更新V3.13.0版本:【新增】顶部菜单模式;【优化】因kaptcha有漏洞，弃用;【优化】三级等保默认值

Author: zhuoda

smart-admin-api-java17-springboot3/pom.xml

@@ -29,7 +29,6 @@
         <google-linkedhashmap.version>1.4.2</google-linkedhashmap.version>
         <google-guava.version>20.0</google-guava.version>
         <user-agent-utils.version>1.21</user-agent-utils.version>
-        <kaptcha.version>2.3.2</kaptcha.version>
         <reflections.version>0.9.11</reflections.version>
         <commons-io.version>2.15.0</commons-io.version>
         <commons-lang3.version>3.12.0</commons-lang3.version>
@@ -127,18 +126,6 @@
                 <version>${user-agent-utils.version}</version>
             </dependency>
 
-            <dependency>
-                <groupId>com.github.penggle</groupId>
-                <artifactId>kaptcha</artifactId>
-                <version>${kaptcha.version}</version>
-                <exclusions>
-                    <exclusion>
-                        <groupId>javax.servlet</groupId>
-                        <artifactId>*</artifactId>
-                    </exclusion>
-                </exclusions>
-            </dependency>
-
             <dependency>
                 <groupId>org.reflections</groupId>
                 <artifactId>reflections</artifactId>

smart-admin-api-java17-springboot3/sa-base/pom.xml

@@ -143,11 +143,6 @@
             <artifactId>guava</artifactId>
         </dependency>
 
-        <dependency>
-            <groupId>com.github.penggle</groupId>
-            <artifactId>kaptcha</artifactId>
-        </dependency>
-
         <dependency>
             <groupId>com.googlecode.concurrentlinkedhashmap</groupId>
             <artifactId>concurrentlinkedhashmap-lru</artifactId>

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/CaptchaService.java

@@ -1,24 +1,22 @@
 package net.lab1024.sa.base.module.support.captcha;
 
-import com.google.code.kaptcha.impl.DefaultKaptcha;
+import cn.hutool.captcha.CaptchaUtil;
+import cn.hutool.captcha.LineCaptcha;
+import cn.hutool.core.img.ImgUtil;
+import cn.hutool.core.util.RandomUtil;
 import jakarta.annotation.Resource;
 import lombok.extern.slf4j.Slf4j;
 import net.lab1024.sa.base.common.constant.StringConst;
 import net.lab1024.sa.base.common.domain.ResponseDTO;
 import net.lab1024.sa.base.common.domain.SystemEnvironment;
-import net.lab1024.sa.base.common.exception.BusinessException;
 import net.lab1024.sa.base.constant.RedisKeyConst;
 import net.lab1024.sa.base.module.support.captcha.domain.CaptchaForm;
 import net.lab1024.sa.base.module.support.captcha.domain.CaptchaVO;
 import net.lab1024.sa.base.module.support.redis.RedisService;
 import org.apache.commons.lang3.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
-import org.springframework.util.Base64Utils;
 
-import javax.imageio.ImageIO;
-import java.awt.image.BufferedImage;
-import java.io.ByteArrayOutputStream;
+import java.awt.*;
 import java.util.Objects;
 import java.util.UUID;
 
@@ -29,7 +27,7 @@
  * @Date 2021/8/31 20:52
  * @Wechat zhuoda1024
  * @Email [email protected]
- * @Copyright  <a href="https://1024lab.net">1024创新实验室</a>
+ * @Copyright <a href="https://1024lab.net">1024创新实验室</a>
  */
 @Slf4j
 @Service
@@ -40,9 +38,6 @@ public class CaptchaService {
      */
     private static final long EXPIRE_SECOND = 65L;
 
-    @Resource
-    private DefaultKaptcha defaultKaptcha;
-
     @Resource
     private SystemEnvironment systemEnvironment;
 
@@ -52,20 +47,23 @@ public class CaptchaService {
     /**
      * 生成图形验证码
      * 默认 1 分钟有效期
-     *
      */
     public CaptchaVO generateCaptcha() {
-        String captchaText = defaultKaptcha.createText();
-        BufferedImage image = defaultKaptcha.createImage(captchaText);
-
-        String base64Code;
-        try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
-            ImageIO.write(image, "jpg", os);
-            base64Code = Base64Utils.encodeToString(os.toByteArray());
-        } catch (Exception e) {
-            log.error("generateCaptcha error:", e);
-            throw new BusinessException("生成验证码错误");
-        }
+
+        //生成四位验证码
+        String captchaText = RandomUtil.randomNumbers(4);
+
+        //定义图形验证码的长、宽、验证码位数、干扰线数量
+        LineCaptcha lineCaptcha = CaptchaUtil.createLineCaptcha(125, 43, 4, 80);
+
+        //设置背景颜色
+        lineCaptcha.setBackground(new Color(230, 244, 255));
+
+        //生成图片
+        Image image = lineCaptcha.createImage(captchaText);
+
+        //转为base64
+        String base64Code = ImgUtil.toBase64(image, "jpg");
 
         /*
          * 返回验证码对象
@@ -88,7 +86,6 @@ public CaptchaVO generateCaptcha() {
 
     /**
      * 校验图形验证码
-     *
      */
     public ResponseDTO<String> checkCaptcha(CaptchaForm captchaForm) {
         if (StringUtils.isBlank(captchaForm.getCaptchaUuid()) || StringUtils.isBlank(captchaForm.getCaptchaCode())) {

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaColor.java

@@ -107,7 +107,7 @@ public int getLoginFailLockSeconds() {
      * 最低活跃时间（单位：秒），超过此时间没有操作系统就会被冻结，默认-1 代表不限制，永不冻结; 默认 30分钟
      */
     public int getLoginActiveTimeoutSeconds() {
-        return loginActiveTimeoutSeconds;
+        return loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
     }
 
     /**
@@ -167,6 +167,7 @@ private void setProp(Level3ProtectConfigForm configForm) {
 
         if (configForm.getLoginActiveTimeoutMinutes() != null) {
             this.loginActiveTimeoutSeconds = configForm.getLoginActiveTimeoutMinutes() * 60;
+            this.loginActiveTimeoutSeconds = loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
         }
 
         if (configForm.getPasswordComplexityEnabled() != null) {

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaConfig.java

@@ -31,7 +31,6 @@
         <google-linkedhashmap.version>1.4.2</google-linkedhashmap.version>
         <google-guava.version>20.0</google-guava.version>
         <user-agent-utils.version>1.21</user-agent-utils.version>
-        <kaptcha.version>2.3.2</kaptcha.version>
         <reflections.version>0.9.11</reflections.version>
         <commons-io.version>2.15.0</commons-io.version>
         <commons-lang3.version>3.12.0</commons-lang3.version>
@@ -152,12 +151,6 @@
                 <version>${user-agent-utils.version}</version>
             </dependency>
 
-            <dependency>
-                <groupId>com.github.penggle</groupId>
-                <artifactId>kaptcha</artifactId>
-                <version>${kaptcha.version}</version>
-            </dependency>
-
             <dependency>
                 <groupId>org.reflections</groupId>
                 <artifactId>reflections</artifactId>

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaNoise.java

@@ -163,11 +163,6 @@
             <artifactId>guava</artifactId>
         </dependency>
 
-        <dependency>
-            <groupId>com.github.penggle</groupId>
-            <artifactId>kaptcha</artifactId>
-        </dependency>
-
         <dependency>
             <groupId>com.googlecode.concurrentlinkedhashmap</groupId>
             <artifactId>concurrentlinkedhashmap-lru</artifactId>