1.什么是验证码?
验证码是一种区分用户是计算机还是人的公共全自动程序。短时间是无法退出人类舞台的,目前只是尽量提升用户体验。
作用
- 账号安全
- 反作弊
- 反爬虫
- 防论坛灌水
- 防恶意注册
分类
- 图形验证码
- Gif动画验证码
- 手机短信验证码
- 手机语音验证码
- 视频验证码
- web2.0验证码
2.kaptcha验证码组件
kaptcha 是一个非常实用的验证码生成工具;有了它,你可以生成各种样式的验证码,因为它是可配置的。
常见配置
- 验证码的字体
- 验证码字体的大小
- 验证码字体的字体颜色
- 验证码内容的范围(数字,字母,中文汉字)
- 验证码图片的大小,边框,边框粗细,边框颜色
- 验证码的干扰线(可以自己继承com.google.code.kaptcha.NoiseProducer写一个自定义的干扰线)
- 验证码的样式(鱼眼样式、3D、普通模糊……当然也可以继承com.google.code.kaptcha.GimpyEngine自定义样式)
引入maven配置
<dependency>
<groupId>com.github.axet</groupId>
<artifactId>kaptcha</artifactId>
<version>0.0.9</version>
</dependency>
- 1.
- 2.
- 3.
- 4.
- 5.
kaptcha.properties
kaptcha.textproducer.font.color=red
kaptcha.image.width=130
kaptcha.image.height=44
kaptcha.textproducer.font.size=35
kaptcha.textproducer.char.length=4
kaptcha.textproducer.font.names=\\u5B8B\\u4F53,\\u6977\\u4F53,\\u5FAE\\u8F6F\\u96C5\\u9ED1
kaptcha.noise.color=gray
kaptcha.obscurificator.impl=com.google.code.kaptcha.impl.WaterRipple
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
用filter过滤器来生成验证码,具体步骤如下:
1、web.xml
<filter>
<filter-name>KaptchaFilter</filter-name>
<filter-class>com.xxoo.admin.ui.filter.KaptchaFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>KaptchaFilter</filter-name>
<url-pattern>/kaptcha.jpg</url-pattern>
</filter-mapping>
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
说明:验证码过滤器需要放到Shiro之后,因为Shiro将包装HttpSession.如果不,可能造成两次的sesisonid不一样。
2、图片验证码类
public class CaptchaService {
private static ImageCaptchaService instance = null;
static {
instance = new KaptchaImageCaptchaService();
}
public synchronized static ImageCaptchaService getInstance() {
return instance;
}
public synchronized static boolean validate(HttpServletRequest httpServletRequest, String input) throws Exception {
String text = instance.getText(httpServletRequest);
boolean result = text.equalsIgnoreCase(input);
instance.removeKaptcha(httpServletRequest);
return result;
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
3、基于Kaptcha的验证码图片实现
public class KaptchaImageCaptchaService implements ImageCaptchaService {
private Logger logger = LoggerFactory.getLogger(getClass());
public KaptchaImageCaptchaService() {
}
public static Config getConfig() throws IOException {
Properties p = new Properties();
p.load(new DefaultResourceLoader().getResource("kaptcha.properties").getInputStream());
Config config = new Config(p);
return config;
}
@Override
public void create(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception {
httpServletResponse.setDateHeader("Expires", 0L);
httpServletResponse.setHeader("Cache-Control", "no-store, no-cache, must-revalidate");
httpServletResponse.addHeader("Cache-Control", "post-check=0, pre-check=0");
httpServletResponse.setHeader("Pragma", "no-cache");
httpServletResponse.setContentType("image/jpeg");
Config config = getConfig();
Producer producer = config.getProducerImpl();
String capText = producer.createText();
if(logger.isDebugEnabled()){
logger.info("create captcha:" + capText + ":" + config.getSessionKey() );
}
httpServletRequest.getSession().setAttribute(config.getSessionKey(), capText);
httpServletRequest.getSession().setAttribute(config.getSessionDate(), new Date());
BufferedImage bi = producer.createImage(capText);
ServletOutputStream out = httpServletResponse.getOutputStream();
ImageIO.write(bi, "jpg", out);
out.flush();
out.close();
}
@Override
public String getText(HttpServletRequest httpServletRequest) throws Exception {
return (String)httpServletRequest.getSession().getAttribute(getConfig().getSessionKey());
}
@Override
public void removeKaptcha(HttpServletRequest httpServletRequest) throws Exception {
httpServletRequest.getSession().removeAttribute(getConfig().getSessionKey());
httpServletRequest.getSession().removeAttribute(getConfig().getSessionDate());
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
- 20.
- 21.
- 22.
- 23.
- 24.
- 25.
- 26.
- 27.
- 28.
- 29.
- 30.
- 31.
- 32.
- 33.
- 34.
- 35.
- 36.
- 37.
- 38.
- 39.
- 40.
- 41.
- 42.
- 43.
- 44.
- 45.
- 46.
- 47.
- 48.
4、验证码工具类
public class CaptchaService {
private static ImageCaptchaService instance = null;
static {
instance = new KaptchaImageCaptchaService();
}
public synchronized static ImageCaptchaService getInstance() {
return instance;
}
public synchronized static boolean validate(HttpServletRequest httpServletRequest, String input) throws Exception {
String text = instance.getText(httpServletRequest);
boolean result = text.equalsIgnoreCase(input);
instance.removeKaptcha(httpServletRequest);
return result;
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
- 15.
- 16.
- 17.
- 18.
- 19.
5、生成验证码过滤器
public class KaptchaFilter extends OncePerRequestFilter {
private Logger logger = LoggerFactory.getLogger(getClass());
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
try {
CaptchaService.getInstance().create(httpServletRequest,httpServletResponse);
} catch (Exception e) {
logger.info("create captcha error.",e);
}
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
- 14.
6、验证码校验
private boolean doCaptchaValidate(HttpServletRequest request, String code) {
//比对
try {
if (code == null || !CaptchaService.validate(request, code)) {
return false;
} else {
return true;
}
} catch (Exception e) {
logger.warn("captcha check error!");
return false;
}
}
- 1.
- 2.
- 3.
- 4.
- 5.
- 6.
- 7.
- 8.
- 9.
- 10.
- 11.
- 12.
- 13.
总结
本文主要讲述了kaptcha图形化验证码的使用和介绍,小伙伴可以根据自己的需求进行引入。
