diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java index 3e1302d4f..840687c8d 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java @@ -1,15 +1,18 @@ package org.dromara.maxkey.authn.provider.impl; import org.dromara.maxkey.authn.LoginCredential; +import org.dromara.maxkey.authn.jwt.AuthTokenService; import org.dromara.maxkey.authn.provider.AbstractAuthenticationProvider; import org.dromara.maxkey.authn.realm.AbstractAuthenticationRealm; import org.dromara.maxkey.authn.session.SessionManager; +import org.dromara.maxkey.configuration.ApplicationConfig; import org.dromara.maxkey.constants.ConstsLoginType; import org.dromara.maxkey.entity.idm.UserInfo; import org.dromara.maxkey.web.WebConstants; import org.dromara.maxkey.web.WebContext; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.security.authentication.BadCredentialsException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; @@ -28,9 +31,13 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider { public AppAuthenticationProvider( AbstractAuthenticationRealm authenticationRealm, - SessionManager sessionManager) { + ApplicationConfig applicationConfig, + SessionManager sessionManager, + AuthTokenService authTokenService) { this.authenticationRealm = authenticationRealm; + this.applicationConfig = applicationConfig; this.sessionManager = sessionManager; + this.authTokenService = authTokenService; } @@ -48,6 +55,9 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider { _logger.debug("authentication {}", loginCredential); + if(this.applicationConfig.getLoginConfig().isCaptcha()) { + captchaValid(loginCredential.getState(),loginCredential.getCaptcha()); + } emptyPasswordValid(loginCredential.getPassword()); @@ -93,4 +103,11 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider { return authenticationToken; } + + protected void captchaValid(String state ,String captcha) { + // for basic + if(!authTokenService.validateCaptcha(state,captcha)) { + throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha")); + } + } } diff --git a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java index c2a2c4a42..a04933385 100644 --- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java +++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java @@ -91,11 +91,15 @@ public class AuthnProviderAutoConfiguration { @Bean public AppAuthenticationProvider appAuthenticationProvider( AbstractAuthenticationRealm authenticationRealm, - SessionManager sessionManager + ApplicationConfig applicationConfig, + SessionManager sessionManager, + AuthTokenService authTokenService ) { return new AppAuthenticationProvider( authenticationRealm, - sessionManager + applicationConfig, + sessionManager, + authTokenService ); } diff --git a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts index 82e9e2756..69a90e6a9 100644 --- a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts +++ b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts @@ -102,6 +102,13 @@ export class UserLoginComponent implements OnInit, OnDestroy { //init socials,state this.authnService.clear(); + + this.get(); + + this.cdr.detectChanges(); + } + + get() { this.authnService .get({ remember_me: localStorage.getItem(CONSTS.REMEMBER) }) .pipe( @@ -141,7 +148,6 @@ export class UserLoginComponent implements OnInit, OnDestroy { } } }); - this.cdr.detectChanges(); } congressLogin(congress: string) { @@ -343,6 +349,8 @@ export class UserLoginComponent implements OnInit, OnDestroy { this.authnService.navigate({}); } else if (res.code === 20004) { this.qrexpire = true; + } else if (res.code === 20005) { + this.get() } // Handle response here diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java index 75244a47a..7ee381cca 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java @@ -314,9 +314,9 @@ public class LoginEntryPoint { } catch (BusinessException businessException) { return new Message<>(businessException.getCode(), businessException.getMessage()); } + } else { + return new Message<>(20005, "state失效重新获取"); } - - return new Message<>(Message.FAIL); } @Operation(summary = "app扫描二维码", description = "扫描二维码登录", method = "POST")