只做山寨的网站wordpress会员数据共同
张小明 2025/12/31 6:23:15
只做山寨的网站,wordpress会员数据共同,宝安网站制作培训,网站建设好不好学为了防止世界被破坏#xff0c;为了守护世界的和平。。。说错了#xff0c;重来~
为了防止验证系统被暴力破解#xff0c;很多系统都增加了验证码效验#xff0c;比较常见的就是图片二维码#xff0c;业内比较安全的是短信验证码#xff0c;当然还有一些拼图验证码…为了防止世界被破坏为了守护世界的和平。。。说错了重来~为了防止验证系统被暴力破解很多系统都增加了验证码效验比较常见的就是图片二维码业内比较安全的是短信验证码当然还有一些拼图验证码加入人工智能的二维码等等我们今天的主题就是前后端分离的图片二维码登录方案。前后端未分离的验证码登录方案传统的项目大都是基于session交互的前后端都在一个项目里面比如传统的SSH项目或者一些JSP系统当前端页面触发到获取验证码请求可以将验证码里面的信息存在上下文中所以登录的时候只需要用户名、密码、验证码即可。验证码生成流程如下登录验证流程如下可以发现整个登录流程还是依赖session上下文的并且由后端调整页面。前后端分离的验证码登录方案随着系统和业务的不停升级前后端代码放在一起的项目越来越臃肿已经无法快速迭代和职责区分了于是纷纷投入了前后端分离的怀抱发现代码和职责分离以后开发效率越来越高了功能迭代还越来越快但是以前的验证码登录方案就要更改了。验证码生成流程如下对比原来的方案增加了redis中间件不再是存在session里面了但是后面怎么区分这个验证码是这个请求生成的呢所以我们加入了唯一标识符来区分登录验证流程如下可以发现基于前后端分离的分布式项目登录方案对比原来加了一个redis中间件和token返回不再依赖上下文session并且页面调整也是由后端换到了前端动手撸轮子基于验证码的轮子还是挺多的本文就以Kaptcha这个项目为例通过springboot项目集成Kaptcha来实现验证码生成和登录方案。Kaptcha介绍Kaptcha是一个基于SimpleCaptcha的验证码开源项目我找的这个轮子是基于SimpleCaptcha二次封装的maven依赖如下!--Kaptcha是一个基于SimpleCaptcha的验证码开源项目-- dependency groupIdcom.github.penggle/groupId artifactIdkaptcha/artifactId version2.3.2/version /dependency新建项目并加入依赖依赖主要有 SpringBoot、Kaptcha、Redispom.xml ?xml version1.0 encodingUTF-8? project xmlnshttp://maven.apache.org/POM/4.0.0 xmlns:xsihttp://www.w3.org/2001/XMLSchema-instance xsi:schemaLocationhttp://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd modelVersion4.0.0/modelVersion groupIdcom.lzp/groupId artifactIdkaptcha/artifactId version1.0-SNAPSHOT/version parent groupIdorg.springframework.boot/groupId artifactIdspring-boot-starter-parent/artifactId version2.3.0.RELEASE/version relativePath/!-- lookup parent from repository -- /parent dependencies !--Kaptcha是一个基于SimpleCaptcha的验证码开源项目-- dependency groupIdcom.github.penggle/groupId artifactIdkaptcha/artifactId version2.3.2/version /dependency dependency groupIdorg.springframework.boot/groupId artifactIdspring-boot-starter-web/artifactId /dependency dependency groupIdorg.springframework.boot/groupId artifactIdspring-boot-starter-data-redis/artifactId /dependency !-- redis依赖commons-pool 这个依赖一定要添加 -- dependency groupIdorg.apache.commons/groupId artifactIdcommons-pool2/artifactId /dependency dependency groupIdcom.alibaba/groupId artifactIdfastjson/artifactId version1.2.3/version /dependency dependency groupIdcom.fasterxml.jackson.core/groupId artifactIdjackson-databind/artifactId /dependency /dependencies build plugins plugin groupIdorg.springframework.boot/groupId artifactIdspring-boot-maven-plugin/artifactId /plugin /plugins /build /projectRedis配置类RedisConfigConfiguration public class RedisConfig { Bean public RedisTemplateString, Object redisTemplate(LettuceConnectionFactory redisConnectionFactory){ RedisTemplateString, Object redisTemplate new RedisTemplateString, Object(); redisTemplate.setKeySerializer(new StringRedisSerializer()); redisTemplate.setValueSerializer(new GenericJackson2JsonRedisSerializer()); redisTemplate.setHashKeySerializer(new StringRedisSerializer()); redisTemplate.setHashValueSerializer(new GenericJackson2JsonRedisSerializer()); redisTemplate.setConnectionFactory(redisConnectionFactory); return redisTemplate; } }验证码配置类KaptchaConfigConfiguration publicclass KaptchaConfig { Bean public DefaultKaptcha producer(){ DefaultKaptcha defaultKaptcha new DefaultKaptcha(); Properties properties new Properties(); properties.setProperty(kaptcha.border, no); properties.setProperty(kaptcha.border.color, 105,179,90); properties.setProperty(kaptcha.textproducer.font.color, black); properties.setProperty(kaptcha.image.width, 110); properties.setProperty(kaptcha.image.height, 40); properties.setProperty(kaptcha.textproducer.char.string,23456789abcdefghkmnpqrstuvwxyzABCDEFGHKMNPRSTUVWXYZ); properties.setProperty(kaptcha.textproducer.font.size, 30); properties.setProperty(kaptcha.textproducer.char.space,3); properties.setProperty(kaptcha.session.key, code); properties.setProperty(kaptcha.textproducer.char.length, 4); properties.setProperty(kaptcha.textproducer.font.names, 宋体,楷体,微软雅黑); // properties.setProperty(kaptcha.obscurificator.impl,com.xxx);可以重写实现类 properties.setProperty(kaptcha.noise.impl,com.google.code.kaptcha.impl.NoNoise); Config config new Config(properties); defaultKaptcha.setConfig(config); return defaultKaptcha; }验证码控制层CaptchaController为了方便代码写一块了讲究看package com.lzp.kaptcha.controller; import com.google.code.kaptcha.impl.DefaultKaptcha; import com.lzp.kaptcha.service.CaptchaService; import com.lzp.kaptcha.vo.CaptchaVO; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.RestController; import sun.misc.BASE64Encoder; import javax.imageio.ImageIO; import java.awt.image.BufferedImage; import java.io.ByteArrayOutputStream; import java.io.IOException; RestController RequestMapping(/captcha) publicclass CaptchaController { Autowired private DefaultKaptcha producer; Autowired private CaptchaService captchaService; ResponseBody GetMapping(/get) public CaptchaVO getCaptcha() throws IOException { // 生成文字验证码 String content producer.createText(); // 生成图片验证码 ByteArrayOutputStream outputStream null; BufferedImage image producer.createImage(content); outputStream new ByteArrayOutputStream(); ImageIO.write(image, jpg, outputStream); // 对字节数组Base64编码 BASE64Encoder encoder new BASE64Encoder(); String str data:image/jpeg;base64,; String base64Img str encoder.encode(outputStream.toByteArray()).replace(\n, ).replace(\r, ); CaptchaVO captchaVO captchaService.cacheCaptcha(content); captchaVO.setBase64Img(base64Img); return captchaVO; } }验证码返回对象CaptchaVOpackage com.lzp.kaptcha.vo; publicclass CaptchaVO { /** * 验证码标识符 */ private String captchaKey; /** * 验证码过期时间 */ private Long expire; /** * base64字符串 */ private String base64Img; public String getCaptchaKey() { return captchaKey; } public void setCaptchaKey(String captchaKey) { this.captchaKey captchaKey; } public Long getExpire() { return expire; } public void setExpire(Long expire) { this.expire expire; } public String getBase64Img() { return base64Img; } public void setBase64Img(String base64Img) { this.base64Img base64Img; } }Redis封装类RedisUtils网上随意找的类里面注明来源将就用代码较多就不贴了文末有代码获取验证码方法层CaptchaServicepackage com.lzp.kaptcha.service; import com.lzp.kaptcha.utils.RedisUtils; import com.lzp.kaptcha.vo.CaptchaVO; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Service; import java.util.UUID; Service publicclass CaptchaService { Value(${server.session.timeout:300}) private Long timeout; Autowired private RedisUtils redisUtils; privatefinal String CAPTCHA_KEY captcha:verification:; public CaptchaVO cacheCaptcha(String captcha){ //生成一个随机标识符 String captchaKey UUID.randomUUID().toString(); //缓存验证码并设置过期时间 redisUtils.set(CAPTCHA_KEY.concat(captchaKey),captcha,timeout); CaptchaVO captchaVO new CaptchaVO(); captchaVO.setCaptchaKey(captchaKey); captchaVO.setExpire(timeout); return captchaVO; } }用户登录对象封装LoginDTOpackage com.lzp.kaptcha.dto; publicclass LoginDTO { private String userName; private String pwd; private String captchaKey; private String captcha; public String getUserName() { return userName; } public void setUserName(String userName) { this.userName userName; } public String getPwd() { return pwd; } public void setPwd(String pwd) { this.pwd pwd; } public String getCaptchaKey() { return captchaKey; } public void setCaptchaKey(String captchaKey) { this.captchaKey captchaKey; } public String getCaptcha() { return captcha; } public void setCaptcha(String captcha) { this.captcha captcha; } }登录控制层UserController这块我写逻辑代码了相信大家都看的懂package com.lzp.kaptcha.controller; import com.lzp.kaptcha.dto.LoginDTO; import com.lzp.kaptcha.utils.RedisUtils; import com.lzp.kaptcha.vo.UserVO; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; RestController RequestMapping(/user) publicclass UserController { Autowired private RedisUtils redisUtils; PostMapping(/login) public UserVO login(RequestBody LoginDTO loginDTO) { Object captch redisUtils.get(loginDTO.getCaptchaKey()); if(captch null){ // throw 验证码已过期 } if(!loginDTO.getCaptcha().equals(captch)){ // throw 验证码错误 } // 查询用户信息 //判断用户是否存在 不存在抛出用户名密码错误 //判断密码是否正确不正确抛出用户名密码错误 //构造返回到前端的用户对象并封装信息和生成token returnnew UserVO(); } }验证码获取和查看