devbox
运维做开发
这个屌丝很懒,什么也没留下!
关注作者
热门标签
热门文章
当前位置:   article > 正文

SpringBoot实现生成验证码功能_springboot验证码生成

作者:运维做开发 | 2024-08-01 15:46:41

springboot验证码生成

利用kaptcha生成验证码,并转化为base64回传给前台

pom.xml

  1. <dependency>
  2.     <groupId>com.github.penggle</groupId>
  3.      <artifactId>kaptcha</artifactId>
  4.      <version>2.3.2</version>
  5. </dependency>
KaptchaConfig配置文件
  1. @Configuration
  2. public class KaptchaConfig {
  3.     @Bean
  4.     public Producer kaptcha() {
  5.         Properties properties = new Properties();
  6.         properties.setProperty("kaptcha.image.width", "150");
  7.         properties.setProperty("kaptcha.image.height", "50");
  8.         properties.setProperty("kaptcha.textproducer.char.string", "0123456789");
  9.         properties.setProperty("kaptcha.textproducer.char.length", "4");
  10.         Config config = new Config(properties);
  11.         DefaultKaptcha defaultKaptcha = new DefaultKaptcha();
  12.         defaultKaptcha.setConfig(config);
  13.         return defaultKaptcha;
  14.     }
  15. }

controller前端获取base64接口,可将图片从存储在session转为存在redis,可实现设置过期时间

  1.     @GetMapping("/vc.jpg")
  2.     public String getVerifyCode(HttpSession session) throws IOException {
  3.         //1.生成验证码
  4.         String text = producer.createText();
  5.         //2.放入 session redis 实现
  6.         session.setAttribute("kaptcha", text);
  7.         //3.生成图片
  8.         BufferedImage bi = producer.createImage(text);
  9.         FastByteArrayOutputStream fos = new FastByteArrayOutputStream();
  10.         ImageIO.write(bi, "jpg", fos);
  11.         //4.返回 base64
  12.         return Base64.encodeBase64String(fos.toByteArray());
  13.     }

以下为整合springsecurity后,loginfilter过滤器

  1. public class LoginKaptchaFilter extends UsernamePasswordAuthenticationFilter {
  2.     private static final String SPRING_SECURITY_FORM_KAPTCHA_KEY = "kaptcha";
  3.  
  4.     private String kaptchaParamter = SPRING_SECURITY_FORM_KAPTCHA_KEY;
  5.  
  6.     public String getKaptchaParamter() {
  7.         return kaptchaParamter;
  8.     }
  9.  
  10.     public void setKaptchaParamter(String kaptchaParamter) {
  11.         this.kaptchaParamter = kaptchaParamter;
  12.     }
  13.  
  14.  
  15.     @Override
  16.     public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
  17.  
  18.         if (!request.getMethod().equals("POST")) {
  19.             throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
  20.         }
  21.         try {
  22.             Map<String,String> map = new ObjectMapper().readValue(request.getInputStream(), Map.class);
  23.             String kaptcha = map.get(getKaptchaParamter());
  24.             String username = map.get(getUsernameParameter());
  25.             String password = map.get(getPasswordParameter());
  26.             String sessionVerifyCode = (String) request.getSession().getAttribute("kaptcha");
  27.             if(kaptcha.equalsIgnoreCase(sessionVerifyCode)){
  28.                 UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username, password);
  29.                 // Allow subclasses to set the "details" property
  30.                 setDetails(request, authRequest);
  31.                 return this.getAuthenticationManager().authenticate(authRequest);
  32.             }
  33.  
  34.         } catch (IOException e) {
  35.             e.printStackTrace();
  36.         }
  37.         throw new KaptchaNotMatchException("验证码不匹配!");
  38.     }
  39. }

自定义认证异常类,用来替换SecurityConfig中的configure(HttpSecurity http)中的异常处理

  1. //自定义验证码认证异常
  2. public class KaptchaNotMatchException extends AuthenticationException {
  3.  
  4.     public KaptchaNotMatchException(String msg) {
  5.         super(msg);
  6.     }
  7.  
  8.     public KaptchaNotMatchException(String msg, Throwable cause) {
  9.         super(msg, cause);
  10.     }
  11. }

SecurityConfig

  1. @Configuration
  2. public class SecurityConfig extends WebSecurityConfigurerAdapter {
  3.  
  4.     @Bean
  5.     public UserDetailsService myUserDetailsService(){
  6.         InMemoryUserDetailsManager inMemoryUserDetailsManager = new InMemoryUserDetailsManager();
  7.         inMemoryUserDetailsManager.createUser(User.withUsername("root").password("{noop}123").roles("admin").build());
  8.         return inMemoryUserDetailsManager;
  9.     }
  10.  
  11.     @Override
  12.     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
  13.         auth.userDetailsService(myUserDetailsService());
  14.     }
  15.  
  16.     @Override
  17.     @Bean
  18.     public AuthenticationManager authenticationManagerBean() throws Exception {
  19.         return super.authenticationManagerBean();
  20.     }
  21.  
  22.     @Override
  23.     protected void configure(HttpSecurity http) throws Exception {
  24.  
  25.         http.authorizeRequests()
  26.                 .mvcMatchers("/vc.jpg").permitAll()
  27.                 .anyRequest().authenticated()
  28.  
  29.                 .and()
  30.                 .formLogin()
  31.                 .and()
  32.                 .exceptionHandling()
  33.                 .authenticationEntryPoint(new AuthenticationEntryPoint() {
  34.                     @Override
  35.                     public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
  36.                         response.setStatus(HttpStatus.UNAUTHORIZED.value());
  37.                         response.setContentType("application/json;charset=UTF-8");
  38.                         response.getWriter().println("请先认证!");
  39.                     }
  40.                 })
  41.                 .and()
  42.                 .csrf().disable();
  43.         http.addFilterAt(loginKaptchaFilter(), UsernamePasswordAuthenticationFilter.class);
  44.     }
  45.  
  46.     @Bean
  47.     public LoginKaptchaFilter loginKaptchaFilter(){
  48.         LoginKaptchaFilter loginKaptchaFilter = new LoginKaptchaFilter();
  49.         loginKaptchaFilter.setFilterProcessesUrl("/login");
  50.         try {
  51.             loginKaptchaFilter.setAuthenticationManager(authenticationManagerBean());
  52.             loginKaptchaFilter.setUsernameParameter("username");
  53.             loginKaptchaFilter.setPasswordParameter("password");
  54.             loginKaptchaFilter.setKaptchaParamter("kap");
  55.             loginKaptchaFilter.setAuthenticationSuccessHandler((req,resp,auth)->{
  56.                 HashMap<Object, Object> map = new HashMap<>();
  57.                 map.put("msg",auth.getAuthorities()+"用户已登录");
  58.                 resp.setContentType("application/json;charset=UTF-8");
  59.                 String s = new ObjectMapper().writeValueAsString(map);
  60.                 resp.getWriter().println(s);
  61.             });
  62.             loginKaptchaFilter.setAuthenticationFailureHandler((req,resp,exception)->{
  63.                 HashMap<Object, Object> map = new HashMap<>();
  64.                 map.put("msg","登陆失败"+exception.getMessage());
  65.                 resp.setContentType("application/json;charset=UTF-8");
  66.                 ObjectMapper mapper = new ObjectMapper();
  67.                 String s = mapper.writeValueAsString(map);
  68.                 resp.getWriter().println(s);
  69.             });
  70.         } catch (Exception e) {
  71.             e.printStackTrace();
  72.         }
  73.         return loginKaptchaFilter;
  74.     }
  75. }

声明:本文内容由网友自发贡献,不代表【wpsshop博客】立场,版权归原作者所有,本站不承担相应法律责任。如您发现有侵权的内容,请联系我们。转载请注明出处:https://www.wpsshop.cn/w/运维做开发/article/detail/914783
推荐阅读
相关标签

Copyright © 2003-2013 www.wpsshop.cn 版权所有,并保留所有权利。

  

闽ICP备14008679号