验证码超时验证

73cacd05 · 董建华 · 37d00cb1 · 73cacd05 · 73cacd05 · 73cacd05
Commit 73cacd05 authored Dec 01, 2020 by 董建华
7 changed files
--- a/src/main/java/cn/quantgroup/xyqb/Constants.java
+++ b/src/main/java/cn/quantgroup/xyqb/Constants.java
@@ -9,6 +9,10 @@ public interface Constants {
    // zero fill with 4 chars...
    String ZERO_FILL_TEMPLATE = "%04d";
    String IMAGE_CAPTCHA_KEY = "img_captcha:";
+    /**
+     * 图形验证码缓存key
+     */
+    String IMAGE_CAPTCHA_REDIS_CACHE_KEY = "redis_cache_img_captcha:";
    String REDIS_CAPTCHA_KEY = "auth:";
    String REDIS_PREFIX_VERIFICATION_CODE = "verificationCode_";
    //新版短信验证码计数
@@ -23,6 +27,10 @@ public interface Constants {
    String REDIS_VERIFICATION_COUNT = "verification_code_count:";
    Long Image_Need_Count = 3L;
    Long VERIFICATION_CODE_FINITE_COUNT = 3L;
+    /**
+     * 第几次验证需要重新获取验证码
+     */
+    Long VERIFICATION_CODE_FINITE_COUNT_NEW = 2L;
    String X_AUTH_TOKEN = "x-auth-token";
    int VERIFICATION_LEN = 2;
@@ -161,6 +169,10 @@ public interface Constants {
     * 密码错误次数过多锁定key前缀
     */
    String PASSWORD_LOCK_PRE = "password_error_lock:";
+    /**
+     * 图形验证码有效期
+     */
+    Long IMAGE_CAPTCHA_REDIS_CACHE_TIME_OUT = 10L;
    /**
     * 默认随机密码长度
     */

--- a/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaFiniteValidateAdvisor.java
+++ b/src/main/java/cn/quantgroup/xyqb/aspect/captcha/CaptchaFiniteValidateAdvisor.java
@@ -125,6 +125,11 @@ public class CaptchaFiniteValidateAdvisor {
            if (StringUtils.isNotBlank(captchaValue)) {
                // 忽略用户输入的大小写
                String captcha = StringUtils.lowerCase(captchaValue);
+                String val = redisTemplate.opsForValue().get(Constants.IMAGE_CAPTCHA_REDIS_CACHE_KEY.concat(captchaId));
+                if(null == val){
+                    return JsonResult.buildSuccessResult("图形验证码已过期,请重新获取", "", 2L);
+                }
                // 验证码校验
                Boolean validCaptcha = false;
                try {

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/UserController.java
@@ -48,6 +48,8 @@ import java.io.UnsupportedEncodingException;
 import java.nio.charset.Charset;
 import java.util.*;
+import static cn.quantgroup.xyqb.Constants.VERIFICATION_CODE_FINITE_COUNT_NEW;
 /**
 * Http服务接口：用户注册、登录、重置密码
 * Created by FrankChow on 15/7/5.
@@ -186,7 +188,7 @@ public class UserController implements IBaseController {
        }
        String verificationCode = successResult.getMsg();
        // 执行短信验证码检查
-        verifyPhoneAndCode(phoneNo, verificationCode);
+        verifyPhoneAndCodeForOnce(phoneNo, verificationCode);
        return userService.loginFast(channelId, appChannel, createdFrom, btRegisterChannelId, dimension, clickId, request, merchant, phoneNo);
    }
@@ -582,4 +584,27 @@ public class UserController implements IBaseController {
        }
    }
+    /**
+     * 校验验证码 不论成功与否都删除
+     *
+     * @param phoneNo
+     * @param verificationCode
+     */
+    private void verifyPhoneAndCodeForOnce(String phoneNo, String verificationCode) {
+        if (!smsService.verifyPhoneAndCode(phoneNo, verificationCode)) {
+            // 是否需要重新发送短信验证码
+            if (smsService.needResendCode(phoneNo, VERIFICATION_CODE_FINITE_COUNT_NEW)) {
+                throw new VerificationCodeErrorException("验证码失效，请重新获取");
+            }
+            /**
+             * 删除
+             */
+            smsService.deleteCodeFromCache(phoneNo);
+            log.info("验证码校验失败,phoneNo:{} , verificationCode:{}", phoneNo, verificationCode);
+            throw new VerificationCodeErrorException("短信验证码错误");
+        } else {
+            smsService.deleteCodeFromCache(phoneNo);
+        }
+    }
 }
--- a/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/captcha/ImageCaptchaController.java
@@ -10,6 +10,7 @@ import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.codec.binary.Base64;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
@@ -21,6 +22,7 @@ import java.io.IOException;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
+import java.util.concurrent.TimeUnit;
 /**
 * 类名称：ImgCaptchaController
@@ -35,6 +37,10 @@ import java.util.UUID;
 @RequestMapping("/api")
 public class ImageCaptchaController {
+    @Autowired
+    @Qualifier("stringRedisTemplate")
+    private RedisTemplate<String, String> redisTemplate;
    private static final String IMAGE_FORMAT_PNG = "png";
    private static final String IMG_BASE64_PATTREN = "data:image/" + IMAGE_FORMAT_PNG + ";base64,%s";
@@ -62,6 +68,7 @@ public class ImageCaptchaController {
        Map<String, String> data = new HashMap<>();
        data.put("imageId", imageId);
        data.put("image", String.format(IMG_BASE64_PATTREN, imageBase64));
+        redisTemplate.opsForValue().set(Constants.IMAGE_CAPTCHA_REDIS_CACHE_KEY.concat(imageId),"1",Constants.IMAGE_CAPTCHA_REDIS_CACHE_TIME_OUT,TimeUnit.MINUTES);
        return JsonResult.buildSuccessResult("", data);
    }

--- a/src/main/java/cn/quantgroup/xyqb/controller/external/sms/SmsController.java
+++ b/src/main/java/cn/quantgroup/xyqb/controller/external/sms/SmsController.java
@@ -160,7 +160,7 @@ public class SmsController implements IBaseController {
                                    @RequestParam(required = false, defaultValue = "") String appName,
                                    @RequestParam(required = false) String smsMerchant) {
        log.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
-        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_4);
+        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_6);
        return sendVerificationCode2(phoneNo, randomCode, appName, smsMerchant);
    }
@@ -289,7 +289,7 @@ public class SmsController implements IBaseController {
                                          @RequestParam(required = false, defaultValue = "") String appName,
                                          @RequestParam(required = false) String smsMerchant) {
        log.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
-        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_4);
+        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_6);
        return sendVerificationCode2New(phoneNo, randomCode, deviceId, true, appName, smsMerchant);
    }
@@ -310,7 +310,7 @@ public class SmsController implements IBaseController {
                                               @RequestParam(required = false, defaultValue = "") String appName,
                                               @RequestParam(required = false) String smsMerchant) {
        log.info("快速登陆-发送验证码, phoneNo:{}, registerFrom:{}", phoneNo, registerFrom);
-        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_4);
+        String randomCode = getRandomCode(Constants.SMS_CODE_LEN_6);
        return sendVerificationCode2New(phoneNo, randomCode, deviceId, false, appName, smsMerchant);
    }

--- a/src/main/java/cn/quantgroup/xyqb/service/sms/ISmsService.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/sms/ISmsService.java
@@ -33,4 +33,18 @@ public interface ISmsService {
     */
    boolean needResendCode(String phoneNo);
+    /**
+     * 是否需要重新发送短信验证码
+     *
+     * @param phoneNo
+     * @return
+     */
+    boolean needResendCode(String phoneNo,Long threshold);
+    /**
+     * 删除验证码缓存
+     * @param phoneNo
+     */
+   void deleteCodeFromCache(String phoneNo);
 }
--- a/src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java
+++ b/src/main/java/cn/quantgroup/xyqb/service/sms/impl/SmsServiceImpl.java
@@ -115,15 +115,28 @@ public class SmsServiceImpl implements ISmsService {
    @Override
    public boolean needResendCode(String phoneNo) {
+        return needResendCode(phoneNo, Constants.VERIFICATION_CODE_FINITE_COUNT);
+    }
+    @Override
+    public boolean needResendCode(String phoneNo, Long threshold) {
        String verificationCountKey = Constants.REDIS_VERIFICATION_COUNT + phoneNo;
        Long getVerificationCount = stringRedisTemplate.opsForHash().increment(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT, 1);
-        boolean needResend = getVerificationCount >= Constants.VERIFICATION_CODE_FINITE_COUNT;
+        boolean needResend = getVerificationCount >= threshold;
        if (needResend) {
+            deleteCodeFromCache(phoneNo);
+        }
+        return needResend;
+    }
+    @Override
+    public void deleteCodeFromCache(String phoneNo) {
+        String verificationCountKey = Constants.REDIS_VERIFICATION_COUNT + phoneNo;
        String key = Constants.REDIS_PREFIX_VERIFICATION_CODE + phoneNo;
        stringRedisTemplate.delete(key);
        stringRedisTemplate.opsForHash().delete(verificationCountKey, Constants.REDIS_VERIFICATION_COUNT);
    }
-        return needResend;
-    }
 }