【7.0.4】【captcha】更新C端用户登录验证码逻辑

2021-07-06 11:30:54 +08:00 · 2021-07-06 11:30:54 +08:00 · 77c5f4833f
parent a6bc4d9727
commit 77c5f4833f
7 changed files with 57 additions and 28 deletions
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
@ -58,9 +58,9 @@ import cn.stylefeng.roses.kernel.message.api.expander.WebSocketConfigExpander;
 import cn.stylefeng.roses.kernel.rule.util.HttpServletUtil;
 import cn.stylefeng.roses.kernel.security.api.DragCaptchaApi;
 import cn.stylefeng.roses.kernel.security.api.ImageCaptchaApi;
+import cn.stylefeng.roses.kernel.security.api.expander.SecurityConfigExpander;
 import cn.stylefeng.roses.kernel.system.api.UserServiceApi;
 import cn.stylefeng.roses.kernel.system.api.enums.UserStatusEnum;
-import cn.stylefeng.roses.kernel.system.api.expander.SystemConfigExpander;
 import cn.stylefeng.roses.kernel.system.api.pojo.user.UserLoginInfoDTO;
 import cn.stylefeng.roses.kernel.validator.api.exception.enums.ValidatorExceptionEnum;
 import com.alibaba.fastjson.JSON;
@ -256,7 +256,7 @@ public class AuthServiceImpl implements AuthServiceApi {
        }

        // 2. 如果开启了验证码校验，则验证当前请求的验证码是否正确
-        if (SystemConfigExpander.getCaptchaOpen()) {
+        if (SecurityConfigExpander.getCaptchaOpen()) {
            String verKey = loginRequest.getVerKey();
            String verCode = loginRequest.getVerCode();

@ -269,7 +269,7 @@ public class AuthServiceImpl implements AuthServiceApi {
        }

        // 2.1 验证拖拽验证码
-        if (SystemConfigExpander.getDragCaptchaOpen()) {
+        if (SecurityConfigExpander.getDragCaptchaOpen()) {
            String verKey = loginRequest.getVerKey();
            String verXLocationValue = loginRequest.getVerCode();

--- a/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/constants/SecurityConstants.java
+++ b/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/constants/SecurityConstants.java
@ -47,4 +47,9 @@ public interface SecurityConstants {
     */
    String DEFAULT_XSS_PATTERN = "/*";

+    /**
+     * 默认验证码的开关：关闭
+     */
+    Boolean DEFAULT_CAPTCHA_OPEN = false;
+
 }
--- a/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/expander/SecurityConfigExpander.java
+++ b/kernel-d-security/security-api/src/main/java/cn/stylefeng/roses/kernel/security/api/expander/SecurityConfigExpander.java
@ -78,4 +78,24 @@ public class SecurityConfigExpander {
        return ConfigContext.me().getSysConfigValueWithDefault("SYS_ENCRYPT_SECRET_KEY", String.class, "Ux1dqQ22KxVjSYootgzMe776em8vWEGE");
    }

+    /**
+     * 获取验证码的开关
+     *
+     * @author fengshuonan
+     * @date 2020/12/27 17:22
+     */
+    public static Boolean getCaptchaOpen() {
+        return ConfigContext.me().getSysConfigValueWithDefault("SYS_CAPTCHA_OPEN", Boolean.class, SecurityConstants.DEFAULT_CAPTCHA_OPEN);
+    }
+
+    /**
+     * 获取拖拽验证码的开关
+     *
+     * @author fengshuonan
+     * @date 2020/12/27 17:22
+     */
+    public static Boolean getDragCaptchaOpen() {
+        return ConfigContext.me().getSysConfigValueWithDefault("SYS_DRAG_CAPTCHA_OPEN", Boolean.class, SecurityConstants.DEFAULT_CAPTCHA_OPEN);
+    }
+
 }
--- a/kernel-s-customer/customer-business/pom.xml
+++ b/kernel-s-customer/customer-business/pom.xml
@ -17,6 +17,14 @@

    <dependencies>

+        <!--安全模块api-->
+        <!--用在图形验证码-->
+        <dependency>
+            <groupId>cn.stylefeng.roses</groupId>
+            <artifactId>security-api</artifactId>
+            <version>${roses.version}</version>
+        </dependency>
+
        <!--c端用户api-->
        <dependency>
            <groupId>cn.stylefeng.roses</groupId>
--- a/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
+++ b/kernel-s-customer/customer-business/src/main/java/cn/stylefeng/roses/kernel/customer/modular/service/impl/CustomerServiceImpl.java
@ -1,8 +1,10 @@
 package cn.stylefeng.roses.kernel.customer.modular.service.impl;

 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.convert.Convert;
 import cn.hutool.core.util.ObjectUtil;
 import cn.hutool.core.util.RandomUtil;
+import cn.hutool.core.util.StrUtil;
 import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
 import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
 import cn.stylefeng.roses.kernel.auth.api.exception.enums.AuthExceptionEnum;
@ -38,6 +40,9 @@ import cn.stylefeng.roses.kernel.rule.enums.YesOrNotEnum;
 import cn.stylefeng.roses.kernel.rule.exception.base.ServiceException;
 import cn.stylefeng.roses.kernel.rule.exception.enums.defaults.DefaultBusinessExceptionEnum;
 import cn.stylefeng.roses.kernel.rule.util.HttpServletUtil;
+import cn.stylefeng.roses.kernel.security.api.DragCaptchaApi;
+import cn.stylefeng.roses.kernel.security.api.expander.SecurityConfigExpander;
+import cn.stylefeng.roses.kernel.validator.api.exception.enums.ValidatorExceptionEnum;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.conditions.update.LambdaUpdateWrapper;
 import com.baomidou.mybatisplus.extension.plugins.pagination.Page;
@ -91,6 +96,9 @@ public class CustomerServiceImpl extends ServiceImpl<CustomerMapper, Customer> i
    @Resource
    private FileInfoApi fileInfoApi;

+    @Resource
+    private DragCaptchaApi dragCaptchaApi;
+
    @Override
    @Transactional(rollbackFor = Exception.class)
    public void reg(CustomerRequest customerRequest) {
@ -134,6 +142,19 @@ public class CustomerServiceImpl extends ServiceImpl<CustomerMapper, Customer> i
        loginRequest.setCreateCookie(false);
        loginRequest.setRememberMe(true);

+        // 验证拖拽验证码
+        if (SecurityConfigExpander.getDragCaptchaOpen()) {
+            String verKey = loginRequest.getVerKey();
+            String verXLocationValue = loginRequest.getVerCode();
+
+            if (StrUtil.isEmpty(verKey) || StrUtil.isEmpty(verXLocationValue)) {
+                throw new AuthException(ValidatorExceptionEnum.CAPTCHA_EMPTY);
+            }
+            if (!dragCaptchaApi.validateCaptcha(verKey, Convert.toInt(verXLocationValue))) {
+                throw new AuthException(ValidatorExceptionEnum.DRAG_CAPTCHA_ERROR);
+            }
+        }
+
        // 查询用户信息
        LambdaQueryWrapper<Customer> wrapper = new LambdaQueryWrapper<>();
        wrapper.eq(Customer::getAccount, loginRequest.getAccount())
--- a/kernel-s-system/system-api/src/main/java/cn/stylefeng/roses/kernel/system/api/constants/SystemConstants.java
+++ b/kernel-s-system/system-api/src/main/java/cn/stylefeng/roses/kernel/system/api/constants/SystemConstants.java
@ -52,11 +52,6 @@ public interface SystemConstants {
     */
    Boolean DEFAULT_TENANT_OPEN = false;

-    /**
-     * 默认验证码的开关：关闭
-     */
-    Boolean DEFAULT_CAPTCHA_OPEN = false;
-
    /**
     * 默认的系统的名称
     */
--- a/kernel-s-system/system-api/src/main/java/cn/stylefeng/roses/kernel/system/api/expander/SystemConfigExpander.java
+++ b/kernel-s-system/system-api/src/main/java/cn/stylefeng/roses/kernel/system/api/expander/SystemConfigExpander.java
@ -57,26 +57,6 @@ public class SystemConfigExpander {
        return ConfigContext.me().getSysConfigValueWithDefault("SYS_TENANT_OPEN", Boolean.class, SystemConstants.DEFAULT_TENANT_OPEN);
    }

-    /**
-     * 获取验证码的开关
-     *
-     * @author fengshuonan
-     * @date 2020/12/27 17:22
-     */
-    public static Boolean getCaptchaOpen() {
-        return ConfigContext.me().getSysConfigValueWithDefault("SYS_CAPTCHA_OPEN", Boolean.class, SystemConstants.DEFAULT_CAPTCHA_OPEN);
-    }
-
-    /**
-     * 获取拖拽验证码的开关
-     *
-     * @author fengshuonan
-     * @date 2020/12/27 17:22
-     */
-    public static Boolean getDragCaptchaOpen() {
-        return ConfigContext.me().getSysConfigValueWithDefault("SYS_DRAG_CAPTCHA_OPEN", Boolean.class, SystemConstants.DEFAULT_CAPTCHA_OPEN);
-    }
-
    /**
     * 获取系统名称
     *