mirror of
https://gitee.com/dromara/MaxKey.git
synced 2025-12-07 01:18:27 +08:00
Opt
This commit is contained in:
MaxKey
parent
0f19da93f4
commit
c110fee2b1
@ -47,13 +47,13 @@ allprojects {
|
|||||||
compileJava.options.encoding = 'UTF-8'
|
compileJava.options.encoding = 'UTF-8'
|
||||||
|
|
||||||
eclipse {
|
eclipse {
|
||||||
/*第一次时请注释这段eclipse设置,可能报错
|
/*第一次时请注释这段eclipse设置,可能报错*/
|
||||||
jdt {
|
jdt {
|
||||||
File f = file('.settings/org.eclipse.core.resources.prefs')
|
File f = file('.settings/org.eclipse.core.resources.prefs')
|
||||||
f.write('eclipse.preferences.version=1\n')
|
f.write('eclipse.preferences.version=1\n')
|
||||||
f.append('encoding/<project>=UTF-8') //use UTF-8
|
f.append('encoding/<project>=UTF-8') //use UTF-8
|
||||||
}
|
}
|
||||||
*/
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
wtp {
|
wtp {
|
||||||
|
|||||||
@ -52,7 +52,7 @@ public abstract class AbstractAuthenticationProvider {
|
|||||||
|
|
||||||
protected AbstractAuthenticationRealm authenticationRealm;
|
protected AbstractAuthenticationRealm authenticationRealm;
|
||||||
|
|
||||||
protected AbstractOtpAuthn tfaOptAuthn;
|
protected AbstractOtpAuthn tfaOtpAuthn;
|
||||||
|
|
||||||
protected AbstractRemeberMeService remeberMeService;
|
protected AbstractRemeberMeService remeberMeService;
|
||||||
|
|
||||||
@ -227,7 +227,7 @@ public abstract class AbstractAuthenticationProvider {
|
|||||||
validUserInfo.setSharedSecret(sharedSecret);
|
validUserInfo.setSharedSecret(sharedSecret);
|
||||||
validUserInfo.setSharedCounter(userInfo.getSharedCounter());
|
validUserInfo.setSharedCounter(userInfo.getSharedCounter());
|
||||||
validUserInfo.setId(userInfo.getId());
|
validUserInfo.setId(userInfo.getId());
|
||||||
if (otpCaptcha == null || !tfaOptAuthn.validate(validUserInfo, otpCaptcha)) {
|
if (otpCaptcha == null || !tfaOtpAuthn.validate(validUserInfo, otpCaptcha)) {
|
||||||
String message = WebContext.getI18nValue("login.error.captcha");
|
String message = WebContext.getI18nValue("login.error.captcha");
|
||||||
_logger.debug("login captcha valid error.");
|
_logger.debug("login captcha valid error.");
|
||||||
throw new BadCredentialsException(message);
|
throw new BadCredentialsException(message);
|
||||||
@ -320,8 +320,8 @@ public abstract class AbstractAuthenticationProvider {
|
|||||||
this.authenticationRealm = authenticationRealm;
|
this.authenticationRealm = authenticationRealm;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setTfaOptAuthn(AbstractOtpAuthn tfaOptAuthn) {
|
public void setTfaOtpAuthn(AbstractOtpAuthn tfaOtpAuthn) {
|
||||||
this.tfaOptAuthn = tfaOptAuthn;
|
this.tfaOtpAuthn = tfaOtpAuthn;
|
||||||
}
|
}
|
||||||
|
|
||||||
public void setRemeberMeService(AbstractRemeberMeService remeberMeService) {
|
public void setRemeberMeService(AbstractRemeberMeService remeberMeService) {
|
||||||
|
|||||||
@ -61,12 +61,12 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
|
|||||||
public RealmAuthenticationProvider(
|
public RealmAuthenticationProvider(
|
||||||
AbstractAuthenticationRealm authenticationRealm,
|
AbstractAuthenticationRealm authenticationRealm,
|
||||||
ApplicationConfig applicationConfig,
|
ApplicationConfig applicationConfig,
|
||||||
AbstractOtpAuthn tfaOptAuthn,
|
AbstractOtpAuthn tfaOtpAuthn,
|
||||||
AbstractRemeberMeService remeberMeService,
|
AbstractRemeberMeService remeberMeService,
|
||||||
OnlineTicketServices onlineTicketServices) {
|
OnlineTicketServices onlineTicketServices) {
|
||||||
this.authenticationRealm = authenticationRealm;
|
this.authenticationRealm = authenticationRealm;
|
||||||
this.applicationConfig = applicationConfig;
|
this.applicationConfig = applicationConfig;
|
||||||
this.tfaOptAuthn = tfaOptAuthn;
|
this.tfaOtpAuthn = tfaOtpAuthn;
|
||||||
this.remeberMeService = remeberMeService;
|
this.remeberMeService = remeberMeService;
|
||||||
this.onlineTicketServices = onlineTicketServices;
|
this.onlineTicketServices = onlineTicketServices;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -80,7 +80,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
|||||||
public AbstractAuthenticationProvider authenticationProvider(
|
public AbstractAuthenticationProvider authenticationProvider(
|
||||||
AbstractAuthenticationRealm authenticationRealm,
|
AbstractAuthenticationRealm authenticationRealm,
|
||||||
ApplicationConfig applicationConfig,
|
ApplicationConfig applicationConfig,
|
||||||
AbstractOtpAuthn tfaOptAuthn,
|
AbstractOtpAuthn tfaOtpAuthn,
|
||||||
AbstractRemeberMeService remeberMeService,
|
AbstractRemeberMeService remeberMeService,
|
||||||
OnlineTicketServices onlineTicketServices
|
OnlineTicketServices onlineTicketServices
|
||||||
) {
|
) {
|
||||||
@ -88,7 +88,7 @@ public class AuthenticationAutoConfiguration implements InitializingBean {
|
|||||||
return new RealmAuthenticationProvider(
|
return new RealmAuthenticationProvider(
|
||||||
authenticationRealm,
|
authenticationRealm,
|
||||||
applicationConfig,
|
applicationConfig,
|
||||||
tfaOptAuthn,
|
tfaOtpAuthn,
|
||||||
remeberMeService,
|
remeberMeService,
|
||||||
onlineTicketServices
|
onlineTicketServices
|
||||||
);
|
);
|
||||||
|
|||||||
@ -176,49 +176,49 @@ public class MaxKeyConfig implements InitializingBean {
|
|||||||
return authenticationRealm;
|
return authenticationRealm;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean(name = "tfaOptAuthn")
|
@Bean(name = "tfaOtpAuthn")
|
||||||
public TimeBasedOtpAuthn tfaOptAuthn() {
|
public TimeBasedOtpAuthn tfaOptAuthn() {
|
||||||
TimeBasedOtpAuthn tfaOptAuthn = new TimeBasedOtpAuthn();
|
TimeBasedOtpAuthn tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||||
return tfaOptAuthn;
|
return tfaOtpAuthn;
|
||||||
}
|
}
|
||||||
|
|
||||||
//default tfaOptAuthn
|
//default tfaOtpAuthn
|
||||||
@Bean(name = "tfaOptAuthn")
|
@Bean(name = "tfaOtpAuthn")
|
||||||
public AbstractOtpAuthn tfaOptAuthn(
|
public AbstractOtpAuthn tfaOptAuthn(
|
||||||
@Value("${config.login.mfa.type}")String mfaType,
|
@Value("${config.login.mfa.type}")String mfaType,
|
||||||
@Value("${config.server.persistence}") int persistence,
|
@Value("${config.server.persistence}") int persistence,
|
||||||
MailOtpAuthn tfaMailOptAuthn,
|
MailOtpAuthn tfaMailOtpAuthn,
|
||||||
RedisConnectionFactory redisConnFactory) {
|
RedisConnectionFactory redisConnFactory) {
|
||||||
|
|
||||||
AbstractOtpAuthn tfaOptAuthn = null;
|
AbstractOtpAuthn tfaOtpAuthn = null;
|
||||||
if(mfaType.equalsIgnoreCase("SmsOtpAuthnAliyun")) {
|
if(mfaType.equalsIgnoreCase("SmsOtpAuthnAliyun")) {
|
||||||
tfaOptAuthn = new SmsOtpAuthnAliyun();
|
tfaOtpAuthn = new SmsOtpAuthnAliyun();
|
||||||
_logger.debug("SmsOtpAuthnAliyun inited.");
|
_logger.debug("SmsOtpAuthnAliyun inited.");
|
||||||
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnTencentCloud")) {
|
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnTencentCloud")) {
|
||||||
tfaOptAuthn = new SmsOtpAuthnTencentCloud();
|
tfaOtpAuthn = new SmsOtpAuthnTencentCloud();
|
||||||
_logger.debug("SmsOtpAuthnTencentCloud inited.");
|
_logger.debug("SmsOtpAuthnTencentCloud inited.");
|
||||||
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnYunxin")) {
|
}else if(mfaType.equalsIgnoreCase("SmsOtpAuthnYunxin")) {
|
||||||
tfaOptAuthn = new SmsOtpAuthnYunxin();
|
tfaOtpAuthn = new SmsOtpAuthnYunxin();
|
||||||
_logger.debug("SmsOtpAuthnYunxin inited.");
|
_logger.debug("SmsOtpAuthnYunxin inited.");
|
||||||
}else if(mfaType.equalsIgnoreCase("MailOtpAuthn")) {
|
}else if(mfaType.equalsIgnoreCase("MailOtpAuthn")) {
|
||||||
tfaOptAuthn = tfaMailOptAuthn;
|
tfaOtpAuthn = tfaMailOtpAuthn;
|
||||||
_logger.debug("MailOtpAuthn inited.");
|
_logger.debug("MailOtpAuthn inited.");
|
||||||
}else {
|
}else {
|
||||||
tfaOptAuthn = new TimeBasedOtpAuthn();
|
tfaOtpAuthn = new TimeBasedOtpAuthn();
|
||||||
_logger.debug("TimeBasedOtpAuthn inited.");
|
_logger.debug("TimeBasedOtpAuthn inited.");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (persistence == ConstantsPersistence.REDIS) {
|
if (persistence == ConstantsPersistence.REDIS) {
|
||||||
RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
|
RedisOtpTokenStore redisOptTokenStore = new RedisOtpTokenStore(redisConnFactory);
|
||||||
tfaOptAuthn.setOptTokenStore(redisOptTokenStore);
|
tfaOtpAuthn.setOptTokenStore(redisOptTokenStore);
|
||||||
}
|
}
|
||||||
|
|
||||||
tfaOptAuthn.initPropertys();
|
tfaOtpAuthn.initPropertys();
|
||||||
return tfaOptAuthn;
|
return tfaOtpAuthn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean(name = "tfaMailOptAuthn")
|
@Bean(name = "tfaMailOtpAuthn")
|
||||||
public MailOtpAuthn mailOtpAuthn(
|
public MailOtpAuthn mailOtpAuthn(
|
||||||
@Value("${spring.mail.properties.mailotp.message.subject}")
|
@Value("${spring.mail.properties.mailotp.message.subject}")
|
||||||
String messageSubject,
|
String messageSubject,
|
||||||
@ -228,11 +228,11 @@ public class MaxKeyConfig implements InitializingBean {
|
|||||||
MailOtpAuthn mailOtpAuthn = new MailOtpAuthn();
|
MailOtpAuthn mailOtpAuthn = new MailOtpAuthn();
|
||||||
mailOtpAuthn.setSubject(messageSubject);
|
mailOtpAuthn.setSubject(messageSubject);
|
||||||
mailOtpAuthn.setMessageTemplate(messageTemplate);
|
mailOtpAuthn.setMessageTemplate(messageTemplate);
|
||||||
_logger.debug("tfaMailOptAuthn inited.");
|
_logger.debug("tfaMailOtpAuthn inited.");
|
||||||
return mailOtpAuthn;
|
return mailOtpAuthn;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Bean(name = "tfaMobileOptAuthn")
|
@Bean(name = "tfaMobileOtpAuthn")
|
||||||
public SmsOtpAuthn smsOtpAuthn(
|
public SmsOtpAuthn smsOtpAuthn(
|
||||||
@Value("${config.otp.sms}")String optSmsProvider,
|
@Value("${config.otp.sms}")String optSmsProvider,
|
||||||
@Value("${config.server.persistence}") int persistence,
|
@Value("${config.server.persistence}") int persistence,
|
||||||
|
|||||||
@ -62,12 +62,12 @@ public class ForgotPasswordContorller {
|
|||||||
private UserInfoService userInfoService;
|
private UserInfoService userInfoService;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
@Qualifier("tfaMailOptAuthn")
|
@Qualifier("tfaMailOtpAuthn")
|
||||||
protected AbstractOtpAuthn tfaMailOptAuthn;
|
protected AbstractOtpAuthn tfaMailOtpAuthn;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
@Qualifier("tfaMobileOptAuthn")
|
@Qualifier("tfaMobileOtpAuthn")
|
||||||
protected AbstractOtpAuthn tfaMobileOptAuthn;
|
protected AbstractOtpAuthn tfaMobileOtpAuthn;
|
||||||
|
|
||||||
|
|
||||||
@RequestMapping(value = { "/forward" })
|
@RequestMapping(value = { "/forward" })
|
||||||
@ -89,10 +89,10 @@ public class ForgotPasswordContorller {
|
|||||||
|
|
||||||
Matcher matcher = emailRegex.matcher(emailMobile);
|
Matcher matcher = emailRegex.matcher(emailMobile);
|
||||||
if (matcher.matches() && null != userInfo) {
|
if (matcher.matches() && null != userInfo) {
|
||||||
tfaMailOptAuthn.produce(userInfo);
|
tfaMailOtpAuthn.produce(userInfo);
|
||||||
forgotType = ForgotType.EMAIL;
|
forgotType = ForgotType.EMAIL;
|
||||||
}else if (null != userInfo) {
|
}else if (null != userInfo) {
|
||||||
tfaMobileOptAuthn.produce(userInfo);
|
tfaMobileOtpAuthn.produce(userInfo);
|
||||||
forgotType = ForgotType.MOBILE;
|
forgotType = ForgotType.MOBILE;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -126,8 +126,8 @@ public class ForgotPasswordContorller {
|
|||||||
userInfo.setUsername(username);
|
userInfo.setUsername(username);
|
||||||
userInfo.setPassword(password);
|
userInfo.setPassword(password);
|
||||||
userInfo.setDecipherable(password);
|
userInfo.setDecipherable(password);
|
||||||
if ((forgotType == ForgotType.EMAIL && tfaMailOptAuthn.validate(userInfo, captcha)) ||
|
if ((forgotType == ForgotType.EMAIL && tfaMailOtpAuthn.validate(userInfo, captcha)) ||
|
||||||
(forgotType == ForgotType.MOBILE && tfaMobileOptAuthn.validate(userInfo, captcha))
|
(forgotType == ForgotType.MOBILE && tfaMobileOtpAuthn.validate(userInfo, captcha))
|
||||||
) {
|
) {
|
||||||
userInfoService.changePassword(userInfo);
|
userInfoService.changePassword(userInfo);
|
||||||
modelAndView.addObject("passwordResetResult", PasswordResetResult.SUCCESS);
|
modelAndView.addObject("passwordResetResult", PasswordResetResult.SUCCESS);
|
||||||
|
|||||||
@ -92,8 +92,8 @@ public class LoginEndpoint {
|
|||||||
AbstractAuthenticationProvider authenticationProvider ;
|
AbstractAuthenticationProvider authenticationProvider ;
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
@Qualifier("tfaOptAuthn")
|
@Qualifier("tfaOtpAuthn")
|
||||||
protected AbstractOtpAuthn tfaOptAuthn;
|
protected AbstractOtpAuthn tfaOtpAuthn;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@Autowired
|
@Autowired
|
||||||
@ -151,8 +151,8 @@ public class LoginEndpoint {
|
|||||||
modelAndView.addObject("isKerberos", applicationConfig.getLoginConfig().isKerberos());
|
modelAndView.addObject("isKerberos", applicationConfig.getLoginConfig().isKerberos());
|
||||||
modelAndView.addObject("isMfa", applicationConfig.getLoginConfig().isMfa());
|
modelAndView.addObject("isMfa", applicationConfig.getLoginConfig().isMfa());
|
||||||
if(applicationConfig.getLoginConfig().isMfa()) {
|
if(applicationConfig.getLoginConfig().isMfa()) {
|
||||||
modelAndView.addObject("optType", tfaOptAuthn.getOtpType());
|
modelAndView.addObject("otpType", tfaOtpAuthn.getOtpType());
|
||||||
modelAndView.addObject("optInterval", tfaOptAuthn.getInterval());
|
modelAndView.addObject("otpInterval", tfaOtpAuthn.getInterval());
|
||||||
}
|
}
|
||||||
|
|
||||||
if( applicationConfig.getLoginConfig().isKerberos()){
|
if( applicationConfig.getLoginConfig().isKerberos()){
|
||||||
@ -218,7 +218,7 @@ public class LoginEndpoint {
|
|||||||
userInfo.setUsername(username);
|
userInfo.setUsername(username);
|
||||||
UserInfo queryUserInfo=userInfoService.loadByUsername(username);//(userInfo);
|
UserInfo queryUserInfo=userInfoService.loadByUsername(username);//(userInfo);
|
||||||
if(queryUserInfo!=null) {
|
if(queryUserInfo!=null) {
|
||||||
tfaOptAuthn.produce(queryUserInfo);
|
tfaOtpAuthn.produce(queryUserInfo);
|
||||||
return "ok";
|
return "ok";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -60,7 +60,7 @@
|
|||||||
strTime+=(seconds<10?"0"+seconds:seconds);
|
strTime+=(seconds<10?"0"+seconds:seconds);
|
||||||
}
|
}
|
||||||
|
|
||||||
<#if true==isMfa && "TOPT"==optType>
|
<#if true==isMfa && "TOPT"==otpType>
|
||||||
function currentTime(){
|
function currentTime(){
|
||||||
seconds++;
|
seconds++;
|
||||||
if(seconds>59){
|
if(seconds>59){
|
||||||
@ -85,10 +85,10 @@
|
|||||||
<#--timeBase Token Interval default is 30s-->
|
<#--timeBase Token Interval default is 30s-->
|
||||||
var timeBaseCount;
|
var timeBaseCount;
|
||||||
function getTimeBaseCount(){
|
function getTimeBaseCount(){
|
||||||
if(seconds<${optInterval}){
|
if(seconds<${otpInterval}){
|
||||||
timeBaseCount=${optInterval}-seconds;
|
timeBaseCount=${otpInterval}-seconds;
|
||||||
}else{
|
}else{
|
||||||
timeBaseCount=${optInterval}-(seconds-${optInterval});
|
timeBaseCount=${otpInterval}-(seconds-${otpInterval});
|
||||||
}
|
}
|
||||||
$("#tfa_j_otp_captcha_button").val("<@locale code="login.text.login.twofactor.validTime"/>("+timeBaseCount+")<@locale code="login.text.login.twofactor.validTime.unit"/>");
|
$("#tfa_j_otp_captcha_button").val("<@locale code="login.text.login.twofactor.validTime"/>("+timeBaseCount+")<@locale code="login.text.login.twofactor.validTime.unit"/>");
|
||||||
};
|
};
|
||||||
@ -125,7 +125,7 @@
|
|||||||
};
|
};
|
||||||
|
|
||||||
$(function(){
|
$(function(){
|
||||||
<#if true==isMfa && "TOPT"==optType>
|
<#if true==isMfa && "TOPT"==otpType>
|
||||||
setInterval("currentTime()", 1000);
|
setInterval("currentTime()", 1000);
|
||||||
</#if>
|
</#if>
|
||||||
<#--on captcha image click ,new a captcha code-->
|
<#--on captcha image click ,new a captcha code-->
|
||||||
@ -298,7 +298,7 @@
|
|||||||
<td><input required="" class="form-control" type='password' id='tfa_j_password' name='password' value="" tabindex="2" /></td>
|
<td><input required="" class="form-control" type='password' id='tfa_j_password' name='password' value="" tabindex="2" /></td>
|
||||||
</tr>
|
</tr>
|
||||||
<#if true==isMfa >
|
<#if true==isMfa >
|
||||||
<#if "TOPT"==optType >
|
<#if "TOPT"==otpType >
|
||||||
<tr>
|
<tr>
|
||||||
<td><@locale code="login.text.currenttime"/>:</td>
|
<td><@locale code="login.text.currenttime"/>:</td>
|
||||||
<td>
|
<td>
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user