kaptcha验证码
调用session的setAttribute(key, value)方法,存储验证码
接受到前端返回的验证码之后,进行验证
可根据session的JSESSIONID存入Redis中
session.setAttribute()和session.getAttribute()的使用-CSDN博客
前端发起请求的时候需要携带cookie
编程那点事儿 - Vue项目axios携带cookie JSESSIONID到Spring Boot服务器解决方案 (imyjs.cn)
依赖
<!-- kaptcha验证码 -->
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>2.3.2</version>
</dependency>
配置类
import com.google.code.kaptcha.impl.DefaultKaptcha;
import com.google.code.kaptcha.util.Config;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import java.util.Properties;
/*
验证码配置类
*/
@Configuration
public class KaptchaConfig {
@Bean
public DefaultKaptcha getDefaultKaptcha(){
DefaultKaptcha captchaProducer = new DefaultKaptcha();
Properties properties = new Properties();
properties.setProperty("kaptcha.border", "yes");
properties.setProperty("kaptcha.border.color", "105,179,90");
properties.setProperty("kaptcha.textproducer.font.color", "blue");
properties.setProperty("kaptcha.image.width", "110");
properties.setProperty("kaptcha.image.height", "40");
properties.setProperty("kaptcha.textproducer.font.size", "30");
properties.setProperty("kaptcha.session.key", "code");
properties.setProperty("kaptcha.textproducer.char.length", "4");
properties.setProperty("kaptcha.textproducer.font.names", "宋体,楷体,微软雅黑");
Config config = new Config(properties);
captchaProducer.setConfig(config);
return captchaProducer;
}
}
请求验证码接口
import com.google.code.kaptcha.Producer;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.image.BufferedImage;
@Controller
public class CodeController {
@Autowired
private Producer captchaProducer ;
//生成验证码接口
@RequestMapping("/code")
public void getKaptchaImage(HttpServletRequest request, HttpServletResponse response) throws Exception {
HttpSession session = request.getSession();
response.setDateHeader("Expires", 0);
response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
response.addHeader("Cache-Control", "post-check=0, pre-check=0");
response.setHeader("Pragma", "no-cache");
response.setContentType("image/jpeg");
//生成验证码
String capText = captchaProducer.createText();
//写入验证码
session.setAttribute(Constants.KAPTCHA_SESSION_KEY, capText); //写入时间
session.setAttribute(Constants.KAPTCHA_SESSION_DATE, LocalDateTime.now());
//System.out.println(capText);
//String id = session.getId();
//System.out.println("获取时:session id:"+id);
//向客户端写出
BufferedImage bi = captchaProducer.createImage(capText);
ServletOutputStream out = response.getOutputStream();
ImageIO.write(bi, "jpg", out);
try {
out.flush();
} finally {
out.close();
}
}
}
验证接口
/**
* 验证码验证接口
*/
@GetMapping("/code/check")
public Boolean checkCode(@RequestParam(value = "code", required = true) String code,
HttpSession session){
String trueCode = (String) session.getAttribute(Constants.KAPTCHA_SESSION_KEY);
Date firstTime = (Date) session.getAttribute(Constants.KAPTCHA_SESSION_DATE);
//验证码长度不相等 或者 超时
if(trueCode.length() != code.length() || System.currentTimeMillis() - firstTime.getTime() > SESSION_TIMEOUT)
return false;
//验证码不同
if(!trueCode.equals(code))
return false;
return true;
}
注意点
最好都在postman测试,携带JSESSIONID
测试
参考
服务器如何确保一次会话内多次获取的是同一个session_baserequest如何确保使用同一个session请求-CSDN博客