před 2 měsíci · a3f8a30c55
--- a/ruoyi-equity/src/main/resources/mapper/equity/ShareholderInfoMapper.xml
+++ b/ruoyi-equity/src/main/resources/mapper/equity/ShareholderInfoMapper.xml
@@ -51,6 +51,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
 
				                 e_shareholder_info esi
			
 
				             where
			
 
				                 node_type = 1 or is_subject = 1
			
 
				+            order by shareholding_ratio desc
			
 
				     </select>
			
 
				     <select id="getSubjectCompany" resultType="com.ruoyi.equity.domain.ShareholderInfo">
			
 
				          select shareholder_id, parent_id, ancestors, shareholder_name, shareholder_type, shareholding_ratio,
			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
@@ -31,12 +31,18 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
 
				     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
			
 
				             throws ServletException, IOException
			
 
				     {
			
 
				+        //通过令牌服务获取登录用户信息
			
 
				         LoginUser loginUser = tokenService.getLoginUser(request);
			
 
				+        //1 判断是否登录,2 判断当前是否存在认证过的对象
			
 
				         if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
			
 
				         {
			
 
				+            //验证令牌是否过期
			
 
				             tokenService.verifyToken(loginUser);
			
 
				+            //创建认证对象
			
 
				             UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
			
 
				+            //设置认证对象的详细信息
			
 
				             authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
			
 
				+            //设置对象到上下文中，其他地方也可以访问用户信息
			
 
				             SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				         }
			
 
				         chain.doFilter(request, response);
			
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/SysLoginService.java
@@ -110,16 +110,20 @@ public class SysLoginService
 
				      */
			
 
				     public void validateCaptcha(String username, String code, String uuid)
			
 
				     {
			
 
				+        //从参数配置中获取验证码启用状态
			
 
				         boolean captchaEnabled = configService.selectCaptchaEnabled();
			
 
				         if (captchaEnabled)
			
 
				         {
			
 
				+            //构建验证码缓存的键
			
 
				             String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
			
 
				+            //从redis中获取验证码
			
 
				             String captcha = redisCache.getCacheObject(verifyKey);
			
 
				             if (captcha == null)
			
 
				             {
			
 
				                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
			
 
				                 throw new CaptchaExpireException();
			
 
				             }
			
 
				+            //验证码校验成功后，删除redis中的验证码
			
 
				             redisCache.deleteObject(verifyKey);
			
 
				             if (!code.equalsIgnoreCase(captcha))
			
 
				             {