,7 +154,7 @@ public interface ErrorCodeConstants {
 
     // ========== AUTH 模块 1_100_017_000 ==========
     ErrorCode MDE_AUTH_LOGIN_BAD_CREDENTIALS = new ErrorCode(1_100_017_001, "登录失败，账号密码不正确");
-    ErrorCode MDE_AUTH_LOGIN_USER_DISABLED = new ErrorCode(1_100_017_002, "登录失败，账号被禁用");
+    ErrorCode MDE_AUTH_LOGIN_USER_DISABLED = new ErrorCode(1_100_017_002, "该账户已被禁用,您可以点击忘记密码或请联系工作人员。");
     ErrorCode MDE_AUTH_SOCIAL_USER_NOT_FOUND = new ErrorCode(1_100_017_003, "登录失败，解析不到三方登录信息");
     ErrorCode MDE_AUTH_MOBILE_USED = new ErrorCode(1_100_017_004, "手机号已经被使用");
 
@@ -185,6 +185,11 @@ public interface ErrorCodeConstants {
 
     ErrorCode MDE_USER_PHONE_NOT_EXISTS_ERROR = new ErrorCode(1_100_017_023, "手机号尝试多次,请8个小时后重试");
 
+    ErrorCode MDE_AUTH_PASSWORD_ERROR_TOO_MANY =
+            new ErrorCode(1_100_017_024, "该账户密码已经错误多次,为了您的账户安全,超过5次将锁定您的账户。");
+
+
+
     // ========== 角色模块 1_100_018_000 ==========
     ErrorCode MDE_ROLE_NOT_EXISTS = new ErrorCode(1_100_018_001, "角色不存在");
     ErrorCode MDE_ROLE_NAME_DUPLICATE = new ErrorCode(1_100_018_002, "已经存在名为【{}】的角色");
@@ -271,7 +276,7 @@ public interface ErrorCodeConstants {
     // ========== 企业登录用户 1_100_023_000 ==========
     ErrorCode MDE_ENTERPRISE_USER_BIND_NOT_EXISTS = new ErrorCode(1_100_023_001, "企业登录用户不存在");
     ErrorCode MDE_ENTERPRISE_USER_BIND_NAME_NOT_NULL = new ErrorCode(1_100_023_002, "名称不能为空");
-    ErrorCode MDE_ENTERPRISE_USER_BIND_IS_DISABLE = new ErrorCode(1_100_023_003, "该账户已被禁用");
+    ErrorCode MDE_ENTERPRISE_USER_BIND_IS_DISABLE = new ErrorCode(1_100_023_003, "该账户已被禁用,您可以点击忘记密码或请联系工作人员。");
     ErrorCode MDE_ENTERPRISE_USER_BIND_IS_ADMIN = new ErrorCode(1_100_023_004, "该账户为管理员账户,无法操作");
     ErrorCode MDE_ENTERPRISE_USER_BIND_PASSWORD_NOT_NULL = new ErrorCode(1_100_023_005, "新密码不能为空");
     ErrorCode MDE_ENTERPRISE_USER_BIND_PASSWORD_LENGTH = new ErrorCode(1_100_023_006, "新密码长度为 8-16 位");
@@ -279,6 +284,10 @@ public interface ErrorCodeConstants {
     ErrorCode MDE_ENTERPRISE_USER_BIND_EMAIL_NOT_NULL = new ErrorCode(1_100_023_008, "企业用户登录邮箱不能为空");
     ErrorCode MDE_ENTERPRISE_USER_BIND_EMAIL_FORMAT_ERROR = new ErrorCode(1_100_023_009, "企业用户登录邮箱格式不正确");
 
+    ErrorCode MDE_ENTERPRISE_USER_BIND_PASSWORD_ERROR_TOO_MANY =
+            new ErrorCode(1_100_023_010, "该账户密码已经错误多次,为了您的账户安全,超过5次将锁定您的账户。");
+
+
 
 
     // ========== 企业岗位信息 1_100_024_000 ==========

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/auth/MdeAuthServiceImpl.java

@@ -47,6 +47,7 @@ import org.springframework.stereotype.Service;
 
 import javax.annotation.Resource;
 import javax.validation.Validator;
+import java.util.Arrays;
 import java.util.Collections;
 import java.util.Objects;
 import java.util.concurrent.TimeUnit;
@@ -192,6 +193,9 @@ public class MdeAuthServiceImpl implements MdeAuthService {
                     userService.disable(Collections.singletonList(user.getId()));
                     createLoginLog(user, account, logTypeEnum, LoginResultEnum.USER_DISABLED);
                     throw exception(MDE_AUTH_LOGIN_USER_DISABLED);
+                } else if (numInt >= 3) {
+                    createLoginLog(user, account, logTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
+                    throw exception(MDE_AUTH_PASSWORD_ERROR_TOO_MANY);
                 } else {
                     // 提示账户密码错误
                     createLoginLog(user, account, logTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
@@ -434,6 +438,7 @@ public class MdeAuthServiceImpl implements MdeAuthService {
 
         // 忘记密码
         userService.updateUserPassword(user.getId(), reqVO.getPassword());
+        userService.enable(Collections.singletonList(user.getId()));
     }
 
     @Override

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/auth/MdeEnterpriseAuthServiceImpl.java

@@ -43,6 +43,7 @@ import org.springframework.validation.annotation.Validated;
 
 import javax.annotation.Resource;
 import javax.validation.Validator;
+import java.util.Collections;
 import java.util.Objects;
 import java.util.concurrent.TimeUnit;
 
@@ -161,7 +162,10 @@ public class MdeEnterpriseAuthServiceImpl implements MdeEnterpriseAuthService {
                     userBindService.disable(user.getId());
                     createLoginLog(user, email, logTypeEnum, LoginResultEnum.USER_DISABLED);
                     throw exception(MDE_ENTERPRISE_USER_BIND_IS_DISABLE);
-                } else {
+                } else if (numInt >= 3){
+                    createLoginLog(user, email, logTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
+                    throw exception(MDE_ENTERPRISE_USER_BIND_PASSWORD_ERROR_TOO_MANY);
+                }else {
                     createLoginLog(user, email, logTypeEnum, LoginResultEnum.BAD_CREDENTIALS);
                     throw exception(MDE_AUTH_LOGIN_BAD_CREDENTIALS);
                 }
@@ -337,6 +341,7 @@ public class MdeEnterpriseAuthServiceImpl implements MdeEnterpriseAuthService {
         }
 
         userBindService.updatePassword(user.getId(), reqVO.getPassword());
+        userBindService.enable(Collections.singletonList(user.getId()));
         redisTemplate.delete(reqVO.getEmail());
 
     }

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/enterprise/bind/EnterpriseUserBindServiceImpl.java

@@ -242,6 +242,7 @@ public class EnterpriseUserBindServiceImpl implements EnterpriseUserBindService
         EnterpriseUserBindDO userBindDO = validateEnterpriseUserBindExists(id);
         mapper.updateById(EnterpriseUserBindDO.builder().id(userBindDO.getId())
                 .password(passwordEncoder.encode(password)).build());
+        redisTemplate.delete(String.format(MDE_AUTH_ENTERPRISE_USER_PWD_LOCK, userBindDO.getId()));
     }
 
     @Override
@@ -432,6 +433,7 @@ public class EnterpriseUserBindServiceImpl implements EnterpriseUserBindService
     public boolean disable(Long id) {
         mapper.updateById(EnterpriseUserBindDO.builder()
                 .id(id).status(MendunerStatusEnum.DISABLE.getStatus()).build());
+        redisTemplate.delete(String.format(MDE_AUTH_ENTERPRISE_USER_PWD_LOCK, id));
         return true;
     }
 

menduner/menduner-system-biz/src/main/java/com/citu/module/menduner/system/service/user/MdeUserServiceImpl.java

@@ -407,6 +407,7 @@ public class MdeUserServiceImpl implements MdeUserService {
         updateObj.setId(id);
         updateObj.setStatus(status);
         mdeUserMapper.updateById(updateObj);
+        redisTemplate.delete(String.format(MDE_AUTH_USER_PWD_LOCK, id));
     }
 
     @Override
@@ -425,6 +426,7 @@ public class MdeUserServiceImpl implements MdeUserService {
         // 3. 记录操作日志上下文
         LogRecordContext.putVariable("user", user);
         LogRecordContext.putVariable("newPassword", updateObj.getPassword());
+        redisTemplate.delete(String.format(MDE_AUTH_USER_PWD_LOCK, user.getId()));
     }
 
 
@@ -442,6 +444,7 @@ public class MdeUserServiceImpl implements MdeUserService {
         for (Long id : ids) {
             mdeUserMapper
                     .updateById(MdeUserDO.builder().id(id).status(MendunerStatusEnum.DISABLE.getStatus()).build());
+            redisTemplate.delete(String.format(MDE_AUTH_USER_PWD_LOCK, id));
         }
     }
 

menduner/menduner-system-biz/src/main/resources/i18n/messages_en_US.properties

@@ -146,6 +146,7 @@
 1_100_017_021=This is your first login, and the initialization password has been sent to your email
 1_100_017_022=Password is not secure, please change your password and log in
 1_100_017_023=Phone number tried multiple times, please try again after 8 hours
+1_100_017_024=The password for this account has been incorrect multiple times. For the security of your account, if it exceeds 5 times, your account will be locked.
 # ========== 角色模块 1_100_018_000 ==========
 1_100_018_001=Character does not exist
 1_100_018_002=A role named [{}] already exists
@@ -198,13 +199,14 @@
 # ========== 企业登录用户 1_100_023_000 ==========
 1_100_023_001=Enterprise login user does not exist
 1_100_023_002=Name cannot be empty
-1_100_023_003=The account has been disabled
+1_100_023_003=This account has been disabled. You can click on 'forgot password' or contact our staff.
 1_100_023_004=This account is an administrator account and cannot be operated
 1_100_023_005=New password cannot be empty
 1_100_023_006=The length of the new password is 8-36 digits
 1_100_023_007=This email has been registered by another company
 1_100_023_008=Enterprise user email cannot be empty
 1_100_023_009=Enterprise user login email format incorrect
+1_100_023_010=The password for this account has been incorrect multiple times. For the security of your account, if it exceeds 5 times, your account will be locked.
 # ========== 企业岗位信息 1_100_024_000 ==========
 1_100_024_001=Enterprise position information does not exist
 1_100_024_002=The Chinese name of the position cannot be empty

menduner/menduner-system-biz/src/main/resources/i18n/messages_zh_CN.properties

@@ -124,7 +124,7 @@
 1_100_016_025=该手机号已被其他用户使用
 # ========== AUTH 模块 1_100_017_000 ==========
 1_100_017_001=登录失败，账号密码不正确
-1_100_017_002=登录失败，账号被禁用
+1_100_017_002=该账户已被禁用,您可以点击忘记密码或请联系工作人员。
 1_100_017_003=登录失败，解析不到三方登录信息
 1_100_017_004=手机号已经被使用
 1_100_017_005=验证码不正确，原因：{}
@@ -146,6 +146,7 @@
 1_100_017_021=您是首次登录,初始化密码已发往您的邮箱
 1_100_017_022=密码不安全,请修改密码后登录
 1_100_017_023=手机号尝试多次,请8个小时后重试
+1_100_017_024=该账户密码已经错误多次,为了您的账户安全,超过5次将锁定您的账户。
 # ========== 角色模块 1_100_018_000 ==========
 1_100_018_001=角色不存在
 1_100_018_002=已经存在名为【{}】的角色
@@ -199,13 +200,14 @@
 # ========== 企业登录用户 1_100_023_000 ==========
 1_100_023_001=企业登录用户不存在
 1_100_023_002=名称不能为空
-1_100_023_003=该账户已被禁用
+1_100_023_003=该账户已被禁用,您可以点击忘记密码或请联系工作人员。
 1_100_023_004=该账户为管理员账户,无法操作
 1_100_023_005=新密码不能为空
 1_100_023_006=新密码长度为 8-36 位
 1_100_023_007=该邮箱已被其他企业注册
 1_100_023_008=企业用户邮箱不能为空
 1_100_023_009=企业用户登录邮箱格式不正确
+1_100_023_010=该账户密码已经错误多次,为了您的账户安全,超过5次将锁定您的账户。
 # ========== 企业岗位信息 1_100_024_000 ==========
 1_100_024_001=企业岗位信息不存在
 1_100_024_002=岗位中文名称不能为空