java代码实现简单的认证——图片验证码形式

前言:认证在互联网中会经常见到,其主要作用是安全问题中防止恶意破解、刷票等。在系统开发中认证的实现也有很多种,什么手机短信认证,邮箱认证等。在这里我使用最基本的验证码的形式进行认证,下面例出过程。

验证码工具类(用来生成验证码)

创建一个简单的验证码生成器,通过流的方式将随机字体、随机背景色、干扰线、随机字符串,夹杂在一起形成验证码图片

import javax.imageio.ImageIO;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;

/**
 * 自定义验证码类
 */
public class VerifyCode {
    private int width = 100;    //生成验证码图片的宽度
    private int height = 40;    //生成验证码图片的高度
    private String[] fontNames = {"宋体","楷体","隶书","微软雅黑"};
    private Color bgColor = new Color(255,255,255); //定义验证码图片的背景色
    private Random random = new Random();
    private String codes = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
    private String text;    //记录随机字符串

    /**
     * 获取随机一个颜色
     * @return
     */
    private Color randomColor(){
        int red = random.nextInt(150);
        int green = random.nextInt(150);
        int blue = random.nextInt(150);
        return new Color(red,green,blue);
    }

    /**
     * 获取随机一个字体
     * @return
     */
    private Font randomFont(){
        String name = fontNames[random.nextInt(fontNames.length)];
        int style = random.nextInt(4);
        int size =random.nextInt(5)+24;
        return new Font(name,style,size);
    }

    /**
     * 获取随机一个字符
     * @return
     */
    private char randomChar(){
        return codes.charAt(random.nextInt(codes.length()));
    }

    /**
     * 创建一个空白的BufferedImage对象
     * @return
     */
    private BufferedImage createImage(){
        BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
        Graphics2D g2 = (Graphics2D)image.getGraphics();
        g2.setColor(bgColor);
        g2.fillRect(0,0,width,height);
        return image;
    }

    /**
     * 绘制干扰线
     */
    private void drawLine(BufferedImage image){
        Graphics2D g2 = (Graphics2D) image.getGraphics();
        int num = 5;
        for (int i = 0 ;i < num ; i++){
            int x1 = random.nextInt(width);
            int y1 = random.nextInt(height);
            int x2 = random.nextInt(width);
            int y2 = random.nextInt(height);
            g2.setColor(randomColor());
            g2.setStroke(new BasicStroke(1.5f));
            g2.drawLine(x1, y1, x2, y2);
        }
    }

    /**
     * 绘制验证码
     * @return
     */
    public BufferedImage getImage(){
        BufferedImage image = createImage();
        Graphics2D g2 = (Graphics2D) image.getGraphics();
        StringBuffer sb = new StringBuffer();
        for (int i = 0 ; i < 4 ; i++){
            String s = randomChar() + "";
            sb.append(s);
            g2.setColor(randomColor());
            g2.setFont(randomFont());
            float x =  i * width * 1.0f / 4;
            g2.drawString(s,x,height - 15);
        }
        this.text = sb.toString();
        drawLine(image);
        return image;
    }

    public String getText(){
        return text;
    }

    /**
     * 用流传输方法
     * @return
     */
    public static void output(BufferedImage image, OutputStream out) throws IOException {
        ImageIO.write(image,"JPEG",out);
    }
}

controller层调用

创建VerifyCode验证码生成器实例,将text(随机字符串)存入session中,将图片用流的方式传入前段

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.image.BufferedImage;
import java.io.IOException;

@RestController
public class VerifyCodeController {
    @GetMapping("/vercode")
    public void code(HttpServletRequest req, HttpServletResponse resp) throws IOException {
        //创建验证码生成器实例取得生成图片和随机字符串
        VerifyCode vc = new VerifyCode();
        BufferedImage image = vc.getImage();
        String text = vc.getText();
        //随机字符串存入session中
        HttpSession session = req.getSession();
        session.setAttribute("index_code",text);
        //用流传输
        VerifyCode.output(image,resp.getOutputStream());
    }
}

前段

前段我这里使用的是vue框架(使用什么框架不是问题,姑且提一下),img图片中src路劲调用

<img src="/vercode" alt="">

启动服务器,测试,获取成功
1661877-20190422212429306-5943650.png

前段-输入

我这里做登录认证,表单加入验证码输入

<tr>
    <td>
        <el-tag>验证码</el-tag>
    </td>
    <td>
        <el-input size="mini" v-model="user.code" pleceholder="请输入验证码"></el-input>
    </td>
    <td>
        <img src="/vercode" alt="">
    </td>
</tr>

1661877-20190422212436205-1324091852.png

使用spring security做后台的验证

这里只提取验证码相关的:

过滤器

自定义过滤器,继承GenericFilterBean,重写doFilter方法

@Component
public class VerifyCodeFilter extends GenericFilterBean {
    //绑定登录路径
    private String defaultFilterProcessUrl = "/doLogin";

    @Override
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;
        if ("POST".equalsIgnoreCase(request. getMethod()) && defaultFilterProcessUrl.equals(request.getServletPath())){
            String requestCaptcha = request.getParameter("code");
            String genCaptcha = (String) request.getSession().getAttribute("index_code");
            if(StringUtils.isEmpty(requestCaptcha)){
                throw new AuthenticationServiceException("验证码不能为空!");
            }
            if (!genCaptcha.toLowerCase().equals(requestCaptcha.toLowerCase())){
                throw new AuthenticationServiceException("验证码错误!");
            }
        }
        chain.doFilter(request,response);
    }
}

安全配置器

继承WebSecurityConfigurerAdapter类,重写认证方法

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowired
    VerifyCodeFilter verifyCodeFilter;

    @Override
    public void configure(WebSecurity web) throws Exception {
        //防止验证图片被拦截
        web.ignoring().antMatchers("/vercode");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //对前段获取到的验证数据进行验证
        http.addFilterBefore(verifyCodeFilter,UsernamePasswordAuthenticationFilter.class);
        http.authorizeRequests()
            //省略账号密码认证
            ...
            ...
            ...
            .permitAll()
            .and()
            .csrf().disable()
    }
}

登录测试
1661877-20190422212518181-1982263269.png

这次就到这里,有什么问题或建议可以在下面评论。

积累点点滴滴,一步一脚印,加油

转载于:https://www.cnblogs.com/HYMY-L/p/10753154.html

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值