验证码项目总结_结合图片验证码和短信验证码登陆接口
文章目录
- 一、流程
- 二、分析
-
- 1.请求短信验证码接口
- 2.请求发送短信验证码接口
-
- 第三方发送短信验证码的接口代码
- 3.登陆接口
-
- 第三方校验短信验证码的接口代码
一、流程
当图片验证码校验成功后才能发送短信验证码,
在登陆接口在验证短信验证码成功后才能登录。
二、分析
1.请求短信验证码接口
页面将Base64后的图片解码后再页面显示出来。
2.请求发送短信验证码接口
会首先校验图片验证码是否正确。
所以请求的时候会携带上一个接口返回的key和在页面用户输入的图片验证码。
根据Key查询Redis中对应的正确的图片验证码信息,和用户页面输入的图片验证码进行对比。
如果图片验证码输入正确,在调用短信平台发送短信验证码。
第三方发送短信验证码的接口代码
public void sSendMsg(CodeRecordBean bean) {
//根据号码查询redis,查出验证码config
SjxCodeConfig scc = RedisUtil.readConfig(RedisKeyUtil.getCodeConfig(bean.getName()));
if(null==scc||!scc.getPwd().equals(MD5Util.md5(bean.getPwd()))){
throw new BusinessException(ExceptionsEnumCode.FAIL,"账号或密码错误");
}
//查redis,无直接添加,有次数加1,总次数加1,再添加
Map<String,Object> map = RedisUtil.readMap(RedisKeyUtil.getCodeHz(bean.getName(), bean.getPhone()));
if(null==map){
Map<String, Object> redisValue = new HashMap<String,Object>();
redisValue.put("time", new Date());
redisValue.put("count", 1);
redisValue.put("totalCount",1);
System.out.println(redisValue.toString());
RedisUtil.redisHz(bean.getName(),bean.getPhone(),redisValue);
}else{
Date oldDate = (Date)map.get("time");
//请求时间减去最近一次的时间
long min = DateUtilPlus.getNum(oldDate, new Date(), 6);
Integer count = 0 ;
Integer totalCount = (Integer)map.get("totalCount")+1;
if(min<=scc.getConfigTime()){
//次数加1
count = (Integer)map.get("count")+1;
}else{
//删除缓存中该号码的数据,重新添加,次数重置为1
RedisUtil.del(RedisKeyUtil.getCodeHz(bean.getName(), bean.getPhone()));
Map<String, Object> redisValue = new HashMap<String,Object>();
redisValue.put("time", new Date());
count = 1;
redisValue.put("count", count);
redisValue.put("totalCount", totalCount);
RedisUtil.redisHz(bean.getName(),bean.getPhone(), redisValue);
}
//校验频次
if(count>scc.getConfigCount()){
throw new BusinessException(ExceptionsEnumCode.FAIL,"超过该用户的频次");
}
//记录下总次数
Map<String, Object> redisValue = new HashMap<String,Object>();
redisValue.put("time", new Date());
redisValue.put("count", count);
redisValue.put("totalCount", totalCount);
RedisUtil.redisHz(bean.getName(),bean.getPhone(), redisValue);
}
//判断是否更换验证码
String code=null;
Map<String,Object> rp = RedisUtil.readMap(RedisKeyUtil.getCodeRecord(bean.getName(), bean.getPhone()));
if(null!=rp){
//判断对方是否接收到,未接受到且change为1,就用原来的验证码
if(scc.getChange()==1&&(Integer)rp.get("checkStatus")==0){
code = (String)rp.get("code");
}
}
//生成验证码并发送
Map<String, String> data = getData(scc);
if(null!=code){
data.put("code", code);
}
if ("17717285091".equals(bean.getPhone())) {
data.put("code", ConstantUtil.STRING_8888);
}
Map<String, String> params = setParams(bean,scc,data);
System.out.println(JsonKit.toJson(params));
String result = HttpKit.post(PropKit.get("bst_url"), params, "");
BstDataBean bst = JSON.parseObject(result,BstDataBean.class);
if(!bst.getCode().equals("0000")){
_log.info("发送短信接口失败:"+bst.toString());
throw new BusinessException(ExceptionsEnumCode.FAIL,"短信发送失败,请稍后再试");
}
//写入数据库
SjxCodeRecord scr = ccr.mGetCodeRecordByPhone(bean.getPhone());
if(scr==null){
scr = new SjxCodeRecord();
setCodeRecord(scc,scr, bean, data);
scr.setCreateTime(new Date());
boolean bool = scr.save();
_log.info("sSendMsg:入参:"+bean.toString()+",返回结果="+bool);
if (!bool) {
throw new BusinessException(ExceptionsEnumCode.DATA_INSERT);
}
}else{
setCodeRecord(scc,scr, bean, data);
scr.setUpdateTime(new Date());
boolean bool = scr.update();
_log.info("sSendMsg:入参:"+bean.toString()+",返回结果="+bool);
if (!bool) {
throw new BusinessException(ExceptionsEnumCode.DATA_UPDATE);
}
}
//写入redis
Map<String,Object> rmap = new HashMap<String, Object>();
rmap.put("code", scr.getCode());
rmap.put("phone", scr.getPhone());
rmap.put("checkStatus", 0);//未被校验状态
RedisUtil.redisRecord(rmap,scc.getName(),scr.getPhone(),scc.getTerm());
RedisUtil.del(RedisKeyUtil.getCodeCheckCount(scc.getName(), scr.getPhone(), scr.getCode()));
}
3.登陆接口
首先校验短信验证码是否正确,在执行业务代码。
第三方校验短信验证码的接口代码
public void sCheckMsg(CodeRecordBean bean) {
//读取缓存中的config
SjxCodeConfig scc = RedisUtil.readConfig(RedisKeyUtil.getCodeConfig(bean.getName()));
if(null==scc||!scc.getPwd().equals(MD5Util.md5(bean.getPwd()))){
throw new BusinessException(ExceptionsEnumCode.FAIL,"账号或密码错误");
}
Integer misCheck = RedisUtil.readInt(RedisKeyUtil.getIvr(bean.getPhone()));
_log.info("当前密码错误次数是:"+misCheck);
if (null!=misCheck){
if (misCheck >= ConstantUtil.INT_5) {
throw new BusinessException(ExceptionsEnumCode.FAIL, "验证次数超过限制,请一小时后重试");
}
}
//读取缓存中的record
Map<String,Object> rp = RedisUtil.readMap(RedisKeyUtil.getCodeRecord(bean.getName(), bean.getPhone()));
if(null==rp){
addMisAcount(bean,misCheck);
throw new BusinessException(ExceptionsEnumCode.FAIL,"验证码失效或者未生成");
}
_log.info("验证码验证信息:"+JsonKit.toJson(rp));
// if (ConstantUtil.INT_1==(Integer)rp.get("checkStatus")){
// addMisAcount(bean,misCheck);
// throw new BusinessException(ExceptionsEnumCode.FAIL,"此次验证已失效,请重新获取验证码");
// }
//校验次数
Integer count = 0;
Integer check = RedisUtil.readInt(RedisKeyUtil.getCodeCheckCount(bean.getName(), bean.getPhone(), bean.getCode()));
if(null==check){
count = 1;
}else{
count = check+1;
}
if(count>scc.getCheckCount()){
throw new BusinessException(ExceptionsEnumCode.FAIL,"校验次数超过限制");
}
RedisUtil.redisCheckCount(bean.getName(),bean.getPhone(),bean.getCode(), scc.getTerm(), count);
//修改record中的已被校验状态
rp.put("checkStatus", 1);
//写入缓存
RedisUtil.redisRecord(rp,scc.getName(),(String)rp.get("phone"),scc.getTerm());
if(!bean.getCode().equalsIgnoreCase((String)rp.get("code"))){
addMisAcount(bean,misCheck);
throw new BusinessException(ExceptionsEnumCode.FAIL,"短信验证码错误");
}else {
_log.info("正确密码错误次数是:"+misCheck);
RedisUtil.del(RedisKeyUtil.getIvr(bean.getPhone()));
}
}