<img alt="如果看不清楚,请单击图片刷新!" class="pointer" :src="src" @click="refreshCode">
<a href="javascript:;" @click="refreshCode">点击刷新</a>
var vm = new Vue({
el:'#rrapp',
data:{
username: '',
password: '',
captcha: '',
error: false,
errorMsg: '',
src: 'captcha.jpg'
},
beforeCreate: function(){
if(self != top){
top.location.href = self.location.href;
}
},
methods: {
refreshCode: function(){
this.src = "captcha.jpg?t=" + $.now();
},
login: function (event) {
var data = "username="+vm.username+"&password="+vm.password+"&captcha="+vm.captcha;
$.ajax({
type: "POST",
url: "sys/login",
data: data,
dataType: "json",
success: function(result){
if(result.code == 0){//登录成功
parent.location.href ='index.html';
}else{
vm.error = true;
vm.errorMsg = result.msg;
vm.refreshCode();
}
}
});
}
}
});
上面事件是vue.js的写法,你可以替换成自己的框架或单纯用javascript来实现。
@RequestMapping("captcha.jpg")
public void captcha(HttpServletResponse response)throws ServletException, IOException {
response.setHeader("Cache-Control", "no-store, no-cache");
response.setContentType("image/jpeg");
//生成文字验证码
String text = producer.createText();
//生成图片验证码
BufferedImage image = producer.createImage(text);
//保存到shiro session
ShiroUtils.setSessionAttribute(Constants.KAPTCHA_SESSION_KEY, text);
ServletOutputStream out = response.getOutputStream();
ImageIO.write(image, "jpg", out);
}
/**
* 登录
*/
@ResponseBody
@RequestMapping(value = "/sys/login", method = RequestMethod.POST)
public R login(String username, String password, String captcha)throws IOException {
String kaptcha = ShiroUtils.getKaptcha(Constants.KAPTCHA_SESSION_KEY);
if(!captcha.equalsIgnoreCase(kaptcha)){
return R.error("验证码不正确");
}
try{
Subject subject = ShiroUtils.getSubject();
//sha256加密
password = new Sha256Hash(password).toHex();
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
subject.login(token);
}catch (UnknownAccountException e) {
return R.error(e.getMessage());
}catch (IncorrectCredentialsException e) {
return R.error(e.getMessage());
}catch (LockedAccountException e) {
return R.error(e.getMessage());
}catch (AuthenticationException e) {
return R.error("账户验证失败");
}
return R.ok();
}