Merge pull request #231 from orangebabu/main

添加state校验
This commit is contained in:
orangebabu
2024-08-19 15:19:27 +08:00
committed by GitHub
3 changed files with 27 additions and 13 deletions

View File

@@ -296,25 +296,27 @@ public class LoginEntryPoint {
@Operation(summary = "web二维码登录", description = "web二维码登录", method = "POST")
@PostMapping("/sign/qrcode")
public Message<AuthJwt> signByQrcode( HttpServletRequest request,
HttpServletResponse response,
@Validated @RequestBody ScanCode scanCode) {
public Message<AuthJwt> signByQrcode(@Validated @RequestBody ScanCode scanCode) {
LoginCredential loginCredential = new LoginCredential();
loginCredential.setAuthType(scanCode.getAuthType());
loginCredential.setUsername(scanCode.getCode());
try {
Authentication authentication = authenticationProvider.authenticate(loginCredential);
if (Objects.nonNull(authentication)) {
//success
AuthJwt authJwt = authTokenService.genAuthJwt(authentication);
return new Message<>(authJwt);
} else {
return new Message<>(Message.FAIL, "尚未扫码");
if(authTokenService.validateJwtToken(scanCode.getState())){
try {
Authentication authentication = authenticationProvider.authenticate(loginCredential);
if (Objects.nonNull(authentication)) {
//success
AuthJwt authJwt = authTokenService.genAuthJwt(authentication);
return new Message<>(authJwt);
} else {
return new Message<>(Message.FAIL, "尚未扫码");
}
} catch (BusinessException businessException) {
return new Message<>(businessException.getCode(), businessException.getMessage());
}
} catch (BusinessException businessException) {
return new Message<>(businessException.getCode(), businessException.getMessage());
}
return new Message<>(Message.FAIL);
}
@Operation(summary = "app扫描二维码", description = "扫描二维码登录", method = "POST")