From 025a70b0cd2046973101e334bf8f4e3440e214e5 Mon Sep 17 00:00:00 2001
From: "Ray.Hao" <1490493387@qq.com>
Date: Mon, 13 Jan 2025 23:41:33 +0800
Subject: [PATCH] =?UTF-8?q?refactor:=20=E6=89=8B=E6=9C=BA=E7=9F=AD?=
 =?UTF-8?q?=E4=BF=A1=E9=AA=8C=E8=AF=81=E7=A0=81=E8=AE=A4=E8=AF=81=E4=BB=A3?=
 =?UTF-8?q?=E7=A0=81=E4=BC=98=E5=8C=96=E5=92=8C=E6=B3=A8=E9=87=8A=E8=B0=83?=
 =?UTF-8?q?=E6=95=B4=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../youlai/boot/config/SecurityConfig.java    | 25 ++++++++++++-------
 .../sms/SmsAuthenticationProvider.java        |  2 +-
 .../extension/sms/SmsAuthenticationToken.java |  2 +-
 .../auth/controller/AuthController.java       |  4 +--
 .../auth/service/impl/AuthServiceImpl.java    |  5 ++--
 .../resources/mapper/system/UserMapper.xml    |  4 ---
 6 files changed, 22 insertions(+), 20 deletions(-)

diff --git a/src/main/java/com/youlai/boot/config/SecurityConfig.java b/src/main/java/com/youlai/boot/config/SecurityConfig.java
index 587c1295..61d7d84c 100644
--- a/src/main/java/com/youlai/boot/config/SecurityConfig.java
+++ b/src/main/java/com/youlai/boot/config/SecurityConfig.java
@@ -34,7 +34,7 @@ import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
 /**
- * Spring Security 安全配置
+ * Spring Security 配置类
  *
  * @author Ray.Hao
  * @since 2023/2/17
@@ -82,7 +82,7 @@ public class SecurityConfig {
 
                 // 禁用默认的 Spring Security 特性，适用于前后端分离架构
                 .sessionManagement(configurer ->
-                                configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 无状态认证，不使用 Session
+                        configurer.sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 无状态认证，不使用 Session
                 )
                 .csrf(AbstractHttpConfigurer::disable)      // 禁用 CSRF 防护，前后端分离无需此防护机制
                 .formLogin(AbstractHttpConfigurer::disable) // 禁用默认的表单登录功能，前后端分离采用 Token 认证方式
@@ -132,21 +132,28 @@ public class SecurityConfig {
         return new WechatAuthenticationProvider(userService, wxMaService);
     }
 
+
+    /**
+     * 短信验证码认证 Provider
+     */
+    @Bean
     public SmsAuthenticationProvider smsAuthenticationProvider() {
         return new SmsAuthenticationProvider(userService, redisTemplate);
     }
 
     /**
-     * 手动注入 AuthenticationManager，支持多种认证方式
-     * - DaoAuthenticationProvider：用户名密码认证
-     * - WeChatAuthenticationProvider：微信认证
+     * 认证管理器
      */
     @Bean
-    public AuthenticationManager authenticationManager() {
+    public AuthenticationManager authenticationManager(
+            DaoAuthenticationProvider daoAuthenticationProvider,
+            WechatAuthenticationProvider weChatAuthenticationProvider,
+            SmsAuthenticationProvider smsAuthenticationProvider
+    ) {
         return new ProviderManager(
-                daoAuthenticationProvider(),
-                weChatAuthenticationProvider(),
-                smsAuthenticationProvider()
+                daoAuthenticationProvider,
+                weChatAuthenticationProvider,
+                smsAuthenticationProvider
         );
     }
 }
diff --git a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java
index db7fa180..fc71fe37 100644
--- a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java
+++ b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationProvider.java
@@ -73,7 +73,7 @@ public class SmsAuthenticationProvider implements AuthenticationProvider {
         // 构建认证后的用户详情信息
         SysUserDetails userDetails = new SysUserDetails(userAuthInfo);
 
-        // 创建已认证的 WeChatAuthenticationToken
+        // 创建已认证的 SmsAuthenticationToken
         return SmsAuthenticationToken.authenticated(
                 userDetails,
                 userDetails.getAuthorities()
diff --git a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationToken.java b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationToken.java
index 8f1484c7..54cb026c 100644
--- a/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationToken.java
+++ b/src/main/java/com/youlai/boot/core/security/extension/sms/SmsAuthenticationToken.java
@@ -60,7 +60,7 @@ public class SmsAuthenticationToken extends AbstractAuthenticationToken {
      *
      * @param principal   用户信息
      * @param authorities 授权信息
-     * @return
+     * @return SmsAuthenticationToken
      */
     public static SmsAuthenticationToken authenticated(Object principal, Collection<? extends GrantedAuthority> authorities) {
         return new SmsAuthenticationToken(principal, authorities);
diff --git a/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java b/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
index efed422e..c306bdee 100644
--- a/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
+++ b/src/main/java/com/youlai/boot/shared/auth/controller/AuthController.java
@@ -75,7 +75,7 @@ public class AuthController {
 
     @Operation(summary = "发送登录短信验证码")
     @PostMapping("/login/sms/code")
-    public Result<?> sendLoginVerifyCode(
+    public Result<Void> sendLoginVerifyCode(
             @Parameter(description = "手机号", example = "18812345678") @RequestParam String mobile
     ) {
         authService.sendSmsLoginCode(mobile);
@@ -87,7 +87,7 @@ public class AuthController {
     @Log(value = "短信验证码登录", module = LogModuleEnum.LOGIN)
     public Result<AuthenticationToken> loginBySms(
             @Parameter(description = "手机号", example = "18812345678") @RequestParam String mobile,
-            @Parameter(description = "验证码", example = "123456") @RequestParam String code
+            @Parameter(description = "验证码", example = "1234") @RequestParam String code
     ) {
         AuthenticationToken loginResult = authService.loginBySms(mobile, code);
         return Result.success(loginResult);
diff --git a/src/main/java/com/youlai/boot/shared/auth/service/impl/AuthServiceImpl.java b/src/main/java/com/youlai/boot/shared/auth/service/impl/AuthServiceImpl.java
index 8233248d..c1e850f1 100644
--- a/src/main/java/com/youlai/boot/shared/auth/service/impl/AuthServiceImpl.java
+++ b/src/main/java/com/youlai/boot/shared/auth/service/impl/AuthServiceImpl.java
@@ -53,7 +53,6 @@ public class AuthServiceImpl implements AuthService {
     private final CodeGenerator codeGenerator;
 
     private final SmsService smsService;
-
     private final RedisTemplate<String, Object> redisTemplate;
 
     /**
@@ -101,7 +100,7 @@ public class AuthServiceImpl implements AuthService {
     }
 
     /**
-     * 发送短信验证码
+     * 发送登录短信验证码
      *
      * @param mobile 手机号
      */
@@ -134,7 +133,7 @@ public class AuthServiceImpl implements AuthService {
      */
     @Override
     public AuthenticationToken loginBySms(String mobile, String code) {
-        // 1. 创建用户微信认证的令牌（未认证）
+        // 1. 创建用户短信验证码认证的令牌（未认证）
         SmsAuthenticationToken smsAuthenticationToken = new SmsAuthenticationToken(mobile, code);
 
         // 2. 执行认证（认证中）
diff --git a/src/main/resources/mapper/system/UserMapper.xml b/src/main/resources/mapper/system/UserMapper.xml
index 0660dbcf..88e103af 100644
--- a/src/main/resources/mapper/system/UserMapper.xml
+++ b/src/main/resources/mapper/system/UserMapper.xml
@@ -165,7 +165,6 @@
             t1.id userId,
             t1.username,
             t1.nickname,
-            t1.PASSWORD,
             t1.STATUS,
             t1.dept_id ,
             t3.CODE
@@ -232,7 +231,4 @@
             u.id = #{userId} AND u.is_deleted = 0
     </select>
 
-
-
-
 </mapper>