fix(captcha): change encoding format to PNG to fix empty image issue

Author: GabrielNat1

src/main/java/com/example/spring_boot_project/Security/CaptchaUtil.java

@@ -18,7 +18,7 @@ public static Captcha createCaptcha(int width, int height){
 
     public static String encodeCaptcha(Captcha c){
         try(ByteArrayOutputStream o = new ByteArrayOutputStream()){
-            ImageIO.write(c.getImage(), "jpg", o);
+            ImageIO.write(c.getImage(), "png", o);
             return Base64.getEncoder().encodeToString(o.toByteArray());
         } catch (IOException e){
             throw new RuntimeException("error encoding Captcha", e);

src/main/java/com/example/spring_boot_project/config/SecurityConfig.java

@@ -38,11 +38,12 @@ public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
             .cors(cors -> cors.configurationSource(corsConfigurationSource()))
             .csrf(AbstractHttpConfigurer::disable)
             .sessionManagement(session -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
-            .authorizeHttpRequests(auth -> auth
-                .requestMatchers("/api/auth/**").permitAll()
-                .requestMatchers("/error").permitAll()
-                .anyRequest().authenticated()
-            )
+                .authorizeHttpRequests(auth -> auth
+                        .requestMatchers("/api/auth/**").permitAll()
+                        .requestMatchers("/test-captcha/**").permitAll()  // <-- libera o captcha
+                        .requestMatchers("/error").permitAll()
+                        .anyRequest().authenticated()
+                )
             .addFilterBefore(rateLimitingFilter, UsernamePasswordAuthenticationFilter.class)
             .addFilterBefore(jwtAuthFilter, UsernamePasswordAuthenticationFilter.class);
 

src/main/java/com/example/spring_boot_project/controller/CaptchaTestController.java

@@ -0,0 +1,43 @@
+package com.example.spring_boot_project.controller;
+
+import cn.apiclub.captcha.Captcha;
+import com.example.spring_boot_project.Security.CaptchaUtil;
+import jakarta.servlet.http.HttpSession;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+import java.util.Map;
+
+@RestController
+@RequestMapping("/test-captcha")
+public class CaptchaTestController {
+
+    @GetMapping
+    public Map<String, String> getCaptcha(HttpSession session) {
+        Captcha captcha = CaptchaUtil.createCaptcha(200, 50);
+        //System.out.println("--------------" + captcha.getImage());
+        String encoded = CaptchaUtil.encodeCaptcha(captcha);
+
+        session.setAttribute("captcha", captcha.getAnswer());
+
+        return Map.of("image", "data:image/png;base64," + encoded);
+    }
+
+    @PostMapping
+    public ResponseEntity<String> validateCaptcha(@RequestBody Map<String, String> request, HttpSession session) {
+        String userInput = request.get("captcha");
+        String captchaAnswer = (String) session.getAttribute("captcha");
+
+        if (captchaAnswer == null) {
+            return ResponseEntity.badRequest().body("Captcha not found or expired.");
+        }
+
+        session.removeAttribute("captcha");
+
+        if (captchaAnswer.equalsIgnoreCase(userInput)) {
+            return ResponseEntity.ok("Captcha is correct!");
+        } else {
+            return ResponseEntity.status(400).body("Captcha is incorrect!");
+        }
+    }
+}