基本思路:生成密钥和过期时间附在链接发出去,用户点击后通过UID查询判断这个密钥和过期时间是否合法基本就可以了。
做法:
用库,如 https://nodemailer.com/
用第三方服务,如 https://sendgrid.com/
把库和服务结合起来,例子如https://sendgrid.com/blog/sending-email-nodemailer-sendgrid/
不要用SMTP,对非大量邮件不需要引入队列,直接发就行了
不要把服务认证key或者登入用户名与密码存在文件里,不要hard code,不要commit进git,用部署系统产生配置文件
import java.text.ParseException;
import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.ModelAndView;
import com.app.service.impl.RegisterValidateService;
import com.app.tools.ServiceException;
@Controller
public class RegisterController {
@Resource
private RegisterValidateService service;
@RequestMapping(value="/user/register",method={RequestMethod.GET,RequestMethod.POST})
public ModelAndView load(HttpServletRequest request,HttpServletResponse response) throws ParseException{
String action = request.getParameter("action");
System.out.println("-----r----"+action);
ModelAndView mav=new ModelAndView();
if("register".equals(action)) {
//注册
String email = request.getParameter("email");
service.processregister(email);//发邮箱激活
mav.addObject("text","注册成功");
mav.setViewName("register/register_success");
}
else if("activate".equals(action)) {
//激活
String email = request.getParameter("email");//获取email
String validateCode = request.getParameter("validateCode");//激活码
try {
service.processActivate(email , validateCode);//调用激活方法
mav.setViewName("register/activate_success");
} catch (ServiceException e) {
request.setAttribute("message" , e.getMessage());
mav.setViewName("register/activate_failure");
}
}
return mav;
}
}