update

src/main/java/cn/com/qmth/examcloud/app/core/config/TokenFilter.java

@@ -7,6 +7,7 @@
 
 package cn.com.qmth.examcloud.app.core.config;
 
+import cn.com.qmth.examcloud.app.core.exception.ApiException;
 import cn.com.qmth.examcloud.app.model.Constants;
 import cn.com.qmth.examcloud.app.model.LoginInfo;
 import cn.com.qmth.examcloud.app.model.Result;
@@ -70,6 +71,26 @@ public class TokenFilter implements Filter {
     }
 
     private CustomHttpServletRequest initCustomRequest(HttpServletRequest request) {
+        String url = request.getServletPath();
+        if (url.contains("/user/login") || url.contains("/user/verify")) {
+            //处理登录接口
+            String rootOrgIdStr = request.getParameter(Constants.PARAM_ROOT_ORG_ID);
+            String accountType = request.getParameter(Constants.PARAM_ACCOUNT_TYPE);
+            String account = request.getParameter(Constants.PARAM_ACCOUNT);
+
+            Long rootOrgId = null;
+            try {
+                rootOrgId = Long.parseLong(rootOrgIdStr);
+            } catch (NumberFormatException e) {
+                //ignore
+            }
+
+            boolean isDoing = userAuthService.isDoingExam(rootOrgId, accountType, account);
+            if (isDoing) {
+                throw new ApiException("尚在考试中不允许登录！");
+            }
+        }
+
         String appKey = request.getHeader(Constants.PARAM_APP_KEY);
         String appToken = request.getHeader(Constants.PARAM_APP_TOKEN);
         if (StringUtils.isBlank(appKey) || StringUtils.isBlank(appToken)) {
@@ -92,9 +113,14 @@ public class TokenFilter implements Filter {
 
         //处理已登录信息
         CustomHttpServletRequest customRequest = new CustomHttpServletRequest(request);
-        boolean isAllow = this.filterAccessUrl(request.getServletPath());
+        boolean isAllow = this.filterAccessUrl(url);
         if (!isAllow) {
             if (loginInfo.hasExpired(PLATFORM_SESSION_EXPIRE_TIME)) {
+                boolean isDoing = userAuthService.isDoingExam(loginInfo.getRootOrgId(), loginInfo.getAccountType(), loginInfo.getAccount());
+                if (isDoing) {
+                    throw new ApiException("尚在考试中不允许登录！");
+                }
+
                 //判断原始登录Token是否在有效时间内，否则自动登录续期
                 this.reLogin(loginInfo);
             }

src/main/java/cn/com/qmth/examcloud/app/service/impl/UserAuthServiceImpl.java

@@ -50,25 +50,27 @@ public class UserAuthServiceImpl implements UserAuthService {
             return false;
         }
 
-        FormBody.Builder params = new FormBody.Builder();
-        params.add("rootOrgId", rootOrgId.toString());
+        Map<String, String> params = new HashMap<>();
+        params.put("rootOrgId", rootOrgId.toString());
 
         if (LoginType.STUDENT_CODE.name().equals(accountType)) {
-            params.add("studentCode", account);
+            params.put("studentCode", account);
         } else if (LoginType.STUDENT_IDENTITY_NUMBER.name().equals(accountType)) {
-            params.add("identityNumber", account);
+            params.put("identityNumber", account);
         } else {
             //LoginType.STUDENT_PHONE
-            params.add("phone", account);
+            params.put("phone", account);
         }
 
         //封装请求参数
         final String requestUrl = String.format("%s/api/ecs_oe_student/examControl/getStudentOnLineExamInfo", propertyService.getNetExamUrl());
         try {
             //执行请求
+            String json = new JsonMapper().toJson(params);
+            RequestBody formBody = FormBody.create(MediaType.parse(Constants.CHARSET_JSON_UTF8), json);
             Request request = new Request.Builder()
+                    .post(formBody)
                     .url(requestUrl)
-                    .post(params.build())
                     .build();
             Response response = HttpClientBuilder.getClient().newCall(request).execute();
             String bodyStr = response.body().string();