Merge remote-tracking branch 'origin/master'

10198添加手机添加下级逻辑
fix(appconfig): 修复跨表查询以确保产品有效性
2026-06-20 22:03:11 +08:00 · 2026-06-20 22:03:07 +08:00 · 2026-06-18 17:17:45 +08:00
3 changed files with 55 additions and 15 deletions
--- a/.workbuddy/memory/2026-06-18.md
+++ b/.workbuddy/memory/2026-06-18.md
@@ -0,0 +1,11 @@
+# 2026-06-18 工作日志
+
+## AppConfigMapper.xml 添加关联查询
+
+**改动文件**: `src/main/java/com/gxwebsoft/websopy/mapper/AppConfigMapper.xml`
+
+- `selectByCategory` SQL 增加了 `INNER JOIN db_websopy.app_product`，关联条件：
+  - `ap.product_id = ac.app_id`
+  - `ap.tenant_id = #{tenantId}`
+- 目的：确保只返回该租户下有效产品的配置，防止 app_config 中的 app_id 指向非该租户的产品
+- Service 层和 Controller 层无需改动，不影响现有调用
--- a/src/main/java/com/gxwebsoft/common/system/controller/WxLoginController.java
+++ b/src/main/java/com/gxwebsoft/common/system/controller/WxLoginController.java
@@ -199,6 +199,7 @@ public class WxLoginController extends BaseController {
            String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                    configProperties.getTokenExpireTime(), configProperties.getTokenKey());
            loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_LOGIN, null, user.getTenantId(), request);
+            if (getTenantId() != null && getTenantId().equals(10198)) activateShopUserMemberByPhone(phone);

            return success("登录成功", new LoginResult(access_token, user));
        }
@@ -255,7 +256,7 @@ public class WxLoginController extends BaseController {
            String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                    configProperties.getTokenExpireTime(), configProperties.getTokenKey());
            loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_REGISTER, null, user.getTenantId(), request);
-
+            if (getTenantId() != null && getTenantId().equals(10198)) activateShopUserMemberByPhone(phone);
            return success("注册并登录成功", new LoginResult(access_token, user));

        } catch (BusinessException e) {
@@ -267,6 +268,7 @@ public class WxLoginController extends BaseController {
                    String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                            configProperties.getTokenExpireTime(), configProperties.getTokenKey());
                    loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_LOGIN, null, user.getTenantId(), request);
+                    activateShopUserMemberByPhone(phone);
                    return success("登录成功", new LoginResult(access_token, user));
                }
            }
@@ -328,6 +330,7 @@ public class WxLoginController extends BaseController {
            String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                    configProperties.getTokenExpireTime(), configProperties.getTokenKey());
            loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_LOGIN, null, user.getTenantId(), request);
+            activateShopUserMemberByPhone(phone);

            return success("登录成功", new LoginResult(access_token, user));
        }
@@ -401,6 +404,7 @@ public class WxLoginController extends BaseController {
            String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                    configProperties.getTokenExpireTime(), configProperties.getTokenKey());
            loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_REGISTER, null, user.getTenantId(), request);
+            activateShopUserMemberByPhone(phone);

            return success("注册并登录成功", new LoginResult(access_token, user));

@@ -413,6 +417,7 @@ public class WxLoginController extends BaseController {
                    String access_token = JwtUtil.buildToken(new JwtSubject(user.getUsername(), user.getTenantId()),
                            configProperties.getTokenExpireTime(), configProperties.getTokenKey());
                    loginRecordService.saveAsync(user.getUsername(), LoginRecord.TYPE_LOGIN, null, user.getTenantId(), request);
+                    activateShopUserMemberByPhone(phone);
                    return success("登录成功", new LoginResult(access_token, user));
                }
            }
@@ -420,6 +425,26 @@ public class WxLoginController extends BaseController {
        }
    }

+    private void activateShopUserMemberByPhone(String phone) {
+        if (StrUtil.isBlank(phone)) {
+            return;
+        }
+        try {
+            String apiUrl = "https://paopao-api.websoft.top/api/shop/shop-user-member/activate-by-phone";
+            String normalizedPhone = phone.trim();
+            JSONObject body = new JSONObject();
+            body.put("phone", normalizedPhone);
+            String response = HttpRequest.post(apiUrl)
+                    .header("Content-Type", "application/json")
+                    .body(body.toJSONString())
+                    .execute()
+                    .body();
+            System.out.println("激活会员记录响应: " + response);
+        } catch (Exception e) {
+            System.err.println("激活会员记录失败，但不影响登录流程: " + e.getMessage());
+        }
+    }
+
    @Operation(summary = "微信授权手机号码并更新")
    @Transactional(rollbackFor = {Exception.class})
    @PostMapping("/updatePhoneByMpWx")
--- a/src/main/java/com/gxwebsoft/websopy/mapper/AppConfigMapper.xml
+++ b/src/main/java/com/gxwebsoft/websopy/mapper/AppConfigMapper.xml
@@ -3,27 +3,31 @@
 <mapper namespace="com.gxwebsoft.websopy.mapper.AppConfigMapper">

    <!--
-        跨表查询 db_websopy.app_config
+        跨表查询 db_websopy.app_config，关联 app_product 校验产品有效性
        注意：
        1. 表名带库名前缀 db_websopy.app_config（该表在 db_websopy 库中）
        2. Mapper 方法已加 @InterceptorIgnore(tenantLine = "true")，
           TenantLineInnerInterceptor 不会自动追加 tenant_id 条件
        3. 手动传入 tenantId 参数精确匹配 app_config 自身的租户
+        4. INNER JOIN app_product，确保只返回该租户下有效产品（app_product.product_id = app_config.app_id）的配置
    -->
    <select id="selectByCategory" resultType="com.gxwebsoft.websopy.entity.AppConfig">
-        SELECT config_id   AS configId,
-               app_id      AS appId,
-               tenant_id   AS tenantId,
-               config_key  AS configKey,
-               config_value AS configValue,
-               config_type AS configType,
-               is_encrypted AS isEncrypted,
-               is_secret   AS isSecret,
-               description
-        FROM db_websopy.app_config
-        WHERE deleted = 0
-          AND tenant_id  = #{tenantId}
-          AND config_type = #{configType}
+        SELECT ac.config_id   AS configId,
+               ac.app_id      AS appId,
+               ac.tenant_id   AS tenantId,
+               ac.config_key  AS configKey,
+               ac.config_value AS configValue,
+               ac.config_type AS configType,
+               ac.is_encrypted AS isEncrypted,
+               ac.is_secret   AS isSecret,
+               ac.description
+        FROM db_websopy.app_config ac
+        INNER JOIN db_websopy.app_product ap
+            ON ap.product_id = ac.app_id
+            AND ap.tenant_id = #{tenantId}
+        WHERE ac.deleted = 0
+          AND ac.tenant_id  = #{tenantId}
+          AND ac.config_type = #{configType}
    </select>

 </mapper>