fix: 网关拦截处理验证码校验,添加用户检查重复
This commit is contained in:
TsMask
@@ -69,6 +69,11 @@
|
||||
<groupId>pro.fessional</groupId>
|
||||
<artifactId>kaptcha</artifactId>
|
||||
</dependency>
|
||||
<!--验证码 -->
|
||||
<dependency>
|
||||
<groupId>org.wfc</groupId>
|
||||
<artifactId>wfc-common-mail</artifactId>
|
||||
</dependency>
|
||||
|
||||
<!-- WFC Common Redis-->
|
||||
<dependency>
|
||||
|
||||
@@ -6,7 +6,7 @@ import org.springframework.context.annotation.Configuration;
|
||||
|
||||
/**
|
||||
* 验证码配置
|
||||
*
|
||||
*
|
||||
* @author wfc
|
||||
*/
|
||||
@Configuration
|
||||
@@ -15,15 +15,10 @@ import org.springframework.context.annotation.Configuration;
|
||||
public class CaptchaProperties
|
||||
{
|
||||
/**
|
||||
* 图片验证码开关
|
||||
* 验证码开关
|
||||
*/
|
||||
private Boolean enabled;
|
||||
|
||||
/**
|
||||
* 邮箱验证码开关
|
||||
*/
|
||||
private Boolean mailEnabled;
|
||||
|
||||
/**
|
||||
* 验证码类型(math 数组计算 char 字符)
|
||||
*/
|
||||
@@ -48,12 +43,4 @@ public class CaptchaProperties
|
||||
{
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
public Boolean getMailEnabled() {
|
||||
return mailEnabled;
|
||||
}
|
||||
|
||||
public void setMailEnabled(Boolean mailEnabled) {
|
||||
this.mailEnabled = mailEnabled;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,7 +1,8 @@
|
||||
package org.wfc.gateway.filter;
|
||||
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import java.nio.CharBuffer;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.concurrent.atomic.AtomicReference;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
||||
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
||||
@@ -9,16 +10,14 @@ import org.springframework.core.io.buffer.DataBuffer;
|
||||
import org.springframework.core.io.buffer.DataBufferUtils;
|
||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||
import org.springframework.stereotype.Component;
|
||||
import com.alibaba.fastjson2.JSON;
|
||||
import com.alibaba.fastjson2.JSONObject;
|
||||
import org.wfc.common.core.utils.ServletUtils;
|
||||
import org.wfc.common.core.utils.StringUtils;
|
||||
import org.wfc.gateway.config.properties.CaptchaProperties;
|
||||
import org.wfc.gateway.service.ValidateCodeService;
|
||||
import reactor.core.publisher.Flux;
|
||||
|
||||
import java.nio.CharBuffer;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.concurrent.atomic.AtomicReference;
|
||||
|
||||
/**
|
||||
* 验证码过滤器
|
||||
*
|
||||
@@ -27,8 +26,7 @@ import java.util.concurrent.atomic.AtomicReference;
|
||||
@Component
|
||||
public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
||||
{
|
||||
private final static String[] VALIDATE_URL = new String[] { "/auth/login" };
|
||||
private final static String[] MAIL_VALIDATE_URL = new String[] { "/auth/register" };
|
||||
private final static String[] VALIDATE_URL = new String[] { "/auth/login", "/auth/register" };
|
||||
|
||||
@Autowired
|
||||
private ValidateCodeService validateCodeService;
|
||||
@@ -40,18 +38,14 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
||||
|
||||
private static final String UUID = "uuid";
|
||||
|
||||
private static final String EMAIL = "email";
|
||||
|
||||
@Override
|
||||
public GatewayFilter apply(Object config)
|
||||
{
|
||||
return (exchange, chain) -> {
|
||||
ServerHttpRequest request = exchange.getRequest();
|
||||
|
||||
// 非登录请求且验证码启用,非注册请求且邮箱验证码启用, 不处理
|
||||
boolean enabledLoginCaptcha = StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) && captchaProperties.getEnabled();
|
||||
boolean enabledRegisterCaptcha = StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), MAIL_VALIDATE_URL) && captchaProperties.getMailEnabled();
|
||||
if (!enabledLoginCaptcha && !enabledRegisterCaptcha)
|
||||
// 非登录/注册请求或验证码关闭,不处理
|
||||
if (!StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled())
|
||||
{
|
||||
return chain.filter(exchange);
|
||||
}
|
||||
@@ -60,14 +54,7 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
||||
{
|
||||
String rspStr = resolveBodyFromRequest(request);
|
||||
JSONObject obj = JSON.parseObject(rspStr);
|
||||
// 图片验证码启用
|
||||
if (enabledLoginCaptcha) {
|
||||
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID), true);
|
||||
}
|
||||
// 邮箱验证码启用
|
||||
if (enabledRegisterCaptcha) {
|
||||
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(EMAIL), false);
|
||||
}
|
||||
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID));
|
||||
}
|
||||
catch (Exception e)
|
||||
{
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
package org.wfc.gateway.handler;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.Optional;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.stereotype.Component;
|
||||
@@ -30,7 +32,12 @@ public class ValidateCodeHandler implements HandlerFunction<ServerResponse>
|
||||
AjaxResult ajax;
|
||||
try
|
||||
{
|
||||
ajax = validateCodeService.createCaptcha();
|
||||
Optional<String> emailValue = serverRequest.queryParam("email");
|
||||
if (emailValue.isPresent()){
|
||||
ajax = validateCodeService.createCaptchaEmail(emailValue.get());
|
||||
}else{
|
||||
ajax = validateCodeService.createCaptcha();
|
||||
}
|
||||
}
|
||||
catch (CaptchaException | IOException e)
|
||||
{
|
||||
|
||||
@@ -1,10 +1,9 @@
|
||||
package org.wfc.gateway.service;
|
||||
|
||||
import java.io.IOException;
|
||||
import org.wfc.common.core.exception.CaptchaException;
|
||||
import org.wfc.common.core.web.domain.AjaxResult;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
/**
|
||||
* 验证码处理
|
||||
*
|
||||
@@ -17,8 +16,13 @@ public interface ValidateCodeService
|
||||
*/
|
||||
public AjaxResult createCaptcha() throws IOException, CaptchaException;
|
||||
|
||||
/**
|
||||
* 生成验证码-邮件
|
||||
*/
|
||||
public AjaxResult createCaptchaEmail(String email) throws IOException, CaptchaException;
|
||||
|
||||
/**
|
||||
* 校验验证码
|
||||
*/
|
||||
public void checkCaptcha(String key, String value, boolean isPic) throws CaptchaException;
|
||||
public void checkCaptcha(String key, String value) throws CaptchaException;
|
||||
}
|
||||
|
||||
@@ -1,17 +1,20 @@
|
||||
package org.wfc.gateway.service.impl;
|
||||
|
||||
import cn.hutool.core.util.RandomUtil;
|
||||
import com.google.code.kaptcha.Producer;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Service;
|
||||
import org.springframework.util.FastByteArrayOutputStream;
|
||||
import org.wfc.common.core.constant.CacheConstants;
|
||||
import org.wfc.common.core.constant.Constants;
|
||||
import org.wfc.common.core.constant.GlobalConstants;
|
||||
import org.wfc.common.core.domain.R;
|
||||
import org.wfc.common.core.exception.CaptchaException;
|
||||
import org.wfc.common.core.utils.StringUtils;
|
||||
import org.wfc.common.core.utils.sign.Base64;
|
||||
import org.wfc.common.core.utils.uuid.IdUtils;
|
||||
import org.wfc.common.core.web.domain.AjaxResult;
|
||||
import org.wfc.common.mail.utils.MailUtils;
|
||||
import org.wfc.common.redis.service.RedisService;
|
||||
import org.wfc.gateway.config.properties.CaptchaProperties;
|
||||
import org.wfc.gateway.service.ValidateCodeService;
|
||||
@@ -63,7 +66,7 @@ public class ValidateCodeServiceImpl implements ValidateCodeService
|
||||
|
||||
// 保存验证码信息
|
||||
String uuid = IdUtils.simpleUUID();
|
||||
String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + uuid;
|
||||
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
|
||||
|
||||
String capStr = null, code = null;
|
||||
BufferedImage image = null;
|
||||
@@ -105,25 +108,61 @@ public class ValidateCodeServiceImpl implements ValidateCodeService
|
||||
return AjaxResult.success(data);
|
||||
}
|
||||
|
||||
/**
|
||||
* 生成验证码
|
||||
*/
|
||||
@Override
|
||||
public AjaxResult createCaptchaEmail(String email) throws IOException, CaptchaException
|
||||
{
|
||||
AjaxResult ajax = AjaxResult.success();
|
||||
boolean captchaEnabled = captchaProperties.getEnabled();
|
||||
ajax.put("captchaEnabled", captchaEnabled);
|
||||
if (!captchaEnabled)
|
||||
{
|
||||
return ajax;
|
||||
}
|
||||
|
||||
// 保存验证码信息
|
||||
String uuid = IdUtils.simpleUUID();
|
||||
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
|
||||
|
||||
String code = RandomUtil.randomNumbers(4);
|
||||
|
||||
try {
|
||||
// MailUtils.sendText(email, "Registration verification code", "Your verification code is: " + code + ", The validity period is " + Constants.MAIL_CAPTCHA_EXPIRATION + " minutes, please fill in as soon as possible.");
|
||||
redisService.setCacheObject(verifyKey, code, Constants.MAIL_CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
|
||||
} catch (Exception e) {
|
||||
return AjaxResult.error(e.getMessage());
|
||||
}
|
||||
|
||||
|
||||
Map<String, Object> data = new HashMap<>();
|
||||
data.put("uuid", uuid);
|
||||
data.put("email",email);
|
||||
if ("dev".equals(springProfilesActive)) {
|
||||
data.put("text", code);
|
||||
}
|
||||
|
||||
return AjaxResult.success(data);
|
||||
}
|
||||
|
||||
/**
|
||||
* 校验验证码
|
||||
*/
|
||||
@Override
|
||||
public void checkCaptcha(String code, String uuid, boolean isPic) throws CaptchaException
|
||||
public void checkCaptcha(String code, String uuid) throws CaptchaException
|
||||
{
|
||||
if (StringUtils.isEmpty(code))
|
||||
{
|
||||
throw new CaptchaException("user.jcaptcha.not.blank");
|
||||
throw new CaptchaException("user.captcha.not.blank");
|
||||
}
|
||||
String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
|
||||
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
|
||||
String captcha = redisService.getCacheObject(verifyKey);
|
||||
if (captcha == null)
|
||||
{
|
||||
throw new CaptchaException();
|
||||
}
|
||||
if (isPic) {
|
||||
redisService.deleteObject(verifyKey);
|
||||
}
|
||||
redisService.deleteObject(verifyKey);
|
||||
if (!code.equalsIgnoreCase(captcha))
|
||||
{
|
||||
throw new CaptchaException();
|
||||
|
||||
@@ -73,5 +73,6 @@ security:
|
||||
- /auth/logout
|
||||
- /auth/login
|
||||
- /auth/register
|
||||
- /auth/checkRepeat
|
||||
- /*/v2/api-docs
|
||||
- /csrf
|
||||
|
||||
Reference in New Issue
Block a user