spring boot集成阿里滑块验证

一、效果

image.png

二、java代码
1、properties

aliyun:
  properties:
    regionid: cn-hangzhou
    accessKeyId: LTAfadfanqxk2UGGX
    accessKeySecret: zZy08Y8EPafdfsfasMKKzxHaElFja
    appKey: FFFF0N00000342354

import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

/**
 * 读取配置
 */
@ConfigurationProperties(prefix = "aliyun.properties")
@Component
@Data
public class AliyunProperties {

    private String regionid;

    private String accessKeyId;

    private String accessKeySecret;

    private String appKey;
}

2、beanConfig

import com.aliyuncs.DefaultAcsClient;
import com.aliyuncs.IAcsClient;
import com.aliyuncs.profile.DefaultProfile;
import com.aliyuncs.profile.IClientProfile;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

@Configuration
public class IAcsClientConfig {

    @Autowired
    private AliyunProperties aliyunProperties;

    @Bean
    public IAcsClient client() throws Exception {
        IClientProfile profile = DefaultProfile.getProfile(aliyunProperties.getRegionid(), aliyunProperties.getAccessKeyId(), aliyunProperties.getAccessKeySecret());
        IAcsClient client = new DefaultAcsClient(profile);
        DefaultProfile.addEndpoint("cn-hangzhou", "cn-hangzhou", "afs", "afs.aliyuncs.com");
        return client;
    }

}

3、登录controller

import com.aliyuncs.IAcsClient;
import com.ctrip.entity.LoginModel;
import com.ctrip.spring.utils.IPUtil;
import com.aliyuncs.afs.model.v20180112.AuthenticateSigRequest;
import com.aliyuncs.afs.model.v20180112.AuthenticateSigResponse;
import com.ctrip.web.manage.config.AliyunProperties;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;

import javax.annotation.Resource;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

@Controller
@RequestMapping("/manage")
public class LoginController1 {

    @Autowired
    private AliyunProperties aliyunProperties;

    @Resource
    private IAcsClient client;

    /**
     * 登录验证
     */
    @RequestMapping("/login")
    public String verification(HttpServletRequest request,HttpServletResponse response, Model model, LoginModel loginModel) {
        boolean isAuth = authValidate(loginModel,request);
        if(!isAuth){
            model.addAttribute("msg", "验证失败");
            return "login";
        }
        return "login";
    }

    /**
     * 验证滑块
     * @param loginModel
     * @param request
     * @return
     */
    private boolean authValidate(LoginModel loginModel, HttpServletRequest request) {
        String requestIp = IPUtil.getRemortIP(request);
        AuthenticateSigRequest authRequest = new AuthenticateSigRequest();
        // 必填参数，从前端获取，不可更改
        authRequest.setSessionId(loginModel.getSessionId());
        // 必填参数，从前端获取，不可更改
        authRequest.setSig(loginModel.getSig());
        // 必填参数，从前端获取，不可更改
        authRequest.setToken(loginModel.getToken());
        // 必填参数，从前端获取，不可更改
        authRequest.setScene(loginModel.getScene());
        // 必填参数，后端填写
        authRequest.setAppKey(aliyunProperties.getAppKey());
        // 必填参数，后端填写
        authRequest.setRemoteIp(requestIp);

        try {
            AuthenticateSigResponse acsResponse = client.getAcsResponse(authRequest);
            if(acsResponse.getCode() != 100) {
                System.out.println("=======登录验签失败===" + requestIp);
                return false;
            } else {
                return true;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return false;
    }   
}

4、IPUtil

import org.apache.commons.lang.StringUtils;
import javax.servlet.http.HttpServletRequest;
public class IPUtil {
    
    /**
     * 获取ip地址
     * @param request
     * @return
     */
    public static String getRemoteIP(HttpServletRequest request) {
        String ip = null;
        try {
            ip = request.getHeader("x-forwarded-for");
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("Proxy-Client-IP");
            }
            if (StringUtils.isEmpty(ip) || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("WL-Proxy-Client-IP");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_CLIENT_IP");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getHeader("HTTP_X_FORWARDED_FOR");
            }
            if (StringUtils.isEmpty(ip) || "unknown".equalsIgnoreCase(ip)) {
                ip = request.getRemoteAddr();
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return ip;
    }
}

5、entity

import lombok.Data;

@Data
public class LoginModel {

    private String sessionId;
    private String sig;
    private String token;
    private String scene;
    private String appKey;
    private String remoteIp;
    private String phone;
    private String password;

    private String username;
    private String userpassword;
    private String code;
    private String rememberMe;

}

6、html

spring boot集成阿里滑块验证

你可能感兴趣的:(spring boot集成阿里滑块验证)