8 сар өмнө · da9a0387c1
--- a/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java
+++ b/maxkey-authentications/maxkey-authentication-core/src/main/java/org/dromara/maxkey/authn/ScanCode.java
@@ -15,6 +15,9 @@ public class ScanCode {
 
				     @NotEmpty(message = "登录方式不能为空")
			
 
				     String authType;
			
 
				 
			
 
				+    @NotEmpty(message = "state不能为空")
			
 
				+    String state;
			
 
				+
			
 
				     public @NotEmpty(message = "二维码内容不能为空") String getCode() {
			
 
				         return code;
			
 
				     }
			
@@ -30,4 +33,12 @@ public class ScanCode {
 
				     public void setAuthType(@NotEmpty(message = "登录方式不能为空") String authType) {
			
 
				         this.authType = authType;
			
 
				     }
			
 
				+
			
 
				+    public @NotEmpty(message = "state不能为空") String getState() {
			
 
				+        return state;
			
 
				+    }
			
 
				+
			
 
				+    public void setState(@NotEmpty(message = "state不能为空") String state) {
			
 
				+        this.state = state;
			
 
				+    }
			
 
				 }
			
--- a/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts
+++ b/maxkey-web-frontend/maxkey-web-app/src/app/routes/passport/login/login.component.ts
@@ -332,6 +332,7 @@ export class UserLoginComponent implements OnInit, OnDestroy {
 
				       this.qrCodeService.loginByQrCode({
			
 
				         authType: 'scancode',
			
 
				         code: this.ticket,
			
 
				+        state: this.state,
			
 
				       }).subscribe(res => {
			
 
				         if (res.code === 0) {
			
 
				           this.qrexpire = true;
			
--- a/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java
+++ b/maxkey-webs/maxkey-web-maxkey/src/main/java/org/dromara/maxkey/web/contorller/LoginEntryPoint.java
@@ -296,25 +296,27 @@ public class LoginEntryPoint {
 
				 
			
 
				 	@Operation(summary = "web二维码登录", description = "web二维码登录", method = "POST")
			
 
				 	@PostMapping("/sign/qrcode")
			
 
				-	public Message<AuthJwt> signByQrcode( HttpServletRequest request,
			
 
				-										  HttpServletResponse response,
			
 
				-										  @Validated @RequestBody ScanCode scanCode) {
			
 
				+	public Message<AuthJwt> signByQrcode(@Validated @RequestBody ScanCode scanCode) {
			
 
				 		LoginCredential loginCredential = new LoginCredential();
			
 
				 		loginCredential.setAuthType(scanCode.getAuthType());
			
 
				 		loginCredential.setUsername(scanCode.getCode());
			
 
				 
			
 
				-		try {
			
 
				-			Authentication authentication = authenticationProvider.authenticate(loginCredential);
			
 
				-			if (Objects.nonNull(authentication)) {
			
 
				-				//success
			
 
				-				AuthJwt authJwt = authTokenService.genAuthJwt(authentication);
			
 
				-				return new Message<>(authJwt);
			
 
				-			} else {
			
 
				-				return new Message<>(Message.FAIL, "尚未扫码");
			
 
				+		if(authTokenService.validateJwtToken(scanCode.getState())){
			
 
				+			try {
			
 
				+				Authentication authentication = authenticationProvider.authenticate(loginCredential);
			
 
				+				if (Objects.nonNull(authentication)) {
			
 
				+					//success
			
 
				+					AuthJwt authJwt = authTokenService.genAuthJwt(authentication);
			
 
				+					return new Message<>(authJwt);
			
 
				+				} else {
			
 
				+					return new Message<>(Message.FAIL, "尚未扫码");
			
 
				+				}
			
 
				+			} catch (BusinessException businessException) {
			
 
				+				return new Message<>(businessException.getCode(), businessException.getMessage());
			
 
				 			}
			
 
				-		} catch (BusinessException businessException) {
			
 
				-			return new Message<>(businessException.getCode(), businessException.getMessage());
			
 
				 		}
			
 
				+
			
 
				+		return new Message<>(Message.FAIL);
			
 
				 	}
			
 
				 
			
 
				 	@Operation(summary = "app扫描二维码", description = "扫描二维码登录", method = "POST")