app provider

2026-06-10 03:07:33 +08:00 · 2024-08-20 10:12:19 +08:00
parent 65d3e4a88c
commit 3b47bd6625
2 changed files with 24 additions and 3 deletions
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/authn/provider/impl/AppAuthenticationProvider.java
@@ -1,15 +1,18 @@
 package org.dromara.maxkey.authn.provider.impl;

 import org.dromara.maxkey.authn.LoginCredential;
+import org.dromara.maxkey.authn.jwt.AuthTokenService;
 import org.dromara.maxkey.authn.provider.AbstractAuthenticationProvider;
 import org.dromara.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.dromara.maxkey.authn.session.SessionManager;
+import org.dromara.maxkey.configuration.ApplicationConfig;
 import org.dromara.maxkey.constants.ConstsLoginType;
 import org.dromara.maxkey.entity.idm.UserInfo;
 import org.dromara.maxkey.web.WebConstants;
 import org.dromara.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.authentication.BadCredentialsException;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
@@ -28,9 +31,13 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {

    public AppAuthenticationProvider(
            AbstractAuthenticationRealm authenticationRealm,
-            SessionManager sessionManager) {
+            ApplicationConfig applicationConfig,
+            SessionManager sessionManager,
+            AuthTokenService authTokenService) {
        this.authenticationRealm = authenticationRealm;
+        this.applicationConfig = applicationConfig;
        this.sessionManager = sessionManager;
+        this.authTokenService = authTokenService;
    }


@@ -48,6 +55,9 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {

            _logger.debug("authentication {}", loginCredential);

+            if(this.applicationConfig.getLoginConfig().isCaptcha()) {
+                captchaValid(loginCredential.getState(),loginCredential.getCaptcha());
+            }

            emptyPasswordValid(loginCredential.getPassword());

@@ -93,4 +103,11 @@ public class AppAuthenticationProvider extends AbstractAuthenticationProvider {

        return authenticationToken;
    }
+
+    protected void captchaValid(String state ,String captcha) {
+        // for basic
+        if(!authTokenService.validateCaptcha(state,captcha)) {
+            throw new BadCredentialsException(WebContext.getI18nValue("login.error.captcha"));
+        }
+    }
 }
--- a/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java
+++ b/maxkey-authentications/maxkey-authentication-provider/src/main/java/org/dromara/maxkey/autoconfigure/AuthnProviderAutoConfiguration.java
@@ -91,11 +91,15 @@ public class AuthnProviderAutoConfiguration {
 	@Bean
 	public AppAuthenticationProvider appAuthenticationProvider(
 			AbstractAuthenticationRealm authenticationRealm,
-			SessionManager sessionManager
+			ApplicationConfig applicationConfig,
+			SessionManager sessionManager,
+			AuthTokenService authTokenService
 	) {
 		return new AppAuthenticationProvider(
 				authenticationRealm,
-				sessionManager
+				applicationConfig,
+				sessionManager,
+				authTokenService
 		);
 	}