From 763789a6797ffe6ab09b4e2a35ed4a8d4a3b29c5 Mon Sep 17 00:00:00 2001
From: liuhaonan <konodioda2333@vip.qq.com>
Date: 星期一, 25 四月 2022 14:51:43 +0800
Subject: [PATCH] 验证码实现

---
 ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)

diff --git a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java
index 5b89dda..d55ae98 100644
--- a/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java
+++ b/ximon-admin/src/main/java/com/sandu/ximon/admin/controller/ClientController.java
@@ -1,6 +1,7 @@
 package com.sandu.ximon.admin.controller;
 
 import cn.hutool.core.bean.BeanUtil;
+import cn.hutool.core.util.StrUtil;
 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.core.toolkit.Wrappers;
 import com.github.pagehelper.PageHelper;
@@ -32,6 +33,7 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import javax.servlet.http.HttpServletRequest;
 import java.time.LocalDateTime;
 import java.util.*;
 import java.util.stream.Collectors;
@@ -153,11 +155,15 @@
 
     @AnonymousAccess
     @PostMapping(value = "/login")
-    public ResponseVO<Object> longin(@RequestBody @Validated AdminLoginParam loginParam) {
+    public ResponseVO<Object> longin(HttpServletRequest request, @RequestBody @Validated AdminLoginParam loginParam) {
         Client client = clientService.getOne(Wrappers.lambdaQuery(Client.class).eq(Client::getClientName, loginParam.getUsername()).last("limit 1"));
         if (client == null) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }
+        String session_vcode = (String) request.getSession().getAttribute(loginParam.getKey());
+        if (!StrUtil.equalsIgnoreCase(session_vcode, loginParam.getVlue())) {
+            return ResponseUtil.error(ResponseStatusEnums.BAD_AUTHENTICATION.getCode(), ResponseStatusEnums.BAD_AUTHENTICATION.getMessage());
+        }
         if (!passwordEncoder.matches(loginParam.getPassword(), client.getPassword())) {
             return ResponseUtil.error(ResponseStatusEnums.BAD_CREDENTIALS.getCode(), ResponseStatusEnums.BAD_CREDENTIALS.getMessage());
         }

--
Gitblit v1.9.3