springboot整合极验实现登陆

极验是一个提供验证服务的第三方库，可以有效地防止机器人攻击，提高网站的安全性。Spring Boot整合极验可以使用户在登录、注册等敏感操作上获得更好的保障。

以下是整合极验的步骤：

1.首先，需要在极验官网上注册账号，创建应用，并获得极验的ID和Key。

2.在Spring Boot项目中添加极验依赖。

    com.geetest.sdk
    gt3-sdk
    4.0.7-p3

1
2
3
4
5

3.在application.yml中配置极验的ID和Key。

gt:
  captcha:
    id: [your_id]
    key: [your_key]
1
2
3
4

4.编写验证码的Controller。

@RestController
public class CaptchaController {
    @Autowired
    private CaptchaService captchaService;

    @GetMapping("/captcha")
    public void captcha(HttpServletRequest request, HttpServletResponse response) {
        captchaService.generateCaptcha(request, response);
    }
}
1
2
3
4
5
6
7
8
9
10

5.编写CaptchaService。

@Service
public class CaptchaService {
    @Autowired
    private GeetestLib geetestLib;

    public void generateCaptcha(HttpServletRequest request, HttpServletResponse response) {
        String userid = UUID.randomUUID().toString();
        int gtServerStatus = geetestLib.preProcess(userid);
        request.getSession().setAttribute(GeetestLib.gtServerStatusSessionKey, gtServerStatus);
        request.getSession().setAttribute(GeetestLib.useridSessionKey, userid);

        JSONObject jsonObject = new JSONObject();
        jsonObject.put(GeetestLib.gtServerStatusSessionKey, gtServerStatus);
        jsonObject.put(GeetestLib.gtUserIdSessionKey, userid);
        response.setContentType("application/json;charset=UTF-8");
        try {
            response.getWriter().write(jsonObject.toString());
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    public boolean validateCaptcha(HttpServletRequest request) {
        String challenge = request.getParameter(GeetestLib.geetestChallenge);
        String validate = request.getParameter(GeetestLib.geetestValidate);
        String seccode = request.getParameter(GeetestLib.geetestSeccode);
        String userid = (String) request.getSession().getAttribute(GeetestLib.useridSessionKey);

        int gtServerStatus = (int) request.getSession().getAttribute(GeetestLib.gtServerStatusSessionKey);

        int gtResult = 0;
        if (gtServerStatus == 1) {
            gtResult = geetestLib.enhencedValidateRequest(challenge, validate, seccode, userid);
        } else {
            gtResult = geetestLib.failbackValidateRequest(challenge, validate, seccode);
        }

        return gtResult == 1;
    }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40

6.在登录或注册的Controller中，调用CaptchaService的validateCaptcha方法进行验证码的验证。

@PostMapping("/login")
public String login(String username, String password, HttpServletRequest request) {
    boolean captchaPassed = captchaService.validateCaptcha(request);
    if (captchaPassed) {
        // 验证码验证通过
        // 进行登录操作
    } else {
        // 验证码验证失败
    }
}

@PostMapping("/register")
public String register(String username, String password, HttpServletRequest request) {
    boolean captchaPassed = captchaService.validateCaptcha(request);
    if (captchaPassed) {
        // 验证码验证通过
        // 进行注册操作
    } else {
        // 验证码验证失败
    }
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21

通过以上步骤，就可以实现Spring Boot整合极验，为用户提供更好的验证服务。