From 60d1f642052ad8c7bd8a11f02f965b122bebf9a4 Mon Sep 17 00:00:00 2001
From: zj <1772600164@qq.com>
Date: Thu, 09 Apr 2026 18:43:37 +0800
Subject: [PATCH] 1

---
 trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiIndexController.java |   74 ++++++++++++++++++++++++++++++++++++-
 1 files changed, 72 insertions(+), 2 deletions(-)

diff --git a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiIndexController.java b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiIndexController.java
index b630376..c433882 100644
--- a/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiIndexController.java
+++ b/trading-order-admin/src/main/java/com/yami/trading/api/controller/ApiIndexController.java
@@ -31,6 +31,7 @@
 import com.yami.trading.service.item.ItemService;
 import com.yami.trading.service.syspara.SysparaService;
 import com.yami.trading.service.user.UserService;
+import com.yami.trading.service.user.UserSimRelationService;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
 import org.apache.commons.compress.utils.Lists;
@@ -63,6 +64,8 @@
     private PasswordCheckManager passwordCheckManager;
     @Autowired
     UserService userService;
+    @Autowired
+    UserSimRelationService userSimRelationService;
     @Autowired
     private PasswordEncoder passwordEncoder;
     @Autowired
@@ -599,6 +602,7 @@
     @PostMapping("/login")
     @ApiOperation(value = "账号密码(用于前端登录)", notes = "通过账号/手机号/用户名密码登录，还要携带用户的类型，也就是用户所在的系统")
     public Result login(@Valid UserLoginModel model, HttpServletResponse httpResponse) {
+        validateMainlandIpAccess();
         String mobileOrUserName = model.getUserName();
         User user = null;
         if (model.getType() == 1) {
@@ -615,6 +619,13 @@
                 throw new YamiShopBindException("Incorrect account or password");
             }
             throw new YamiShopBindException("账号或密码不正确");
+        }
+        // 模拟账户不能直接登录，只能通过主账户登录后切换
+        if (user.getAccountType() != null && user.getAccountType() == 1) {
+            if (model.getLanguage().equals("en")) {
+                throw new YamiShopBindException("Sim account cannot login directly, please switch after main account login");
+            }
+            throw new YamiShopBindException("模拟账户不能直接登录，请使用主账户登录后切换");
         }
 
         if (!user.isLoginAuthority()) {
@@ -635,9 +646,18 @@
         userService.online(user.getUserId());
         userService.updateById(user);
         tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), String.valueOf(user.getUserId()));
+        String simUserIdForLogin = userSimRelationService.getSimUserId(user.getUserId());
+        if (simUserIdForLogin != null) {
+            tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), simUserIdForLogin);
+        }
         // 存储token返回vo
         TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
         tokenInfoVO.setToken(tokenInfoVO.getAccessToken());
+        Map<String, Object> accountInfo = new HashMap<>();
+        accountInfo.put("accountType", user.getAccountType() != null ? user.getAccountType() : 0);
+        accountInfo.put("mainUserId", userSimRelationService.getMainUserId(user.getUserId()));
+        accountInfo.put("simUserId", simUserIdForLogin);
+        tokenInfoVO.setInfo(accountInfo);
         List<RiskClient> riskList = RiskClientUtil.getRiskInfoByUserCode(user.getUserCode(), "badnetwork");
         if (CollectionUtil.isNotEmpty(riskList)) {
             logger.info("uid:{} Network Unavailable", user.getUserId());
@@ -657,6 +677,8 @@
     @PostMapping("/registerNoVerifcode")
     @ApiOperation(value = "手机/邮箱/用户名注册（无验证码）")
     public Result register(@Valid RegisterModel model) {
+        validateMainlandIpAccess();
+        validateMainlandEmailRegister(model.getUserName(), model.getType());
 
         String username = model.getUserName();
         String password = model.getPassword();
@@ -674,10 +696,18 @@
         userInfoInToken.setEnabled(user.getStatus() == 1);
 //        userDataService.saveRegister(user.getUserId());
         tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), String.valueOf(user.getUserId()));
-
+        String simUserIdReg = userSimRelationService.getSimUserId(user.getUserId());
+        if (simUserIdReg != null) {
+            tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), simUserIdReg);
+        }
         // 存储token返回vo
         TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
         tokenInfoVO.setToken(tokenInfoVO.getAccessToken());
+        Map<String, Object> accountInfo = new HashMap<>();
+        accountInfo.put("accountType", 0);
+        accountInfo.put("mainUserId", user.getUserId());
+        accountInfo.put("simUserId", simUserIdReg);
+        tokenInfoVO.setInfo(accountInfo);
         user.setUserLastip(IPHelper.getIpAddr());
         user.setUserLasttime(new Date());
         user.setUserMobile(username);
@@ -689,6 +719,8 @@
     @PostMapping("/registerVerifcode")
     @ApiOperation(value = "手机（有验证码）")
     public Result registerVerifcode(@Valid RegisterMobile model) {
+        validateMainlandIpAccess();
+        validateMainlandEmailRegister(model.getUserName(), model.getType());
 
         String username = model.getUserName();
         String password = model.getPassword();
@@ -707,10 +739,18 @@
         userInfoInToken.setEnabled(user.getStatus() == 1);
 //        userDataService.saveRegister(user.getUserId());
         tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), String.valueOf(user.getUserId()));
-
+        String simUserIdVerif = userSimRelationService.getSimUserId(user.getUserId());
+        if (simUserIdVerif != null) {
+            tokenStore.deleteAllToken(String.valueOf(SysTypeEnum.ORDINARY.value()), simUserIdVerif);
+        }
         // 存储token返回vo
         TokenInfoVO tokenInfoVO = tokenStore.storeAndGetVo(userInfoInToken);
         tokenInfoVO.setToken(tokenInfoVO.getAccessToken());
+        Map<String, Object> accountInfo = new HashMap<>();
+        accountInfo.put("accountType", 0);
+        accountInfo.put("mainUserId", user.getUserId());
+        accountInfo.put("simUserId", simUserIdVerif);
+        tokenInfoVO.setInfo(accountInfo);
         user.setUserLastip(IPHelper.getIpAddr());
         user.setUserLasttime(new Date());
         userService.updateById(user);
@@ -854,4 +894,34 @@
         return resultObject;
     }
 
+    private void validateMainlandIpAccess() {
+        String clientIp = IPHelper.getIpAddr();
+        List<RiskClient> riskList = RiskClientUtil.getRiskInfoByIp(clientIp, "badnetwork");
+        if (CollectionUtil.isNotEmpty(riskList)) {
+            throw new YamiShopBindException("大陆IP禁止访问");
+        }
+    }
+
+    private void validateMainlandEmailRegister(String userName, Integer type) {
+        if (type == null || type != 2 || StringUtils.isEmptyString(userName)) {
+            return;
+        }
+        int atPos = userName.lastIndexOf("@");
+        if (atPos <= 0 || atPos >= userName.length() - 1) {
+            return;
+        }
+        String domain = userName.substring(atPos + 1).trim().toLowerCase();
+        if (domain.endsWith(".cn")) {
+            throw new YamiShopBindException("大陆邮箱不支持注册");
+        }
+        Set<String> blockedDomains = new HashSet<>(Arrays.asList(
+                "qq.com", "foxmail.com", "163.com", "126.com", "yeah.net",
+                "sina.com", "sina.cn", "sohu.com", "aliyun.com", "21cn.com",
+                "189.cn", "tom.com"
+        ));
+        if (blockedDomains.contains(domain)) {
+            throw new YamiShopBindException("大陆邮箱不支持注册");
+        }
+    }
+
 }

--
Gitblit v1.9.3