使用springboot+security+Aliyun短信服务实现注册登录
为了实现个人博客部分的登录注册,我采用了阿里云短信服务发送验证码,后端比对验证码的方式完成注册,现在功能还不完全,以后这个功能可以用于修改密码等需要验证用户身份的地方。
-
阿里云短信服务
开通短信服务
点击进入阿里云官网 -
进入控制台 左侧选择产品与服务,搜索短信
-
选择国内签名,创建自己的签名和模板 一般审核一两个小时就好了
-
点击自己头像,选择accesskeys,注册生成自己的accesskey
acceId和accesskey不要上传到github码云等开源社区!!!
-
调用阿里云短信服务
pom文件
<!--阿里云短信服务-->
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-core</artifactId>
<version>4.0.6</version>
</dependency>
<dependency>
<groupId>com.aliyun</groupId>
<artifactId>aliyun-java-sdk-dysmsapi</artifactId>
<version>1.1.0</version>
</dependency>
发送短信Util
/**
* 阿里云短信服务
*
* @author hobo
*/
@Slf4j
public class AliyunSmsUtils {
private static final String PRODUCT = "Dysmsapi";
private static final String DOMAIN = "dysmsapi.aliyuncs.com";
private static final String ACCESS_KEY_ID = "YOUR KEY ID";
private static final String ACCESS_KEY_SECRET = "YOUR KEY SECRET";
public static boolean sendInsertUserMsg(String telephone, String code,String templateCode) throws ClientException {
//可自助调整超时时间
System.setProperty("sun.net.client.defaultConnectTimeout", "10000");
System.setProperty("sun.net.client.defaultReadTimeout", "10000");
//初始化acsClient,暂不支持region化
IClientProfile profile = DefaultProfile.getProfile("cn-hangzhou", ACCESS_KEY_ID, ACCESS_KEY_SECRET);
DefaultProfile.addEndpoint("cn-hangzhou", "cn-hangzhou", PRODUCT, DOMAIN);
IAcsClient acsClient = new DefaultAcsClient(profile);
//组装请求对象-具体描述见控制台-文档部分内容
SendSmsRequest request = new SendSmsRequest();
//必填:待发送手机号
request.setPhoneNumbers(telephone);
//必填:短信签名-可在短信控制台中找到
request.setSignName("hobo");
//必填:短信模板-可在短信控制台中找到
request.setTemplateCode(templateCode);
request.setTemplateParam("{\"code\":\"" + code + "\"}");
SendSmsResponse sendSmsResponse = acsClient.getAcsResponse(request);
if (sendSmsResponse.getCode() != null && sendSmsResponse.getCode().equals("OK")) {
log.info("短信发送成功");
return true;
} else {
log.error("短信发送失败");
}
return false;
}
/**
* 创建四位数验证码
* @return java.lang.String
*/
public static String setCode() {
int code = (int) ((Math.random() * 9999) + 100);
return code + "";
}
}
LoginController
@RestController
@RequestMapping("/anon")
@Api(tags = "登录注册")
public class LoginController {
@Autowired
private UserService userService;
@PostMapping(name = "用户注册", value = "/insert")
public Object insert(UserInsertForm userInsertForm){
return userService.insertUser(userInsertForm);
}
@PostMapping(name = "用户登录", value = "/login")
public Object login(LoginForm loginForm, HttpServletResponse response) {
return userService.login(loginForm, response);
}
@PostMapping(name = "获取验证码",value = "/getCode")
public Object getValidationCode(String phoneNumber) {
return userService.getValidationCode(phoneNumber);
}
}
service
@Override
public Object insertUser(UserInsertForm userInsertForm) {
String code = redisService.get(PhoneCodeKey.phoneCodeKey, userInsertForm.getPhoneNumber(), String.class);
if (!code.equals(userInsertForm.getCode())) {
throw new GlobalException(ResultEnum.PHONE_CODE_ERROR);
}
String password = userInsertForm.getPassword();
password = new BCryptPasswordEncoder().encode(password);
userInsertForm.setPassword(password);
User user = new User();
BeanUtils.copyProperties(userInsertForm, user);
user.setRole(1);
if (insert(user)) {
return ResultVOUtil.success();
}
return ResultVOUtil.error(ResultEnum.SERVER_ERROR);
}
@Override
public Object getValidationCode(String phoneNumber) {
String code = AliyunSmsUtils.setCode();
try {
AliyunSmsUtils.sendInsertUserMsg(phoneNumber, code, TemplateCodeEnum.INSERTUSER.getValue());
redisService.set(PhoneCodeKey.phoneCodeKey, phoneNumber, code);
return ResultVOUtil.success(code);
} catch (ClientException e) {
log.info("失败原因: {}", e.getMessage());
return ResultVOUtil.error(ResultEnum.PHONE_CODE_SEND_ERROR);
}
}
form
@Data
public class LoginForm {
@NotNull(message = "手机号不能为空")
@ApiModelProperty("手机号码")
private String phoneNum;
@NotNull(message = "密码不能为空")
@ApiModelProperty("密码")
private String password;
}
@Data
public class UserInsertForm {
@NotNull(message = "注册手机号码不能为空")
@ApiModelProperty("注册手机号码")
private String phoneNumber;
@NotNull(message = "注册密码不能为空")
@ApiModelProperty("注册密码")
private String password;
@NotNull(message = "注册用户名不能为空")
@ApiModelProperty("注册用户名")
private String username;
@NotNull(message = "注册验证码不能为空")
@ApiModelProperty("注册验证码")
private String code;
}
使用swagger-ui测试
- 发送验证码