xinyin025/smart-admin
1
0
Fork 0
mirror of https://gitee.com/lab1024/smart-admin.git synced 2025-11-06 18:53:45 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

更新V3.13.0版本:【新增】顶部菜单模式;【优化】因kaptcha有漏洞,弃用;【优化】三级等保默认值

Browse Source
This commit is contained in:
zhuoda
2025-01-19 18:05:34 +08:00
parent db5e0062a0
commit cdbb854e6c
35 changed files with 1508 additions and 487 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
smart-admin-api-java17-springboot3/pom.xml
View File

@@ -29,7 +29,6 @@
<google-linkedhashmap.version>1.4.2</google-linkedhashmap.version>
<google-guava.version>20.0</google-guava.version>
<user-agent-utils.version>1.21</user-agent-utils.version>
<kaptcha.version>2.3.2</kaptcha.version>
<reflections.version>0.9.11</reflections.version>
<commons-io.version>2.15.0</commons-io.version>
<commons-lang3.version>3.12.0</commons-lang3.version>
@@ -127,18 +126,6 @@
<version>${user-agent-utils.version}</version>
</dependency>
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>${kaptcha.version}</version>
<exclusions>
<exclusion>
<groupId>javax.servlet</groupId>
<artifactId>*</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.reflections</groupId>
<artifactId>reflections</artifactId>

5
smart-admin-api-java17-springboot3/sa-base/pom.xml
View File

@@ -143,11 +143,6 @@
<artifactId>guava</artifactId>
</dependency>
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
</dependency>
<dependency>
<groupId>com.googlecode.concurrentlinkedhashmap</groupId>
<artifactId>concurrentlinkedhashmap-lru</artifactId>

43
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/CaptchaService.java
View File

@@ -1,24 +1,22 @@
package net.lab1024.sa.base.module.support.captcha;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import cn.hutool.captcha.CaptchaUtil;
import cn.hutool.captcha.LineCaptcha;
import cn.hutool.core.img.ImgUtil;
import cn.hutool.core.util.RandomUtil;
import jakarta.annotation.Resource;
import lombok.extern.slf4j.Slf4j;
import net.lab1024.sa.base.common.constant.StringConst;
import net.lab1024.sa.base.common.domain.ResponseDTO;
import net.lab1024.sa.base.common.domain.SystemEnvironment;
import net.lab1024.sa.base.common.exception.BusinessException;
import net.lab1024.sa.base.constant.RedisKeyConst;
import net.lab1024.sa.base.module.support.captcha.domain.CaptchaForm;
import net.lab1024.sa.base.module.support.captcha.domain.CaptchaVO;
import net.lab1024.sa.base.module.support.redis.RedisService;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.util.Base64Utils;
import javax.imageio.ImageIO;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.awt.*;
import java.util.Objects;
import java.util.UUID;
@@ -29,7 +27,7 @@ import java.util.UUID;
* @Date 2021/8/31 20:52
* @Wechat zhuoda1024
* @Email lab1024@163.com
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
*/
@Slf4j
@Service
@@ -40,9 +38,6 @@ public class CaptchaService {
*/
private static final long EXPIRE_SECOND = 65L;
@Resource
private DefaultKaptcha defaultKaptcha;
@Resource
private SystemEnvironment systemEnvironment;
@@ -52,20 +47,23 @@ public class CaptchaService {
/**
* 生成图形验证码
* 默认 1 分钟有效期
*
*/
public CaptchaVO generateCaptcha() {
String captchaText = defaultKaptcha.createText();
BufferedImage image = defaultKaptcha.createImage(captchaText);
String base64Code;
try (ByteArrayOutputStream os = new ByteArrayOutputStream()) {
ImageIO.write(image, "jpg", os);
base64Code = Base64Utils.encodeToString(os.toByteArray());
} catch (Exception e) {
log.error("generateCaptcha error:", e);
throw new BusinessException("生成验证码错误");
}
//生成四位验证码
String captchaText = RandomUtil.randomNumbers(4);
//定义图形验证码的长、宽、验证码位数、干扰线数量
LineCaptcha lineCaptcha = CaptchaUtil.createLineCaptcha(125, 43, 4, 80);
//设置背景颜色
lineCaptcha.setBackground(new Color(230, 244, 255));
//生成图片
Image image = lineCaptcha.createImage(captchaText);
//转为base64
String base64Code = ImgUtil.toBase64(image, "jpg");
/*
* 返回验证码对象
@@ -88,7 +86,6 @@ public class CaptchaService {
/**
* 校验图形验证码
*
*/
public ResponseDTO<String> checkCaptcha(CaptchaForm captchaForm) {
if (StringUtils.isBlank(captchaForm.getCaptchaUuid()) || StringUtils.isBlank(captchaForm.getCaptchaCode())) {

38
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaColor.java
View File

@@ -1,38 +0,0 @@
package net.lab1024.sa.base.module.support.captcha.config;
import com.google.common.collect.Lists;
import java.awt.*;
import java.util.List;
import java.util.Random;
/**
* 验证码颜色
*
* @Author 1024创新实验室-主任: 卓大
* @Date 2021-09-02 20:21:10
* @Wechat zhuoda1024
* @Email lab1024@163.com
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
*/
public class CaptchaColor {
public static Color getColor() {
List<Color> colors = Lists.newArrayList();
colors.add(new Color(0, 135, 255));
colors.add(new Color(51, 153, 51));
colors.add(new Color(255, 102, 102));
colors.add(new Color(255, 153, 0));
colors.add(new Color(153, 102, 0));
colors.add(new Color(153, 102, 153));
colors.add(new Color(51, 153, 153));
colors.add(new Color(102, 102, 255));
colors.add(new Color(0, 102, 204));
colors.add(new Color(204, 51, 51));
colors.add(new Color(128, 153, 65));
Random random = new Random();
int colorIndex = random.nextInt(10);
return colors.get(colorIndex);
}
}

46
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaConfig.java
View File

@@ -1,46 +0,0 @@
package net.lab1024.sa.base.module.support.captcha.config;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.code.kaptcha.util.Config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.Properties;
/**
* 验证码配置
*
* @Author 1024创新实验室-主任: 卓大
* @Date 2021-09-02 20:21:10
* @Wechat zhuoda1024
* @Email lab1024@163.com
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
*/
@Configuration
public class CaptchaConfig {
@Bean
public DefaultKaptcha getDefaultKaptcha() {
DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
Properties properties = new Properties();
properties.setProperty("kaptcha.border", "no");
properties.setProperty("kaptcha.border.color", "34,114,200");
properties.setProperty("kaptcha.image.width", "125");
properties.setProperty("kaptcha.image.height", "45");
properties.setProperty("kaptcha.textproducer.char.string", "123456789");
properties.setProperty("kaptcha.textproducer.char.length", "4");
properties.setProperty("kaptcha.textproducer.font.names", "Arial,Arial Narrow,Serif,Helvetica,Tahoma,Times New Roman,Verdana");
properties.setProperty("kaptcha.textproducer.font.size", "38");
properties.setProperty("kaptcha.background.clear.from", "white");
properties.setProperty("kaptcha.background.clear.to", "white");
properties.setProperty("kaptcha.word.impl", CaptchaWordRenderer.class.getName());
properties.setProperty("kaptcha.noise.impl", CaptchaNoise.class.getName());
Config config = new Config(properties);
defaultKaptcha.setConfig(config);
return defaultKaptcha;
}
}

44
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaNoise.java
View File

@@ -1,44 +0,0 @@
package net.lab1024.sa.base.module.support.captcha.config;
import com.google.code.kaptcha.NoiseProducer;
import com.google.code.kaptcha.util.Configurable;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.util.Random;
/**
* 验证码加噪处理
*
* @Author 1024创新实验室-主任: 卓大
* @Date 2021-09-02 20:21:10
* @Wechat zhuoda1024
* @Email lab1024@163.com
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
*/
public class CaptchaNoise extends Configurable implements NoiseProducer {
public CaptchaNoise() {
}
@Override
public void makeNoise(BufferedImage image, float factorOne, float factorTwo, float factorThree, float factorFour) {
int width = image.getWidth();
int height = image.getHeight();
Graphics2D graph = (Graphics2D) image.getGraphics();
graph.setRenderingHints(new RenderingHints(RenderingHints.KEY_ANTIALIASING, RenderingHints.VALUE_ANTIALIAS_ON));
graph.setStroke(new BasicStroke(1.0f, BasicStroke.CAP_BUTT, BasicStroke.JOIN_BEVEL));
Random random = new Random();
int noiseLineNum = random.nextInt(3);
if (noiseLineNum == 0) {
noiseLineNum = 1;
}
for (int i = 0; i < noiseLineNum; i++) {
graph.setColor(CaptchaColor.getColor());
graph.drawLine(random.nextInt(width), random.nextInt(height), 10 + random.nextInt(20), 10 + random.nextInt(20));
}
graph.dispose();
}
}

74
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/captcha/config/CaptchaWordRenderer.java
View File

@@ -1,74 +0,0 @@
package net.lab1024.sa.base.module.support.captcha.config;
import com.google.code.kaptcha.text.WordRenderer;
import com.google.code.kaptcha.util.Configurable;
import java.awt.*;
import java.awt.font.FontRenderContext;
import java.awt.font.GlyphVector;
import java.awt.image.BufferedImage;
import java.util.Random;
/**
* 验证码字体生成
*
* @Author 1024创新实验室-主任: 卓大
* @Date 2021-09-02 20:21:10
* @Wechat zhuoda1024
* @Email lab1024@163.com
* @Copyright <a href="https://1024lab.net">1024创新实验室</a>
*/
public class CaptchaWordRenderer extends Configurable implements WordRenderer {
public CaptchaWordRenderer() {
}
@Override
public BufferedImage renderWord(String word, int width, int height) {
int fontSize = this.getConfig().getTextProducerFontSize();
Font[] fonts = this.getConfig().getTextProducerFonts(fontSize);
int charSpace = this.getConfig().getTextProducerCharSpace();
BufferedImage image = new BufferedImage(width, height, 2);
Graphics2D g2D = image.createGraphics();
g2D.setColor(Color.WHITE);
RenderingHints hints = new RenderingHints(RenderingHints.KEY_ANTIALIASING, RenderingHints.VALUE_ANTIALIAS_ON);
hints.add(new RenderingHints(RenderingHints.KEY_RENDERING, RenderingHints.VALUE_RENDER_QUALITY));
g2D.setRenderingHints(hints);
g2D.setStroke(new BasicStroke(1.0f, BasicStroke.CAP_BUTT, BasicStroke.JOIN_BEVEL));
FontRenderContext frc = g2D.getFontRenderContext();
Random random = new Random();
int startPosY = (height - fontSize) / 5 + fontSize;
char[] wordChars = word.toCharArray();
Font[] chosenFonts = new Font[wordChars.length];
int[] charWidths = new int[wordChars.length];
int widthNeeded = 0;
int startPosX;
for (startPosX = 0; startPosX < wordChars.length; ++startPosX) {
chosenFonts[startPosX] = fonts[random.nextInt(fonts.length)];
char[] charToDraw = new char[]{wordChars[startPosX]};
GlyphVector gv = chosenFonts[startPosX].createGlyphVector(frc, charToDraw);
charWidths[startPosX] = (int) gv.getVisualBounds().getWidth();
if (startPosX > 0) {
widthNeeded += 2;
}
widthNeeded += charWidths[startPosX];
}
startPosX = (width - widthNeeded) / 2;
for (int i = 0; i < wordChars.length; ++i) {
g2D.setColor(CaptchaColor.getColor());
g2D.setFont(chosenFonts[i].deriveFont(Font.PLAIN));
char[] charToDraw = new char[]{wordChars[i]};
g2D.drawChars(charToDraw, 0, charToDraw.length, startPosX, startPosY);
startPosX = startPosX + charWidths[i] + charSpace;
}
return image;
}
}

3
smart-admin-api-java17-springboot3/sa-base/src/main/java/net/lab1024/sa/base/module/support/securityprotect/service/Level3ProtectConfigService.java
View File

@@ -107,7 +107,7 @@ public class Level3ProtectConfigService {
* 最低活跃时间(单位:秒),超过此时间没有操作系统就会被冻结,默认-1 代表不限制,永不冻结; 默认 30分钟
*/
public int getLoginActiveTimeoutSeconds() {
return loginActiveTimeoutSeconds;
return loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
}
/**
@@ -167,6 +167,7 @@ public class Level3ProtectConfigService {
if (configForm.getLoginActiveTimeoutMinutes() != null) {
this.loginActiveTimeoutSeconds = configForm.getLoginActiveTimeoutMinutes() * 60;
this.loginActiveTimeoutSeconds = loginActiveTimeoutSeconds > 0 ? loginActiveTimeoutSeconds : -1;
}
if (configForm.getPasswordComplexityEnabled() != null) {