优化登录验证码校验

4 years ago · ed11467bd1
parent f493308d6d
commit ed11467bd1
3 changed files with 19 additions and 15 deletions
--- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/msg/TokenMsg.java
+++ b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/msg/TokenMsg.java
@ -36,7 +36,10 @@ public enum TokenMsg implements BaseMsg {
    /**
     * 登陆
     */
-    EXCEPTION_LOGIN_CAPTCHA(12100,"验证码不正确！"),
+    EXCEPTION_CAPTCHA_ERROR(12100,"验证码不正确！"),
+    EXCEPTION_CAPTCHA_NULL(12201, "验证码已失效"),
+    EXCEPTION_CAPTCHA_UUID_NULL(12202, "验证码UUID为空"),
+    EXCEPTION_CAPTCHA_CODE_NULL(12203, "验证码为空"),
    EXCEPTION_LOGIN_ACCOUNT_NO(12101,"账号或密码不正确！"),
    EXCEPTION_LOGIN_ACCOUNT_LOCKED(12102,"账号已被锁定,请联系管理员！"),
    EXCEPTION_LOGOUT_ERROR(12103,"登出失败，没有授权Token！"),
@ -49,8 +52,7 @@ public enum TokenMsg implements BaseMsg {
     * 其他
     */
    EXCEPTION_USER_NULL(12200, "用户为空"),
-    EXCEPTION_CAPTCHA_NULL(12201, "验证码已失效"),
-    EXCEPTION_NOT_AUTH(12202, "无权访问该方法"),
+    EXCEPTION_NOT_AUTH(12204, "无权访问该方法"),
    ;

    private final int code;
--- a/opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CaptchaUtil.java
+++ b/opsli-base-support/opsli-core/src/main/java/org/opsli/core/utils/CaptchaUtil.java
@ -89,22 +89,28 @@ public class CaptchaUtil{
     * @param code
     * @return
     */
-    public static boolean validate(String uuid, String code) {
+    public static void validate(String uuid, String code) {
+        // 判断UUID 是否为空
        if(StringUtils.isEmpty(uuid)){
-            return false;
+            throw new TokenException(TokenMsg.EXCEPTION_CAPTCHA_UUID_NULL);
+        }
+
+        // 判断 验证码是否为空
+        if(StringUtils.isEmpty(code)){
+            throw new TokenException(TokenMsg.EXCEPTION_CAPTCHA_CODE_NULL);
        }

        // 验证码
        String codeTemp = (String) redisPlugin.get(PREFIX_NAME + PREFIX + uuid);
-
        if(StringUtils.isEmpty(codeTemp)){
            throw new TokenException(TokenMsg.EXCEPTION_CAPTCHA_NULL);
        }

-        // 删除验证码
-        //redisPlugin.del(PREFIX_NAME + PREFIX + uuid);
-
-        return codeTemp.equalsIgnoreCase(code);
+        // 验证 验证码是否正确
+        boolean captchaFlag = codeTemp.equalsIgnoreCase(code);
+        if(!captchaFlag){
+            throw new TokenException(TokenMsg.EXCEPTION_CAPTCHA_ERROR);
+        }
    }


--- a/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/web/LoginRestController.java
+++ b/opsli-modulars/opsli-modulars-system/src/main/java/org/opsli/modulars/system/login/web/LoginRestController.java
@ -89,11 +89,7 @@ public class LoginRestController {

        // 失败次数超过 验证次数阈值 开启验证码验证
        if(slipCount >= UserTokenUtil.ACCOUNT_SLIP_VERIFY_COUNT){
-            boolean captcha = CaptchaUtil.validate(form.getUuid(), form.getCaptcha());
-            // 验证码不正确
-            if(!captcha){
-                throw new TokenException(TokenMsg.EXCEPTION_LOGIN_CAPTCHA);
-            }
+            CaptchaUtil.validate(form.getUuid(), form.getCaptcha());
        }

        // 用户信息