单点登录与验证码验证

controller:

@requestMapping("/sysLoginApi")
@restController
public class SysLoginController{

    @Autowired
    UserService userService;
    @Autowired
    DataCache dataCache;

    @GetMapping("/getVerifyCode")
    public WebApiResponse<String> getVerifyCode(HttpServletResponse response,HttpServletRequest request) {
        //获取文件输出流
        ByteArrayOutputStream output = new ByteArrayOutputStream();
        try {
            int width = 200;
            int height = 69;
            BufferedImage verifyImg = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);
            //生成对应宽高的初始图片
            String randomText = VerifyCodeUtils.drawRandomText(width, height, verifyImg);
            //单独的一个类方法，出于代码复用考虑，进行了封装。
            //功能是生成验证码字符并加上噪点，干扰线，返回值为验证码字符
            request.getSession().setAttribute("IMAGE_VERIFY_CODE", randomText);
            System.out.println(request.getSession().getAttribute("IMAGE_VERIFY_CODE"));
            //必须设置响应内容类型为图片，否则前台不识别
            response.setContentType("image/png");
            //输出图片流
            ImageIO.write(verifyImg, "png", output);
            output.flush();
            //关闭流
            output.close();
        } catch (IOException e) {
            log.error(e.getMessage());
            e.printStackTrace();
        }
        return response(outputStreamToBase64(output));
    }

    public String outputStreamToBase64(ByteArrayOutputStream output) {
        byte[] bytes = output.toByteArray();
        String png_base64 = (new BASE64Encoder()).encodeBuffer(bytes).trim();
        png_base64 = png_base64.replaceAll("\n", "").replaceAll("\r", "");
        return "data:image/png;base64," + png_base64;
    }


    private void verifyVcode(String vcode, HttpServletRequest request) {
        if (!StringUtils.isEmpty(vcode)) {
            String verifyCode = (String) request.getSession().getAttribute("IMAGE_VERIFY_CODE");
            if (verifyCode == null) {
                throw new ServiceException(403, "验证码已失效");
            }

            if (!vcode.equalsIgnoreCase(verifyCode)) {
                throw new ServiceException(403, "验证码错误");
            }
        }
    }


    private void verifyInput(String username, String password) {
        if (StringUtils.isEmpty(username)) {
            throw new ServiceException(403, "用户名不能为空");
        } else if (StringUtils.isEmpty(password)) {
            throw new ServiceException(403, "密码不能为空");
        } else if (password.length() != 32) {
            throw new ServiceException(403, "密码需加密传输");
        }
    }

    @PostMapping("/login")
    public WebApiResponse login(@FormParam("username") String username,@FormParam("password") String password,@FormParam("vcode")  String vcode, HttpServletRequest request) {
        String verifyCode = (String) request.getSession().getAttribute("IMAGE_VERIFY_CODE");
        this.verifyVcode(vcode, request);
        this.verifyInput(username, password);
        username = StringUtils.toUTF8(username).trim();
        UserDto userDto = this.userService.findByUsername(username);
        String key = "LOGIN_ERROR_TIMES_" + username + "_" + this.getClientId(securityContext);
        if (!PasswordHash.validatePassword(password, userDto.getPassword())) {
            Integer errTimes = this.dataCache.get(key) == null ? 0 : Integer.valueOf(this.dataCache.get(key));
            this.dataCache.set(key, (errTimes = errTimes + 1) + "", this.dayTimeInMillis);
            return new WebApiResponse(1003, "账号或密码不正确", errTimes);
        } else {
            String token = this.userService.login(userDto.getId(), this.getClientId(securityContext));
            this.dataCache.remove(key);
            request.getSession().removeAttribute("IMAGE_VERIFY_CODE");
            return this.response(token);
        }
    }


}

工具类:

 

public class VerifyCodeUtils {
    public static  String drawRandomText(int width, int height, BufferedImage verifyImg) {
        Graphics2D graphics = (Graphics2D)verifyImg.getGraphics();
        //设置画笔颜色-验证码背景色
        graphics.setColor(Color.WHITE);
        //填充背景
        graphics.fillRect(0, 0, width, height);
        graphics.setFont(new Font("微软雅黑", Font.BOLD, 40));
        //数字和字母的组合
        String baseNumLetter = "123456789abcdefghijklmnopqrstuvwxyzABCDEFGHJKLMNPQRSTUVWXYZ";
        StringBuffer sBuffer = new StringBuffer();
        //旋转原点的 x 坐标
        int x = 10;
        String ch = "";
        Random random = new Random();
        for(int i = 0;i < 4;i++){
            graphics.setColor(getRandomColor());
            //设置字体旋转角度
            //角度小于30度
            int degree = random.nextInt() % 30;
            int dot = random.nextInt(baseNumLetter.length());
            ch = baseNumLetter.charAt(dot) + "";
            sBuffer.append(ch);
            //正向旋转
            graphics.rotate(degree * Math.PI / 180, x, 45);
            graphics.drawString(ch, x, 45);
            //反向旋转
            graphics.rotate(-degree * Math.PI / 180, x, 45);
            x += 48;
        }
        //画干扰线
        for (int i = 0; i <6; i++) {
            // 设置随机颜色
            graphics.setColor(getRandomColor());
            // 随机画线
            graphics.drawLine(random.nextInt(width), random.nextInt(height),
                    random.nextInt(width), random.nextInt(height));
        }
        //添加噪点
        for(int i=0;i<30;i++){
            int x1 = random.nextInt(width);
            int y1 = random.nextInt(height);
            graphics.setColor(getRandomColor());
            graphics.fillRect(x1, y1, 2,2);
        }
        return sBuffer.toString();
    }
    /**
     * 随机取色
     */
    private static Color getRandomColor() {
        Random ran = new Random();
        Color color = new Color(ran.nextInt(256),
                ran.nextInt(256), ran.nextInt(256));
        return color;
    }