mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-06 17:08:29 +08:00
Opt
This commit is contained in:
MaxKey
parent
0f19da93f4
commit
c110fee2b1
@ -47,13 +47,13 @@ allprojects {
|
||||
compileJava.options.encoding = 'UTF-8'
|
||||
|
||||
eclipse {
|
||||
/*第一次时请注释这段eclipse设置,可能报错
|
||||
/*第一次时请注释这段eclipse设置,可能报错*/
|
||||
jdt {
|
||||
File f = file('.settings/org.eclipse.core.resources.prefs')
|
||||
f.write('eclipse.preferences.version=1\n')
|
||||
f.append('encoding/<project>=UTF-8') //use UTF-8
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
/*
|
||||
wtp {
|
||||
|
||||
@ -52,7 +52,7 @@ public abstract class AbstractAuthenticationProvider {
|
||||
|
||||
protected AbstractAuthenticationRealm authenticationRealm;
|
||||
|
||||
protected AbstractOtpAuthn tfaOptAuthn;
|
||||
protected AbstractOtpAuthn tfaOtpAuthn;
|
||||
|
||||
protected AbstractRemeberMeService remeberMeService;
|
||||
|
||||
@ -227,7 +227,7 @@ public abstract class AbstractAuthenticationProvider {
|
||||
validUserInfo.setSharedSecret(sharedSecret);
|
||||
validUserInfo.setSharedCounter(userInfo.getSharedCounter());
|
||||
validUserInfo.setId(userInfo.getId());
|
||||
if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
|
||||
if (otpCaptcha == null || !tfaOtpAuthn.validate(validUserInfo, otpCaptcha)) {
|
||||
String message = WebContext.getI18nValue("login.error.captcha");
|
||||
_logger.debug("login captcha valid error.");
|
||||
throw new BadCredentialsException(message);
|
||||
@ -320,8 +320,8 @@ public abstract class AbstractAuthenticationProvider {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
}
|
||||
|
||||
public void setTfaOptAuthn(AbstractOtpAuthn tfaOptAuthn) {
|
||||
this.tfaOptAuthn = tfaOptAuthn;
|
||||
public void setTfaOtpAuthn(AbstractOtpAuthn tfaOtpAuthn) {
|
||||
this.tfaOtpAuthn = tfaOtpAuthn;
|
||||
}
|
||||
|
||||
public void setRemeberMeService(AbstractRemeberMeService remeberMeService) {
|
||||
|
||||
@ -61,12 +61,12 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
||||
public RealmAuthenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
AbstractOtpAuthn tfaOptAuthn,
|
||||
AbstractOtpAuthn tfaOtpAuthn,
|
||||
AbstractRemeberMeService remeberMeService,
|
||||
OnlineTicketServices onlineTicketServices) {
|
||||
this.authenticationRealm = authenticationRealm;
|
||||
this.applicationConfig = applicationConfig;
|
||||
this.tfaOptAuthn = tfaOptAuthn;
|
||||
this.tfaOtpAuthn = tfaOtpAuthn;
|
||||
this.remeberMeService = remeberMeService;
|
||||
this.onlineTicketServices = onlineTicketServices;
|
||||
}
|
||||
|
||||
@ -80,7 +80,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
public AbstractAuthenticationProvider authenticationProvider(
|
||||
AbstractAuthenticationRealm authenticationRealm,
|
||||
ApplicationConfig applicationConfig,
|
||||
AbstractOtpAuthn tfaOptAuthn,
|
||||
AbstractOtpAuthn tfaOtpAuthn,
|
||||
AbstractRemeberMeService remeberMeService,
|
||||
OnlineTicketServices onlineTicketServices
|
||||
) {
|
||||
@ -88,7 +88,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
||||
return new RealmAuthenticationProvider(
|
||||
authenticationRealm,
|
||||
applicationConfig,
|
||||
tfaOptAuthn,
|
||||
tfaOtpAuthn,
|
||||
remeberMeService,
|
||||
onlineTicketServices
|
||||
);
|
||||
|
||||
@ -176,49 +176,49 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
return authenticationRealm;
|
||||
}
|
||||
|
||||
@Bean(name = "tfaOptAuthn")
|
||||
@Bean(name = "tfaOtpAuthn")
|
||||
public TimeBasedOtpAuthn tfaOptAuthn() {
|
||||
TimeBasedOtpAuthn tfaOptAuthn = new TimeBasedOtpAuthn();
|
||||
TimeBasedOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||
return tfaOptAuthn;
|
||||
return tfaOtpAuthn;
|
||||
}
|
||||
|
||||
//default tfaOptAuthn
|
||||
@Bean(name = "tfaOptAuthn")
|
||||
//default tfaOtpAuthn
|
||||
@Bean(name = "tfaOtpAuthn")
|
||||
public AbstractOtpAuthn tfaOptAuthn(
|
||||
@Value("${config.login.mfa.type}")String mfaType,
|
||||
@Value("${config.server.persistence}") int persistence,
|
||||
MailOtpAuthn tfaMailOptAuthn,
|
||||
MailOtpAuthn tfaMailOtpAuthn,
|
||||
RedisConnectionFactory redisConnFactory) {
|
||||
|
||||
AbstractOtpAuthn tfaOptAuthn = null;
|
||||
AbstractOtpAuthn tfaOtpAuthn = null;
|
||||
if(mfaType.equalsIgnoreCase("SmsOtpAuthnAliyun")) {
|
||||
tfaOptAuthn = new SmsOtpAuthnAliyun();
|
||||
tfaOtpAuthn = new SmsOtpAuthnAliyun();
|
||||
_logger.debug("SmsOtpAuthnAliyun inited.");
|
||||
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnTencentCloud")) {
|
||||
tfaOptAuthn = new SmsOtpAuthnTencentCloud();
|
||||
tfaOtpAuthn = new SmsOtpAuthnTencentCloud();
|
||||
_logger.debug("SmsOtpAuthnTencentCloud inited.");
|
||||
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnYunxin")) {
|
||||
tfaOptAuthn = new SmsOtpAuthnYunxin();
|
||||
tfaOtpAuthn = new SmsOtpAuthnYunxin();
|
||||
_logger.debug("SmsOtpAuthnYunxin inited.");
|
||||
}else if(mfaType.equalsIgnoreCase("MailOtpAuthn")) {
|
||||
tfaOptAuthn = tfaMailOptAuthn;
|
||||
tfaOtpAuthn = tfaMailOtpAuthn;
|
||||
_logger.debug("MailOtpAuthn inited.");
|
||||
}else {
|
||||
tfaOptAuthn = new TimeBasedOtpAuthn();
|
||||
tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||
}
|
||||
|
||||
if (persistence == ConstantsPersistence.REDIS) {
|
||||
RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
|
||||
tfaOptAuthn.setOptTokenStore(redisOptTokenStore);
|
||||
tfaOtpAuthn.setOptTokenStore(redisOptTokenStore);
|
||||
}
|
||||
|
||||
tfaOptAuthn.initPropertys();
|
||||
return tfaOptAuthn;
|
||||
tfaOtpAuthn.initPropertys();
|
||||
return tfaOtpAuthn;
|
||||
}
|
||||
|
||||
@Bean(name = "tfaMailOptAuthn")
|
||||
@Bean(name = "tfaMailOtpAuthn")
|
||||
public MailOtpAuthn mailOtpAuthn(
|
||||
@Value("${spring.mail.properties.mailotp.message.subject}")
|
||||
String messageSubject,
|
||||
@ -228,11 +228,11 @@ public class MaxKeyConfig implements InitializingBean {
|
||||
MailOtpAuthn mailOtpAuthn = new MailOtpAuthn();
|
||||
mailOtpAuthn.setSubject(messageSubject);
|
||||
mailOtpAuthn.setMessageTemplate(messageTemplate);
|
||||
_logger.debug("tfaMailOptAuthn inited.");
|
||||
_logger.debug("tfaMailOtpAuthn inited.");
|
||||
return mailOtpAuthn;
|
||||
}
|
||||
|
||||
@Bean(name = "tfaMobileOptAuthn")
|
||||
@Bean(name = "tfaMobileOtpAuthn")
|
||||
public SmsOtpAuthn smsOtpAuthn(
|
||||
@Value("${config.otp.sms}")String optSmsProvider,
|
||||
@Value("${config.server.persistence}") int persistence,
|
||||
|
||||
@ -62,12 +62,12 @@ public class ForgotPasswordContorller {
|
||||
private UserInfoService userInfoService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("tfaMailOptAuthn")
|
||||
protected AbstractOtpAuthn tfaMailOptAuthn;
|
||||
@Qualifier("tfaMailOtpAuthn")
|
||||
protected AbstractOtpAuthn tfaMailOtpAuthn;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("tfaMobileOptAuthn")
|
||||
protected AbstractOtpAuthn tfaMobileOptAuthn;
|
||||
@Qualifier("tfaMobileOtpAuthn")
|
||||
protected AbstractOtpAuthn tfaMobileOtpAuthn;
|
||||
|
||||
|
||||
@RequestMapping(value = { "/forward" })
|
||||
@ -89,10 +89,10 @@ public class ForgotPasswordContorller {
|
||||
|
||||
Matcher matcher = emailRegex.matcher(emailMobile);
|
||||
if (matcher.matches() && null != userInfo) {
|
||||
tfaMailOptAuthn.produce(userInfo);
|
||||
tfaMailOtpAuthn.produce(userInfo);
|
||||
forgotType = ForgotType.EMAIL;
|
||||
}else if (null != userInfo) {
|
||||
tfaMobileOptAuthn.produce(userInfo);
|
||||
tfaMobileOtpAuthn.produce(userInfo);
|
||||
forgotType = ForgotType.MOBILE;
|
||||
}
|
||||
|
||||
@ -126,8 +126,8 @@ public class ForgotPasswordContorller {
|
||||
userInfo.setUsername(username);
|
||||
userInfo.setPassword(password);
|
||||
userInfo.setDecipherable(password);
|
||||
if ((forgotType == ForgotType.EMAIL && tfaMailOptAuthn.validate(userInfo, captcha)) ||
|
||||
(forgotType == ForgotType.MOBILE && tfaMobileOptAuthn.validate(userInfo, captcha))
|
||||
if ((forgotType == ForgotType.EMAIL && tfaMailOtpAuthn.validate(userInfo, captcha)) ||
|
||||
(forgotType == ForgotType.MOBILE && tfaMobileOtpAuthn.validate(userInfo, captcha))
|
||||
) {
|
||||
userInfoService.changePassword(userInfo);
|
||||
modelAndView.addObject("passwordResetResult", PasswordResetResult.SUCCESS);
|
||||
|
||||
@ -92,8 +92,8 @@ public class LoginEndpoint {
|
||||
AbstractAuthenticationProvider authenticationProvider ;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("tfaOptAuthn")
|
||||
protected AbstractOtpAuthn tfaOptAuthn;
|
||||
@Qualifier("tfaOtpAuthn")
|
||||
protected AbstractOtpAuthn tfaOtpAuthn;
|
||||
|
||||
/*
|
||||
@Autowired
|
||||
@ -151,8 +151,8 @@ public class LoginEndpoint {
|
||||
modelAndView.addObject("isKerberos", applicationConfig.getLoginConfig().isKerberos());
|
||||
modelAndView.addObject("isMfa", applicationConfig.getLoginConfig().isMfa());
|
||||
if(applicationConfig.getLoginConfig().isMfa()) {
|
||||
modelAndView.addObject("optType", tfaOptAuthn.getOtpType());
|
||||
modelAndView.addObject("optInterval", tfaOptAuthn.getInterval());
|
||||
modelAndView.addObject("otpType", tfaOtpAuthn.getOtpType());
|
||||
modelAndView.addObject("otpInterval", tfaOtpAuthn.getInterval());
|
||||
}
|
||||
|
||||
if( applicationConfig.getLoginConfig().isKerberos()){
|
||||
@ -218,7 +218,7 @@ public class LoginEndpoint {
|
||||
userInfo.setUsername(username);
|
||||
UserInfo queryUserInfo=userInfoService.loadByUsername(username);//(userInfo);
|
||||
if(queryUserInfo!=null) {
|
||||
tfaOptAuthn.produce(queryUserInfo);
|
||||
tfaOtpAuthn.produce(queryUserInfo);
|
||||
return "ok";
|
||||
}
|
||||
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
strTime+=(seconds<10?"0"+seconds:seconds);
|
||||
}
|
||||
|
||||
<#if true==isMfa && "TOPT"==optType>
|
||||
<#if true==isMfa && "TOPT"==otpType>
|
||||
function currentTime(){
|
||||
seconds++;
|
||||
if(seconds>59){
|
||||
@ -85,10 +85,10 @@
|
||||
<#--timeBase Token Interval default is 30s-->
|
||||
var timeBaseCount;
|
||||
function getTimeBaseCount(){
|
||||
if(seconds<${optInterval}){
|
||||
timeBaseCount=${optInterval}-seconds;
|
||||
if(seconds<${otpInterval}){
|
||||
timeBaseCount=${otpInterval}-seconds;
|
||||
}else{
|
||||
timeBaseCount=${optInterval}-(seconds-${optInterval});
|
||||
timeBaseCount=${otpInterval}-(seconds-${otpInterval});
|
||||
}
|
||||
$("#tfa_j_otp_captcha_button").val("<@locale code="login.text.login.twofactor.validTime"/>("+timeBaseCount+")<@locale code="login.text.login.twofactor.validTime.unit"/>");
|
||||
};
|
||||
@ -125,7 +125,7 @@
|
||||
};
|
||||
|
||||
$(function(){
|
||||
<#if true==isMfa && "TOPT"==optType>
|
||||
<#if true==isMfa && "TOPT"==otpType>
|
||||
setInterval("currentTime()", 1000);
|
||||
</#if>
|
||||
<#--on captcha image click ,new a captcha code-->
|
||||
@ -298,7 +298,7 @@
|
||||
<td><input required="" class="form-control" type='password' id='tfa_j_password' name='password' value="" tabindex="2" /></td>
|
||||
</tr>
|
||||
<#if true==isMfa >
|
||||
<#if "TOPT"==optType >
|
||||
<#if "TOPT"==otpType >
|
||||
<tr>
|
||||
<td><@locale code="login.text.currenttime"/>:</td>
|
||||
<td>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user