1什么是验证码?
验证码是一种区分用户是计算机还是人的公共全自动程序。短时间是无法退出人类舞台的,目前只是尽量提升用户体验。
作用
- 账号安全
- 反作弊
- 反爬虫
- 防论坛灌水
- 防恶意注册
分类
- 图形验证码
- Gif动画验证码
- 手机短信验证码
- 手机语音验证码
- 视频验证码
- web2.0验证码
2kaptcha验证码组件
kaptcha 是一个非常实用的验证码生成工具;有了它,你可以生成各种样式的验证码,因为它是可配置的。
常见配置
- 验证码的字体
- 验证码字体的大小
- 验证码字体的字体颜色
- 验证码内容的范围(数字,字母,中文汉字)
- 验证码图片的大小,边框,边框粗细,边框颜色
- 验证码的干扰线(可以自己继承com.google.code.kaptcha.NoiseProducer写一个自定义的干扰线)
- 验证码的样式(鱼眼样式、3D、普通模糊……当然也可以继承com.google.code.kaptcha.GimpyEngine自定义样式)
引入maven配置
<dependency> <groupId>com.github.axet</groupId> <artifactId>kaptcha</artifactId> <version>0.0.9</version> </dependency>
kaptcha.properties
kaptcha.textproducer.font.color=red kaptcha.image.width=130 kaptcha.image.height=44 kaptcha.textproducer.font.size=35 kaptcha.textproducer.char.length=4 kaptcha.textproducer.font.names=\\u5B8B\\u4F53,\\u6977\\u4F53,\\u5FAE\\u8F6F\\u96C5\\u9ED1 kaptcha.noise.color=gray kaptcha.obscurificator.impl=com.google.code.kaptcha.impl.WaterRipple
用filter过滤器来生成验证码,具体步骤如下:
1、web.xml
<filter> <filter-name>KaptchaFilter</filter-name> <filter-class>com.xxoo.admin.ui.filter.KaptchaFilter</filter-class> </filter> <filter-mapping> <filter-name>KaptchaFilter</filter-name> <url-pattern>/kaptcha.jpg</url-pattern> </filter-mapping>
说明:验证码过滤器需要放到Shiro之后,因为Shiro将包装HttpSession.如果不,可能造成两次的sesisonid不一样。
2、图片验证码类
public class CaptchaService { private static ImageCaptchaService instance = null; static { instance = new KaptchaImageCaptchaService(); } public synchronized static ImageCaptchaService getInstance() { return instance; } public synchronized static boolean validate(HttpServletRequest httpServletRequest, String input) throws Exception { String text = instance.getText(httpServletRequest); boolean result = text.equalsIgnoreCase(input); instance.removeKaptcha(httpServletRequest); return result; } }
3、基于Kaptcha的验证码图片实现
public class KaptchaImageCaptchaService implements ImageCaptchaService { private Logger logger = LoggerFactory.getLogger(getClass()); public KaptchaImageCaptchaService() { } public static Config getConfig() throws IOException { Properties p = new Properties(); p.load(new DefaultResourceLoader().getResource("kaptcha.properties").getInputStream()); Config config = new Config(p); return config; } @Override public void create(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws Exception { httpServletResponse.setDateHeader("Expires", 0L); httpServletResponse.setHeader("Cache-Control", "no-store, no-cache, must-revalidate"); httpServletResponse.addHeader("Cache-Control", "post-check=0, pre-check=0"); httpServletResponse.setHeader("Pragma", "no-cache"); httpServletResponse.setContentType("image/jpeg"); Config config = getConfig(); Producer producer = config.getProducerImpl(); String capText = producer.createText(); if(logger.isDebugEnabled()){ logger.info("create captcha:" + capText + ":" + config.getSessionKey() ); } httpServletRequest.getSession().setAttribute(config.getSessionKey(), capText); httpServletRequest.getSession().setAttribute(config.getSessionDate(), new Date()); BufferedImage bi = producer.createImage(capText); ServletOutputStream out = httpServletResponse.getOutputStream(); ImageIO.write(bi, "jpg", out); out.flush(); out.close(); } @Override public String getText(HttpServletRequest httpServletRequest) throws Exception { return (String)httpServletRequest.getSession().getAttribute(getConfig().getSessionKey()); } @Override public void removeKaptcha(HttpServletRequest httpServletRequest) throws Exception { httpServletRequest.getSession().removeAttribute(getConfig().getSessionKey()); httpServletRequest.getSession().removeAttribute(getConfig().getSessionDate()); } }
4、验证码工具类
public class CaptchaService { private static ImageCaptchaService instance = null; static { instance = new KaptchaImageCaptchaService(); } public synchronized static ImageCaptchaService getInstance() { return instance; } public synchronized static boolean validate(HttpServletRequest httpServletRequest, String input) throws Exception { String text = instance.getText(httpServletRequest); boolean result = text.equalsIgnoreCase(input); instance.removeKaptcha(httpServletRequest); return result; } }
5、生成验证码过滤器
public class KaptchaFilter extends OncePerRequestFilter { private Logger logger = LoggerFactory.getLogger(getClass()); @Override protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException { try { CaptchaService.getInstance().create(httpServletRequest,httpServletResponse); } catch (Exception e) { logger.info("create captcha error.",e); } } }
6、验证码校验
private boolean doCaptchaValidate(HttpServletRequest request, String code) { //比对 try { if (code == null || !CaptchaService.validate(request, code)) { return false; } else { return true; } } catch (Exception e) { logger.warn("captcha check error!"); return false; } }
总结
本文主要讲述了kaptcha图形化验证码的使用和介绍,小伙伴可以根据自己的需求进行引入。