补充登陆鉴权逻辑

pmapi/src/main/java/com/ningdatech/pmapi/sms/helper/VerifyCodeCheckHelper.java

@@ -40,4 +40,5 @@ public class VerifyCodeCheckHelper {
         return verificationCode.trim().equals(cache.getCode());
     }
 
+
 }

pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthProvider.java

@@ -1,8 +1,11 @@
 package com.ningdatech.pmapi.user.security.auth.credential;
 
 import com.ningdatech.basic.model.GenericResult;
+import com.ningdatech.pmapi.sms.constant.VerificationCodeType;
+import com.ningdatech.pmapi.sms.helper.VerifyCodeCheckHelper;
 import com.ningdatech.pmapi.user.constant.LoginTypeEnum;
 import com.ningdatech.pmapi.user.security.auth.constants.UserDeatilsServiceConstant;
+import com.ningdatech.pmapi.user.security.auth.validate.CommonLoginException;
 import com.ningdatech.zwdd.client.ZwddAuthClient;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.BadCredentialsException;
@@ -27,6 +30,11 @@ public class CredentialAuthProvider implements AuthenticationProvider {
 
     private ZwddAuthClient zwddAuthClient;
 
+    private Boolean phoneVerifyCodeSkip;
+
+    private VerifyCodeCheckHelper verifyCodeCheckHelper;
+
+
     @Override
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
         if (!(authentication instanceof CredentialAuthToken)) {
@@ -37,6 +45,7 @@ public class CredentialAuthProvider implements AuthenticationProvider {
 
         UserDetails user = null;
         LoginTypeEnum loginTypeEnum = authenticationToken.getLoginTypeEnum();
+        String credentials = (String) authenticationToken.getCredentials();
         switch (loginTypeEnum) {
             case DING_QR_LOGIN: {
                 String code = (String) authenticationToken.getCredentials();
@@ -52,7 +61,13 @@ public class CredentialAuthProvider implements AuthenticationProvider {
             }
             break;
             case PHONE_VERIFICATION_CODE_LOGIN: {
-                // TODO 校验短信验证码
+                if (!phoneVerifyCodeSkip) {
+                    // 校验短信验证码
+                    boolean verificationResult = verifyCodeCheckHelper.verification(VerificationCodeType.LOGIN, principal, credentials);
+                    if (!verificationResult) {
+                        throw new CommonLoginException("验证码错误");
+                    }
+                }
                 user = userDetailsService.loadUserByUsername(principal + UserDeatilsServiceConstant.USER_DETAILS_SERVICE_SEPARATOR + loginTypeEnum.name());
             }
             break;
@@ -95,4 +110,12 @@ public class CredentialAuthProvider implements AuthenticationProvider {
         this.zwddAuthClient = zwddAuthClient;
     }
 
+    public void setVerifyCodeCheckHelper(VerifyCodeCheckHelper verifyCodeCheckHelper) {
+        this.verifyCodeCheckHelper = verifyCodeCheckHelper;
+    }
+
+    public void setPhoneVerifyCodeSkip(Boolean phoneVerifyCodeSkip) {
+        this.phoneVerifyCodeSkip = phoneVerifyCodeSkip;
+    }
+
 }

pmapi/src/main/java/com/ningdatech/pmapi/user/security/auth/credential/CredentialAuthSecurityConfig.java

@@ -1,9 +1,11 @@
 package com.ningdatech.pmapi.user.security.auth.credential;
 
+import com.ningdatech.pmapi.sms.helper.VerifyCodeCheckHelper;
 import com.ningdatech.pmapi.user.security.auth.AuthProperties;
 import com.ningdatech.zwdd.client.ZwddAuthClient;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.annotation.SecurityConfigurerAdapter;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -21,6 +23,8 @@ import org.springframework.stereotype.Component;
 @Component
 public class CredentialAuthSecurityConfig
         extends SecurityConfigurerAdapter<DefaultSecurityFilterChain, HttpSecurity> {
+    @Value("${login.phone-verify-code.skip:false}")
+    private Boolean skipLoginVerifyCodeCheck;
 
     @Autowired
     @Qualifier(value = "defaultLoginSuccessHandler")
@@ -45,6 +49,9 @@ public class CredentialAuthSecurityConfig
     @Autowired
     private ZwddAuthClient zwddAuthClient;
 
+    @Autowired
+    private VerifyCodeCheckHelper verifyCodeCheckHelper;
+
     @Override
     public void configure(HttpSecurity http) throws Exception {
         CredentialAuthFilter credentialAuthFilter =
@@ -55,11 +62,13 @@ public class CredentialAuthSecurityConfig
         credentialAuthFilter.setAuthenticationFailureHandler(defaultLoginFailureHandler);
 
         CredentialAuthProvider authenticationProvider = new CredentialAuthProvider();
+        authenticationProvider.setPhoneVerifyCodeSkip(skipLoginVerifyCodeCheck);
         authenticationProvider.setUserDetailsService(credentialLoginUserDetailService);
         // 确保对密码进行加密的encoder和解密的encoder相同
         authenticationProvider.setPasswordEncoder(passwordEncoder);
         // 传入浙政钉client
         authenticationProvider.setZwddAuthClient(zwddAuthClient);
+        authenticationProvider.setVerifyCodeCheckHelper(verifyCodeCheckHelper);
 
         http.authenticationProvider(authenticationProvider).addFilterAfter(credentialAuthFilter,
                 UsernamePasswordAuthenticationFilter.class);

pmapi/src/main/resources/application-dev.yml

@@ -208,3 +208,8 @@ irs:
     access-key: 3
     secret-key: 4
     api-url: https://ibcdsg.zj.gov.cn:8443/restapi/prod/IC33000020220309000004/seal-platform/seal/v1/rest/sign/signPdf
+
+login:
+  phone-verify-code:
+    skip: true
+

pmapi/src/main/resources/application-prod.yml

@@ -213,3 +213,8 @@ irs:
     access-key: 3
     secret-key: 4
     api-url: https://ibcdsg.zj.gov.cn:8443/restapi/prod/IC33000020220309000004/seal-platform/seal/v1/rest/sign/signPdf
+
+login:
+  phone-verify-code:
+    skip: true
+