fix: 注册验证码功能

pom.xml

@@ -34,6 +34,11 @@
     </repositories>
     <dependencies>
         <dependency>
+            <groupId>com.aliyun</groupId>
+            <artifactId>dysmsapi20170525</artifactId>
+            <version>3.0.0</version>
+        </dependency>
+        <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-jpa</artifactId>
         </dependency>

src/main/java/com/lqkj/link/config/WebSecurityConfig.java

@@ -45,6 +45,7 @@ public class WebSecurityConfig {
                                 "/swagger-ui/**",
                                 "/v3/api-docs/**",
                                 "/geom/all",
+                                "/user/sendSms",
                                 "/upload/**")
                         .permitAll()
                         .requestMatchers("/**")

src/main/java/com/lqkj/link/module/authority/controller/UserInfoController.java

@@ -2,6 +2,7 @@ package com.lqkj.link.module.authority.controller;
 
 import com.alibaba.fastjson2.JSON;
 import com.alibaba.fastjson2.JSONObject;
+import com.lqkj.link.config.LimitRequest.LimitRequest;
 import com.lqkj.link.message.MessageBean;
 import com.lqkj.link.module.authority.domain.UserInfo;
 import com.lqkj.link.module.authority.service.UserInfoService;
@@ -29,6 +30,7 @@ import static com.lqkj.link.APIVersion.VERSION_V1;
 @RestController
 @RequestMapping("/user")
 @Tag(name = "用户管理", description = "用户管理")
+@LimitRequest
 public class UserInfoController {
     private final UserInfoService userInfoService;
     private final JwtService jwtService;
@@ -208,14 +210,16 @@ public class UserInfoController {
             )
     )
     @PostMapping("/manage/register")
-    public MessageBean register(@RequestBody UserInfo userInfo, HttpServletRequest request) {
+    public MessageBean register(@RequestBody UserInfo userInfo,
+                                @RequestParam(name = "captcha") String captcha,
+                                HttpServletRequest request) {
         String authHeader = request.getHeader("Authorization");
         String userCode = null;
         if (Objects.nonNull(authHeader)){
              userCode = jwtService.decryptUsernameWithHeader(authHeader);
         }
-        userInfoService.register(userInfo, false, userCode);
-        return MessageBean.ok(null, "保存用户接口");
+        userInfoService.register(userInfo, false, userCode, captcha);
+        return MessageBean.ok(null, "注册用户接口");
     }
 
 
@@ -235,4 +239,16 @@ public class UserInfoController {
         userInfoService.saveSettings(autosaveTime, movingSpeed, userCode);
         return MessageBean.ok(null, "保存用户设置");
     }
+
+    /**
+     * 发送短信验证码
+     * @param phoneNumber
+     * @return
+     */
+    @LimitRequest(time = 60 * 1000)
+    @PostMapping("/sendSms")
+    public MessageBean<String> sendSms(@RequestParam String phoneNumber) {
+        userInfoService.sendSms(phoneNumber);
+        return MessageBean.ok(null, "发送短信成功");
+    }
 }

src/main/java/com/lqkj/link/module/authority/domain/Captcha.java

@@ -0,0 +1,39 @@
+package com.lqkj.link.module.authority.domain;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.persistence.*;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+
+import java.util.Date;
+import java.util.List;
+
+@Entity
+@Table(name = "captcha")
+@Getter
+@Setter
+@NoArgsConstructor
+@AllArgsConstructor
+public class Captcha {
+    @Id
+    @Column(name = "id")
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Schema(description = "验证码id")
+    private Integer id;
+
+    @Column(name = "code")
+    @Schema(description = "验证码")
+    private String code;
+
+    @Column(name = "phone_number")
+    @Schema(description = "手机号")
+    private String phoneNumber;
+
+    @Column(name = "create_time")
+    @JsonFormat(pattern = "YYYY-MM-dd HH:mm:ss", timezone = "Asia/Shanghai")
+    private Date createTime;
+
+}

src/main/java/com/lqkj/link/module/authority/repository/CaptchaRepository.java

@@ -0,0 +1,23 @@
+package com.lqkj.link.module.authority.repository;
+
+import com.lqkj.link.module.authority.domain.Captcha;
+import com.lqkj.link.module.authority.domain.UserInfo;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.Map;
+
+@Repository
+public interface CaptchaRepository extends JpaRepository<Captcha, Integer> {
+
+
+    @Query("select c from Captcha c where c.phoneNumber = :phoneNumber")
+    Captcha findByPhoneNumber(@Param("phoneNumber") String phoneNumber);
+}

src/main/java/com/lqkj/link/module/authority/service/UserInfoService.java

@@ -1,12 +1,17 @@
 package com.lqkj.link.module.authority.service;
 
 import cn.hutool.core.util.RandomUtil;
+import com.lqkj.link.module.authority.domain.Captcha;
 import com.lqkj.link.module.authority.domain.UserInfo;
+import com.lqkj.link.module.authority.repository.CaptchaRepository;
 import com.lqkj.link.module.authority.repository.RoleInfoRepository;
 import com.lqkj.link.module.authority.repository.UserInfoRepository;
 import com.lqkj.link.util.RSAUtils;
+import com.lqkj.link.util.SendSmsUtils;
 import jakarta.annotation.PostConstruct;
 import org.bouncycastle.jcajce.PKIXCertRevocationCheckerParameters;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.LockedException;
 import org.springframework.transaction.annotation.Transactional;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.data.domain.Page;
@@ -25,6 +30,9 @@ public class UserInfoService {
     private final PasswordEncoder passwordEncoder;
     private final RoleInfoRepository roleInfoRepository;
 
+    @Autowired
+    private CaptchaRepository captchaRepository;
+
     public UserInfoService(UserInfoRepository userInfoRepository, PasswordEncoder passwordEncoder, RoleInfoRepository roleInfoRepository) {
         this.userInfoRepository = userInfoRepository;
         this.passwordEncoder = passwordEncoder;
@@ -49,7 +57,7 @@ public class UserInfoService {
         guestUser.setLocking(false);
         guestUser.setRefreshResource(false);
         guestUser.setUpdateTime(new Date());
-        register(guestUser, true, null);
+        register(guestUser, true, null, null);
         return guestUser.getUserCode();
     }
 
@@ -207,13 +215,13 @@ public class UserInfoService {
      * @param userInfo
      */
     @Transactional
-    public void register(UserInfo userInfo, boolean isGuest, String userCode) {
+    public void register(UserInfo userInfo, boolean isGuest, String userCode, String captcha) {
         if (!isGuest){
             userInfo.setUserCode(RSAUtils.decryptBase64(userInfo.getUserCode()));
             if (StringUtils.isNotBlank(userInfo.getPassword()) && userInfo.getPassword().length() == 172) {
                 userInfo.setPassword(RSAUtils.decryptBase64(userInfo.getPassword()));
             }
-            checkerParameters(userInfo.getUserCode(), userInfo.getPassword());
+            checkerParameters(userInfo.getUserCode(), userInfo.getPassword(), captcha);
             assemblyParameter(userInfo, userCode);
         }
         userInfoRepository.save(userInfo);
@@ -247,25 +255,43 @@ public class UserInfoService {
      * @param userCode 用户账号
      * @param password 用户密码
      */
-    private void checkerParameters(String userCode, String password) {
+    private void checkerParameters(String userCode, String password, String captcha) {
         if (StringUtils.isBlank(userCode)) {
             throw new RuntimeException("账号不能为空！");
         }
         if (StringUtils.isBlank(password)) {
             throw new RuntimeException("密码不能为空！");
         }
+        if (StringUtils.isBlank(captcha)) {
+            throw new RuntimeException("验证码不能为空！");
+        }
         if (userInfoRepository.hasSameUserCode(userCode)) {
             throw new RuntimeException("该手机号已被注册！");
         }
         if (!userCode.matches("^(13[0-9]|14[5|7]|15[0|1|2|3|5|6|7|8|9]|18[0|1|2|3|5|6|7|8|9])\\d{8}$")){
             throw new RuntimeException("请输入正确的手机号！");
         }
+        checkCaptcha(userCode, captcha);
         if (!password.matches("^(?=.*\\d)(?=.*[a-z])(?=.*[A-Z])[a-zA-Z0-9]{8,16}$")){
             throw new RuntimeException("密码必须是8-16位数字、大写字母、小写字母！");
         }
 
     }
 
+    private void checkCaptcha(String userCode, String captcha) {
+        Captcha byPhoneNumber = captchaRepository.findByPhoneNumber(userCode);
+        if (Objects.isNull(byPhoneNumber)){
+            throw new RuntimeException("验证码错误！");
+        }
+        if ((new Date()).getTime() - byPhoneNumber.getCreateTime().getTime() > 1000 * 60 * 5){
+            throw new RuntimeException("验证码已过期，请重新获取");
+        }
+        if (!byPhoneNumber.getCode().equals(captcha)){
+            throw new RuntimeException("验证码错误！");
+        }
+
+    }
+
 
     /**
      * 保存ue设置
@@ -276,4 +302,22 @@ public class UserInfoService {
     public void saveSettings(Integer autosaveTime, Integer movingSpeed, String userCode) {
         userInfoRepository.saveSettings(autosaveTime, movingSpeed, userCode);
     }
+
+    @Transactional
+    public void sendSms(String phoneNumber) {
+        String code = SendSmsUtils.generateSMSCode();
+        Captcha captcha =  captchaRepository.findByPhoneNumber(phoneNumber);
+        if (Objects.nonNull(captcha)){
+            captcha.setCode(code);
+            captcha.setCreateTime(new Date());
+        }else {
+            captcha = new Captcha(null, code, phoneNumber, new Date());
+        }
+        captchaRepository.save(captcha);
+        try {
+            SendSmsUtils.sendSms(phoneNumber, code);
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
 }

src/main/java/com/lqkj/link/util/SendSmsUtils.java

@@ -0,0 +1,61 @@
+package com.lqkj.link.util;
+
+import com.aliyun.tea.TeaException;
+
+import java.security.SecureRandom;
+
+public class SendSmsUtils {
+
+    private static final String ACCESSKEYID = "LTAI5tH3cQMGWBkPf6GLKEJe";
+
+    private static final String ACCESSKEYSECRET = "X1ErvZq31BBbEp8Pwe2weIhjUn4G6u";
+
+    public static String generateSMSCode() {
+        SecureRandom random = new SecureRandom();
+        // 生成一个100000到999999之间的随机整数
+        int randomNum = random.nextInt(900000) + 100000;
+        return String.valueOf(randomNum);
+    }
+
+    public static com.aliyun.dysmsapi20170525.Client createClient() throws Exception {
+        // 工程代码泄露可能会导致 AccessKey 泄露，并威胁账号下所有资源的安全性。以下代码示例仅供参考。
+        // 建议使用更安全的 STS 方式，更多鉴权访问方式请参见：https://help.aliyun.com/document_detail/378657.html。
+        com.aliyun.teaopenapi.models.Config config = new com.aliyun.teaopenapi.models.Config()
+                // 必填，请确保代码运行环境设置了环境变量 ALIBABA_CLOUD_ACCESS_KEY_ID。
+                .setAccessKeyId(ACCESSKEYID)
+                // 必填，请确保代码运行环境设置了环境变量 ALIBABA_CLOUD_ACCESS_KEY_SECRET。
+                .setAccessKeySecret(ACCESSKEYSECRET);
+        // Endpoint 请参考 https://api.aliyun.com/product/Dysmsapi
+        config.endpoint = "dysmsapi.aliyuncs.com";
+        return new com.aliyun.dysmsapi20170525.Client(config);
+    }
+
+    public static void sendSms(String phoneNumbers, String code) throws Exception {
+        com.aliyun.dysmsapi20170525.Client client = SendSmsUtils.createClient();
+        com.aliyun.dysmsapi20170525.models.SendSmsRequest sendSmsRequest = new com.aliyun.dysmsapi20170525.models.SendSmsRequest()
+                .setPhoneNumbers(phoneNumbers)
+                .setSignName("灵奇软件")
+                .setTemplateCode("SMS_470990023")
+                .setTemplateParam("{\"code\":\"" + code + "\"}");
+        com.aliyun.teautil.models.RuntimeOptions runtime = new com.aliyun.teautil.models.RuntimeOptions();
+        try {
+            // 复制代码运行请自行打印 API 的返回值
+            client.sendSmsWithOptions(sendSmsRequest, runtime);
+        } catch (TeaException error) {
+            // 此处仅做打印展示，请谨慎对待异常处理，在工程项目中切勿直接忽略异常。
+            // 错误 message
+            System.out.println(error.getMessage());
+            // 诊断地址
+            System.out.println(error.getData().get("Recommend"));
+            com.aliyun.teautil.Common.assertAsString(error.message);
+        } catch (Exception _error) {
+            TeaException error = new TeaException(_error.getMessage(), _error);
+            // 此处仅做打印展示，请谨慎对待异常处理，在工程项目中切勿直接忽略异常。
+            // 错误 message
+            System.out.println(error.getMessage());
+            // 诊断地址
+            System.out.println(error.getData().get("Recommend"));
+            com.aliyun.teautil.Common.assertAsString(error.message);
+        }
+    }
+}

src/main/resources/db/migration/V8__2.0.5.sql

@@ -0,0 +1,13 @@
+
+create table captcha(
+    id               SERIAL                  not null,
+    code             varchar(10)             null,
+    phone_number     varchar(20)             null,
+    create_time       timestamp               null,
+    constraint pk_captcha primary key (id)
+);
+comment on table captcha is '验证码';
+comment on column captcha.id is 'id';
+comment on column captcha.code is '验证码';
+comment on column captcha.phone_number is '手机号';
+comment on column captcha.create_time is '创建时间';