在RequestMapping SpringBoot中添加方法

时间:2017-09-14 16:27:41

标签: java spring authentication spring-boot

我在Java Web Project中添加了双因素身份验证。在登录页面中,用户必须输入用户名,密码和安全代码(安全代码将在登录页面中开始生成)。如果这三个匹配,则可以访问主页面。

  @RequestMapping(value = "")
    public String login() throws InterruptedException, GeneralSecurityException {
        getSecureCode();
        return "login";   // return to login.jsp
    }

 public void getSecureCode() throws InterruptedException, GeneralSecurityException {

    String base32Secret = TimeBasedOneTimePasswordUtil.generateBase32Secret(16);
    String keyId = "abc123";
    logger.info("Image url = " + TimeBasedOneTimePasswordUtil.qrImageUrl(keyId, base32Secret));
    code = TimeBasedOneTimePasswordUtil.generateCurrentNumberString(base32Secret);
    while (true) {

        long diff = TimeBasedOneTimePasswordUtil.DEFAULT_TIME_STEP_SECONDS
                - ((System.currentTimeMillis() / 1000) % TimeBasedOneTimePasswordUtil.DEFAULT_TIME_STEP_SECONDS);
        code = TimeBasedOneTimePasswordUtil.generateCurrentNumberString(base32Secret);
        logger.info("Secret code = " + code + ", change in " + diff + " seconds");
        Thread.sleep(1000);
    }
}

 // after button in login.jsp clicked
 @RequestMapping(value = "check", method = RequestMethod.POST)

我添加了getSecureCode方法,因此用户可以在登录页面中获取安全代码。不幸的是,网页没有加载。如果我删除它只有它。

P / S:对于双因素身份验证,我参考https://github.com/j256/two-factor-auth

1 个答案:

答案 0 :(得分:0)

while循环永远不会退出,因此应该处理请求并返回响应的线程将无限期地卡住。