Skip to content

Commit e74f179

Browse files
author
zhuoda
committed
更新V3.13.0版本:【新增】顶部菜单模式;【优化】因kaptcha有漏洞,弃用;【优化】三级等保默认值
1 parent 96d498f commit e74f179

File tree

35 files changed

+1510
-489
lines changed

35 files changed

+1510
-489
lines changed

smart-admin-api-java17-springboot3/pom.xml

-13
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,6 @@
2929
<google-linkedhashmap.version>1.4.2</google-linkedhashmap.version>
3030
<google-guava.version>20.0</google-guava.version>
3131
<user-agent-utils.version>1.21</user-agent-utils.version>
32-
<kaptcha.version>2.3.2</kaptcha.version>
3332
<reflections.version>0.9.11</reflections.version>
3433
<commons-io.version>2.15.0</commons-io.version>
3534
<commons-lang3.version>3.12.0</commons-lang3.version>
@@ -127,18 +126,6 @@
127126
<version>${user-agent-utils.version}</version>
128127
</dependency>
129128

130-
<dependency>
131-
<groupId>com.github.penggle</groupId>
132-
<artifactId>kaptcha</artifactId>
133-
<version>${kaptcha.version}</version>
134-
<exclusions>
135-
<exclusion>
136-
<groupId>javax.servlet</groupId>
137-
<artifactId>*</artifactId>
138-
</exclusion>
139-
</exclusions>
140-
</dependency>
141-
142129
<dependency>
143130
<groupId>org.reflections</groupId>
144131
<artifactId>reflections</artifactId>

smart-admin-api-java17-springboot3/sa-base/pom.xml

-5
Original file line numberDiff line numberDiff line change
@@ -143,11 +143,6 @@
143143
<artifactId>guava</artifactId>
144144
</dependency>
145145

146-
<dependency>
147-
<groupId>com.github.penggle</groupId>
148-
<artifactId>kaptcha</artifactId>
149-
</dependency>
150-
151146
<dependency>
152147
<groupId>com.googlecode.concurrentlinkedhashmap</groupId>
153148
<artifactId>concurrentlinkedhashmap-lru</artifactId>

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/CaptchaService.java

+21-24
Original file line numberDiff line numberDiff line change
@@ -1,24 +1,22 @@
11
package net.lab1024.sa.base.module.support.captcha;
22

3-
import com.google.code.kaptcha.impl.DefaultKaptcha;
3+
import cn.hutool.captcha.CaptchaUtil;
4+
import cn.hutool.captcha.LineCaptcha;
5+
import cn.hutool.core.img.ImgUtil;
6+
import cn.hutool.core.util.RandomUtil;
47
import jakarta.annotation.Resource;
58
import lombok.extern.slf4j.Slf4j;
69
import net.lab1024.sa.base.common.constant.StringConst;
710
import net.lab1024.sa.base.common.domain.ResponseDTO;
811
import net.lab1024.sa.base.common.domain.SystemEnvironment;
9-
import net.lab1024.sa.base.common.exception.BusinessException;
1012
import net.lab1024.sa.base.constant.RedisKeyConst;
1113
import net.lab1024.sa.base.module.support.captcha.domain.CaptchaForm;
1214
import net.lab1024.sa.base.module.support.captcha.domain.CaptchaVO;
1315
import net.lab1024.sa.base.module.support.redis.RedisService;
1416
import org.apache.commons.lang3.StringUtils;
15-
import org.springframework.beans.factory.annotation.Autowired;
1617
import org.springframework.stereotype.Service;
17-
import org.springframework.util.Base64Utils;
1818

19-
import javax.imageio.ImageIO;
20-
import java.awt.image.BufferedImage;
21-
import java.io.ByteArrayOutputStream;
19+
import java.awt.*;
2220
import java.util.Objects;
2321
import java.util.UUID;
2422

@@ -29,7 +27,7 @@
2927
* @Date 2021/8/31 20:52
3028
* @Wechat zhuoda1024
3129
* @Email [email protected]
32-
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
30+
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
3331
*/
3432
@Slf4j
3533
@Service
@@ -40,9 +38,6 @@ public class CaptchaService {
4038
*/
4139
private static final long EXPIRE_SECOND = 65L;
4240

43-
@Resource
44-
private DefaultKaptcha defaultKaptcha;
45-
4641
@Resource
4742
private SystemEnvironment systemEnvironment;
4843

@@ -52,20 +47,23 @@ public class CaptchaService {
5247
/**
5348
* 生成图形验证码
5449
* 默认 1 分钟有效期
55-
*
5650
*/
5751
public CaptchaVO generateCaptcha() {
58-
String captchaText = defaultKaptcha.createText();
59-
BufferedImage image = defaultKaptcha.createImage(captchaText);
60-
61-
String base64Code;
62-
try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
63-
ImageIO.write(image, "jpg", os);
64-
base64Code = Base64Utils.encodeToString(os.toByteArray());
65-
} catch (Exception e) {
66-
log.error("generateCaptcha error:", e);
67-
throw new BusinessException("生成验证码错误");
68-
}
52+
53+
//生成四位验证码
54+
String captchaText = RandomUtil.randomNumbers(4);
55+
56+
//定义图形验证码的长、宽、验证码位数、干扰线数量
57+
LineCaptcha lineCaptcha = CaptchaUtil.createLineCaptcha(125, 43, 4, 80);
58+
59+
//设置背景颜色
60+
lineCaptcha.setBackground(new Color(230, 244, 255));
61+
62+
//生成图片
63+
Image image = lineCaptcha.createImage(captchaText);
64+
65+
//转为base64
66+
String base64Code = ImgUtil.toBase64(image, "jpg");
6967

7068
/*
7169
* 返回验证码对象
@@ -88,7 +86,6 @@ public CaptchaVO generateCaptcha() {
8886

8987
/**
9088
* 校验图形验证码
91-
*
9289
*/
9390
public ResponseDTO<String> checkCaptcha(CaptchaForm captchaForm) {
9491
if (StringUtils.isBlank(captchaForm.getCaptchaUuid()) || StringUtils.isBlank(captchaForm.getCaptchaCode())) {

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaColor.java

-38
This file was deleted.

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaConfig.java

-46
This file was deleted.

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaNoise.java

-44
This file was deleted.

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaWordRenderer.java

-74
This file was deleted.

smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/securityprotect/service/Level3ProtectConfigService.java

+2-1
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ public int getLoginFailLockSeconds() {
107107
* 最低活跃时间(单位:秒),超过此时间没有操作系统就会被冻结,默认-1 代表不限制,永不冻结; 默认 30分钟
108108
*/
109109
public int getLoginActiveTimeoutSeconds() {
110-
return loginActiveTimeoutSeconds;
110+
return loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
111111
}
112112

113113
/**
@@ -167,6 +167,7 @@ private void setProp(Level3ProtectConfigForm configForm) {
167167

168168
if (configForm.getLoginActiveTimeoutMinutes() != null) {
169169
this.loginActiveTimeoutSeconds = configForm.getLoginActiveTimeoutMinutes() * 60;
170+
this.loginActiveTimeoutSeconds = loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
170171
}
171172

172173
if (configForm.getPasswordComplexityEnabled() != null) {

smart-admin-api-java8-springboot2/pom.xml

-7
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,6 @@
3131
<google-linkedhashmap.version>1.4.2</google-linkedhashmap.version>
3232
<google-guava.version>20.0</google-guava.version>
3333
<user-agent-utils.version>1.21</user-agent-utils.version>
34-
<kaptcha.version>2.3.2</kaptcha.version>
3534
<reflections.version>0.9.11</reflections.version>
3635
<commons-io.version>2.15.0</commons-io.version>
3736
<commons-lang3.version>3.12.0</commons-lang3.version>
@@ -152,12 +151,6 @@
152151
<version>${user-agent-utils.version}</version>
153152
</dependency>
154153

155-
<dependency>
156-
<groupId>com.github.penggle</groupId>
157-
<artifactId>kaptcha</artifactId>
158-
<version>${kaptcha.version}</version>
159-
</dependency>
160-
161154
<dependency>
162155
<groupId>org.reflections</groupId>
163156
<artifactId>reflections</artifactId>

smart-admin-api-java8-springboot2/sa-base/pom.xml

-5
Original file line numberDiff line numberDiff line change
@@ -163,11 +163,6 @@
163163
<artifactId>guava</artifactId>
164164
</dependency>
165165

166-
<dependency>
167-
<groupId>com.github.penggle</groupId>
168-
<artifactId>kaptcha</artifactId>
169-
</dependency>
170-
171166
<dependency>
172167
<groupId>com.googlecode.concurrentlinkedhashmap</groupId>
173168
<artifactId>concurrentlinkedhashmap-lru</artifactId>

0 commit comments

Comments
 (0)