From b4111e1ced421c158911d6c11cdaf0c63b5dd3bc Mon Sep 17 00:00:00 2001
From: 田源 <lastanimals@163.com>
Date: 星期二, 28 三月 2023 18:28:32 +0800
Subject: [PATCH] 完善密码策略

---
 Source/BladeX/blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java |   14 ++------------
 1 files changed, 2 insertions(+), 12 deletions(-)

diff --git a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java
index 9b96c70..a2c837a 100644
--- a/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java
+++ b/Source/BladeX/blade-auth/src/main/java/org/springblade/auth/granter/CaptchaTokenGranter.java
@@ -1,5 +1,6 @@
 package org.springblade.auth.granter;
 
+import com.baomidou.mybatisplus.core.toolkit.StringUtils;
 import org.springblade.auth.utils.TokenUtil;
 import org.springblade.common.cache.CacheNames;
 import org.springblade.core.redis.cache.BladeRedis;
@@ -44,17 +45,6 @@
 
 	@Override
 	protected OAuth2Authentication getOAuth2Authentication(ClientDetails client, TokenRequest tokenRequest) {
-		HttpServletRequest request = WebUtil.getRequest();
-		// 澧炲姞楠岃瘉鐮佸垽鏂�
-		String key = request.getHeader(TokenUtil.CAPTCHA_HEADER_KEY);
-		String code = request.getHeader(TokenUtil.CAPTCHA_HEADER_CODE);
-		// 鑾峰彇楠岃瘉鐮�
-		String redisCode = bladeRedis.get(CacheNames.CAPTCHA_KEY + key);
-		// 鍒ゆ柇楠岃瘉鐮�
-		if (code == null || !StringUtil.equalsIgnoreCase(redisCode, code)) {
-			throw new UserDeniedAuthorizationException(TokenUtil.CAPTCHA_NOT_CORRECT);
-		}
-
 		Map<String, String> parameters = new LinkedHashMap<String, String>(tokenRequest.getRequestParameters());
 		String username = parameters.get("username");
 		String password = parameters.get("password");
@@ -64,7 +54,7 @@
 		Authentication userAuth = new UsernamePasswordAuthenticationToken(username, password);
 		((AbstractAuthenticationToken) userAuth).setDetails(parameters);
 		try {
-			userAuth = authenticationManager.authenticate(userAuth);
+				userAuth = authenticationManager.authenticate(userAuth);
 		}
 		catch (AccountStatusException | BadCredentialsException ase) {
 			//covers expired, locked, disabled cases (mentioned in section 5.2, draft 31)

--
Gitblit v1.9.3