Browse Source

补充登陆鉴权逻辑

tags/24080901
niohe·erbao 1 year ago
parent
commit
d3c3819c44
5 changed files with 44 additions and 1 deletions
  1. +1
    -0
      pmapi/src/main/java/com/ningdatech/pmapi/sms/helper/VerifyCodeCheckHelper.java
  2. +24
    -1
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthProvider.java
  3. +9
    -0
      pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java
  4. +5
    -0
      pmapi/src/main/resources/application-dev.yml
  5. +5
    -0
      pmapi/src/main/resources/application-prod.yml

+ 1
- 0
pmapi/src/main/java/com/ningdatech/pmapi/sms/helper/VerifyCodeCheckHelper.java View File

@@ -40,4 +40,5 @@ public class VerifyCodeCheckHelper {
return verificationCode.trim().equals(cache.getCode());
}


}

+ 24
- 1
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthProvider.java View File

@@ -1,8 +1,11 @@
package com.ningdatech.pmapi.user.security.auth.credential;

import com.ningdatech.basic.model.GenericResult;
import com.ningdatech.pmapi.sms.constant.VerificationCodeType;
import com.ningdatech.pmapi.sms.helper.VerifyCodeCheckHelper;
import com.ningdatech.pmapi.user.constant.LoginTypeEnum;
import com.ningdatech.pmapi.user.security.auth.constants.UserDeatilsServiceConstant;
import com.ningdatech.pmapi.user.security.auth.validate.CommonLoginException;
import com.ningdatech.zwdd.client.ZwddAuthClient;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
@@ -27,6 +30,11 @@ public class CredentialAuthProvider implements AuthenticationProvider {

private ZwddAuthClient zwddAuthClient;

private Boolean phoneVerifyCodeSkip;

private VerifyCodeCheckHelper verifyCodeCheckHelper;


@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (!(authentication instanceof CredentialAuthToken)) {
@@ -37,6 +45,7 @@ public class CredentialAuthProvider implements AuthenticationProvider {

UserDetails user = null;
LoginTypeEnum loginTypeEnum = authenticationToken.getLoginTypeEnum();
String credentials = (String) authenticationToken.getCredentials();
switch (loginTypeEnum) {
case DING_QR_LOGIN: {
String code = (String) authenticationToken.getCredentials();
@@ -52,7 +61,13 @@ public class CredentialAuthProvider implements AuthenticationProvider {
}
break;
case PHONE_VERIFICATION_CODE_LOGIN: {
// TODO 校验短信验证码
if (!phoneVerifyCodeSkip) {
// 校验短信验证码
boolean verificationResult = verifyCodeCheckHelper.verification(VerificationCodeType.LOGIN, principal, credentials);
if (!verificationResult) {
throw new CommonLoginException("验证码错误");
}
}
user = userDetailsService.loadUserByUsername(principal + UserDeatilsServiceConstant.USER_DETAILS_SERVICE_SEPARATOR + loginTypeEnum.name());
}
break;
@@ -95,4 +110,12 @@ public class CredentialAuthProvider implements AuthenticationProvider {
this.zwddAuthClient = zwddAuthClient;
}

public void setVerifyCodeCheckHelper(VerifyCodeCheckHelper verifyCodeCheckHelper) {
this.verifyCodeCheckHelper = verifyCodeCheckHelper;
}

public void setPhoneVerifyCodeSkip(Boolean phoneVerifyCodeSkip) {
this.phoneVerifyCodeSkip = phoneVerifyCodeSkip;
}

}

+ 9
- 0
pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java View File

@@ -1,9 +1,11 @@
package com.ningdatech.pmapi.user.security.auth.credential;

import com.ningdatech.pmapi.sms.helper.VerifyCodeCheckHelper;
import com.ningdatech.pmapi.user.security.auth.AuthProperties;
import com.ningdatech.zwdd.client.ZwddAuthClient;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -21,6 +23,8 @@ import org.springframework.stereotype.Component;
@Component
public class CredentialAuthSecurityConfig
extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
@Value("${login.phone-verify-code.skip:false}")
private Boolean skipLoginVerifyCodeCheck;

@Autowired
@Qualifier(value = "defaultLoginSuccessHandler")
@@ -45,6 +49,9 @@ public class CredentialAuthSecurityConfig
@Autowired
private ZwddAuthClient zwddAuthClient;

@Autowired
private VerifyCodeCheckHelper verifyCodeCheckHelper;

@Override
public void configure(HttpSecurity http) throws Exception {
CredentialAuthFilter credentialAuthFilter =
@@ -55,11 +62,13 @@ public class CredentialAuthSecurityConfig
credentialAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler);

CredentialAuthProvider authenticationProvider = new CredentialAuthProvider();
authenticationProvider.setPhoneVerifyCodeSkip(skipLoginVerifyCodeCheck);
authenticationProvider.setUserDetailsService(credentialLoginUserDetailService);
// 确保对密码进行加密的encoder和解密的encoder相同
authenticationProvider.setPasswordEncoder(passwordEncoder);
// 传入浙政钉client
authenticationProvider.setZwddAuthClient(zwddAuthClient);
authenticationProvider.setVerifyCodeCheckHelper(verifyCodeCheckHelper);

http.authenticationProvider(authenticationProvider).addFilterAfter(credentialAuthFilter,
UsernamePasswordAuthenticationFilter.class);


+ 5
- 0
pmapi/src/main/resources/application-dev.yml View File

@@ -208,3 +208,8 @@ irs:
access-key: 3
secret-key: 4
api-url: https://ibcdsg.zj.gov.cn:8443/restapi/prod/IC33000020220309000004/seal-platform/seal/v1/rest/sign/signPdf

login:
phone-verify-code:
skip: true


+ 5
- 0
pmapi/src/main/resources/application-prod.yml View File

@@ -213,3 +213,8 @@ irs:
access-key: 3
secret-key: 4
api-url: https://ibcdsg.zj.gov.cn:8443/restapi/prod/IC33000020220309000004/seal-platform/seal/v1/rest/sign/signPdf

login:
phone-verify-code:
skip: true


Loading…
Cancel
Save