feat(后台管理): 添加验证码

pom.xml

@@ -23,6 +23,7 @@
         <commons.fileupload.version>1.3.3</commons.fileupload.version>
         <commons-lang3.version>3.8.1</commons-lang3.version>
         <fastjson.version>1.2.58</fastjson.version>
+        <easy-captcha.version>1.6.2</easy-captcha.version>
         <swagger.version>2.9.2</swagger.version>
         <easypoi.version>4.1.0</easypoi.version>
         <jwt.version>3.9.0</jwt.version>
@@ -106,6 +107,12 @@
             <version>${commons.collections.version}</version>
         </dependency>
 
+        <!-- 验证码 -->
+        <dependency>
+            <groupId>com.github.whvcse</groupId>
+            <artifactId>easy-captcha</artifactId>
+            <version>${easy-captcha.version}</version>
+        </dependency>
 
         <!--文件上传工具类 -->
         <dependency>

src/main/java/com/wayn/common/base/CommonController.java

@@ -1,12 +1,17 @@
 package com.wayn.common.base;
 
+import com.wayn.common.constant.SysConstants;
 import com.wayn.common.exception.BusinessException;
+import com.wayn.common.util.IdUtil;
 import com.wayn.common.util.R;
 import com.wayn.common.util.file.FileUploadUtil;
 import com.wayn.common.util.file.FileUtils;
 import com.wayn.common.util.http.HttpUtil;
 import com.wayn.framework.config.WaynConfig;
+import com.wayn.framework.redis.RedisCache;
+import com.wf.captcha.SpecCaptcha;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -17,6 +22,7 @@ import org.springframework.web.multipart.MultipartFile;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.io.File;
+import java.util.concurrent.TimeUnit;
 
 /**
  * 通用请求处理类
@@ -28,6 +34,9 @@ import java.io.File;
 @RequestMapping("common")
 public class CommonController {
 
+    @Autowired
+    private RedisCache redisCache;
+
     /**
      * 通用下载请求
      *
@@ -99,4 +108,15 @@ public class CommonController {
         }
     }
 
+    @ResponseBody
+    @RequestMapping("/captcha")
+    public R captcha(HttpServletRequest request, HttpServletResponse response) throws Exception {
+        SpecCaptcha specCaptcha = new SpecCaptcha(100, 43, 4);
+        String verCode = specCaptcha.text().toLowerCase();
+        String key = IdUtil.getUid();
+        // 存入redis并设置过期时间为30分钟
+        redisCache.setCacheObject(key, verCode, SysConstants.CAPTCHA_EXPIRATION, TimeUnit.MINUTES);
+        // 将key和base64返回给前端
+        return R.success().add("key", key).add("image", specCaptcha.toBase64());
+    }
 }

src/main/java/com/wayn/common/constant/SysConstants.java

@@ -15,6 +15,10 @@ public class SysConstants {
      * 验证码 redis key
      */
     public static final String CAPTCHA_CODE_KEY = "captcha_codes:";
+    /**
+     * 验证码有效期（分钟）
+     */
+    public static final Integer CAPTCHA_EXPIRATION = 2;
     /**
      * 登录用户 redis key
      */

src/main/java/com/wayn/common/util/IdUtil.java

@@ -0,0 +1,10 @@
+package com.wayn.common.util;
+
+import java.util.UUID;
+
+public class IdUtil {
+
+    public static String getUid() {
+        return UUID.randomUUID().toString().replaceAll("-", "");
+    }
+}

src/main/java/com/wayn/framework/config/SecurityConfig.java

@@ -57,10 +57,9 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
                 // 过滤请求
                 .authorizeRequests()
                 // 对于登录login 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/captchaImage").anonymous()
+                .antMatchers("/login", "/common/captcha").anonymous()
                 .antMatchers("/upload/**").anonymous()
                 .antMatchers("/common/download**").anonymous()
-                .antMatchers("/common/download/resource**").anonymous()
                 .antMatchers("/swagger-ui.html").anonymous()
                 .antMatchers("/swagger-resources/**").anonymous()
                 .antMatchers("/webjars/**").anonymous()

src/main/java/com/wayn/framework/security/LoginObj.java

@@ -19,4 +19,9 @@ public class LoginObj {
      * 验证码
      */
     private String code;
+
+    /**
+     * 验证码 key
+     */
+    private String key;
 }

src/main/java/com/wayn/project/system/controller/LoginController.java

@@ -2,6 +2,7 @@ package com.wayn.project.system.controller;
 
 import com.wayn.common.constant.SysConstants;
 import com.wayn.common.util.R;
+import com.wayn.framework.redis.RedisCache;
 import com.wayn.framework.security.LoginObj;
 import com.wayn.framework.security.LoginUserDetail;
 import com.wayn.framework.security.service.LoginService;
@@ -35,12 +36,22 @@ public class LoginController {
     @Autowired
     private IMenuService iMenuService;
 
+    @Autowired
+    private RedisCache redisCache;
+
     @PostMapping("/login")
     public R login(@RequestBody LoginObj loginObj) {
-        R success = R.success();
+        // 获取redis中的验证码
+        String redisCode = redisCache.getCacheObject(loginObj.getKey());
+        // 判断验证码
+        if (loginObj.getCode() == null || !redisCode.equals(loginObj.getCode().trim().toLowerCase())) {
+            return R.error("验证码不正确");
+        }
+        // 删除验证码
+        redisCache.deleteObject(loginObj.getKey());
         // 生成令牌
         String token = loginService.login(loginObj.getUsername(), loginObj.getPassword(), loginObj.getCode());
-        return success.add(SysConstants.TOKEN, token);
+        return R.success().add(SysConstants.TOKEN, token);
     }
 
     @GetMapping("/getInfo")