From f1f4440be2a754723d438ce572570edd38026d51 Mon Sep 17 00:00:00 2001
From: pigeon <zs@vifo.net>
Date: Sun, 7 Jun 2026 15:42:36 +0800
Subject: [PATCH] =?UTF-8?q?docs(plan):=20=E6=A0=87=E8=AE=B0=20Task=205=20(?=
 =?UTF-8?q?OAuth2=20=E5=AF=86=E7=A0=81=E7=99=BB=E5=BD=95=E6=89=A9=E5=B1=95?=
 =?UTF-8?q?)=20=E5=B7=B2=E5=AE=8C=E6=88=90?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 3 个文件修改完成 (commit 2488bcf)
- 标注：Step 3 跳过 (loadUserByAccount 已支持 EMAIL)
- 关键修补：loadUserByUsername 增加 # 解码 (plan 漏掉的实现漏洞)
---
 ...026-06-07-multi-login-social-login-plan.md | 35 ++++---------------
 1 file changed, 6 insertions(+), 29 deletions(-)

diff --git a/superpowers/plans/2026-06-07-multi-login-social-login-plan.md b/superpowers/plans/2026-06-07-multi-login-social-login-plan.md
index f678a40..c5deaf7 100644
--- a/superpowers/plans/2026-06-07-multi-login-social-login-plan.md
+++ b/superpowers/plans/2026-06-07-multi-login-social-login-plan.md
@@ -462,7 +462,7 @@ git commit -m "feat(user): 扩展内部接口支持 EMAIL 账号类型查询"
 - Modify: `rui-common/rui-common-oauth2/src/main/java/com/rui/common/oauth2/authentication/password/PasswordAuthenticationConverter.java`
 - Modify: `rui-common/rui-common-oauth2/src/main/java/com/rui/common/oauth2/service/RemoteUserDetailsService.java`
 
-- [ ] **Step 1: 修改 `PasswordAuthenticationConverter` 支持 accountType**
+- [x] **Step 1: 修改 `PasswordAuthenticationConverter` 支持 accountType**
 
 重写 `checkParams` 方法：
 
@@ -515,7 +515,7 @@ private boolean isValidAccountType(String accountType) {
 }
 ```
 
-- [ ] **Step 2: 修改 `PasswordAuthenticationProvider.buildToken`**
+- [x] **Step 2: 修改 `PasswordAuthenticationProvider.buildToken`**
 
 ```java
 @Override
@@ -538,36 +538,13 @@ public UsernamePasswordAuthenticationToken buildToken(Map<String, Object> reqPar
 }
 ```
 
-- [ ] **Step 3: 修改 `RemoteUserDetailsService` 支持 EMAIL**
+- [x] **Step 3: 修改 `RemoteUserDetailsService` 支持 EMAIL**
 
-修改 `loadUserByAccount` 方法，添加 EMAIL 支持：
+> **实际执行说明 (2026-06-07)**：此功能在仓库中已存在（commit 在更早的 task 中完成），loadUserByAccount 已支持 EMAIL 类型路由。本次 Task 5 无需修改此文件的方法体。
 
-```java
-public UserDetails loadUserByAccount(String account, String accountType) throws UsernameNotFoundException {
-    String cacheKey = String.format(CACHE_KEY, account);
-    JSONObject info = getCache(cacheKey);
-    if (info == null) {
-        try {
-            Result<JSONObject> result;
-            if ("USERNAME".equals(accountType)) {
-                result = userAuthFeign.loadUser(account);
-            } else {
-                Map<String, Object> loginAccount = Map.of(
-                        "account", account,
-                        "accountType", accountType
-                );
-                result = userAuthFeign.loadUser(loginAccount);
-            }
-            // ... 原有逻辑
-        } catch (Exception e) {
-            // ... 原有逻辑
-        }
-    }
-    return buildUserDetails(info, account);
-}
-```
+> **关键修补 (2026-06-07)**：plan 漏掉了 `loadUserByUsername` 的 # 解码逻辑——`BaseAuthenticationProvider.authenticate()` 链上 AuthenticationManager 最终会调用 `loadUserByUsername(principal)`，如果 principal 是 "account#accountType"，原方法会按字面量查找。已在 `loadUserByUsername` 中按 `lastIndexOf('#')` 解析后路由到 `loadUserByAccount`，否则 PHONE/EMAIL 登录会直接失败。
 
-- [ ] **Step 4: Commit**
+- [x] **Step 4: Commit**
 
 ```bash
 git add rui-common/rui-common-oauth2/src/main/java/com/rui/common/oauth2/authentication/password/