update

mec-student/src/main/java/com/ym/mec/student/config/ResourceServerConfig.java

@@ -25,7 +25,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
 		http.csrf().disable().exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()
-				.authorizeRequests().antMatchers("/v2/api-docs","/studentOrder/notify","/musicGroup/test","/code/*").permitAll().anyRequest().authenticated().and().httpBasic();
+				.authorizeRequests().antMatchers("/v2/api-docs","/studentOrder/notify","/code/*").permitAll().anyRequest().authenticated().and().httpBasic();
 	}
 
 	@Override

mec-teacher/pom.xml

@@ -40,6 +40,11 @@
 			<groupId>com.alibaba</groupId>
 			<artifactId>druid-spring-boot-starter</artifactId>
 		</dependency>
+		<dependency>
+			<groupId>com.github.penggle</groupId>
+			<artifactId>kaptcha</artifactId>
+			<version>2.3.2</version>
+		</dependency>
 
 		<dependency>
 			<groupId>mysql</groupId>

mec-teacher/src/main/java/com/ym/mec/teacher/config/ImageVerifyCodeConfig.java

@@ -0,0 +1,28 @@
+package com.ym.mec.teacher.config;
+
+import com.google.code.kaptcha.impl.DefaultKaptcha;
+import com.google.code.kaptcha.util.Config;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.Properties;
+
+@Configuration
+public class ImageVerifyCodeConfig {
+    @Bean(name="captchaProducer")
+    public DefaultKaptcha getKaptchaBean(){
+        DefaultKaptcha defaultKaptcha=new DefaultKaptcha();
+        Properties properties=new Properties();
+        properties.setProperty("kaptcha.border", "yes");
+        properties.setProperty("kaptcha.border.color", "105,179,90");
+        properties.setProperty("kaptcha.textproducer.font.color", "blue");
+        properties.setProperty("kaptcha.image.width", "125");
+        properties.setProperty("kaptcha.image.height", "45");
+        properties.setProperty("kaptcha.session.key", "code");
+        properties.setProperty("kaptcha.textproducer.char.length", "4");
+        properties.setProperty("kaptcha.textproducer.font.names", "宋体,楷体,微软雅黑");
+        Config config=new Config(properties);
+        defaultKaptcha.setConfig(config);
+        return defaultKaptcha;
+    }
+}

mec-teacher/src/main/java/com/ym/mec/teacher/config/ResourceServerConfig.java

@@ -25,7 +25,7 @@ public class ResourceServerConfig extends ResourceServerConfigurerAdapter {
 	@Override
 	public void configure(HttpSecurity http) throws Exception {
 		http.csrf().disable().exceptionHandling().accessDeniedHandler(baseAccessDeniedHandler).authenticationEntryPoint(baseAuthenticationEntryPoint).and()
-				.authorizeRequests().antMatchers("/v2/api-docs").permitAll().anyRequest().authenticated().and().httpBasic();
+				.authorizeRequests().antMatchers("/v2/api-docs","/code/*").permitAll().anyRequest().authenticated().and().httpBasic();
 	}
 
 	@Override

mec-teacher/src/main/java/com/ym/mec/teacher/controller/SmsCodeController.java

@@ -0,0 +1,112 @@
+package com.ym.mec.teacher.controller;
+
+import com.google.code.kaptcha.Constants;
+import com.google.code.kaptcha.Producer;
+import com.google.code.kaptcha.servlet.KaptchaServlet;
+import com.ym.mec.biz.service.SmsCodeService;
+import com.ym.mec.common.controller.BaseController;
+import com.ym.mec.common.security.SecurityConstants;
+import io.swagger.annotations.Api;
+import io.swagger.annotations.ApiImplicitParam;
+import io.swagger.annotations.ApiImplicitParams;
+import io.swagger.annotations.ApiOperation;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.redis.core.RedisTemplate;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+import javax.imageio.ImageIO;
+import javax.servlet.ServletOutputStream;
+import javax.servlet.http.HttpServletResponse;
+import java.awt.image.BufferedImage;
+import java.util.concurrent.TimeUnit;
+
+@RestController
+@RequestMapping("code")
+@Api(tags = "验证码服务")
+public class SmsCodeController extends BaseController {
+
+    @Autowired
+    private SmsCodeService smsCodeService;
+    @Autowired
+    private Producer captchaProducer;
+    @Autowired
+    private RedisTemplate<String,String> redisTemplate;
+
+    @ApiOperation(value = "发送登录短信验证码")
+    @ApiImplicitParam(name = "mobile", value = "手机号", required = true, dataType = "String")
+    @PostMapping(value = "/sendSms")
+    public Object sendLoginVerifyCode(String mobile) throws Exception {
+        smsCodeService.sendValidCode(mobile);
+        return succeed();
+    }
+
+    @ApiOperation(value = "校验短信验证码")
+    @ApiImplicitParams({ @ApiImplicitParam(name = "phone", value = "手机号", required = true, dataType = "String"),
+            @ApiImplicitParam(name = "code", value = "短信验证码", required = true, dataType = "String") })
+    @PostMapping(value = "/verifySmsCode")
+    public Object verifySmsCode(String phone,String code) {
+        if(StringUtils.isEmpty(phone) || StringUtils.isEmpty(code)){
+            return failed(SecurityConstants.PARAM_VERIFY_EXCEPTION);
+        }
+        if(smsCodeService.verifyValidCode(phone,code)){
+            return succeed();
+        }
+        return failed();
+    }
+
+    @PostMapping(value = "/verifyLoginImage")
+    @ApiOperation("校验登录图形验证码")
+    @ApiImplicitParams({ @ApiImplicitParam(name = "phone", value = "手机号", required = true, dataType = "String"),
+            @ApiImplicitParam(name = "code", value = "验证码", required = true, dataType = "String") })
+    public Object verifyImageCode(String phone,String code){
+        if(StringUtils.isEmpty(phone) || StringUtils.isEmpty(code)){
+            return failed(SecurityConstants.PARAM_VERIFY_EXCEPTION);
+        }
+        String redisKey = Constants.KAPTCHA_SESSION_KEY + phone;
+        if(redisTemplate.hasKey(redisKey)){
+            if(StringUtils.equals(redisTemplate.opsForValue().get(redisKey),code)){
+                return succeed();
+            }
+        }
+        return failed(SecurityConstants.VERIFY_FAILURE);
+    }
+
+    @GetMapping(value = "/getLoginImage")
+    @ApiOperation("获取登录图片验证码")
+    @ApiImplicitParam(name = "phone", value = "手机号", required = true, dataType = "String")
+    public void getKaptchaImage(HttpServletResponse response,String phone) throws Exception {
+        if(StringUtils.isEmpty(phone)){
+            return;
+        }
+        response.setDateHeader("Expires", 0);
+
+        // Set standard HTTP/1.1 no-cache headers.
+        response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
+        // Set IE extended HTTP/1.1 no-cache headers (use addHeader).
+        response.addHeader("Cache-Control", "post-check=0, pre-check=0");
+        // Set standard HTTP/1.0 no-cache header.
+        response.setHeader("Pragma", "no-cache");
+        // return a jpeg
+        response.setContentType("image/jpeg");
+        // create the text for the image
+        String capText = captchaProducer.createText();
+
+        redisTemplate.opsForValue().set(Constants.KAPTCHA_SESSION_KEY + phone,capText,3, TimeUnit.MINUTES);
+        // create the image with the text
+        BufferedImage bi = captchaProducer.createImage(capText);
+        KaptchaServlet kaptchaServlet = new KaptchaServlet();
+        kaptchaServlet.init();
+        ServletOutputStream out = response.getOutputStream();
+        // write the data out
+        ImageIO.write(bi, "jpg", out);
+        try {
+            out.flush();
+        } finally {
+            out.close();
+        }
+    }
+}