springboot整合spring-Security实现验证码登录
参考地址:https://www.jianshu.com/p/9d08c767b33e
在springboot整合spring-security实现简单的登录注销 的基础上进行开发。
1、添加生成验证码的控制器。
(1)、生成验证码
1 /** 2 * 引入 Security 配置属性类 3 */ 4 @Autowired 5 private SecurityProperties securityProperties; 6 7 8 @Override 9 public ImageCode createCode(HttpServletRequest request ) { 10 //如果请求中有 width 参数,则用请求中的,否则用 配置属性中的 11 int width = ServletRequestUtils.getIntParameter(request,"width",securityProperties.getWidth()); 12 //高度(宽度) 13 int height = ServletRequestUtils.getIntParameter(request,"height",securityProperties.getHeight()); 14 //图片验证码字符个数 15 int length = securityProperties.getLength(); 16 //过期时间 17 int expireIn = securityProperties.getExpireIn(); 18 19 BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_RGB); 20 21 Graphics g = image.getGraphics(); 22 23 Random random = new Random(); 24 25 g.setColor(getRandColor(200, 250)); 26 g.fillRect(0, 0, width, height); 27 g.setFont(new Font("Times New Roman", Font.ITALIC, 20)); 28 g.setColor(getRandColor(160, 200)); 29 for (int i = 0; i < 155; i++) { 30 int x = random.nextInt(width); 31 int y = random.nextInt(height); 32 int xl = random.nextInt(12); 33 int yl = random.nextInt(12); 34 g.drawLine(x, y, x + xl, y + yl); 35 } 36 37 String sRand = ""; 38 for (int i = 0; i < length; i++) { 39 String rand = String.valueOf(random.nextInt(10)); 40 sRand += rand; 41 g.setColor(new Color(20 + random.nextInt(110), 20 + random.nextInt(110), 20 + random.nextInt(110))); 42 g.drawString(rand, 13 * i + 6, 16); 43 } 44 45 g.dispose(); 46 47 return new ImageCode(image, sRand, expireIn); 48 } 49 50 /** 51 * 生成随机背景条纹 52 */ 53 private Color getRandColor(int fc, int bc) { 54 Random random = new Random(); 55 if (fc > 255) { 56 fc = 255; 57 } 58 if (bc > 255) { 59 bc = 255; 60 } 61 int r = fc + random.nextInt(bc - fc); 62 int g = fc + random.nextInt(bc - fc); 63 int b = fc + random.nextInt(bc - fc); 64 return new Color(r, g, b); 65 }
(2)、验证码控制器
public static final String SESSION_KEY = "SESSION_KEY_IMAGE_CODE"; @Autowired private ValidateCodeGenerator imageCodeGenerator; /** * Session 对象 */ private SessionStrategy sessionStrategy = new HttpSessionSessionStrategy(); @GetMapping("/code/image") public void createCode(HttpServletRequest request, HttpServletResponse response) throws IOException { ImageCode imageCode = imageCodeGenerator.createCode(request); //将随机数 放到Session中 sessionStrategy.setAttribute(new ServletWebRequest(request),SESSION_KEY,imageCode); request.getSession().setAttribute(SESSION_KEY,imageCode); //写给response 响应 response.setHeader("Cache-Control", "no-store, no-cache"); response.setContentType("image/jpeg"); ImageIO.write(imageCode.getImage(),"JPEG",response.getOutputStream()); }
(3)、其它辅助类
1 @Data 2 public class ImageCode { 3 4 /** 5 * 图片 6 */ 7 private BufferedImage image; 8 /** 9 * 随机数 10 */ 11 private String code; 12 /** 13 * 过期时间 14 */ 15 private LocalDateTime expireTime; 16 17 public ImageCode(BufferedImage image, String code, LocalDateTime expireTime) { 18 this.image = image; 19 this.code = code; 20 this.expireTime = expireTime; 21 } 22 public ImageCode(BufferedImage image, String code, int expireIn) { 23 this.image = image; 24 this.code = code; 25 //当前时间 加上 设置过期的时间 26 this.expireTime = LocalDateTime.now().plusSeconds(expireIn); 27 } 28 29 public boolean isExpried(){ 30 //如果 过期时间 在 当前日期 之前,则验证码过期 31 return LocalDateTime.now().isAfter(expireTime); 32 } 33 }