From da9a0387c1d72a651451a01527dea631cac75af7 Mon Sep 17 00:00:00 2001 From: orangebabu <2409692770@qq.com> Date: Mon, 19 Aug 2024 15:18:20 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0state=E6=A0=A1=E9=AA=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../org/dromara/maxkey/authn/ScanCode.java | 11 ++++++++ .../routes/passport/login/login.component.ts | 1 + .../web/contorller/LoginEntryPoint.java | 28 ++++++++++--------- 3 files changed, 27 insertions(+), 13 deletions(-) diff --git a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java index b67dedd8e..fbc7fb8ea 100644 --- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java +++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java @@ -15,6 +15,9 @@ public class ScanCode { @NotEmpty(message = "登录方式不能为空") String authType; + @NotEmpty(message = "state不能为空") + String state; + public @NotEmpty(message = "二维码内容不能为空") String getCode() { return code; } @@ -30,4 +33,12 @@ public class ScanCode { public void setAuthType(@NotEmpty(message = "登录方式不能为空") String authType) { this.authType = authType; } + + public @NotEmpty(message = "state不能为空") String getState() { + return state; + } + + public void setState(@NotEmpty(message = "state不能为空") String state) { + this.state = state; + } } diff --git a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts index c441d5026..82e9e2756 100644 --- a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts +++ b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts @@ -332,6 +332,7 @@ export class UserLoginComponent implements OnInit, OnDestroy { this.qrCodeService.loginByQrCode({ authType: 'scancode', code: this.ticket, + state: this.state, }).subscribe(res => { if (res.code === 0) { this.qrexpire = true; diff --git a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java index 4ed3bf96e..75244a47a 100644 --- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java +++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java @@ -296,25 +296,27 @@ public class LoginEntryPoint { @Operation(summary = "web二维码登录", description = "web二维码登录", method = "POST") @PostMapping("/sign/qrcode") - public Message signByQrcode( HttpServletRequest request, - HttpServletResponse response, - @Validated @RequestBody ScanCode scanCode) { + public Message signByQrcode(@Validated @RequestBody ScanCode scanCode) { LoginCredential loginCredential = new LoginCredential(); loginCredential.setAuthType(scanCode.getAuthType()); loginCredential.setUsername(scanCode.getCode()); - try { - Authentication authentication = authenticationProvider.authenticate(loginCredential); - if (Objects.nonNull(authentication)) { - //success - AuthJwt authJwt = authTokenService.genAuthJwt(authentication); - return new Message<>(authJwt); - } else { - return new Message<>(Message.FAIL, "尚未扫码"); + if(authTokenService.validateJwtToken(scanCode.getState())){ + try { + Authentication authentication = authenticationProvider.authenticate(loginCredential); + if (Objects.nonNull(authentication)) { + //success + AuthJwt authJwt = authTokenService.genAuthJwt(authentication); + return new Message<>(authJwt); + } else { + return new Message<>(Message.FAIL, "尚未扫码"); + } + } catch (BusinessException businessException) { + return new Message<>(businessException.getCode(), businessException.getMessage()); } - } catch (BusinessException businessException) { - return new Message<>(businessException.getCode(), businessException.getMessage()); } + + return new Message<>(Message.FAIL); } @Operation(summary = "app扫描二维码", description = "扫描二维码登录", method = "POST")