Introduction to usage examples of verification code combined with springboot when logging in

In a web applicationVerification codeis a common element. Whether it is preventing robots or crawlers, it has a certain effect. The following article mainly introduces the relevant information about the login verification code kaptcha combined with spring boot usage. Friends in need can refer to it. Let’s take a look together.

Preface

When ouruser logs in, for security reasons, the verification code function will be added. Google's kaptcha is used here; spirngboot is lightweight and independent, making spring-based application development particularly simple. There are many introductions to springboot on the Internet, so I won’t go into details here.

Let’s get back to the point. Let’s talk about the usage of verification code combined with springboot when logging in.

The jar package needed to introduce kaptcha is what I use here. What is maven

 com.github.penggle kaptcha 2.3.2   javax.servlet-api javax.servlet   

is to remove the servlet package that comes with the package. In my personal understanding, springboot is a lightweight micro-architecture built with javaconfig and annotations.

The following is the javaconfig of kapcha

@Configuration public class CaptchaConfig { @Bean(name="captchaProducer") public DefaultKaptcha getKaptchaBean(){ DefaultKaptcha defaultKaptcha=new DefaultKaptcha(); Properties properties=new Properties(); properties.setProperty("kaptcha.border", "yes"); properties.setProperty("kaptcha.border.color", "105,179,90"); properties.setProperty("kaptcha.textproducer.font.color", "blue"); properties.setProperty("kaptcha.image.width", "125"); properties.setProperty("kaptcha.image.height", "45"); properties.setProperty("kaptcha.session.key", "code"); properties.setProperty("kaptcha.textproducer.char.length", "4"); properties.setProperty("kaptcha.textproducer.font.names", "宋体,楷体,微软雅黑"); Config config=new Config(properties); defaultKaptcha.setConfig(config); return defaultKaptcha; } }

The javaconfig of katcha here is equivalent to the bean configuration in springmvc. The following is a solution for the above Bean example of javaconfig's springmvc, for reference

     yes 105,179,90 blue 125 45 45 code 4 宋体,楷体,微软雅黑     

Among them, the attribute parameters in theconstruction methodcan be set according to your own needs.

Configuration filehas been configured, so how to get your own QR code? My understanding is the concept of canvas, and then generate the corresponding canvas from the generated four-digit verification code. Then let the result be written out.

The code is as follows:

@RequestMapping(value = "/captcha-image") public ModelAndView getKaptchaImage(HttpServletRequest request, HttpServletResponse response) throws Exception { response.setDateHeader("Expires", 0); response.setHeader("Cache-Control", "no-store, no-cache, must-revalidate"); response.addHeader("Cache-Control", "post-check=0, pre-check=0"); response.setHeader("Pragma", "no-cache"); response.setContentType("image/jpeg"); String capText = captchaProducer.createText(); System.out.println("capText: " + capText); try { String uuid=UUIDUtils.getUUID32().trim().toString(); redisTemplate.opsForValue().set(uuid, capText,60*5,TimeUnit.SECONDS); Cookie cookie = new Cookie("captchaCode",uuid); response.addCookie(cookie); } catch (Exception e) { e.printStackTrace(); } BufferedImage bi = captchaProducer.createImage(capText); ServletOutputStream out = response.getOutputStream(); ImageIO.write(bi, "jpg", out); try { out.flush(); } finally { out.close(); } return null; }

As the above code, use the verification code and cooike when the user logs in captchacode to achieve uniqueness verification. At first, I considered putting it in the session. After thinking about it at the time, I felt that it was unscientific. For example, if I put the captchacode in the session, there would be one verification code, and then another user would Log in, the previous user is still logging in, and a series of problems will occur at this time. Cookies and redis are used here to handle concurrent login verification of users.

The page is relatively simple to use as follows:

If you want to change, add a click event, and then clear the previous redis The correspondingcached data; or when obtaining the verification code, set the life cycle.

The above is the detailed content of Introduction to usage examples of verification code combined with springboot when logging in. For more information, please follow other related articles on the PHP Chinese website!