获取短信验证码添加校验

sso-server/src/main/java/com/uas/sso/controller/AppealController.java

@@ -43,6 +43,10 @@ public class AppealController extends BaseController {
         if (StringUtils.isEmpty(mobile)) {
             return error("手机号不能为空");
         }
+        // 校验手机号
+        if (!userService.mobileHasRegistered(mobile)) {
+            return error("手机号未注册");
+        }
         String token = getMobileToken(mobile);
         ModelMap data = new ModelMap("token", token);
         data.put("code", request.getSession().getAttribute("code"));

sso-server/src/main/java/com/uas/sso/controller/ChangeAdminController.java

@@ -87,6 +87,9 @@ public class ChangeAdminController extends BaseController {
     @RequestMapping(value = "/check/mobile", method = RequestMethod.GET)
     public ModelMap checkByMobile() {
         UserAccount userAccount = SystemSession.getUserAccount();
+        if (userAccount == null) {
+            return error("未登录");
+        }
 
         // 获取验证码
         String token = getMobileToken(userAccount.getMobile());

sso-server/src/main/java/com/uas/sso/controller/PersonalRegisterController.java

@@ -17,9 +17,9 @@ import com.uas.sso.logging.RegisterBufferedLogger;
 import com.uas.sso.service.AppService;
 import com.uas.sso.service.PersonalAccountService;
 import com.uas.sso.service.UserService;
+import com.uas.sso.util.CaptchaUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.PasswordLevelUtils;
-import com.uas.sso.foreign.weixin.entity.OAuthInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -32,7 +32,6 @@ import org.springframework.web.bind.annotation.ResponseBody;
 
 import java.io.UnsupportedEncodingException;
 import java.net.URLDecoder;
-import java.net.URLEncoder;
 import java.util.List;
 import java.util.Optional;
 
@@ -59,6 +58,11 @@ public class PersonalRegisterController extends BaseController {
 
     private final static Logger LOGGER = LoggerFactory.getLogger(PersonalRegisterController.class);
 
+    /**
+     * 验证码存session的可以
+     */
+    private static final String RESET_CAPTCHA = "resetCaptcha";
+
     /**
      * 注册个人信息
      *
@@ -168,12 +172,15 @@ public class PersonalRegisterController extends BaseController {
      */
     @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
     @ResponseBody
-    public ModelMap getCode(String mobile) {
+    public ModelMap getCode(String mobile, String code) {
         // 参数校验
         if (StringUtils.isEmpty(mobile)) {
             return error("请输入手机号");
         }
 
+        // 校验图片验证码
+        CaptchaUtil.checkCode(request, RESET_CAPTCHA, code);
+
         // 获取验证码
         String token = getMobileToken(mobile);
 

sso-server/src/main/java/com/uas/sso/controller/ResetPasswordController.java

@@ -365,6 +365,11 @@ public class ResetPasswordController extends BaseController {
 
     @RequestMapping(value = "/checkCode" ,method = RequestMethod.POST)
     public ModelMap checkCode(String code, @RequestParam String token, String mobile) {
+        // 校验手机号
+        if (!userService.mobileHasRegistered(mobile)) {
+            return error("手机号未注册");
+        }
+
         // 校验手机号验证码
         checkMobileCode(token, mobile, code);
 

sso-server/src/main/java/com/uas/sso/controller/UpdateUserController.java

@@ -65,6 +65,11 @@ public class UpdateUserController extends BaseController {
      */
     @RequestMapping(value = "/check/mobile", method = RequestMethod.GET)
     public ModelMap checkByMobile(String mobile) {
+        // 校验手机号
+        if (!userService.mobileHasRegistered(mobile)) {
+            return error("手机号未注册");
+        }
+
         // 获取验证码
         String token = getMobileToken(mobile);
 

sso-server/src/main/java/com/uas/sso/controller/UserspaceRegisterController.java

@@ -17,9 +17,9 @@ import com.uas.sso.service.AppService;
 import com.uas.sso.service.UserAccountService;
 import com.uas.sso.service.UserService;
 import com.uas.sso.service.UserspaceService;
+import com.uas.sso.util.CaptchaUtil;
 import com.uas.sso.util.IpUtils;
 import com.uas.sso.util.PasswordLevelUtils;
-import com.uas.sso.foreign.weixin.entity.OAuthInfo;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -61,6 +61,11 @@ public class UserspaceRegisterController extends BaseController {
 
     private final static Logger LOGGER = LoggerFactory.getLogger(UserspaceRegisterController.class);
 
+    /**
+     * 重置密码验证码存session的key
+     */
+    private static final String RESET_CAPTCHA = "resetCaptcha";
+
     /**
      * 企业注册第一步，验证手机号
      *
@@ -232,10 +237,14 @@ public class UserspaceRegisterController extends BaseController {
      */
     @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
     @ResponseBody
-    public ModelMap getCode(String mobile, String mobileArea, String timestamp) {
+    public ModelMap getCode(String mobile, String mobileArea, String timestamp, String code) {
         if (StringUtils.isEmpty(timestamp)){
             return error("恶意访问");
         }
+
+        // 校验图片验证码
+        CaptchaUtil.checkCode(request, RESET_CAPTCHA, code);
+
         // 校验手机号
         checkMobile(mobile, mobileArea);
 

sso-server/src/main/java/com/uas/sso/foreign/controller/ForeignController.java

@@ -118,6 +118,11 @@ public class ForeignController extends BaseController {
      */
     @GetMapping("/checkcode")
     public ModelMap checkCode(String mobile) {
+        // 校验手机号
+        if (!userService.mobileHasRegistered(mobile)) {
+            return error("手机号未注册");
+        }
+
         String token = getMobileToken(mobile);
         return success(new ModelMap("token", token));
     }

sso-server/src/main/java/com/uas/sso/util/CaptchaUtil.java

@@ -1,5 +1,8 @@
 package com.uas.sso.util;
 
+import com.uas.sso.exception.VisibleError;
+import org.springframework.util.StringUtils;
+
 import java.awt.Color;
 import java.awt.Font;
 import java.awt.Graphics2D;
@@ -99,4 +102,22 @@ public class CaptchaUtil {
         ImageIO.write(bi, "jpeg", out);
         out.flush();
     }
+
+    /**
+     * 校验图片验证码
+     * @param request
+     * @param key 获取图片验证码存session的key
+     * @param code 校验的验证码
+     */
+    public static void checkCode(HttpServletRequest request, String key, String code) {
+        String captcha = (String) request.getSession().getAttribute(key);
+        if (StringUtils.isEmpty(captcha)) {
+            throw new VisibleError("图片验证码过期");
+        }
+        if (code != null && !code.equalsIgnoreCase(captcha)) {
+            throw new VisibleError("请输入正确的验证码");
+        }
+
+        request.getSession().removeAttribute(key);
+    }
 }

sso-server/src/main/java/com/uas/sso/uu/controller/ImResetPasswordController.java

@@ -32,6 +32,11 @@ public class ImResetPasswordController extends BaseController {
      */
     @RequestMapping(value = "/checkCode", method = RequestMethod.GET)
     public ModelMap checkCode(String mobile) {
+        // 校验手机号
+        if (!userService.mobileHasRegistered(mobile)) {
+            return error("手机号未注册");
+        }
+
         String token = getMobileToken(mobile);
         return success(new ModelMap("token", token));
     }