【SpringBoot學習十】springboot+kaptcha實現驗證碼功能

kaptcha是一個java的驗證碼組件，實現驗證碼功能，不多說廢話，直接上代碼

1.pom.xml

<dependency>
    <groupId>com.github.penggle</groupId>
    <artifactId>kaptcha</artifactId>
    <version>2.3.2</version>
</dependency>

2.創建配置類

@Configuration
public class KaptchaConfig {
    @Bean(name="captchaProducer")
    public DefaultKaptcha getKaptchaBean(){
        DefaultKaptcha defaultKaptcha=new DefaultKaptcha();
        Properties properties=new Properties();
        properties.setProperty("kaptcha.textproducer.char.string", "123456789abcdefg");//驗證碼字符範圍
        properties.setProperty("kaptcha.border.color", "227,231,234");//圖片邊框顏色245,248,249
        properties.setProperty("kaptcha.textproducer.font.color", "black");//字體顏色
        properties.setProperty("kaptcha.textproducer.char.space", "2");//文字間隔
        properties.setProperty("kaptcha.image.width", "125");//圖片寬度
        properties.setProperty("kaptcha.image.height", "45");//圖片高度
        properties.setProperty("kaptcha.session.key", "code");//session的key
        properties.setProperty("kaptcha.textproducer.char.length", "4");//長度
        properties.setProperty("kaptcha.textproducer.font.names", "宋體,楷體,微軟雅黑");//字體
        Config config=new Config(properties);
        defaultKaptcha.setConfig(config);
        return defaultKaptcha;
    }
}

3.創建驗證碼攔截器

//驗證碼校驗攔截器，在登陸校驗前先校驗驗證碼，如果驗證碼通過再進行登陸驗證，此配置需要在上文提到的SecurityConfig類中配置
public class KaptchaAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private String servletPath;
    public KaptchaAuthenticationFilter(String servletPath, String failureUrl) {
        super(servletPath);
        this.servletPath = servletPath;
        setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(failureUrl));
    }
    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res = (HttpServletResponse) response;
        if ("POST".equalsIgnoreCase(req.getMethod()) && servletPath.equals(req.getServletPath())) {
            String expect = (String) req.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
            if (expect != null && !expect.equalsIgnoreCase(req.getParameter("kaptcha"))) {
                unsuccessfulAuthentication(req, res, new InsufficientAuthenticationException("輸入的驗證碼不正確"));
                return;
            }
        }
        chain.doFilter(request, response);
    }
    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        return null;
    }
}

4.SecurityConfig驗證配置類，此類是集成springsecurity後的驗證類

@Override
    protected void configure(HttpSecurity http) throws Exception {
         //在認證用戶名之前認證驗證碼，如果驗證碼錯誤，將不執行用戶名和密碼的認證
        //KaptchaAuthenticationFilter參數說明：第一個是攔截的請求，第二個參數是驗證碼驗證失敗後的請求
         http.addFilterBefore(new KaptchaAuthenticationFilter("/login","/authority/login?meg='驗證碼錯誤'"), UsernamePasswordAuthenticationFilter.class)
        ……..//代碼片段，此類的其他代碼參見本站“springboot+spring-security實現登錄驗證”該篇文章
}