Merge pull request #233 from orangebabu/main

app登录+二维码登录

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java

@@ -1,15 +1,18 @@
 package org.dromara.maxkey.authn.provider.impl;
 
 import org.dromara.maxkey.authn.LoginCredential;
+import org.dromara.maxkey.authn.jwt.AuthTokenService;
 import org.dromara.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.dromara.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.dromara.maxkey.authn.session.SessionManager;
+import org.dromara.maxkey.configuration.ApplicationConfig;
 import org.dromara.maxkey.constants.ConstsLoginType;
 import org.dromara.maxkey.entity.idm.UserInfo;
 import org.dromara.maxkey.web.WebConstants;
 import org.dromara.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -28,9 +31,13 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
     public AppAuthenticationProvider(
             AbstractAuthenticationRealm authenticationRealm,
-            SessionManager sessionManager) {
+            ApplicationConfig applicationConfig,
+            SessionManager sessionManager,
+            AuthTokenService authTokenService) {
         this.authenticationRealm = authenticationRealm;
+        this.applicationConfig = applicationConfig;
         this.sessionManager = sessionManager;
+        this.authTokenService = authTokenService;
     }
 
 
@@ -48,6 +55,9 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
             _logger.debug("authentication {}", loginCredential);
 
+            if(this.applicationConfig.getLoginConfig().isCaptcha()) {
+                captchaValid(loginCredential.getState(),loginCredential.getCaptcha());
+            }
 
             emptyPasswordValid(loginCredential.getPassword());
 
@@ -93,4 +103,11 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {
 
         return authenticationToken;
     }
+
+    protected void captchaValid(String state ,String captcha) {
+        // for basic
+        if(!authTokenService.validateCaptcha(state,captcha)) {
+            throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha"));
+        }
+    }
 }

maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java

@@ -91,11 +91,15 @@ public class AuthnProviderAutoConfiguration {
 	@Bean
 	public AppAuthenticationProvider appAuthenticationProvider(
 			AbstractAuthenticationRealm authenticationRealm,
-			SessionManager sessionManager
+			ApplicationConfig applicationConfig,
+			SessionManager sessionManager,
+			AuthTokenService authTokenService
 	) {
 		return new AppAuthenticationProvider(
 				authenticationRealm,
-				sessionManager
+				applicationConfig,
+				sessionManager,
+				authTokenService
 		);
 	}
 

maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts

@@ -102,6 +102,13 @@ export class UserLoginComponent implements OnInit, OnDestroy {
 
     //init socials,state
     this.authnService.clear();
+
+    this.get();
+
+    this.cdr.detectChanges();
+  }
+
+  get() {
     this.authnService
       .get({ remember_me: localStorage.getItem(CONSTS.REMEMBER) })
       .pipe(
@@ -141,7 +148,6 @@ export class UserLoginComponent implements OnInit, OnDestroy {
           }
         }
       });
-    this.cdr.detectChanges();
   }
 
   congressLogin(congress: string) {
@@ -343,6 +349,8 @@ export class UserLoginComponent implements OnInit, OnDestroy {
           this.authnService.navigate({});
         } else if (res.code === 20004) {
           this.qrexpire = true;
+        } else if (res.code === 20005) {
+          this.get()
         }
 
         // Handle response here

maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java

@@ -314,9 +314,9 @@ public class LoginEntryPoint {
 			} catch (BusinessException businessException) {
 				return new Message<>(businessException.getCode(), businessException.getMessage());
 			}
+		} else {
+			return new Message<>(20005, "state失效重新获取");
 		}
-
-		return new Message<>(Message.FAIL);
 	}
 
 	@Operation(summary = "app扫描二维码", description = "扫描二维码登录", method = "POST")