String currentCaptcha = (String) session.getAttribute(getSessionCaptchaKeyAttribute());
//获取用户输入的验证码
String submitCaptcha = getCaptcha(request);
//如果验证码不匹配,登录失败
if (StringUtils.isEmpty(submitCaptcha) || !StringUtils.equals(currentCaptcha,submitCaptcha.toLowerCase())) {
return onLoginFailure(this.createToken(request, response), new AccountException("验证码不正确"), request, response);
}
}
return super.executeLogin(request, response);