Merge branch 'superb' of wuheng/eas-system into master

controller/pom.xml

@@ -14,6 +14,11 @@
     </parent>
 
     <dependencies>
+        <dependency>
+            <groupId>com.anji-plus</groupId>
+            <artifactId>spring-boot-starter-captcha</artifactId>
+            <version>1.3.0</version>
+        </dependency>
         <dependency>
             <groupId>cn.afterturn</groupId>
             <artifactId>easypoi-spring-boot-starter</artifactId>

controller/src/main/java/com/koobietech/eas/controller/AdminLoginController.java

@@ -1,7 +1,10 @@
 package com.koobietech.eas.controller;
 
 
-import com.koobietech.eas.common.pojo.JwtUserDto;
+import com.anji.captcha.model.common.ResponseModel;
+import com.anji.captcha.model.vo.CaptchaVO;
+import com.anji.captcha.service.CaptchaService;
+import com.koobietech.eas.common.exception.EasException;
 import com.koobietech.eas.common.result.JsonResult;
 import com.koobietech.eas.dao.Pojo.AdminPojo;
 import com.koobietech.eas.dao.dto.LoginToken;
@@ -18,6 +21,10 @@ public class AdminLoginController {
     @Resource
     private AdminLoginService adminLoginService;
 
+    @Resource
+    private CaptchaService captchaService;
+
+
 
     @PostMapping("/adminLogin")
     @Operation(summary = "管理员登录",  description = "用户名和密码为请求载荷，若登录成功，返回两token")
@@ -29,11 +36,71 @@ public class AdminLoginController {
     }
 
     @PostMapping("/refreshToken")
-    @Operation(summary = "刷新token",  description = "当token过期，在请求头中携带refresh token，若刷新成功，返回新的token和refresh token")
+    @Operation(summary = "刷新token", description = "当token过期，在请求头中携带refresh token，若刷新成功，返回新的token和refresh token")
     public JsonResult refreshToken(@RequestHeader("Authorization") String refreshToken) {
         // 返回新的token和refresh token
         return JsonResult.data(adminLoginService.refreshToken(refreshToken));
     }
 
+    @PostMapping("/verify.get")
+    @Operation(summary = "获取验证码", description = "前端发起获取验证码请求，后端访问静态资源返回滑动图片")
+    public ResponseModel get(@RequestBody CaptchaVO captchaVO) {
+        return captchaService.get(captchaVO);
+    }
+
+    @PostMapping("/verify.check")
+    @Operation(summary = "核对验证码轨迹", description = "前端把用户的滑动轨迹转化成字符串传入后端，通过算法判断轨迹是否为真人")
+    public ResponseModel check(@RequestBody CaptchaVO captchaVO) {
+        return captchaService.check(captchaVO);
+    }
+
+    @PostMapping("/verify.judge")
+    @Operation(summary = "二次校验验证码", description = "校验滑动验证码结果，是否匹配上，传参：captchaVerification")
+    public ResponseModel verify(@RequestBody CaptchaVO captchaVO) {
+        ResponseModel response = captchaService.verification(captchaVO);
+        //repCode  0000  无异常，代表成功
+        //repCode  9999  服务器内部异常
+        //repCode  0011  参数不能为空
+        //repCode  6110  验证码已失效，请重新获取
+        //repCode  6111  验证失败
+        //repCode  6112  获取验证码失败,请联系管理员
+        //repCode  6113  底图未初始化成功，请检查路径
+        //repCode  6201  get接口请求次数超限，请稍后再试!
+        //repCode  6206  无效请求，请重新获取验证码
+        //repCode  6202  接口验证失败数过多，请稍后再试
+        //repCode  6204  check接口请求次数超限，请稍后再试!
+        if (!response.isSuccess()) {
+            String repCode = response.getRepCode();
+            switch (repCode) {
+                case "9999":
+                    throw new EasException("服务器内部异常", 9999);
+                case "0011":
+                    throw new EasException("参数不能为空", 0011);
+                case "6110":
+                    throw new EasException("验证码已失效，请重新获取", 6110);
+                case "6111":
+                    throw new EasException("验证失败", 6111);
+                case "6112":
+                    throw new EasException("获取验证码失败,请联系管理员", 6112);
+                case "6113":
+                    throw new EasException("底图未初始化成功，请检查路径", 6113);
+                case "6201":
+                    throw new EasException("get接口请求次数超限，请稍后再试!", 6201);
+                case "6206":
+                    throw new EasException("无效请求，请重新获取验证码", 6206);
+                case "6202":
+                    throw new EasException("接口验证失败数过多，请稍后再试", 6202);
+                case "6204":
+                    throw new EasException("check接口请求次数超限，请稍后再试!", 6204);
+                default:
+                    // 处理未知的 repCode
+                    throw new EasException("未知错误，你干嘛~哎哟~", -1);
+            }
+        }
+
+        return response;
+    }
+
+
 
 }

controller/src/main/resources/application-local.yaml

@@ -4,13 +4,13 @@ spring:
   datasource:
     url: jdbc:mysql://127.0.0.1:3306/eas?useUnicode=true&characterEncoding=utf-8&serverTimezone=Asia/Shanghai&useSSL=true&tinyInt1isBit=false
     username: root
-    password: 1234
+    password: 123456
     driver-class-name: com.mysql.cj.jdbc.Driver
   redis:
     host: localhost
-    database: 9
+    database: 15
     password:
-    port: 26379
+    port: 6379
   security:
     user:
       name: admin

controller/src/main/resources/application.yaml

@@ -34,3 +34,22 @@ eas:
   jwt-secret-key: 123456
   jwt-expires-date: 1
   password-sign-key: eas-key-password
+aj:
+  captcha:
+    jigsaw: classpath:images/jigsaw
+    pic-click: classpath:images/pic-click
+    cache-type: local
+    type: default
+    water-mark: "\u6211\u7684\u6c34\u5370"
+    slip-offset: 5
+    aes-status: true
+    interference-options: 2
+    font-style: 1
+    font-size: 25
+    history-data-clear-enable: false
+    req-frequency-limit-enable: false
+    req-get-lock-limit: 5
+    req-get-lock-seconds: 360
+    req-get-minute-limit: 30
+    req-check-minute-limit: 60
+    req-verify-minute-limit: 60

security/src/main/java/com/koobietech/eas/security/filter/EasSecurityFilter.java

@@ -69,6 +69,8 @@ public class EasSecurityFilter extends OncePerRequestFilter {
                 // 将身份验证令牌设置到当前的 SecurityContext 中
                 context.setAuthentication(authenticationToken);
             }
+            //放行
+            filterChain.doFilter(request, response);
         }
         filterChain.doFilter(request, response);
     }

service/src/main/java/com/koobietech/eas/service/impl/AdminLoginServiceImpl.java

@@ -139,6 +139,11 @@ public class AdminLoginServiceImpl implements AdminLoginService {
     private void validatePassword(String inputPassword, String encryptedPassword){
         String decryptedPassword = passwordManager.decryptPassword(inputPassword);
         System.out.println("前端解密来的decryptedPassword: " + decryptedPassword);
+
+        String encode = passwordEncoder.encode("123456");
+        System.out.println("cunli:"+encode);
+
+
         System.out.println("数据库查到的密码easSysUserinfo.getPasswd(): " + encryptedPassword);
         if (!passwordEncoder.matches(decryptedPassword, encryptedPassword)) {
             throw new EasException("密码不正确", 9901);