• 登录验证码的实现

    效果图:

    原理:此处为img src每次点击从后台获取流文件,存到session中,下次验证session即可。

    前台

    <img style="height:22px;" id="codeImg" alt="点击更换"
                                title="点击更换" src="" />

    js

        $(document).ready(function() {
            changeCode();
            $("#codeImg").bind("click", changeCode);
        });function genTimestamp() {
            var time = new Date();
            return time.getTime();
        }

        function changeCode() {
            $("#codeImg").attr("src", "code.do?t=" + genTimestamp());
        }

    后台controller:

    package com.fh.controller.system.secCode;

import java.awt.Color;
import java.awt.Font;
import java.awt.Graphics2D;
import java.awt.font.FontRenderContext;
import java.awt.geom.Rectangle2D;
import java.awt.image.BufferedImage;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Random;

import javax.imageio.ImageIO;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletResponse;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.session.Session;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;

import com.fh.util.Const;

/** 
 * 类名称:登录验证码
 * 类描述: 
 * 作者单位: 
 * 联系方式:
 * @version
 */
@Controller
@RequestMapping("/code")
public class SecCodeController {

    @RequestMapping
    public void generate(HttpServletResponse response){
        ByteArrayOutputStream output = new ByteArrayOutputStream();
        String code = drawImg(output);
        
        Subject currentUser = SecurityUtils.getSubject();  
        Session session = currentUser.getSession();
        session.setAttribute(Const.SESSION_SECURITY_CODE, code);
        
        try {
            ServletOutputStream out = response.getOutputStream();
            output.writeTo(out);
        } catch (IOException e) {
            e.printStackTrace();
        }
    }
    
    private String drawImg(ByteArrayOutputStream output){
        String code = "";
        for(int i=0; i<4; i++){
            code += randomChar();
        }
        int width = 70;
        int height = 25;
        BufferedImage bi = new BufferedImage(width,height,BufferedImage.TYPE_3BYTE_BGR);
        Font font = new Font("Times New Roman",Font.PLAIN,20);
        Graphics2D g = bi.createGraphics();
        g.setFont(font);
        Color color = new Color(66,2,82);
        g.setColor(color);
        g.setBackground(new Color(226,226,240));
        g.clearRect(0, 0, width, height);
        FontRenderContext context = g.getFontRenderContext();
        Rectangle2D bounds = font.getStringBounds(code, context);
        double x = (width - bounds.getWidth()) / 2;
        double y = (height - bounds.getHeight()) / 2;
        double ascent = bounds.getY();
        double baseY = y - ascent;
        g.drawString(code, (int)x, (int)baseY);
        g.dispose();
        try {
            ImageIO.write(bi, "jpg", output);
        } catch (IOException e) {
            e.printStackTrace();
        }
        return code;
    }
    
    private char randomChar(){
        Random r = new Random();
        String s = "ABCDEFGHJKLMNPRSTUVWXYZ0123456789";
        return s.charAt(r.nextInt(s.length()));
    }
}

    附加登录验证session:

    @RequestMapping(value="/login_login" ,produces="application/json;charset=UTF-8")
    @ResponseBody
    public Object login()throws Exception{
        Map<String,String> map = new HashMap<String,String>();
        PageData pd = new PageData();
        pd = this.getPageData();
        String errInfo = "";
        String KEYDATA[] = pd.getString("KEYDATA").replaceAll("qq313596790fh", "").replaceAll("QQ978336446fh", "").split(",fh,");
        if(null != KEYDATA && KEYDATA.length == 3){
            Session session = Jurisdiction.getSession();
            String sessionCode = (String)session.getAttribute(Const.SESSION_SECURITY_CODE);        //获取session中的验证码
            String code = KEYDATA[2];
            if(null == code || "".equals(code)){//判断效验码
                errInfo = "nullcode";             //效验码为空
            }else{
                String USERNAME = KEYDATA[0];    //登录过来的用户名
                String PASSWORD  = KEYDATA[1];    //登录过来的密码
                pd.put("USERNAME", USERNAME);
                if(Tools.notEmpty(sessionCode) && sessionCode.equalsIgnoreCase(code)){        //判断登录验证码
                    String passwd = new SimpleHash("SHA-1", USERNAME, PASSWORD).toString();    //密码加密
                    pd.put("PASSWORD", passwd);
                    pd = userService.getUserByNameAndPwd(pd);    //根据用户名和密码去读取用户信息
                    if(pd != null){
                        pd.put("LAST_LOGIN",DateUtil.getTime().toString());
                        userService.updateLastLogin(pd);
                        User user = new User();
                        user.setUSER_ID(pd.getString("USER_ID"));
                        user.setUSERNAME(pd.getString("USERNAME"));
                        user.setPASSWORD(pd.getString("PASSWORD"));
                        user.setNAME(pd.getString("NAME"));
                        user.setRIGHTS(pd.getString("RIGHTS"));
                        user.setROLE_ID(pd.getString("ROLE_ID"));
                        user.setLAST_LOGIN(pd.getString("LAST_LOGIN"));
                        user.setIP(pd.getString("IP"));
                        user.setSTATUS(pd.getString("STATUS"));
                        session.setAttribute(Const.SESSION_USER, user);            //把用户信息放session中
                        session.removeAttribute(Const.SESSION_SECURITY_CODE);    //清除登录验证码的session
                        //shiro加入身份验证
                        Subject subject = SecurityUtils.getSubject(); 
                        UsernamePasswordToken token = new UsernamePasswordToken(USERNAME, PASSWORD); 
                        try { 
                            subject.login(token); 
                        } catch (AuthenticationException e) { 
                            errInfo = "身份验证失败!";
                        }
                    }else{
                        errInfo = "usererror";                 //用户名或密码有误
                        logBefore(logger, USERNAME+"登录系统密码或用户名错误");
                    }
                }else{
                    errInfo = "codeerror";                     //验证码输入有误
                }
                if(Tools.isEmpty(errInfo)){
                    errInfo = "success";                    //验证成功
                    logBefore(logger, USERNAME+"登录系统");
                }
            }
        }else{
            errInfo = "error";    //缺少参数
        }
        map.put("result", errInfo);
        return AppUtil.returnObject(new PageData(), map);
    }
  • 相关阅读:
    tmux 简明操作指南
    几种查看linux版本信息的方法
    安装Ruby&Rails遇到的问题
    安装DevKit
    gcc 编译选项
    EF数据操作详解
    值类型和引用类型的区别
    Class<T> where T:new() 含义
    50道高级sql练习题;大大提高自己的sql能力(附具体的sql)
    Entity framework 意外删除了表,如何在不影响其它表的情况下恢复回来
  • 原文地址:https://www.cnblogs.com/zrui-xyu/p/5805874.html
Copyright © 2020-2023  润新知