admin/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2025-12-07 17:38:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

提交短信认证后端逻辑判断

Browse Source
This commit is contained in:
shibanglin 2022-11-18 10:14:47 +08:00
parent 756993053b
commit 0bd384b76a
2 changed files with 139 additions and 123 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

147
maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/LoginCredential.java
View File

@ -1,19 +1,19 @@
/*
* Copyright [2020] [MaxKey of copyright http://www.maxkey.top]
*
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*
* http://www.apache.org/licenses/LICENSE-2.0
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn;
@ -25,9 +25,9 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
public class LoginCredential implements Authentication {
/**
*
*
*/
private static final long serialVersionUID = 3125709257481600320L;
String congress;
@ -44,12 +44,12 @@ public class LoginCredential implements Authentication {
String code;
String message = WebConstants.LOGIN_RESULT.SUCCESS;
String instId;
ArrayList<GrantedAuthority> grantedAuthority;
boolean authenticated;
boolean roleAdministrators;
String mobile;
/**
* BasicAuthentication.
*/
@ -64,16 +64,16 @@ public class LoginCredential implements Authentication {
this.password = password;
this.authType = authType;
}
public String getCongress() {
return congress;
}
return congress;
}
public void setCongress(String congress) {
this.congress = congress;
}
public void setCongress(String congress) {
this.congress = congress;
}
@Override
@Override
public String getName() {
return "Login Credential";
}
@ -127,14 +127,14 @@ public class LoginCredential implements Authentication {
}
public String getState() {
return state;
}
return state;
}
public void setState(String state) {
this.state = state;
}
public void setState(String state) {
this.state = state;
}
public String getCaptcha() {
public String getCaptcha() {
return captcha;
}
@ -223,51 +223,62 @@ public class LoginCredential implements Authentication {
}
public String getInstId() {
return instId;
}
return instId;
}
public void setInstId(String instId) {
this.instId = instId;
}
public void setInstId(String instId) {
this.instId = instId;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("LoginCredential [congress=");
builder.append(congress);
builder.append(", username=");
builder.append(username);
builder.append(", password=");
builder.append(password);
builder.append(", state=");
builder.append(state);
builder.append(", captcha=");
builder.append(captcha);
builder.append(", otpCaptcha=");
builder.append(otpCaptcha);
builder.append(", remeberMe=");
builder.append(remeberMe);
builder.append(", authType=");
builder.append(authType);
builder.append(", jwtToken=");
builder.append(jwtToken);
builder.append(", onlineTicket=");
builder.append(onlineTicket);
builder.append(", provider=");
builder.append(provider);
builder.append(", code=");
builder.append(code);
builder.append(", message=");
builder.append(message);
builder.append(", instId=");
builder.append(instId);
builder.append(", grantedAuthority=");
builder.append(grantedAuthority);
builder.append(", authenticated=");
builder.append(authenticated);
builder.append(", roleAdministrators=");
builder.append(roleAdministrators);
builder.append("]");
return builder.toString();
}
}
public String getMobile() {
return mobile;
}
public void setMobile(String mobile) {
this.mobile = mobile;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder();
builder.append("LoginCredential [congress=");
builder.append(congress);
builder.append(", username=");
builder.append(username);
builder.append(", password=");
builder.append(password);
builder.append(", state=");
builder.append(state);
builder.append(", mobile=");
builder.append(mobile);
builder.append(", captcha=");
builder.append(captcha);
builder.append(", otpCaptcha=");
builder.append(otpCaptcha);
builder.append(", remeberMe=");
builder.append(remeberMe);
builder.append(", authType=");
builder.append(authType);
builder.append(", jwtToken=");
builder.append(jwtToken);
builder.append(", onlineTicket=");
builder.append(onlineTicket);
builder.append(", provider=");
builder.append(provider);
builder.append(", code=");
builder.append(code);
builder.append(", message=");
builder.append(message);
builder.append(", instId=");
builder.append(instId);
builder.append(", grantedAuthority=");
builder.append(grantedAuthority);
builder.append(", authenticated=");
builder.append(authenticated);
builder.append(", roleAdministrators=");
builder.append(roleAdministrators);
builder.append("]");
return builder.toString();
}
}

115
maxkey-authentications/maxkey-authentication-provider/src/main/java/org/maxkey/authn/provider/impl/MobileAuthenticationProvider.java
View File

@ -1,19 +1,19 @@
/*
* Copyright [2022] [MaxKey of copyright http://www.maxkey.top]
*
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
*
* http://www.apache.org/licenses/LICENSE-2.0
*
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.maxkey.authn.provider.impl;
@ -42,85 +42,90 @@ import org.springframework.security.core.AuthenticationException;
*
*/
public class MobileAuthenticationProvider extends AbstractAuthenticationProvider {
private static final Logger _logger =
LoggerFactory.getLogger(MobileAuthenticationProvider.class);
public String getProviderName() {
return "mobile" + PROVIDER_SUFFIX;
}
public MobileAuthenticationProvider() {
super();
}
super();
}
public MobileAuthenticationProvider(
AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig,
OtpAuthnService otpAuthnService,
SessionManager sessionManager) {
this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig;
this.otpAuthnService = otpAuthnService;
this.sessionManager = sessionManager;
}
AbstractAuthenticationRealm authenticationRealm,
ApplicationConfig applicationConfig,
OtpAuthnService otpAuthnService,
SessionManager sessionManager) {
this.authenticationRealm = authenticationRealm;
this.applicationConfig = applicationConfig;
this.otpAuthnService = otpAuthnService;
this.sessionManager = sessionManager;
}
@Override
public Authentication doAuthenticate(LoginCredential loginCredential) {
UsernamePasswordAuthenticationToken authenticationToken = null;
_logger.debug("Trying to authenticate user '{}' via {}",
public Authentication doAuthenticate(LoginCredential loginCredential) {
UsernamePasswordAuthenticationToken authenticationToken = null;
_logger.debug("Trying to authenticate user '{}' via {}",
loginCredential.getPrincipal(), getProviderName());
try {
_logger.debug("authentication " + loginCredential);
emptyPasswordValid(loginCredential.getPassword());
emptyUsernameValid(loginCredential.getUsername());
UserInfo userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
statusValid(loginCredential , userInfo);
//如果是验证码登录设置mobile为username
loginCredential.setUsername(loginCredential.getMobile());
//设置密码为验证码
loginCredential.setPassword(loginCredential.getOtpCaptcha());
//Validate PasswordPolicy
authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
mobileCaptchaValid(loginCredential.getPassword(),userInfo);
_logger.debug("authentication " + loginCredential);
//apply PasswordSetType and resetBadPasswordCount
authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo);
authenticationToken = createOnlineTicket(loginCredential,userInfo);
// user authenticated
_logger.debug("'{}' authenticated successfully by {}.",
loginCredential.getPrincipal(), getProviderName());
authenticationRealm.insertLoginHistory(userInfo,
ConstsLoginType.LOCAL,
"",
"xe00000004",
WebConstants.LOGIN_RESULT.SUCCESS);
emptyPasswordValid(loginCredential.getPassword());
emptyUsernameValid(loginCredential.getUsername());
UserInfo userInfo = loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
statusValid(loginCredential , userInfo);
//Validate PasswordPolicy 取消密码策略验证
//authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(userInfo);
mobileCaptchaValid(loginCredential.getPassword(),userInfo);
//apply PasswordSetType and resetBadPasswordCount
authenticationRealm.getPasswordPolicyValidator().applyPasswordPolicy(userInfo);
authenticationToken = createOnlineTicket(loginCredential,userInfo);
// user authenticated
_logger.debug("'{}' authenticated successfully by {}.",
loginCredential.getPrincipal(), getProviderName());
authenticationRealm.insertLoginHistory(userInfo,
ConstsLoginType.LOCAL,
"",
"xe00000004",
WebConstants.LOGIN_RESULT.SUCCESS);
} catch (AuthenticationException e) {
_logger.error("Failed to authenticate user {} via {}: {}",
new Object[] { loginCredential.getPrincipal(),
getProviderName(),
e.getMessage() });
getProviderName(),
e.getMessage() });
WebContext.setAttribute(
WebConstants.LOGIN_ERROR_SESSION_MESSAGE, e.getMessage());
} catch (Exception e) {
_logger.error("Login error Unexpected exception in {} authentication:\n{}" ,
getProviderName(), e.getMessage());
getProviderName(), e.getMessage());
}
return authenticationToken;
}
/**
* mobile validate.
*
*
* @param otpCaptcha String
* @param authType String
* @param userInfo UserInfo
@ -139,5 +144,5 @@ public class MobileAuthenticationProvider extends AbstractAuthenticationProvider
}
}
}
}
}