Home >Java >javaTutorial >How to implement image verification code in Java API development

How to implement image verification code in Java API development

WBOY
WBOYOriginal
2023-06-18 09:22:451943browse

With the rapid development of Internet technology, in order to ensure system security, verification codes have become an essential part of each system. Among them, picture verification code is favored by developers due to its ease of use and security. This article will introduce the specific method of implementing image verification code in Java API development.

1. What is picture verification code

Picture verification code is a way of human-machine verification through pictures. It usually consists of a random combination of pictures containing numbers, letters, symbols, etc., which improves the security of the system. Its working principle includes: the user enters the verification code on the login page, and the background verifies the entered verification code. Only users who have passed the verification can proceed to the next step.

2. Use the image generation tool class in Java development

Java provides the BufferedImage class to generate images during development. In actual development, we usually use string utility classes, such as RandomStringUtils, to generate random strings, and then draw the strings through the BufferedImage class and Graphics class.

The specific implementation steps are as follows:

1. Generate a random string

String randomStr = RandomStringUtils.randomAlphanumeric(4);

Among them, randomAlphanumeric() Method generates a string of random uppercase and lowercase letters and numbers.

2. Draw pictures

BufferedImage image = new BufferedImage(WIDTH, HEIGHT, BufferedImage.TYPE_INT_RGB);
Graphics g = image.getGraphics();

/ / Draw background
g.setColor(new Color(240, 240, 240));
g.fillRect(0, 0, WIDTH, HEIGHT);

// Draw characters
g.setColor(new Color(50, 50, 50));
g.setFont(new Font("Georgia", Font.BOLD, 20));//Set the font
g.drawString(randomStr, 10, 20);

3. Set the image verification method

HttpSession session = request.getSession();

// Store the random string in the session, and Set the validity time
session.setAttribute("img_random", randomStr);
session.setMaxInactiveInterval(60 * 2);//Set the session expiration time to 2 minutes

//Set the verification code plus Salt
String sessionId = session.getId();
String codeWithSessionId = randomStr sessionId;
String salt = DigestUtils.md5Hex(codeWithSessionId);

// Will salt the verification code Store in the session
session.setAttribute("img_salt", salt);

Improve the security of the verification code by confusing the random string with the sessionID.

4. Output image

response.setContentType("image/jpeg");//Specify the content type of the returned image
ServletOutputStream outputStream = response.getOutputStream();
ImageIO .write(image, "JPEG", outputStream);
outputStream.close();

Finally, output the image to the client through ServletOutputStream.

3. Verification of image verification code in Java development

After the user enters the verification code, the background code needs to verify the verification code entered by the user. The specific implementation steps are as follows:

1. Get the user input verification code

String inputCode = request.getParameter("code");

2. Get the verification code stored in the session Verification code and salted verification code

String randomCode = (String) session.getAttribute("img_random");
String saltCode = (String) session.getAttribute("img_salt");

3. Verify the verification code entered by the user after adding salt

String sessionId = session.getId();
String codeWithSessionId = inputCode + sessionId;
String salt = DigestUtils.md5Hex(codeWithSessionId);
if (salt.equalsIgnoreCase(saltCode)) {
    // 验证码正确
} else {
    // 验证码不正确
}

By obtaining the verification code entered by the user and the verification code stored in the session, use the same salting method for verification. to ensure the correctness of the verification code.

Conclusion:

Through the steps introduced in this article, we can easily implement the image verification code function in Java development. Using verification codes can effectively increase the security of the system and prevent malicious attacks. If there is no verification code in your system, you can also try the above method.

The above is the detailed content of How to implement image verification code in Java API development. For more information, please follow other related articles on the PHP Chinese website!

Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn