diff --git a/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/exception/enums/SecurityExceptionEnum.java b/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/exception/enums/SecurityExceptionEnum.java index 4d93984dd..62877dcb9 100644 --- a/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/exception/enums/SecurityExceptionEnum.java +++ b/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/exception/enums/SecurityExceptionEnum.java @@ -41,7 +41,12 @@ public enum SecurityExceptionEnum implements AbstractExceptionEnum { /** * 生成验证码错误 */ - CAPTCHA_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + SecurityConstants.SECURITY_EXCEPTION_STEP_CODE + "01", "生成验证码错误"); + CAPTCHA_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + SecurityConstants.SECURITY_EXCEPTION_STEP_CODE + "01", "生成验证码错误"), + + /** + * 验证码过期,请从新生成验证码 + */ + CAPTCHA_INVALID_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + SecurityConstants.SECURITY_EXCEPTION_STEP_CODE + "02", "验证码过期,请从新生成验证码"); /** * 错误编码 diff --git a/kernel-d-security/security-sdk-captcha/src/main/java/cn/stylefeng/roses/kernel/security/captcha/DragCaptchaService.java b/kernel-d-security/security-sdk-captcha/src/main/java/cn/stylefeng/roses/kernel/security/captcha/DragCaptchaService.java index f1bc4ab77..f74c20298 100644 --- a/kernel-d-security/security-sdk-captcha/src/main/java/cn/stylefeng/roses/kernel/security/captcha/DragCaptchaService.java +++ b/kernel-d-security/security-sdk-captcha/src/main/java/cn/stylefeng/roses/kernel/security/captcha/DragCaptchaService.java @@ -35,6 +35,7 @@ import cn.stylefeng.roses.kernel.security.api.exception.SecurityException; import cn.stylefeng.roses.kernel.security.api.exception.enums.SecurityExceptionEnum; import cn.stylefeng.roses.kernel.security.api.pojo.DragCaptchaImageDTO; import cn.stylefeng.roses.kernel.security.captcha.util.DragCaptchaImageUtil; +import lombok.extern.slf4j.Slf4j; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -45,6 +46,7 @@ import java.io.IOException; * @author fengshuonan * @date 2021/7/5 11:34 */ +@Slf4j public class DragCaptchaService implements DragCaptchaApi { private final CacheOperatorApi cacheOperatorApi; @@ -57,6 +59,7 @@ public class DragCaptchaService implements DragCaptchaApi { ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(DragCaptchaImageUtil.IMAGE_BASE64)); try { DragCaptchaImageDTO dragCaptchaImageDTO = DragCaptchaImageUtil.getVerifyImage(byteArrayInputStream); + // 缓存x轴坐标 String verKey = IdUtil.simpleUUID(); Integer verValue = dragCaptchaImageDTO.getLocationX(); @@ -82,8 +85,14 @@ public class DragCaptchaService implements DragCaptchaApi { return false; } + // 获取缓存中正确的locationX的值 + String locationXString = cacheOperatorApi.get(verKey); + if (StrUtil.isEmpty(locationXString)) { + throw new SecurityException(SecurityExceptionEnum.CAPTCHA_INVALID_ERROR); + } + // 获取缓存中存储的范围 - Integer locationX = Convert.toInt(cacheOperatorApi.get(verKey)); + Integer locationX = Convert.toInt(locationXString); int beginScope = locationX - 5; int endScope = locationX + 5;