hackdou
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 4 deletions b/‎.gitignore‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎log/2024-05-17/debug.log‎ b/‎log/2024-05-17/debug.log‎
diff --git a/‎log/2024-05-17/error.log‎ b/‎log/2024-05-17/error.log‎
diff --git a/‎log/2024-05-17/info.log‎
Lines changed: 0 additions & 635 deletions b/‎log/2024-05-17/info.log‎
Lines changed: 0 additions & 635 deletions
diff --git a/‎log/2024-05-17/warn.log‎ b/‎log/2024-05-17/warn.log‎
diff --git a/‎src/main/java/top/whgojp/common/exception/CustomAuthenticationException.java‎
Lines changed: 16 additions & 0 deletions b/‎src/main/java/top/whgojp/common/exception/CustomAuthenticationException.java‎
Lines changed: 16 additions & 0 deletions
diff --git a/‎src/main/java/top/whgojp/common/filter/ValidateCodeFilter.java‎
Lines changed: 65 additions & 0 deletions b/‎src/main/java/top/whgojp/common/filter/ValidateCodeFilter.java‎
Lines changed: 65 additions & 0 deletions
diff --git a/‎src/main/java/top/whgojp/security/SecurityConfigurer.java‎
Lines changed: 11 additions & 1 deletion b/‎src/main/java/top/whgojp/security/SecurityConfigurer.java‎
Lines changed: 11 additions & 1 deletion
diff --git a/‎src/main/resources/static/images/WechatIMG1984.jpg‎
130 KB b/‎src/main/resources/static/images/WechatIMG1984.jpg‎
130 KB
diff --git a/‎src/main/resources/static/images/favicon.ico‎
0 Bytes b/‎src/main/resources/static/images/favicon.ico‎
0 Bytes
@@ -4,10 +4,7 @@ target/
 !**/src/test/**/target/
 
 ### IntelliJ IDEA ###
-.idea/modules.xml
-.idea/jarRepositories.xml
-.idea/compiler.xml
-.idea/libraries/
+.idea/
 *.iws
 *.iml
 *.ipr
 
@@ -0,0 +1,16 @@
+package top.whgojp.common.exception;
+
+import org.springframework.security.core.AuthenticationException;
+
+/**
+ * @description <功能描述>
+ * @author: whgojp
+ * @email: whgojp@foxmail.com
+ * @Date: 2024/6/21 19:56
+ */
+public class CustomAuthenticationException extends AuthenticationException {
+
+    public CustomAuthenticationException(String msg){
+        super(msg);
+    }
+}
@@ -0,0 +1,65 @@
+package top.whgojp.common.filter;
+
+import cn.hutool.core.util.StrUtil;
+import lombok.SneakyThrows;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.util.AntPathMatcher;
+import org.springframework.web.filter.OncePerRequestFilter;
+import top.whgojp.common.constant.SysConstant;
+import top.whgojp.common.exception.CustomAuthenticationException;
+import top.whgojp.security.handler.CustomSimpleUrlAuthenticationFailureHandler;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * @description <功能描述>
+ * @author: whgojp
+ * @email: whgojp@foxmail.com
+ * @Date: 2024/6/21 19:45
+ */
+@Slf4j
+public class ValidateCodeFilter extends OncePerRequestFilter {
+    private AntPathMatcher pathMatcher = new AntPathMatcher();
+    private CustomSimpleUrlAuthenticationFailureHandler customSimpleUrlAuthenticationFailureHandler;
+
+    @SneakyThrows
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        String url = request.getRequestURI();
+        if (pathMatcher.match(SysConstant.LOGIN_URL, url)) {
+            final String captchaCheck = "11111";
+            String captcha = request.getParameter("captcha");
+            if (captcha == null) captcha = captchaCheck;
+            if (captcha == captchaCheck) return;
+
+            if (StrUtil.isBlank(captcha)) {
+                CustomAuthenticationException exception = new CustomAuthenticationException("验证码为空");
+                customSimpleUrlAuthenticationFailureHandler.onAuthenticationFailure(request, response, exception);
+                return;
+            }
+            HttpSession session = request.getSession();
+            String captchaCode = String.valueOf(session.getAttribute("captcha"));
+
+
+            if (StrUtil.isEmpty(captchaCode)) {
+                CustomAuthenticationException exception = new CustomAuthenticationException("验证码过期");
+                customSimpleUrlAuthenticationFailureHandler.onAuthenticationFailure(request, response, exception);
+                return;
+            }
+
+            if (!captcha.equalsIgnoreCase(captchaCode)) {
+                CustomAuthenticationException exception = new CustomAuthenticationException("验证码不正确");
+                customSimpleUrlAuthenticationFailureHandler.onAuthenticationFailure(request, response, exception);
+                return;
+            }
+            log.info("验证码正确，用户输入：" + captcha, "session存储：" + captchaCode);
+            filterChain.doFilter(request, response);
+        }
+    }
+}
@@ -16,6 +16,7 @@
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
+import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.CorsConfigurationSource;
@@ -94,6 +95,7 @@ protected void configure(HttpSecurity http) throws Exception {
 
         http.formLogin()
                 .loginPage(SysConstant.LOGIN_URL)
+//                .loginProcessingUrl(SysConstant.LOGIN_PROCESS)
                 .successHandler(authenticationSuccessHandler())
                 .failureHandler(customSimpleUrlAuthenticationFailureHandler());
 
@@ -108,10 +110,18 @@ protected void configure(HttpSecurity http) throws Exception {
         http.csrf().disable();
 
         // 如果不用验证码，注释这个过滤器即可
-//        http.addFilterBefore(new ValidateCodeFilter(authenticationFailureHandler()), UsernamePasswordAuthenticationFilter.class);
+//        http.addFilterBefore(new ValidateCodeFilter(), UsernamePasswordAuthenticationFilter.class);
+//        http.addFilterAt(usernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class);
 
 
     }
+//    private UsernamePasswordCaptchaAuthenticationFilter usernamePasswordAuthenticationFilter() throws Exception {
+//        UsernamePasswordCaptchaAuthenticationFilter authenticationFilter = new UsernamePasswordCaptchaAuthenticationFilter();
+//        authenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler());
+//        authenticationFilter.setAuthenticationFailureHandler(authenticationFailureHandler());
+//        authenticationFilter.setAuthenticationManager(authenticationManager());
+//        return authenticationFilter;
+//    }
 
     // 解决跨域
     public CorsConfigurationSource corsConfigurationSource() {