Skip to content

D、验证码

Jump to bottom
wangjie edited this page Dec 25, 2019 · 1 revision

验证码配置:

#jsets-shiro配置
jsets:
  shiro:
    jcaptcha-enable: true #是否启用验证码验证,不配置默认不启用

页面:

<form class="login-form" action="${ctx}/login" method="post">
    <div class="form-item">
    用户名:<input type="text" name="username" />
    </div>
    <div class="form-item">
        密码:<input type="password" name="password" />
    </div>
    <div class="form-item">
        验证码:<input type="text" name="jcaptcha" />
        <img alt="点击切换" src="${ctx}/jcaptcha.jpg"			
        onclick="this.src='${ctx}/jcaptcha.jpg?d='+new Date()" />
    </div>
    <div class="form-item">
        <button type="submit">登录</button>
    </div>
</form>
<!-- 认证信息 -->
<font color="red">${Request["shiro_auth_message"]!}</font>

验证码效果:

验证码效果

验证码错误效果:

验证码错误提示

自定义验证码:

实现CaptchaProvider接口

public interface CaptchaProvider {

	/**
	 * 生成验证码
	 */
	BufferedImage generateCaptcha(HttpServletRequest request);

	/**
	 * 验证码校验
	 */
	boolean validateCaptcha(HttpServletRequest request, String jcaptcha);
}

如下面的示例,是一个纯数字的验证码实现:

@Service
public class MyCaptchaService implements CaptchaProvider {

	@Override
	public BufferedImage generateCaptcha(HttpServletRequest request) {
		return JCaptchaHolder.INSTANCE.getImageChallengeForID(request.getSession(true).getId());
	}

	@Override
	public boolean validateCaptcha(HttpServletRequest request, String jcaptcha) {
		try {
			String captchaID = request.getSession().getId();
			return JCaptchaHolder.INSTANCE.validateResponseForID(captchaID, jcaptcha);
		} catch (CaptchaServiceException e) {
			return false;
		}
	}

	/**
	 * 随机字符,纯数字
	 */
	private static final String ACCEPTED_CHARS = "1234567890";

	/**
	 * 验证码服务实例持有者
	 */
	private static class JCaptchaHolder {
		private static final ImageCaptchaService INSTANCE = new DefaultManageableImageCaptchaService(
				new FastHashMapCaptchaStore(),
				new GenericCaptchaEngine(new GimpyFactory[] { new GimpyFactory(new RandomWordGenerator(ACCEPTED_CHARS),
						new ComposedWordToImage(
								new RandomFontGenerator(20, 20, new Font[] { new Font("Arial", 20, 20) }),
								new UniColorBackgroundGenerator(90, 30, Color.white),
								new NonLinearTextPaster(5, 5,
										new RandomListColorGenerator(new Color[] { new Color(23, 170, 27),
												new Color(220, 34, 11), new Color(23, 67, 172) })))) }),
				180, 100000, 75000);
	}
}

配置ShiroCustomizer

@Configuration
public class ApplicationConfig{
	// 账号数据提供服务
	@Autowired
	private AccountProviderImpl accountProviderImpl;
	// 自定义的加密实现
	@Autowired
	private MyDESPasswordProvider myDESPasswordProvider;
	// 自定义的验证码实现
	@Autowired
	private MyCaptchaService myCaptchaService;

	@Bean
	public ShiroCustomizer shiroCustomizer() {
		ShiroCustomizer customizer = new ShiroCustomizer();
		// 设置账号数据提供服务
		customizer.setShiroAccountProvider(accountProviderImpl); 
		// 设置加密实现
		customizer.setPasswordProvider(myDESPasswordProvider);
		// 设置验证码实现
		customizer.setCaptchaProvider(myCaptchaService);
		return customizer;
	}
}

Clone this wiki locally