【captcha】增加登录验证码

2021-01-14 22:05:06 +08:00 · 2021-01-14 22:05:06 +08:00 · 8071dfe8a4
parent 115fc0cc73
commit 8071dfe8a4
4 changed files with 37 additions and 1 deletions
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java
@ -48,4 +48,9 @@ public interface AuthConstants {
     */
    Long DEFAULT_AUTH_JWT_TIMEOUT_SECONDS = 3600L * 24 * 7;

+    /**
+     * 验证码 session key
+     */
+    String KAPTCHA_SESSION_KEY = "KAPTCHA_SESSION_KEY";
+
 }
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java
@ -67,7 +67,18 @@ public enum AuthExceptionEnum implements AbstractExceptionEnum {
    /**
     * 权限校验失败，只有超级管理员可以授权所有数据
     */
-    ONLY_SUPER_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "11", "权限校验失败，只有超级管理员可以授权所有数据");
+    ONLY_SUPER_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "11", "权限校验失败，只有超级管理员可以授权所有数据"),
+
+
+    /**
+     * 验证码为空
+     */
+    KAPTCHA_EMPTY(RuleConstants.USER_OPERATION_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "12", "验证码不能为空"),
+    /**
+     * 验证码错误
+     */
+    KAPTCHA_ERROR(RuleConstants.USER_OPERATION_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "13", "验证码错误");
+

    /**
     * 错误编码
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
@ -33,4 +33,9 @@ public class LoginRequest extends BaseRequest {
     */
    private Boolean rememberMe = false;

+    /**
+     * 验证码
+     */
+    private String kaptcha;
+
 }
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
@ -3,6 +3,7 @@ package cn.stylefeng.roses.kernel.auth.auth;
 import cn.hutool.core.util.StrUtil;
 import cn.stylefeng.roses.kernel.auth.api.AuthServiceApi;
 import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
+import cn.stylefeng.roses.kernel.auth.api.constants.AuthConstants;
 import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
 import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
 import cn.stylefeng.roses.kernel.auth.api.exception.enums.AuthExceptionEnum;
@ -20,6 +21,7 @@ import cn.stylefeng.roses.kernel.rule.util.HttpServletUtil;
 import cn.stylefeng.roses.kernel.system.LoginLogServiceApi;
 import cn.stylefeng.roses.kernel.system.UserServiceApi;
 import cn.stylefeng.roses.kernel.system.enums.UserStatusEnum;
+import cn.stylefeng.roses.kernel.system.expander.SystemConfigExpander;
 import cn.stylefeng.roses.kernel.system.pojo.user.UserLoginInfoDTO;
 import org.springframework.stereotype.Service;

@ -165,6 +167,19 @@ public class AuthServiceImpl implements AuthServiceApi {
            }
        }

+        //开启验证码
+        if (SystemConfigExpander.getCaptchaOpen()) {
+
+            String kaptcha = loginRequest.getKaptcha();
+            if (StrUtil.isEmpty(kaptcha)) {
+                throw new AuthException(AuthExceptionEnum.KAPTCHA_EMPTY);
+            }
+            Object sessionKaptcha = (String) HttpServletUtil.getRequest().getSession().getAttribute(AuthConstants.KAPTCHA_SESSION_KEY);
+            if (StrUtil.isEmpty(kaptcha) || !kaptcha.equals(sessionKaptcha)) {
+                throw new AuthException(AuthExceptionEnum.KAPTCHA_ERROR);
+            }
+        }
+
        // 2. 解密密码的密文
        //        String decryptPassword = passwordTransferEncryptApi.decrypt(loginRequest.getPassword());