1、先创建一个工具类(用于验证码格式生成)
package com.jixi.utils;
import javax.imageio.ImageIO;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.util.Random;
/**
* 验证码生成类
* Created by zhm on 2017/9/30.
*/
public class RandomValidateCode {
public static final String RANDOMCODEKEY= "RANDOMVALIDATECODEKEY";//放到session中的key
//private String randString = "0123456789";//随机产生只有数字的字符串 private String
private String randString = "ABCDEFGHIJKLMNOPQRSTUVWXYZ";//随机产生只有字母的字符串
//private String randString = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";//随机产生数字与字母组合的字符串
private int width = 95;// 图片宽
private int height = 25;// 图片高
private int lineSize = 40;// 干扰线数量
private int stringNum = 4;// 随机产生字符数量
private Random random = new Random();
/*
* 获得字体
*/
private Font getFont() {
return new Font("Fixedsys", Font.CENTER_BASELINE, 18);
}
/*
* 获得颜色
*/
private Color getRandColor(int fc, int bc) {
if (fc > 255)
fc = 255;
if (bc > 255)
bc = 255;
int r = fc + random.nextInt(bc - fc - 16);
int g = fc + random.nextInt(bc - fc - 14);
int b = fc + random.nextInt(bc - fc - 18);
return new Color(r, g, b);
}
/**
* 生成随机图片
*/
public void getRandcode(HttpServletRequest request, HttpServletResponse response) {
HttpSession session = request.getSession();
// BufferedImage类是具有缓冲区的Image类,Image类是用于描述图像信息的类
BufferedImage image = new BufferedImage(width, height, BufferedImage.TYPE_INT_BGR);
Graphics g = image.getGraphics();// 产生Image对象的Graphics对象,改对象可以在图像上进行各种绘制操作
g.fillRect(0, 0, width, height);
g.setFont(new Font("Times New Roman", Font.ROMAN_BASELINE, 18));
g.setColor(getRandColor(110, 133));
// 绘制干扰线
for (int i = 0; i <= lineSize; i++) {
drowLine(g);
}
// 绘制随机字符
String randomString = "";
for (int i = 1; i <= stringNum; i++) {
randomString = drowString(g, randomString, i);
}
//将生成的随机字符串保存到session中,而jsp界面通过session.getAttribute("RANDOMCODEKEY"),
//获得生成的验证码,然后跟用户输入的进行比较
session.removeAttribute(RANDOMCODEKEY);
session.setAttribute(RANDOMCODEKEY, randomString);
g.dispose();
try {
// 将内存中的图片通过流动形式输出到客户端
ImageIO.write(image, "JPEG", response.getOutputStream());
} catch (Exception e) {
e.printStackTrace();
}
}
/*
* 绘制字符串
*/
private String drowString(Graphics g, String randomString, int i) {
g.setFont(getFont());
g.setColor(new Color(random.nextInt(101), random.nextInt(111), random
.nextInt(121)));
String rand = String.valueOf(getRandomString(random.nextInt(randString
.length())));
randomString += rand;
g.translate(random.nextInt(3), random.nextInt(3));
g.drawString(rand, 13 * i, 16);
return randomString;
}
/*
* 绘制干扰线
*/
private void drowLine(Graphics g) {
int x = random.nextInt(width);
int y = random.nextInt(height);
int xl = random.nextInt(13);
int yl = random.nextInt(15);
g.drawLine(x, y, x + xl, y + yl);
}
/*
* 获取随机的字符
*/
public String getRandomString(int num) {
return String.valueOf(randString.charAt(num));
}
}
2、设计好jsp登陆界面
<div>
<div class="row cl">
<label class="form-label col-xs-3"><i class="Hui-iconfont">用户名</i></label>
<div class="formControls col-xs-8">
<input id="userName" name="userName" type="text" class="input-text size-L" />
</div>
</div>
<div class="row cl">
<label class="form-label col-xs-3"><i class="Hui-iconfont">密码</i></label>
<div class="formControls col-xs-8">
<input id="password" name="password" type="password" class="input-text size-L" />
</div>
</div>
<div class="row cl">
<div class="formControls col-xs-8 col-xs-offset-3">
<input id="checks" class="input-text size-L" type="text" value="验证码:" style="width:150px;" />
<img id="imgVerify" src="" alt="点击更换验证码" /><a href="" rel="nofollow">看不清,换一张</a>
</div>
</div>
<div class="row cl">
<div class="formControls col-xs-8 col-xs-offset-3">
<label><input type="checkbox" name="online" id="online" value="" />使我保持登录状态</label>
</div>
</div>
<div class="row cl">
<div class="formControls col-xs-8 col-xs-offset-3">
<input name="" type="submit" class="btn btn-success radius size-L" value=" 登 录 " />
<input name="" type="reset" class="btn btn-default radius size-L" value=" 取 消 " />
</div>
</div>
</div>
<script type="text/javascript">
$(document.body).ready(function () {
//首次获取验证码
$("#imgVerify").attr("src","/user/getVerify?"+Math.random());
});
//获取验证码
function getVerify(){
var src1=document.getElementById('imgVerify')
src1.src = "/user/getVerify?"+Math.random();
}
//校验验证码
function checkSum(){
var html1=document.getElementById('loginingForm');
var inputStr = $("#checks").val();
if(inputStr!=null && inputStr!="" && inputStr!="验证码:"){
inputStr = inputStr.toUpperCase();//将输入的字母全部转换成大写
html1.action="/user/login?inputStr="+inputStr;//提交表单
}else{
alert("验证码不能为空!")
}
}
//登录验证
function doLogin() {
var userName=document.getElementById('userName').value;
var password=document.getElementById('password').value;
if(null==userName||null==password||""==userName||""==password){
alert('用户名或密码不能为空!');
}else {
//校验验证码
checkSum();
}
}
</script>
3、通过控制层与页面交互
/**
* 登录页面生成验证码
*/
@RequestMapping(value = "/getVerify")
public void getVerify(HttpServletRequest request, HttpServletResponse response){
response.setContentType("image/jpeg");//设置相应类型,告诉浏览器输出的内容为图片
response.setHeader("Pragma", "No-cache");//设置响应头信息,告诉浏览器不要缓存此内容
response.setHeader("Cache-Control", "no-cache");
response.setDateHeader("Expire", 0);
RandomValidateCode randomValidateCode = new RandomValidateCode();
try {
randomValidateCode.getRandcode(request, response);//输出验证码图片方法
} catch (Exception e) {
e.printStackTrace();
}
}
/**
* 验证登录
* @param model
* @param userName
* @param password
* @param inputStr
* @param session
* @return
*/
@RequestMapping(value = "/login", method = RequestMethod.POST)
public String login(Model model, String userName, String password,String inputStr, HttpSession session) {
//从session中获取随机数
String random = (String) session.getAttribute("RANDOMVALIDATECODEKEY");
User user=userService.selectByUserName(userName);
Subject subject = SecurityUtils.getSubject() ;
UsernamePasswordToken token = new UsernamePasswordToken(userName,password);
try {
if(random.equals(inputStr)){
subject.login(token);
model.addAttribute("user", user);
return "user/login" ;
}else {
model.addAttribute("error","验证码错误");
return "redirect:/";
}
} catch (AuthenticationException e) {
e.printStackTrace();
model.addAttribute("error","用户名或密码错误");
return "redirect:/";
}
}