refactor: 临时密码登录功能

src/main/java/cn/com/tenlion/operator/login/temporary/auth/LoginTemporaryAuthFilter.java

@@ -29,12 +29,19 @@ public class LoginTemporaryAuthFilter extends AbstractAuthenticationProcessingFi
     @Override
     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
         String phone = request.getParameter("username").trim();
-        String password = loginTemporaryService.getPassword();
+        String password = request.getParameter("password").trim();
         if (StringUtils.isBlank(phone)) {
             throw new UserAuthenticationException("手机号不能为空");
         }
         if (StringUtils.isBlank(password)) {
-            throw new UserAuthenticationException("密码已过期，请重新获取");
+            throw new UserAuthenticationException("密码不能为空");
+        }
+        String temporaryPassword = loginTemporaryService.getPassword();
+        if (StringUtils.isBlank(temporaryPassword)) {
+            throw new UserAuthenticationException("临时密码已过期，请重新获取");
+        }
+        if (!StringUtils.equals(password, temporaryPassword)) {
+            throw new UserAuthenticationException("密码不正确");
         }
         LoginPhoneAuthToken loginTemporaryAuthToken = new LoginPhoneAuthToken(phone, null);
         loginTemporaryAuthToken.setDetails(authenticationDetailsSource.buildDetails(request));

src/main/java/cn/com/tenlion/operator/service/login/temporary/LoginTemporaryService.java

@@ -19,14 +19,14 @@ public class LoginTemporaryService {
     }
 
     public String getPassword() {
-        return password;
+        return this.password;
     }
 
     @Scheduled(fixedRate = 10 * 1000)
     public void autoClearPassword() {
         long now = System.currentTimeMillis();
-        if(now - lastUpdateTime > 180 * 1000) {
-            password = "";
+        if(now - lastUpdateTime > 60 * 1000) {
+            this.password = "";
         }
     }