生成验证码基础
首先来看下,Java是如何动态生成图片的:
public class Demo {
@Test
public void fun() throws IOException {
// 1. 创建图片缓冲区
// 2. 设置其宽高
BufferedImage bi = new BufferedImage(70, 35, BufferedImage.TYPE_INT_RGB);
// 3. 得到图片的绘制环境(得到画笔)
Graphics2D graphics2D = (Graphics2D) bi.getGraphics();
graphics2D.setColor(Color.WHITE); // 把环境设置为白色
// 填充矩形,从0,0点开始,宽70,高35,即整个图片,即为图片设置背景色
graphics2D.fillRect(0,0,70,35);
graphics2D.setColor(Color.RED); // 把环境设置为红色(换颜色开始写字了)
// 向图片上写入字符串,其中2,35-2表示x,y轴的坐标
graphics2D.drawString("Hello", 2, 35-2);
// 4. 保存起来图片
ImageIO.write(bi, "JPEG", new FileOutputStream("src/file/xxxx.jpg"));
}
}
生成的图片效果如下:
随机生成验证码
那么就可以继续实现生成随机验证码的功能了:
import javax.imageio.ImageIO;
import java.awt.*;
import java.awt.image.BufferedImage;
import java.io.IOException;
import java.io.OutputStream;
import java.util.Random;
public class VerifyCode {
private int w = 70;
private int h = 35;
private Random r = new Random();
// 字体
private String[] fontNames = {"宋体", "华文楷体", "黑体", "华文新魏", "华文隶书", "微软雅黑", "楷体_GB2312"};
// 可选字符
private String codes = "23456789abcdefghjkmnopqrstuvwxyzABCDEFGHJKMNPQRSTUVWXYZ";
// 背景色
private Color bgColor = new Color(255, 255, 255);
// 验证码上的文本
private String text;
// 生成随机的颜色
private Color randomColor() {
int red = r.nextInt(150);
int green = r.nextInt(150);
int blue = r.nextInt(150);
return new Color(red, green, blue);
}
// 生成随机的字体
private Font randomFont() {
int index = r.nextInt(fontNames.length); // [0,7)
String fontName = fontNames[index]; // 生成随机的字体名称
// 生成随机的样式,0(无样式),1(粗体),2(斜体),3(粗体+斜体)
int style = r.nextInt(4);
// 生成随机字号
int size = r.nextInt(5) + 20;
return new Font(fontName, style, size);
}
// 画干扰线
private void drawLine(BufferedImage image) {
int num = 3; // 一共画3条
Graphics2D g2 = (Graphics2D) image.getGraphics();
for (int i = 0; i < num; i++) {
int x1 = r.nextInt(w);
int y1 = r.nextInt(h);
int x2 = r.nextInt(w);
int y2 = r.nextInt(h);
g2.setStroke(new BasicStroke(1.0F));
g2.setColor(Color.BLUE);
g2.drawLine(x1, y1, x2, y2);
}
}
// 随机生成一个字符
private char randomChar() {
int index = r.nextInt(codes.length());
return codes.charAt(index);
}
// 创建BufferedImage
private BufferedImage createImage() {
BufferedImage image = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
Graphics2D g2 = (Graphics2D) image.getGraphics();
g2.setColor(this.bgColor);
g2.fillRect(0, 0, w, h); // 填充矩形
return image;
}
// 调用这个方法得到验证码
public BufferedImage getImage() {
// 创建图片缓冲区
BufferedImage image = createImage();
// 得到绘制环境
Graphics2D g2 = (Graphics2D) image.getGraphics();
StringBuilder sb = new StringBuilder(); // 用来装载生成的验证码文本
// 向图片中画4个字符,循环4次
for (int i = 0; i < 4; i++) {
String s = randomChar() + "";
sb.append(s);
float x = i * 1.0F * w / 4; // 设置当前字符的x轴坐标,每个占1/4宽度
g2.setFont(randomFont());//设置随机字体
g2.setColor(randomColor());//设置随机颜色
g2.drawString(s, x, h - 5);//画图
}
this.text = sb.toString(); // 把生成的字符串赋给了this.text
drawLine(image); // 添加干扰线
return image;
}
// 返回验证码图片上的文本
public String getText() {
return this.text;
}
// 保存图片到指定的输出流
public static void output(BufferedImage image, OutputStream out) throws IOException {
ImageIO.write(image, "JPEG", out);
}
}
测试程序
public class Demo2 {
@Test
public void fun() throws IOException {
VerifyCode verifyCode = new VerifyCode();
BufferedImage image = verifyCode.getImage();
VerifyCode.output(image, new FileOutputStream("src/file/code.jpg"));
System.out.println(verifyCode.getText());
}
}
最佳实践:登录页面加入验证码
首先写一个登录页面:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<script>
function _change() {
var imgEle = document.getElementById("img");
imgEle.src = "/web_test4_war_exploded/VerifyCodeServlet?a="+ new Date().getTime();
}
</script>
<head>
<title>欢迎登录学习系统</title>
</head>
<body>
<h2>请登录!</h2>
<%
String uname = "";
// 读取cookie:uname
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if ("uname".equals(cookie.getName())) {
uname = cookie.getValue();
}
}
}
%>
<%
String message = "";
String msg = (String) request.getAttribute("message");
if (msg != null) {
message = msg;
}
%>
<font color="red"><%= message %></font>
<form action="/web_test4_war_exploded/LoginServlet" method="post">
用户名:<input type="text" name="username" value="<%=uname%>"> <br/>
密 码:<input type="text" name="password"> <br/>
验证码:<input type="text" name="verifyCode">
<img id="img" src="/web_test4_war_exploded/VerifyCodeServlet">
<a href="javascript:_change()">看不清楚,换一张</a>
<br/>
<input type="submit" value="点击登录">
</form>
</body>
</html>
生成验证码的servlet:
package com.login;
import com.verifycode.VerifyCode;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.awt.image.BufferedImage;
import java.io.FileOutputStream;
import java.io.IOException;
public class VerifyCodeServlet extends HttpServlet {
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 生成图片
VerifyCode verifyCode = new VerifyCode();
BufferedImage image = verifyCode.getImage();
// 保存图片上的文本到Session域
req.getSession().setAttribute("session_verifyCode", verifyCode.getText());
// 把图片响应给客户端
VerifyCode.output(image, new FileOutputStream("code.jpg"));
VerifyCode.output(image, resp.getOutputStream());
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
doGet(req, resp);
}
}
登录校验的servlet:
package com.login;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import java.io.IOException;
public class LoginServlet extends HttpServlet {
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
// 验证码校验
String session_verifyCode = (String) req.getSession().getAttribute("session_verifyCode");
String verifyCode = req.getParameter("verifyCode");
if (!verifyCode.equalsIgnoreCase(session_verifyCode)) {
// 不相同,保存错误信息到 request 域
req.setAttribute("message", "验证码填写错误");
// 转发回到 login.jsp
req.getRequestDispatcher("/login/login.jsp").forward(req, resp);
return;
}
req.setCharacterEncoding("UTF-8");
String username = req.getParameter("username");
String password = req.getParameter("password");
// 校验
if ("root".equals(username) && "root123".equals(password)) {
// 用户名保存到cookie中
Cookie cookie = new Cookie("uname", username);
cookie.setMaxAge(60 * 60 * 24);
resp.addCookie(cookie);
// 保存用户信息到 session 中
HttpSession session = req.getSession();
session.setAttribute("username", username);
session.setAttribute("password", password);
// 重定向到 succ1.jsp
resp.sendRedirect("/web_test4_war_exploded/login/succ1.jsp");
} else { //登录失败
// 保存错误信息到 request 域
req.setAttribute("message", "您的用户名或密码错误");
// 转发回到 login.jsp
req.getRequestDispatcher("/login/login.jsp").forward(req, resp);
}
}
}
登录成功页面:
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Title</title>
</head>
<body>
<h2>succ1.jsp</h2>
<%
String username = (String) session.getAttribute("username");
if (username == null) {
// 向 request 域保存错误信息,转发到login.jsp
request.setAttribute("message", "您没有登录成功,请重新登录!");
request.getRequestDispatcher("/session/login.jsp").forward(request, response);
return;
}
%>
欢迎<%= username %>登录本网站!
</body>
</html>
效果:
验证码填写错误时
正确填写后
