refactor(platform):重构平台模块包结构- 将 shared 包下的文件移动到 platform 包下

- 更新相关类的包引用路径 - 修改 application.yml 中的包扫描路径 -重命名 CaptchaInfo 类为 CaptchaVO 并调整包路径 - 移动 BusinessException 和相关安全类到 core 包- 更新 Codegen 相关类包路径 - 删除无用的条件判断代码块
2025-10-14 16:09:46 +08:00
parent f460d8a7c0
commit c43e6dfb54
122 changed files with 346 additions and 475 deletions
--- a/src/main/java/com/youlai/boot/security/provider/SmsAuthenticationProvider.java
+++ b/src/main/java/com/youlai/boot/security/provider/SmsAuthenticationProvider.java
@@ -0,0 +1,89 @@
+package com.youlai.boot.security.provider;
+
+import cn.hutool.core.util.ObjectUtil;
+import cn.hutool.core.util.StrUtil;
+import com.youlai.boot.common.constant.RedisConstants;
+import com.youlai.boot.core.exception.CaptchaValidationException;
+import com.youlai.boot.security.model.SmsAuthenticationToken;
+import com.youlai.boot.security.model.SysUserDetails;
+import com.youlai.boot.security.model.UserAuthCredentials;
+import com.youlai.boot.system.service.UserService;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.DisabledException;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+
+
+/**
+ * 短信验证码认证 Provider
+ *
+ * @author Ray.Hao
+ * @since 2.17.0
+ */
+@Slf4j
+public class SmsAuthenticationProvider implements AuthenticationProvider {
+
+    private final UserService userService;
+
+    private final RedisTemplate<String, Object> redisTemplate;
+
+
+    public SmsAuthenticationProvider(UserService userService, RedisTemplate<String, Object> redisTemplate) {
+        this.userService = userService;
+        this.redisTemplate = redisTemplate;
+    }
+
+    /**
+     * 短信验证码认证逻辑，参考 Spring Security 认证密码校验流程
+     *
+     * @param authentication 认证对象
+     * @return 认证后的 Authentication 对象
+     * @throws AuthenticationException 认证异常
+     * @see org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider#authenticate(Authentication)
+     */
+    @Override
+    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+        String mobile = (String) authentication.getPrincipal();
+        String inputVerifyCode = (String) authentication.getCredentials();
+
+        // 根据手机号获取用户信息
+        UserAuthCredentials userAuthCredentials = userService.getAuthCredentialsByMobile(mobile);
+
+        if (userAuthCredentials == null) {
+            throw new UsernameNotFoundException("用户不存在");
+        }
+
+        // 检查用户状态是否有效
+        if (ObjectUtil.notEqual(userAuthCredentials.getStatus(), 1)) {
+            throw new DisabledException("用户已被禁用");
+        }
+
+        // 校验发送短信验证码的手机号是否与当前登录用户一致
+        String cacheKey = StrUtil.format(RedisConstants.Captcha.SMS_LOGIN_CODE, mobile);
+        String cachedVerifyCode = (String) redisTemplate.opsForValue().get(cacheKey);
+
+        if (!StrUtil.equals(inputVerifyCode, cachedVerifyCode)) {
+            throw new CaptchaValidationException("验证码错误");
+        } else {
+            // 验证成功后删除验证码
+            redisTemplate.delete(cacheKey);
+        }
+
+        // 构建认证后的用户详情信息
+        SysUserDetails userDetails = new SysUserDetails(userAuthCredentials);
+
+        // 创建已认证的 SmsAuthenticationToken
+        return SmsAuthenticationToken.authenticated(
+                userDetails,
+                userDetails.getAuthorities()
+        );
+    }
+
+    @Override
+    public boolean supports(Class<?> authentication) {
+        return SmsAuthenticationToken.class.isAssignableFrom(authentication);
+    }
+}