kaptcha是一個java的驗證碼組件,實現驗證碼功能,不多說廢話,直接上代碼
1.pom.xml
<dependency>
<groupId>com.github.penggle</groupId>
<artifactId>kaptcha</artifactId>
<version>2.3.2</version>
</dependency>
2.創建配置類
@Configuration
public class KaptchaConfig {
@Bean(name="captchaProducer")
public DefaultKaptcha getKaptchaBean(){
DefaultKaptcha defaultKaptcha=new DefaultKaptcha();
Properties properties=new Properties();
properties.setProperty("kaptcha.textproducer.char.string", "123456789abcdefg");//驗證碼字符範圍
properties.setProperty("kaptcha.border.color", "227,231,234");//圖片邊框顏色245,248,249
properties.setProperty("kaptcha.textproducer.font.color", "black");//字體顏色
properties.setProperty("kaptcha.textproducer.char.space", "2");//文字間隔
properties.setProperty("kaptcha.image.width", "125");//圖片寬度
properties.setProperty("kaptcha.image.height", "45");//圖片高度
properties.setProperty("kaptcha.session.key", "code");//session的key
properties.setProperty("kaptcha.textproducer.char.length", "4");//長度
properties.setProperty("kaptcha.textproducer.font.names", "宋體,楷體,微軟雅黑");//字體
Config config=new Config(properties);
defaultKaptcha.setConfig(config);
return defaultKaptcha;
}
}
3.創建驗證碼攔截器
//驗證碼校驗攔截器,在登陸校驗前先校驗驗證碼,如果驗證碼通過再進行登陸驗證,此配置需要在上文提到的SecurityConfig類中配置
public class KaptchaAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
private String servletPath;
public KaptchaAuthenticationFilter(String servletPath, String failureUrl) {
super(servletPath);
this.servletPath = servletPath;
setAuthenticationFailureHandler(new SimpleUrlAuthenticationFailureHandler(failureUrl));
}
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
HttpServletRequest req = (HttpServletRequest) request;
HttpServletResponse res = (HttpServletResponse) response;
if ("POST".equalsIgnoreCase(req.getMethod()) && servletPath.equals(req.getServletPath())) {
String expect = (String) req.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
if (expect != null && !expect.equalsIgnoreCase(req.getParameter("kaptcha"))) {
unsuccessfulAuthentication(req, res, new InsufficientAuthenticationException("輸入的驗證碼不正確"));
return;
}
}
chain.doFilter(request, response);
}
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
return null;
}
}
4.SecurityConfig驗證配置類,此類是集成springsecurity後的驗證類
@Override
protected void configure(HttpSecurity http) throws Exception {
//在認證用戶名之前認證驗證碼,如果驗證碼錯誤,將不執行用戶名和密碼的認證
//KaptchaAuthenticationFilter參數說明:第一個是攔截的請求,第二個參數是驗證碼驗證失敗後的請求
http.addFilterBefore(new KaptchaAuthenticationFilter("/login","/authority/login?meg='驗證碼錯誤'"), UsernamePasswordAuthenticationFilter.class)
……..//代碼片段,此類的其他代碼參見本站“springboot+spring-security實現登錄驗證”該篇文章
}