fix: 网关拦截处理验证码校验,添加用户检查重复
This commit is contained in:
TsMask
@@ -69,6 +69,11 @@
|
|||||||
<groupId>pro.fessional</groupId>
|
<groupId>pro.fessional</groupId>
|
||||||
<artifactId>kaptcha</artifactId>
|
<artifactId>kaptcha</artifactId>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<!--验证码 -->
|
||||||
|
<dependency>
|
||||||
|
<groupId>org.wfc</groupId>
|
||||||
|
<artifactId>wfc-common-mail</artifactId>
|
||||||
|
</dependency>
|
||||||
|
|
||||||
<!-- WFC Common Redis-->
|
<!-- WFC Common Redis-->
|
||||||
<dependency>
|
<dependency>
|
||||||
|
|||||||
@@ -6,7 +6,7 @@ import org.springframework.context.annotation.Configuration;
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证码配置
|
* 验证码配置
|
||||||
*
|
*
|
||||||
* @author wfc
|
* @author wfc
|
||||||
*/
|
*/
|
||||||
@Configuration
|
@Configuration
|
||||||
@@ -15,15 +15,10 @@ import org.springframework.context.annotation.Configuration;
|
|||||||
public class CaptchaProperties
|
public class CaptchaProperties
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* 图片验证码开关
|
* 验证码开关
|
||||||
*/
|
*/
|
||||||
private Boolean enabled;
|
private Boolean enabled;
|
||||||
|
|
||||||
/**
|
|
||||||
* 邮箱验证码开关
|
|
||||||
*/
|
|
||||||
private Boolean mailEnabled;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证码类型(math 数组计算 char 字符)
|
* 验证码类型(math 数组计算 char 字符)
|
||||||
*/
|
*/
|
||||||
@@ -48,12 +43,4 @@ public class CaptchaProperties
|
|||||||
{
|
{
|
||||||
this.type = type;
|
this.type = type;
|
||||||
}
|
}
|
||||||
|
|
||||||
public Boolean getMailEnabled() {
|
|
||||||
return mailEnabled;
|
|
||||||
}
|
|
||||||
|
|
||||||
public void setMailEnabled(Boolean mailEnabled) {
|
|
||||||
this.mailEnabled = mailEnabled;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,7 +1,8 @@
|
|||||||
package org.wfc.gateway.filter;
|
package org.wfc.gateway.filter;
|
||||||
|
|
||||||
import com.alibaba.fastjson2.JSON;
|
import java.nio.CharBuffer;
|
||||||
import com.alibaba.fastjson2.JSONObject;
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.util.concurrent.atomic.AtomicReference;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
import org.springframework.cloud.gateway.filter.GatewayFilter;
|
||||||
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
import org.springframework.cloud.gateway.filter.factory.AbstractGatewayFilterFactory;
|
||||||
@@ -9,16 +10,14 @@ import org.springframework.core.io.buffer.DataBuffer;
|
|||||||
import org.springframework.core.io.buffer.DataBufferUtils;
|
import org.springframework.core.io.buffer.DataBufferUtils;
|
||||||
import org.springframework.http.server.reactive.ServerHttpRequest;
|
import org.springframework.http.server.reactive.ServerHttpRequest;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
import com.alibaba.fastjson2.JSON;
|
||||||
|
import com.alibaba.fastjson2.JSONObject;
|
||||||
import org.wfc.common.core.utils.ServletUtils;
|
import org.wfc.common.core.utils.ServletUtils;
|
||||||
import org.wfc.common.core.utils.StringUtils;
|
import org.wfc.common.core.utils.StringUtils;
|
||||||
import org.wfc.gateway.config.properties.CaptchaProperties;
|
import org.wfc.gateway.config.properties.CaptchaProperties;
|
||||||
import org.wfc.gateway.service.ValidateCodeService;
|
import org.wfc.gateway.service.ValidateCodeService;
|
||||||
import reactor.core.publisher.Flux;
|
import reactor.core.publisher.Flux;
|
||||||
|
|
||||||
import java.nio.CharBuffer;
|
|
||||||
import java.nio.charset.StandardCharsets;
|
|
||||||
import java.util.concurrent.atomic.AtomicReference;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证码过滤器
|
* 验证码过滤器
|
||||||
*
|
*
|
||||||
@@ -27,8 +26,7 @@ import java.util.concurrent.atomic.AtomicReference;
|
|||||||
@Component
|
@Component
|
||||||
public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
||||||
{
|
{
|
||||||
private final static String[] VALIDATE_URL = new String[] { "/auth/login" };
|
private final static String[] VALIDATE_URL = new String[] { "/auth/login", "/auth/register" };
|
||||||
private final static String[] MAIL_VALIDATE_URL = new String[] { "/auth/register" };
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private ValidateCodeService validateCodeService;
|
private ValidateCodeService validateCodeService;
|
||||||
@@ -40,18 +38,14 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
|||||||
|
|
||||||
private static final String UUID = "uuid";
|
private static final String UUID = "uuid";
|
||||||
|
|
||||||
private static final String EMAIL = "email";
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public GatewayFilter apply(Object config)
|
public GatewayFilter apply(Object config)
|
||||||
{
|
{
|
||||||
return (exchange, chain) -> {
|
return (exchange, chain) -> {
|
||||||
ServerHttpRequest request = exchange.getRequest();
|
ServerHttpRequest request = exchange.getRequest();
|
||||||
|
|
||||||
// 非登录请求且验证码启用,非注册请求且邮箱验证码启用, 不处理
|
// 非登录/注册请求或验证码关闭,不处理
|
||||||
boolean enabledLoginCaptcha = StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) && captchaProperties.getEnabled();
|
if (!StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), VALIDATE_URL) || !captchaProperties.getEnabled())
|
||||||
boolean enabledRegisterCaptcha = StringUtils.equalsAnyIgnoreCase(request.getURI().getPath(), MAIL_VALIDATE_URL) && captchaProperties.getMailEnabled();
|
|
||||||
if (!enabledLoginCaptcha && !enabledRegisterCaptcha)
|
|
||||||
{
|
{
|
||||||
return chain.filter(exchange);
|
return chain.filter(exchange);
|
||||||
}
|
}
|
||||||
@@ -60,14 +54,7 @@ public class ValidateCodeFilter extends AbstractGatewayFilterFactory<Object>
|
|||||||
{
|
{
|
||||||
String rspStr = resolveBodyFromRequest(request);
|
String rspStr = resolveBodyFromRequest(request);
|
||||||
JSONObject obj = JSON.parseObject(rspStr);
|
JSONObject obj = JSON.parseObject(rspStr);
|
||||||
// 图片验证码启用
|
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID));
|
||||||
if (enabledLoginCaptcha) {
|
|
||||||
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(UUID), true);
|
|
||||||
}
|
|
||||||
// 邮箱验证码启用
|
|
||||||
if (enabledRegisterCaptcha) {
|
|
||||||
validateCodeService.checkCaptcha(obj.getString(CODE), obj.getString(EMAIL), false);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
catch (Exception e)
|
catch (Exception e)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -1,6 +1,8 @@
|
|||||||
package org.wfc.gateway.handler;
|
package org.wfc.gateway.handler;
|
||||||
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
import java.util.Optional;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
@@ -30,7 +32,12 @@ public class ValidateCodeHandler implements HandlerFunction<ServerResponse>
|
|||||||
AjaxResult ajax;
|
AjaxResult ajax;
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
ajax = validateCodeService.createCaptcha();
|
Optional<String> emailValue = serverRequest.queryParam("email");
|
||||||
|
if (emailValue.isPresent()){
|
||||||
|
ajax = validateCodeService.createCaptchaEmail(emailValue.get());
|
||||||
|
}else{
|
||||||
|
ajax = validateCodeService.createCaptcha();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
catch (CaptchaException | IOException e)
|
catch (CaptchaException | IOException e)
|
||||||
{
|
{
|
||||||
|
|||||||
@@ -1,10 +1,9 @@
|
|||||||
package org.wfc.gateway.service;
|
package org.wfc.gateway.service;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
import org.wfc.common.core.exception.CaptchaException;
|
import org.wfc.common.core.exception.CaptchaException;
|
||||||
import org.wfc.common.core.web.domain.AjaxResult;
|
import org.wfc.common.core.web.domain.AjaxResult;
|
||||||
|
|
||||||
import java.io.IOException;
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 验证码处理
|
* 验证码处理
|
||||||
*
|
*
|
||||||
@@ -17,8 +16,13 @@ public interface ValidateCodeService
|
|||||||
*/
|
*/
|
||||||
public AjaxResult createCaptcha() throws IOException, CaptchaException;
|
public AjaxResult createCaptcha() throws IOException, CaptchaException;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 生成验证码-邮件
|
||||||
|
*/
|
||||||
|
public AjaxResult createCaptchaEmail(String email) throws IOException, CaptchaException;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 校验验证码
|
* 校验验证码
|
||||||
*/
|
*/
|
||||||
public void checkCaptcha(String key, String value, boolean isPic) throws CaptchaException;
|
public void checkCaptcha(String key, String value) throws CaptchaException;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -1,17 +1,20 @@
|
|||||||
package org.wfc.gateway.service.impl;
|
package org.wfc.gateway.service.impl;
|
||||||
|
|
||||||
|
import cn.hutool.core.util.RandomUtil;
|
||||||
import com.google.code.kaptcha.Producer;
|
import com.google.code.kaptcha.Producer;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import org.springframework.util.FastByteArrayOutputStream;
|
import org.springframework.util.FastByteArrayOutputStream;
|
||||||
|
import org.wfc.common.core.constant.CacheConstants;
|
||||||
import org.wfc.common.core.constant.Constants;
|
import org.wfc.common.core.constant.Constants;
|
||||||
import org.wfc.common.core.constant.GlobalConstants;
|
import org.wfc.common.core.domain.R;
|
||||||
import org.wfc.common.core.exception.CaptchaException;
|
import org.wfc.common.core.exception.CaptchaException;
|
||||||
import org.wfc.common.core.utils.StringUtils;
|
import org.wfc.common.core.utils.StringUtils;
|
||||||
import org.wfc.common.core.utils.sign.Base64;
|
import org.wfc.common.core.utils.sign.Base64;
|
||||||
import org.wfc.common.core.utils.uuid.IdUtils;
|
import org.wfc.common.core.utils.uuid.IdUtils;
|
||||||
import org.wfc.common.core.web.domain.AjaxResult;
|
import org.wfc.common.core.web.domain.AjaxResult;
|
||||||
|
import org.wfc.common.mail.utils.MailUtils;
|
||||||
import org.wfc.common.redis.service.RedisService;
|
import org.wfc.common.redis.service.RedisService;
|
||||||
import org.wfc.gateway.config.properties.CaptchaProperties;
|
import org.wfc.gateway.config.properties.CaptchaProperties;
|
||||||
import org.wfc.gateway.service.ValidateCodeService;
|
import org.wfc.gateway.service.ValidateCodeService;
|
||||||
@@ -63,7 +66,7 @@ public class ValidateCodeServiceImpl implements ValidateCodeService
|
|||||||
|
|
||||||
// 保存验证码信息
|
// 保存验证码信息
|
||||||
String uuid = IdUtils.simpleUUID();
|
String uuid = IdUtils.simpleUUID();
|
||||||
String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + uuid;
|
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
|
||||||
|
|
||||||
String capStr = null, code = null;
|
String capStr = null, code = null;
|
||||||
BufferedImage image = null;
|
BufferedImage image = null;
|
||||||
@@ -105,25 +108,61 @@ public class ValidateCodeServiceImpl implements ValidateCodeService
|
|||||||
return AjaxResult.success(data);
|
return AjaxResult.success(data);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* 生成验证码
|
||||||
|
*/
|
||||||
|
@Override
|
||||||
|
public AjaxResult createCaptchaEmail(String email) throws IOException, CaptchaException
|
||||||
|
{
|
||||||
|
AjaxResult ajax = AjaxResult.success();
|
||||||
|
boolean captchaEnabled = captchaProperties.getEnabled();
|
||||||
|
ajax.put("captchaEnabled", captchaEnabled);
|
||||||
|
if (!captchaEnabled)
|
||||||
|
{
|
||||||
|
return ajax;
|
||||||
|
}
|
||||||
|
|
||||||
|
// 保存验证码信息
|
||||||
|
String uuid = IdUtils.simpleUUID();
|
||||||
|
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + uuid;
|
||||||
|
|
||||||
|
String code = RandomUtil.randomNumbers(4);
|
||||||
|
|
||||||
|
try {
|
||||||
|
// MailUtils.sendText(email, "Registration verification code", "Your verification code is: " + code + ", The validity period is " + Constants.MAIL_CAPTCHA_EXPIRATION + " minutes, please fill in as soon as possible.");
|
||||||
|
redisService.setCacheObject(verifyKey, code, Constants.MAIL_CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
|
||||||
|
} catch (Exception e) {
|
||||||
|
return AjaxResult.error(e.getMessage());
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
Map<String, Object> data = new HashMap<>();
|
||||||
|
data.put("uuid", uuid);
|
||||||
|
data.put("email",email);
|
||||||
|
if ("dev".equals(springProfilesActive)) {
|
||||||
|
data.put("text", code);
|
||||||
|
}
|
||||||
|
|
||||||
|
return AjaxResult.success(data);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* 校验验证码
|
* 校验验证码
|
||||||
*/
|
*/
|
||||||
@Override
|
@Override
|
||||||
public void checkCaptcha(String code, String uuid, boolean isPic) throws CaptchaException
|
public void checkCaptcha(String code, String uuid) throws CaptchaException
|
||||||
{
|
{
|
||||||
if (StringUtils.isEmpty(code))
|
if (StringUtils.isEmpty(code))
|
||||||
{
|
{
|
||||||
throw new CaptchaException("user.jcaptcha.not.blank");
|
throw new CaptchaException("user.captcha.not.blank");
|
||||||
}
|
}
|
||||||
String verifyKey = GlobalConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
|
String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
|
||||||
String captcha = redisService.getCacheObject(verifyKey);
|
String captcha = redisService.getCacheObject(verifyKey);
|
||||||
if (captcha == null)
|
if (captcha == null)
|
||||||
{
|
{
|
||||||
throw new CaptchaException();
|
throw new CaptchaException();
|
||||||
}
|
}
|
||||||
if (isPic) {
|
redisService.deleteObject(verifyKey);
|
||||||
redisService.deleteObject(verifyKey);
|
|
||||||
}
|
|
||||||
if (!code.equalsIgnoreCase(captcha))
|
if (!code.equalsIgnoreCase(captcha))
|
||||||
{
|
{
|
||||||
throw new CaptchaException();
|
throw new CaptchaException();
|
||||||
|
|||||||
@@ -73,5 +73,6 @@ security:
|
|||||||
- /auth/logout
|
- /auth/logout
|
||||||
- /auth/login
|
- /auth/login
|
||||||
- /auth/register
|
- /auth/register
|
||||||
|
- /auth/checkRepeat
|
||||||
- /*/v2/api-docs
|
- /*/v2/api-docs
|
||||||
- /csrf
|
- /csrf
|
||||||
|
|||||||
Reference in New Issue
Block a user