packagecom.test.cms.kaptcha;importcom.google.code.kaptcha.Producer;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.web.bind.annotation.GetMapping;importorg.springframework.web.bind.annotation.RestController;importsun.misc.BASE64Encoder;importjavax.imageio.ImageIO;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.awt.image.BufferedImage;importjava.io.ByteArrayOutputStream;importjava.util.HashMap;importjava.util.Map;
@RestControllerpublic classKaptchaController {/*** 加载图形验证码*/@GetMapping("/kaptcha")public String getKaptchaImage(HttpServletRequest request, HttpServletResponse response) throwsException {
response.setDateHeader("Expires", 0);//设置浏览器渲染不做本地缓存
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");//Set IE extended HTTP/1.1 no-cache headers (use addHeader).
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Content-Security-Policy", "none");//设置浏览器渲染不读取浏览器缓存
response.setHeader("Pragma", "no-cache");
String originHeader= request.getHeader("Origin");//这个限定来自自身服务端域名
/*if (originHeader != null && (originHeader.contains(request.getServerName()))) {
response.setHeader("Access-Control-Allow-Origin", originHeader);
} else {
response.setHeader("Access-Control-Allow-Origin", request.getServerName());
}*/
//设置浏览器渲染图片类型
response.setContentType("image/jpeg");//生成验证码内容
String capText =captchaProducer.createText();
String sessionId=request.getSession().getId();
System.out.println(sessionId+ "," +capText);/***这里将sessionId作为key存入redis中,用于后面的验证码验证,可以设置失效时间
* springboot整合redis可以参考https://www.cnblogs.com/pxblog/p/12980634.html
*/
//redisService.set(Constants.KAPTCHA_SESSION_KEY+sessionId, capText);//生成图片
BufferedImage bi =captchaProducer.createImage(capText);
ByteArrayOutputStream outputStream= newByteArrayOutputStream();
ImageIO.write(bi,"jpg", outputStream);
Map map = new HashMap(2);//转为base64
String img=imageToBase64ByByte(outputStream.toByteArray());
map.put("img", img);//sessionId 主要用于验证验证码使用
map.put("sessionId", sessionId);try{
outputStream.flush();
}finally{
outputStream.close();
}//这里将map返回到前台,此处简单demo
return img+","+sessionId;
}public static String imageToBase64ByByte(byte[] data) {
BASE64Encoder encoder= newBASE64Encoder();returnencoder.encode(data);
}/*** 验证验证码是否正确
*@paramcode 前台填写的验证码
*@paramsessionId 生成验证码时返回的sessionId
*@return
*/@GetMapping("/valid")publicBoolean valid(String code,String sessionId) {
String verifyCode="这里从redis中取出原本的验证码进行判断:redisService.get(Constants.KAPTCHA_SESSION_KEY+sessionId)";
System.out.println(verifyCode);returnverifyCode.equalsIgnoreCase(code);
}
@AutowiredprivateProducer captchaProducer;
}