feat: 登录验证码

Author: gadfly3173

src/main/java/io/github/talelin/latticy/bo/LoginCaptchaBO.java

@@ -0,0 +1,17 @@
+package io.github.talelin.latticy.bo;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+/**
+ * @author Gadfly
+ * @since 2021-11-19 15:20
+ */
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class LoginCaptchaBO {
+    private String captcha;
+    private Long expired;
+}

src/main/java/io/github/talelin/latticy/common/configuration/LoginCaptchaProperties.java

@@ -0,0 +1,29 @@
+package io.github.talelin.latticy.common.configuration;
+
+import io.github.talelin.latticy.common.util.CaptchaUtil;
+import lombok.Getter;
+import lombok.Setter;
+import org.springframework.boot.context.properties.ConfigurationProperties;
+import org.springframework.stereotype.Component;
+
+/**
+ * @author Gadfly
+ */
+@Getter
+@Setter
+@Component
+@ConfigurationProperties(prefix = "login-captcha")
+public class LoginCaptchaProperties {
+    /**
+     * aes 密钥
+     */
+    private String secret;
+    /**
+     * aes 偏移量
+     */
+    private String iv = CaptchaUtil.getRandomString(16);
+    /**
+     * 启用验证码
+     */
+    private Boolean enabled = Boolean.FALSE;
+}

src/main/java/io/github/talelin/latticy/common/util/CaptchaUtil.java

@@ -0,0 +1,200 @@
+package io.github.talelin.latticy.common.util;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import io.github.talelin.latticy.bo.LoginCaptchaBO;
+import org.springframework.core.io.ClassPathResource;
+
+import javax.crypto.Cipher;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.imageio.ImageIO;
+import java.awt.*;
+import java.awt.image.BufferedImage;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.nio.charset.StandardCharsets;
+import java.security.GeneralSecurityException;
+import java.time.LocalDateTime;
+import java.time.ZoneId;
+import java.util.Base64;
+import java.util.Random;
+
+/**
+ * @author Gadfly
+ */
+@SuppressWarnings("SpellCheckingInspection")
+public class CaptchaUtil {
+
+    /**
+     * 验证码字符个数
+     */
+    public static final int RANDOM_STR_NUM = 4;
+    private static final Random RANDOM = new Random();
+    /**
+     * 验证码的宽
+     */
+    private static final int WIDTH = 80;
+    /**
+     * 验证码的高
+     */
+    private static final int HEIGHT = 40;
+    /**
+     * 验证码中夹杂的干扰线数量
+     */
+    private static final int LINE_SIZE = 30;
+    private static final String RANDOM_STRING = "23456789abcdefghijkmnpqrstuvwxyzABCDEFGHJKLMNPQRSTUVWSYZ";
+    private static final String AES = "AES";
+    private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
+    private static final ObjectMapper MAPPER = new ObjectMapper();
+
+    static {
+        java.security.Security.setProperty("crypto.policy", "unlimited");
+    }
+
+    /**
+     * 颜色的设置
+     */
+    private static Color getRandomColor(int fc, int bc) {
+
+        fc = Math.min(fc, 255);
+        bc = Math.min(bc, 255);
+
+        int r = fc + RANDOM.nextInt(bc - fc - 16);
+        int g = fc + RANDOM.nextInt(bc - fc - 14);
+        int b = fc + RANDOM.nextInt(bc - fc - 12);
+
+        return new Color(r, g, b);
+    }
+
+    /**
+     * 字体的设置
+     */
+    private static Font getFont() throws IOException, FontFormatException {
+        ClassPathResource dejavuSerifBold = new ClassPathResource("DejaVuSerif-Bold.ttf");
+        return Font.createFont(Font.TRUETYPE_FONT, dejavuSerifBold.getInputStream()).deriveFont(Font.BOLD, 24);
+    }
+
+    /**
+     * 随机字符的获取
+     */
+    public static String getRandomString(int num) {
+        num = num > 0 ? num : RANDOM_STRING.length();
+        StringBuilder sb = new StringBuilder();
+        for (int i = 0; i < num; i++) {
+            int number = RANDOM.nextInt(RANDOM_STRING.length());
+            sb.append(RANDOM_STRING.charAt(number));
+        }
+        return sb.toString();
+    }
+
+    /**
+     * 干扰线的绘制
+     */
+    private static void drawLine(Graphics2D g) {
+        int x = RANDOM.nextInt(WIDTH);
+        int y = RANDOM.nextInt(HEIGHT);
+        int xl = WIDTH;
+        int yl = HEIGHT;
+        g.setStroke(new BasicStroke(2.0f));
+        g.setColor(getRandomColor(98, 200));
+        g.drawLine(x, y, x + xl, y + yl);
+    }
+
+    /**
+     * 字符串的绘制
+     */
+    private static void drawString(Graphics2D g, String randomStr, int i) throws IOException, FontFormatException {
+        g.setFont(getFont());
+        g.setColor(getRandomColor(28, 130));
+        // 设置每个字符的随机旋转
+        double radianPercent = (RANDOM.nextBoolean() ? -1 : 1) * Math.PI * (RANDOM.nextInt(60) / 320D);
+        g.rotate(radianPercent, WIDTH * 0.8 / RANDOM_STR_NUM * i, HEIGHT / 2);
+        int y = (RANDOM.nextBoolean() ? -1 : 1) * RANDOM.nextInt(4) + 4;
+        g.translate(RANDOM.nextInt(3), y);
+        g.drawString(randomStr, WIDTH / RANDOM_STR_NUM * i, HEIGHT / 2);
+        g.rotate(-radianPercent, WIDTH * 0.8 / RANDOM_STR_NUM * i, HEIGHT / 2);
+        g.translate(0, -y);
+    }
+
+    private static BufferedImage getBufferedImage(String code) throws IOException, FontFormatException {
+        // BufferedImage类是具有缓冲区的Image类,Image类是用于描述图像信息的类
+        BufferedImage image = new BufferedImage(WIDTH, HEIGHT, BufferedImage.TYPE_INT_BGR);
+        Graphics2D g = (Graphics2D) image.getGraphics();
+        g.fillRect(0, 0, WIDTH, HEIGHT);
+        g.setColor(getRandomColor(105, 189));
+        g.setFont(getFont());
+        int lineSize = RANDOM.nextInt(5);
+        // 干扰线
+        for (int i = 0; i < lineSize; i++) {
+            drawLine(g);
+        }
+        // 随机字符
+        for (int i = 0; i < code.length(); i++) {
+            drawString(g, String.valueOf(code.charAt(i)), i);
+        }
+        g.dispose();
+        return image;
+    }
+
+    /**
+     * 生成随机图片的base64编码字符串
+     *
+     * @param code 验证码
+     * @return base64
+     */
+    public static String getRandomCodeBase64(String code) throws IOException, FontFormatException {
+        BufferedImage image = getBufferedImage(code);
+        // 返回 base64
+        ByteArrayOutputStream bos = new ByteArrayOutputStream();
+        ImageIO.write(image, "PNG", bos);
+
+        byte[] bytes = bos.toByteArray();
+        Base64.Encoder encoder = Base64.getEncoder();
+
+        return encoder.encodeToString(bytes);
+    }
+
+    public static String getTag(String captcha, String secret, String iv) throws JsonProcessingException, GeneralSecurityException {
+        LocalDateTime time = LocalDateTime.now().plusMinutes(5);
+        LoginCaptchaBO captchaBO = new LoginCaptchaBO(captcha, time.atZone(ZoneId.systemDefault()).toInstant().toEpochMilli());
+        String json = MAPPER.writeValueAsString(captchaBO);
+        return aesEncode(secret, iv, json);
+    }
+
+    public static LoginCaptchaBO decodeTag(String secret, String iv, String tag) throws JsonProcessingException, GeneralSecurityException {
+        String decrypted = aesDecode(secret, iv, tag);
+        return MAPPER.readValue(decrypted, LoginCaptchaBO.class);
+    }
+
+    /**
+     * AES加密
+     */
+    public static String aesEncode(String secret, String iv, String content) throws GeneralSecurityException {
+        SecretKey secretKey = new SecretKeySpec(secret.getBytes(), AES);
+        Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
+        System.out.println(iv.length() + "///" + iv.getBytes(StandardCharsets.UTF_8).length + "///" + iv.getBytes(StandardCharsets.US_ASCII).length);
+        cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(iv.getBytes(StandardCharsets.US_ASCII)));
+        byte[] byteEncode = content.getBytes(StandardCharsets.UTF_8);
+        // 根据密码器的初始化方式加密
+        byte[] byteAES = cipher.doFinal(byteEncode);
+
+        // 将加密后的数据转换为字符串
+        return Base64.getEncoder().encodeToString(byteAES);
+    }
+
+    /**
+     * AES解密
+     */
+    public static String aesDecode(String secret, String iv, String content) throws GeneralSecurityException {
+        SecretKey secretKey = new SecretKeySpec(secret.getBytes(), AES);
+        Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
+        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv.getBytes(StandardCharsets.US_ASCII)));
+        // 将加密并编码后的内容解码成字节数组
+        byte[] byteContent = Base64.getDecoder().decode(content);
+        // 解密
+        byte[] byteDecode = cipher.doFinal(byteContent);
+        return new String(byteDecode, StandardCharsets.UTF_8);
+    }
+}

src/main/java/io/github/talelin/latticy/controller/cms/UserController.java

@@ -1,5 +1,6 @@
 package io.github.talelin.latticy.controller.cms;
 
+import io.github.talelin.autoconfigure.exception.ForbiddenException;
 import io.github.talelin.autoconfigure.exception.NotFoundException;
 import io.github.talelin.autoconfigure.exception.ParameterException;
 import io.github.talelin.core.annotation.AdminRequired;
@@ -9,6 +10,7 @@
 import io.github.talelin.core.token.DoubleJWT;
 import io.github.talelin.core.token.Tokens;
 import io.github.talelin.latticy.common.LocalUser;
+import io.github.talelin.latticy.common.configuration.LoginCaptchaProperties;
 import io.github.talelin.latticy.dto.user.ChangePasswordDTO;
 import io.github.talelin.latticy.dto.user.LoginDTO;
 import io.github.talelin.latticy.dto.user.RegisterDTO;
@@ -19,15 +21,18 @@
 import io.github.talelin.latticy.service.UserIdentityService;
 import io.github.talelin.latticy.service.UserService;
 import io.github.talelin.latticy.vo.CreatedVO;
+import io.github.talelin.latticy.vo.LoginCaptchaVO;
 import io.github.talelin.latticy.vo.UpdatedVO;
 import io.github.talelin.latticy.vo.UserInfoVO;
 import io.github.talelin.latticy.vo.UserPermissionVO;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StringUtils;
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
@@ -56,6 +61,9 @@ public class UserController {
     @Autowired
     private DoubleJWT jwt;
 
+    @Autowired
+    private LoginCaptchaProperties captchaConfig;
+
     /**
      * 用户注册
      */
@@ -70,7 +78,16 @@ public CreatedVO register(@RequestBody @Validated RegisterDTO validator) {
      * 用户登陆
      */
     @PostMapping("/login")
-    public Tokens login(@RequestBody @Validated LoginDTO validator) {
+    public Tokens login(@RequestBody @Validated LoginDTO validator, @RequestHeader("Tag") String tag) {
+        // TODO: 使用spring validation验证。暂时还没想到怎么根据配置文件分组
+        if (captchaConfig.getEnabled()) {
+            if (!StringUtils.hasText(validator.getCaptcha()) || !StringUtils.hasText(tag)) {
+                throw new ParameterException("验证码不可为空");
+            }
+            if (!userService.verifyCaptcha(validator.getCaptcha(), tag)) {
+                throw new ForbiddenException(10260);
+            }
+        }
         UserDO user = userService.getUserByUsername(validator.getUsername());
         if (user == null) {
             throw new NotFoundException(10021);
@@ -85,6 +102,14 @@ public Tokens login(@RequestBody @Validated LoginDTO validator) {
         return jwt.generateTokens(user.getId());
     }
 
+    @PostMapping("/captcha")
+    public LoginCaptchaVO userCaptcha() throws Exception {
+        if (captchaConfig.getEnabled()) {
+            return userService.generateCaptcha();
+        }
+        return new LoginCaptchaVO();
+    }
+
     /**
      * 更新用户信息
      */

src/main/java/io/github/talelin/latticy/dto/user/LoginDTO.java

@@ -18,4 +18,6 @@ public class LoginDTO {
 
     @NotBlank(message = "{password.new.not-blank}")
     private String password;
+
+    private String captcha;
 }

src/main/java/io/github/talelin/latticy/service/UserService.java

@@ -9,6 +9,7 @@
 import io.github.talelin.latticy.model.GroupDO;
 import io.github.talelin.latticy.model.PermissionDO;
 import io.github.talelin.latticy.model.UserDO;
+import io.github.talelin.latticy.vo.LoginCaptchaVO;
 
 import java.util.List;
 import java.util.Map;
@@ -129,4 +130,18 @@ public interface UserService extends IService<UserDO> {
      * @return 超级管理员的id
      */
     Integer getRootUserId();
+
+    /**
+     * 生成无状态的登录验证码
+     *
+     * @return 验证码
+     */
+    LoginCaptchaVO generateCaptcha() throws Exception;
+
+    /**
+     * 校验登录验证码
+     *
+     * @return 结果
+     */
+    boolean verifyCaptcha(String captcha, String tag);
 }