代码提交

pqs-auth/src/main/java/com/njcn/auth/security/granter/SmsTokenGranter.java

@@ -2,8 +2,10 @@ package com.njcn.auth.security.granter;
 
 import cn.hutool.core.util.StrUtil;
 import com.njcn.auth.security.token.SmsCodeAuthenticationToken;
+import com.njcn.common.pojo.constant.PatternRegex;
 import com.njcn.common.pojo.constant.SecurityConstants;
 import com.njcn.common.pojo.exception.BusinessException;
+import com.njcn.common.utils.PubUtils;
 import com.njcn.redis.pojo.enums.RedisKeyEnum;
 import com.njcn.redis.utils.RedisUtil;
 import com.njcn.user.enums.UserResponseEnum;
@@ -45,7 +47,7 @@ public class SmsTokenGranter extends AbstractTokenGranter {
         Map<String, String> parameters = new LinkedHashMap<>(tokenRequest.getRequestParameters());
         String phone = parameters.get(SecurityConstants.PHONE);
         String smsCode = parameters.get(SecurityConstants.SMS_CODE);
-        if (StrUtil.isBlank(phone)) {
+        if (StrUtil.isBlank(phone) || !PubUtils.match(PatternRegex.PHONE_REGEX, phone)) {
             throw new BusinessException(UserResponseEnum.REGISTER_PHONE_WRONG);
         }
         if (!judgeSmsCode(phone, smsCode)) {