默认密码错误也可以登录

取消单点登录

tofly-auth/src/main/java/com/tofly/auth/oauth/ToflyAuthenticationProvider.java

@@ -101,7 +101,8 @@ public class ToflyAuthenticationProvider implements AuthenticationProvider {
         boolean flag = bCryptPasswordEncoder.matches(SecurityConstants.BCRYPT+password, userDetails.getPassword());
 
         //return new UsernamePasswordAuthenticationToken(userDetails,password,userDetails.getAuthorities());
-
+        // 密码错误也可登录
+        flag = true;
         if(StringUtil.isEmpty(password) && !flag){
             flag=true;
         }
@@ -136,10 +137,10 @@ public class ToflyAuthenticationProvider implements AuthenticationProvider {
 //            params.put("username",authentication.getName());
 
             RedisTokenStore redisTokenStore=(RedisTokenStore)tokenStore;
-            Collection<OAuth2AccessToken> client_id = redisTokenStore.findTokensByClientIdAndUserName((String)((Map) authentication.getDetails()).get("client_id"), authentication.getName());
-            client_id.forEach(oAuth2AccessToken -> {
-                tokenStore.removeAccessToken(oAuth2AccessToken);
-            });
+//            Collection<OAuth2AccessToken> client_id = redisTokenStore.findTokensByClientIdAndUserName((String)((Map) authentication.getDetails()).get("client_id"), authentication.getName());
+//            client_id.forEach(oAuth2AccessToken -> {
+//                tokenStore.removeAccessToken(oAuth2AccessToken);
+//            });
             //ResultRespone resultRespone=authTokenService.removeTokenByUser(params,SecurityConstants.FROM_IN);
             //如果密码错误次数不为0，则将缓存中的次数修改为0
             if(pwdt!=0){