springboot 项目整合easy-captcha验证码功能

效果

1、验证码使用easy-captcha,在pom文件增加依赖

	<!-- google 验证码 -->
		<dependency>
			<groupId>com.github.whvcse</groupId>
			<artifactId>easy-captcha</artifactId>
		</dependency>

2、增加获取kaptcha的ctrl

package com.*.*.system.controller;
 
 
import com.wf.captcha.SpecCaptcha;
import com.wf.captcha.base.Captcha;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
 
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
 
 
/**
 * @Description
 * @auther zxf
 * @date 29/3/2024 上午 8:49
 */
@RestController
@RequestMapping("kaptcha")
public class KaptchaController {
    @GetMapping("/getKaptcha")
    public void defaultKaptcha(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception{
        httpServletResponse.setHeader("Cache-Control","no-store");
        httpServletResponse.setHeader("Pragma","no-cache");
        httpServletResponse.setDateHeader("Expires",0);
        httpServletResponse.setContentType("image/gif");
 
        //生成验证码对象,三个参数分别是宽、高、位数
        SpecCaptcha captcha = new SpecCaptcha(100, 38, 4);
        //设置验证码的字符类型为数字和字母混合
        captcha.setCharType(Captcha.TYPE_ONLY_NUMBER);
        // 设置内置字体
        captcha.setCharType(Captcha.FONT_1);
        //验证码存入session
        httpServletRequest.getSession().setAttribute("kaptcha",captcha.text().toLowerCase());
 
        //输出图片流
        captcha.out(httpServletResponse.getOutputStream());
    }
 
    public String verify(@RequestParam("code") String code, HttpSession session){
        if (!StringUtils.hasLength(code)){
            return "验证码不能为空";
        }
        String kaptchaCode = session.getAttribute("kaptcha")+"";
        if (!StringUtils.hasLength(kaptchaCode)||!code.toLowerCase().equals(kaptchaCode)){
            return "验证码错误";
        }
        return "验证成功";
    }
}

3、前台

<a-form-item>
	<a-input
	size="large"
	style="width: 80%"
	placeholder="请输入验证码"
	v-decorator="['kaptcha',{rules: [{ required: true, message: '请输入验证码' }], validateTrigger: 'blur'}]" type="text">
	<a-icon slot="prefix" type="lock" :style="{ color: 'rgba(0,0,0,.25)' }"/>
	</a-input>
	<img alt="验证码" style="float: right" width="65px" height="40px" :src="kaptcha" @click="changekaptcha"/>
</a-form-item>
 
data里配置：
kaptcha: window.location.origin+"/kaptcha/getKaptcha",
 
更改验证码方法
changekaptcha(){
			this.kaptcha =this.kaptcha+'?d='+new Date().getTime();
		}
 

3.增加filter

package com.*.*.*.*.config;
 
import com.alibaba.fastjson.JSONObject;
import com.gc.common.base.message.Result;
import lombok.extern.slf4j.Slf4j;
import org.springframework.context.annotation.Configuration;
 
import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
 
/**
 * @Description
 * @auther zxf
 * @date 1/4/2024 下午 3:05
 */
@Slf4j
@Configuration
public class CaptchaFilter implements Filter {
    private static final String CODE_ANT_URL = "auth/login";
    private static final String CAPTCHA_SESSION_KEY = "kaptcha";
    private static final String CAPTCHA_PARAM_NAME = "kaptcha";
    //请求路径匹配
    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        System.out.println("init()......");
    }
 
    @Override
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request =  (HttpServletRequest)servletRequest;
        HttpServletResponse response = (HttpServletResponse)servletResponse;
 
        String url = request.getRequestURL().toString();
        //判断请求路径是否是登录路径
        if(!url.contains(CODE_ANT_URL)){
            filterChain.doFilter(request, response);
            return;
        }
        HttpSession session = request.getSession(false);
        if (session != null) {
                //拿到session中存放的 captcha 属性
                String captcha = (String) session.getAttribute(CAPTCHA_SESSION_KEY);
                if (captcha == null) {
                    returnResult(response, "验证码已过期，请重新获取。");
                    return;
            }
                //获取输入的验证码信息
                String inputCaptcha = request.getParameter(CAPTCHA_PARAM_NAME);
                if (inputCaptcha == null || !captcha.equals(inputCaptcha.trim())) {
                    returnResult(response, "验证码错误，请重新输入。");
                    return;
                }
            } else {
            returnResult(response, "无法验证验证码，因为HTTP会话不存在");
            return;
            }
        //判断令牌是否存在，如果不存在则返回错误结果
 
        filterChain.doFilter(request,response);
    }
 
    private void returnResult(HttpServletResponse response, String s) throws IOException {
        Result responseResult = Result.failure(s);
        //把Result对象转换为JSON格式字符串
        String json = JSONObject.toJSONString(responseResult);
        response.setContentType("application/json;charset=utf-8");
        //将json字符串返回给页面
        response.getWriter().write(json);
    }
 
    @Override
    public void destroy() {
        System.out.println("destroy()......");
    }
}

spring security config中设置优先访问filter

  @Override
    protected void configure(HttpSecurity http) throws Exception {
        //增加filter
        http.addFilterBefore(new CaptchaFilter(), UsernamePasswordAuthenticationFilter.class);
        super.configure(http);