manager验证码修改

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/interceptor/JWTInterceptor.java

@@ -1,8 +1,8 @@
 package com.huimv.manager.interceptor;
 
+import com.huimv.manager.enums.AdminTypeEnum;
 import com.huimv.manager.modular.entity.MobileUser;
 import com.huimv.manager.modular.service.MobileUserService;
-import com.huimv.manager.result.R;
 import com.huimv.manager.util.JwtUtils;
 import io.jsonwebtoken.Claims;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -54,9 +54,14 @@ public class JWTInterceptor implements HandlerInterceptor {
             return false;
         }
 
+        if (!mobileUser.getGrantClass().equals(AdminTypeEnum.ADMIN.getCode())) {
+            response.sendError(401,"你不是管理员,不能进行该操作!");
+            return false;
+        }
+
         int result = JwtUtils.verifyToken(claims);
         if (result >= 1) {
-            response.sendError(40101,"token已失效或被篡改,请重新登录!");
+            response.sendError(40101,"token已失效,请重新登录!");
             return false;
         }
         if (result == -1) {

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/modular/controller/CaptchaController.java

@@ -1,13 +1,20 @@
 package com.huimv.manager.modular.controller;
 
-import cn.dustlight.captcha.annotations.CodeValue;
-import cn.dustlight.captcha.annotations.SendCode;
+
+import com.huimv.manager.exception.RRException;
+import com.huimv.manager.util.VerifyUtil;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.util.concurrent.TimeUnit;
+
 /**
  * <p>
  * 验证码前端控制器
@@ -21,9 +28,37 @@ import org.springframework.web.bind.annotation.RestController;
 @Slf4j
 public class CaptchaController {
 
+    @Autowired
+    private RedisTemplate<String, String> redisTemplate;
+
+//    @GetMapping("/send")
+//    @SendCode
+    public void getCaptcha(HttpServletRequest request) {
+
+
+//        log.info(code);
+        String remoteHost = request.getRemoteHost();
+    }
+
     @GetMapping("/send")
-    @SendCode()
-    public void getCaptcha(@CodeValue String code){
-        log.info(code);
+    public void createImg(HttpServletRequest request, HttpServletResponse response)  {
+        try {
+            //设置响应类型,告诉浏览器输出的内容为图片
+            response.setContentType("image/jpeg");
+            //设置响应头信息，告诉浏览器不要缓存此内容
+            response.setHeader("Pragma", "No-cache");
+            response.setHeader("Cache-Control", "no-cache");
+            response.setDateHeader("Expire", 0);
+            VerifyUtil randomValidateCode = new VerifyUtil();
+            //输出验证码图片
+            String code = randomValidateCode.getRandcode(request, response);
+            log.info(code);
+            //将生成的随机验证码存放到redis中
+            String remoteHost = request.getRemoteHost();
+            redisTemplate.opsForValue().set(remoteHost,code,300, TimeUnit.SECONDS);
+        } catch (Exception e) {
+            log.error("获取验证码异常:",e);
+            throw new RRException("获取验证码失败!");
+        }
     }
 }

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/modular/controller/MobileUserLoginController.java

@@ -2,15 +2,18 @@ package com.huimv.manager.modular.controller;
 
 import cn.dustlight.captcha.annotations.CodeValue;
 import cn.dustlight.captcha.annotations.VerifyCode;
-import com.huimv.manager.modular.entity.param.LoginParam;
 import com.huimv.manager.modular.service.MobileUserService;
 import com.huimv.manager.result.R;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import javax.servlet.http.HttpServletRequest;
+
 /**
  * @Author yinhao
  * @Date 2021/4/19 12:18
@@ -22,12 +25,27 @@ import org.springframework.web.bind.annotation.RestController;
 public class MobileUserLoginController {
 
     @Autowired
+    private RedisTemplate<String, String> redisTemplate;
+
+    @Autowired
     private MobileUserService mobileUserService;
 
     @PostMapping("/login")
-    @VerifyCode
-    public R login(LoginParam loginParam,@CodeValue String code) {
+//    @VerifyCode
+    public R login(@RequestParam(name = "account") String account,
+                   @RequestParam(name = "password") String password,
+                   @RequestParam(name = "code") String code,
+                   HttpServletRequest request) {
+
+        String remoteHost = request.getRemoteHost();
+        String redisCode = redisTemplate.opsForValue().get(remoteHost);
+        if (redisCode == null) {
+            return R.error("验证码已过期,请点击刷新!");
+        }
+        if (!redisCode.equals(code.toUpperCase())) {
+            return R.error("验证码错误!");
+        }
         log.info(code);
-        return mobileUserService.login(loginParam,code);
+        return mobileUserService.login(account, password, code);
     }
 }

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/modular/service/MobileUserService.java

@@ -12,11 +12,11 @@ import com.huimv.manager.result.R;
 public interface MobileUserService {
     /**
      * 登录
-     * @param loginParam
+     * @param
      * @param code
      * @return
      */
-    R login(LoginParam loginParam, String code);
+    R login(String account,String password, String code);
 
     /**
      * 根据id查询用户

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/modular/service/impl/MobileUserServiceImpl.java

@@ -30,13 +30,13 @@ public class MobileUserServiceImpl implements MobileUserService {
     private MobileUserRepository mobileUserRepository;
 
     @Override
-    public R login(LoginParam loginParam, String code) {
-        String account = loginParam.getAccount();
-        String password = loginParam.getPassword();
+    public R login(String account, String password, String code) {
+//        String account = loginParam.getAccount();
+//        String password = loginParam.getPassword();
         if (StringUtils.isEmpty(code)) {
             throw new AuthException(AuthExceptionEnum.CONSTANT_EMPTY_ERROR);
         }
-        if (ObjectUtil.hasEmpty(account,password)) {
+        if (ObjectUtil.hasEmpty(account, password)) {
             throw new AuthException(AuthExceptionEnum.ACCOUNT_PWD_EMPTY);
         }
 
@@ -46,7 +46,7 @@ public class MobileUserServiceImpl implements MobileUserService {
         }
 
         if (!mobileUser.getGrantClass().equals(AdminTypeEnum.ADMIN.getCode())) {
-            throw new RRException("对不起,你不是管理员,不能登录此系统!",401);
+            throw new RRException("对不起,你不是管理员,不能登录此系统!", 401);
         }
 
         String inputPwdMd5 = DigestUtils.md5DigestAsHex(password.getBytes());
@@ -54,9 +54,9 @@ public class MobileUserServiceImpl implements MobileUserService {
             throw new AuthException(AuthExceptionEnum.ACCOUNT_PWD_ERROR);
         }
 
-        String token =  JwtUtils.getJwtToken(mobileUser.getId());
+        String token = JwtUtils.getJwtToken(mobileUser.getId());
         mobileUser.setPassword("");
-        return Objects.requireNonNull(R.ok().put("token", token)).put("mobileUser",mobileUser);
+        return Objects.requireNonNull(R.ok().put("token", token)).put("mobileUser", mobileUser);
     }
 
     @Override

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/result/R.java

@@ -14,7 +14,7 @@ public class R extends HashMap<String, Object> {
 	private static final long serialVersionUID = 1L;
 	
 	public R() {
-		put("code", 0);
+		put("code", 10000);
 		put("msg", "success");
 	}
 	

huimv-mobile-video/huimv-manager/src/main/java/com/huimv/manager/util/VerifyUtil.java

@@ -0,0 +1,121 @@
+package com.huimv.manager.util;
+
+import com.huimv.manager.exception.RRException;
+
+import javax.imageio.ImageIO;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.awt.Color;
+import java.awt.Font;
+import java.awt.Graphics;
+import java.awt.image.BufferedImage;
+import java.util.Random;
+ 
+ 
+public class VerifyUtil {
+//    public static final String RANDOMCODEKEY = "RANDOMREDISKEY";//放到session中的key
+    private String randString = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";//随机产生数字与字母组合的字符串
+    private int width = 95;// 图片宽
+    private int height = 25;// 图片高
+    private int lineSize = 40;// 干扰线数量
+    private int stringNum = 4;// 随机产生字符数量
+
+    private Random random = new Random();
+
+    /**
+     * 获得字体
+     */
+    private Font getFont() {
+        return new Font("Fixedsys", Font.CENTER_BASELINE, 18);
+    }
+
+    /**
+     * 获得颜色
+     */
+    private Color getRandColor(int fc, int bc) {
+        if (fc > 255) {
+            fc = 255;
+        }
+        if (bc > 255) {
+            bc = 255;
+        }
+        int r = fc + random.nextInt(bc - fc - 16);
+        int g = fc + random.nextInt(bc - fc - 14);
+        int b = fc + random.nextInt(bc - fc - 18);
+        return new Color(r, g, b);
+    }
+
+    /**
+     * 生成随机图片
+     */
+    public String getRandcode(HttpServletRequest request, HttpServletResponse response) {
+        // BufferedImage类是具有缓冲区的Image类,Image类是用于描述图像信息的类
+        BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_BGR);
+        // 产生Image对象的Graphics对象,改对象可以在图像上进行各种绘制操作
+        Graphics g = image.getGraphics();
+        //图片大小
+        g.fillRect(0, 0, width, height);
+        //字体大小
+        g.setFont(new Font("Times New Roman", Font.ROMAN_BASELINE, 18));
+        //字体颜色
+        g.setColor(getRandColor(110, 133));
+        // 绘制干扰线
+        for (int i = 0; i <= lineSize; i++) {
+            drowLine(g);
+        }
+        // 绘制随机字符
+        String randomString = "";
+        for (int i = 1; i <= stringNum; i++) {
+            randomString = drowString(g, randomString, i);
+        }
+        //将生成的随机字符串保存到session中
+//        session.removeAttribute(RANDOMCODEKEY);
+//        session.setAttribute(RANDOMCODEKEY, randomString);
+        //设置失效时间1分钟
+//        session.setMaxInactiveInterval(60);
+        g.dispose();
+        try {
+            // 将内存中的图片通过流动形式输出到客户端
+            ImageIO.write(image, "JPEG", response.getOutputStream());
+            return randomString;
+        } catch (Exception e) {
+            throw new RRException("获取验证码失败!");
+        }
+
+    }
+
+    /**
+     * 绘制字符串
+     */
+    private String drowString(Graphics g, String randomString, int i) {
+        g.setFont(getFont());
+        g.setColor(new Color(random.nextInt(101), random.nextInt(111), random
+                .nextInt(121)));
+        String rand = String.valueOf(getRandomString(random.nextInt(randString
+                .length())));
+        randomString += rand;
+        g.translate(random.nextInt(3), random.nextInt(3));
+        g.drawString(rand, 13 * i, 16);
+        return randomString;
+    }
+
+    /**
+     * 绘制干扰线
+     */
+    private void drowLine(Graphics g) {
+        int x = random.nextInt(width);
+        int y = random.nextInt(height);
+        int xl = random.nextInt(13);
+        int yl = random.nextInt(15);
+        g.drawLine(x, y, x + xl, y + yl);
+    }
+
+    /**
+     * 获取随机的字符
+     */
+    public String getRandomString(int num) {
+        return String.valueOf(randString.charAt(num));
+    }
+}
+ 

huimv-mobile-video/huimv-manager/src/main/resources/application-dev.yml

@@ -18,14 +18,14 @@ spring:
     open-in-view: true
 
  # 验证码
-dustlight:
-  captcha:
-    default:
-      store:
-        name: "redisCodeStore"
-    store:
-      redis:
-        key-prefix: "CAPTCHA_CODE"
+#dustlight:
+#  captcha:
+#    default:
+#      store:
+#        name: "redisCodeStore"
+#    store:
+#      redis:
+#        key-prefix: "CAPTCHA_CODE"
 
     #  redis:
 #    database: 0