From 8071dfe8a4feeab57d4da45002c3d43711ecdd53 Mon Sep 17 00:00:00 2001
From: chenjinlong <22208488@qq.com>
Date: Thu, 14 Jan 2021 22:05:06 +0800
Subject: [PATCH] =?UTF-8?q?=E3=80=90captcha=E3=80=91=E5=A2=9E=E5=8A=A0?=
 =?UTF-8?q?=E7=99=BB=E5=BD=95=E9=AA=8C=E8=AF=81=E7=A0=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../kernel/auth/api/constants/AuthConstants.java  |  5 +++++
 .../api/exception/enums/AuthExceptionEnum.java    | 13 ++++++++++++-
 .../kernel/auth/api/pojo/auth/LoginRequest.java   |  5 +++++
 .../roses/kernel/auth/auth/AuthServiceImpl.java   | 15 +++++++++++++++
 4 files changed, 37 insertions(+), 1 deletion(-)

diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java
index eda60baa4..4f64fc664 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/constants/AuthConstants.java
@@ -48,4 +48,9 @@ public interface AuthConstants {
      */
     Long DEFAULT_AUTH_JWT_TIMEOUT_SECONDS = 3600L * 24 * 7;
 
+    /**
+     * 验证码 session key
+     */
+    String KAPTCHA_SESSION_KEY = "KAPTCHA_SESSION_KEY";
+
 }
diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java
index d84f39608..81c23b0fb 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/exception/enums/AuthExceptionEnum.java
@@ -67,7 +67,18 @@ public enum AuthExceptionEnum implements AbstractExceptionEnum {
     /**
      * 权限校验失败，只有超级管理员可以授权所有数据
      */
-    ONLY_SUPER_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "11", "权限校验失败，只有超级管理员可以授权所有数据");
+    ONLY_SUPER_ERROR(RuleConstants.BUSINESS_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "11", "权限校验失败，只有超级管理员可以授权所有数据"),
+
+
+    /**
+     * 验证码为空
+     */
+    KAPTCHA_EMPTY(RuleConstants.USER_OPERATION_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "12", "验证码不能为空"),
+    /**
+     * 验证码错误
+     */
+    KAPTCHA_ERROR(RuleConstants.USER_OPERATION_ERROR_TYPE_CODE + AuthConstants.AUTH_EXCEPTION_STEP_CODE + "13", "验证码错误");
+
 
     /**
      * 错误编码
diff --git a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
index 0917b48e9..73528b77b 100644
--- a/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
+++ b/kernel-d-auth/auth-api/src/main/java/cn/stylefeng/roses/kernel/auth/api/pojo/auth/LoginRequest.java
@@ -33,4 +33,9 @@ public class LoginRequest extends BaseRequest {
      */
     private Boolean rememberMe = false;
 
+    /**
+     * 验证码
+     */
+    private String kaptcha;
+
 }
diff --git a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
index 9ab470061..7c614ca85 100644
--- a/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
+++ b/kernel-d-auth/auth-sdk/src/main/java/cn/stylefeng/roses/kernel/auth/auth/AuthServiceImpl.java
@@ -3,6 +3,7 @@ package cn.stylefeng.roses.kernel.auth.auth;
 import cn.hutool.core.util.StrUtil;
 import cn.stylefeng.roses.kernel.auth.api.AuthServiceApi;
 import cn.stylefeng.roses.kernel.auth.api.SessionManagerApi;
+import cn.stylefeng.roses.kernel.auth.api.constants.AuthConstants;
 import cn.stylefeng.roses.kernel.auth.api.context.LoginContext;
 import cn.stylefeng.roses.kernel.auth.api.exception.AuthException;
 import cn.stylefeng.roses.kernel.auth.api.exception.enums.AuthExceptionEnum;
@@ -20,6 +21,7 @@ import cn.stylefeng.roses.kernel.rule.util.HttpServletUtil;
 import cn.stylefeng.roses.kernel.system.LoginLogServiceApi;
 import cn.stylefeng.roses.kernel.system.UserServiceApi;
 import cn.stylefeng.roses.kernel.system.enums.UserStatusEnum;
+import cn.stylefeng.roses.kernel.system.expander.SystemConfigExpander;
 import cn.stylefeng.roses.kernel.system.pojo.user.UserLoginInfoDTO;
 import org.springframework.stereotype.Service;
 
@@ -165,6 +167,19 @@ public class AuthServiceImpl implements AuthServiceApi {
             }
         }
 
+        //开启验证码
+        if (SystemConfigExpander.getCaptchaOpen()) {
+
+            String kaptcha = loginRequest.getKaptcha();
+            if (StrUtil.isEmpty(kaptcha)) {
+                throw new AuthException(AuthExceptionEnum.KAPTCHA_EMPTY);
+            }
+            Object sessionKaptcha = (String) HttpServletUtil.getRequest().getSession().getAttribute(AuthConstants.KAPTCHA_SESSION_KEY);
+            if (StrUtil.isEmpty(kaptcha) || !kaptcha.equals(sessionKaptcha)) {
+                throw new AuthException(AuthExceptionEnum.KAPTCHA_ERROR);
+            }
+        }
+
         // 2. 解密密码的密文
         //        String decryptPassword = passwordTransferEncryptApi.decrypt(loginRequest.getPassword());