再web开发中,登录页通常需要进行辅助验证,通常的验证方法有短信验证、验证码验证、拼图验证等。本文记录了验证码验证的验证码生成过程。
验证码生成的方式有多种,比较呆板的方式就是在前端生成,不过这种方式实在太麻烦,后来接触到了kaptcha,感觉是真的很简单。
kaptcha生成验证码在后端运行,下面直接上代码:
项目结构:
pom文件引入必要依赖(lombok为非必要依赖,只是习惯使用了):
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>com.hongke.security</groupId>
<artifactId>securityApplication</artifactId>
<version>1.0</version>
<description>this is spring security demo</description>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<project.report.outputEncoding>UTF-8</project.report.outputEncoding>
<java.version>1.8</java.version>
<kaptcha.version>0.0.9</kaptcha.version>
</properties>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.1.12.RELEASE</version>
</parent>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>com.github.axet</groupId>
<artifactId>kaptcha</artifactId>
<version>${kaptcha.version}</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
</dependencies>
</project>
kaptcha配置类:
package com.hongke.security.config;
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.code.kaptcha.util.Config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.Properties;
/**
* @author chengjunyu
* @classname KaptchaConfig
* @description 验证码配置
* @date 2020/7/21 15:16
*/
@Configuration
public class KaptchaConfig {
/**
* @description 获取一个验证码
* @author chengjunyu
* @date 2020/7/21 15:50
* @param
* @return com.google.code.kaptcha.impl.DefaultKaptcha
**/
@Bean
public DefaultKaptcha getDefalutKaptcha() {
Properties properties = new Properties();
//不带边框
properties.put("kaptcha.border", "no");
//字符颜色
properties.put("kaptcha.textproducer.font.color", "black");
//字符间距
properties.put("kaptcha.textproducer.char.space", "5");
Config config = new Config(properties);
DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
defaultKaptcha.setConfig(config);
return defaultKaptcha;
}
}
LoginController控制器:
package com.hongke.security.controller;
import com.google.code.kaptcha.Producer;
import lombok.extern.slf4j.Slf4j;
import org.apache.tomcat.util.http.fileupload.IOUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
import javax.annotation.Resource;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.image.BufferedImage;
import java.io.OutputStream;
/**
* @author chengjunyu
* @classname LoginController
* @description 登录相关controller层
* @date 2020/7/21 15:52
*/
@RestController
@Slf4j
@RequestMapping("/login")
public class LoginController {
@Resource
private Producer producer;
@GetMapping("/getCode")
public void getKaptcha(HttpServletRequest request, HttpServletResponse response) throws Exception {
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setContentType("image/jpeg");
//这里的text即为kaptcha生成的验证码中的文字,生成后放入session中,客户端请求登录时再取出进行比对
String text = producer.createText();
log.info("生成验证码:{}", text);
request.getSession().setAttribute("code", text);
BufferedImage image = producer.createImage(text);
OutputStream os = response.getOutputStream();
ImageIO.write(image, "jpg", os);
IOUtils.closeQuietly(os);
}
@GetMapping("/in")
public String login(String code, HttpServletRequest request) {
String text = request.getSession().getAttribute("code").toString();
if(code == null || code == "") {
return "验证码不能为空";
}
if(text.toLowerCase().equals(code.toLowerCase())) {
return "验证码校验通过";
}
return "验证码校验不通过";
}
}
application.yml:
server:
port: 8001
启动类:
package com.hongke.security;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* @author chengjunyu
* @classname SecurityApplication
* @description 启动类
* @date 2020/7/21 15:14
*/
@SpringBootApplication
public class SecurityApplication {
public static void main(String[] args) {
SpringApplication.run(SecurityApplication.class);
}
}
Postman测试结果:
验证码正确时:
验证码为空时:
验证码错误时: