服务器开发之极验证
zzx0426
8年前
<p><img src="https://simg.open-open.com/show/03c6ee08cd2836076e2dc0e316fcb3c8.jpg"></p> <h2><strong>简介</strong></h2> <p>极验证与以往传统验证码不同的是,极验通过分析用户完成拼图过程中的行为特征,通过数据分析来判断是人还是机器。用户不必面对眼花缭乱的英文字符或汉字,整个验证过程变的像游戏一样有趣。</p> <h2><strong>引入GeetestLib</strong></h2> <pre> import com.geetest.sdk.java.GeetestLib;</pre> <h2><strong>API说明</strong></h2> <p>GeetestLib(String captchaId, String privateKey) : 构造函数</p> <p>preProcess() : 预处理接口</p> <p>getResponseStr() : 获取预处理结果的接口</p> <p>enhencedValidateRequest(String challenge, String validate, String seccode) : 极验服务器状态正常的二次验证接口</p> <p>failbackValidateRequest(String challenge, String validate, String seccode) : 极验服务器状态宕机的二次验证接口</p> <h2><strong>GeetestConfig 配置文件</strong></h2> <pre> public class GeetestConfig { private static final String captcha_id_web = ""; private static final String captcha_id_wap = ""; private static final String private_key_web = ""; private static final String private_key_wap = ""; public static final String getWebCaptcha_id() { return captcha_id_web; } public static final String getWebPrivate_key() { return private_key_web; } public static final String getWapCaptcha_id() { return captcha_id_wap; } public static final String getWapPrivate_key() { return private_key_wap; } }</pre> <h2><strong>验证初始化</strong></h2> <pre> @RequestMapping(value = "/gt/init") @ResponseBody public String geetestStart(HttpServletRequest request){ GeetestLib gtSdk = null; if(isMobile(request)){ gtSdk = new GeetestLib(GeetestConfig.getWapCaptcha_id(), GeetestConfig.getWapPrivate_key()); }else{ gtSdk = new GeetestLib(GeetestConfig.getWebCaptcha_id(), GeetestConfig.getWebPrivate_key()); } //自定义userid String userid = "test"; //进行验证预处理 int gtServerStatus = gtSdk.preProcess(userid); //将服务器状态设置到session中 request.getSession().setAttribute(gtSdk.gtServerStatusSessionKey, gtServerStatus); //将userid设置到session中 request.getSession().setAttribute("userid", userid); return gtSdk.getResponseStr(); }</pre> <h2><strong>二次验证</strong></h2> <pre> boolean validGtCode(HttpServletRequest request) { GeetestLib gtSdk = null; if(isMobile(request)){ gtSdk = new GeetestLib(GeetestConfig.getWapCaptcha_id(), GeetestConfig.getWapPrivate_key()); }else{ gtSdk = new GeetestLib(GeetestConfig.getWebCaptcha_id(), GeetestConfig.getWebPrivate_key()); } String challenge = request.getParameter(GeetestLib.fn_geetest_challenge); String validate = request.getParameter(GeetestLib.fn_geetest_validate); String seccode = request.getParameter(GeetestLib.fn_geetest_seccode); //从session中获取userid String userid = (String)request.getSession().getAttribute("userid"); //从session中获取gt-server状态 int gt_server_status_code = (Integer) request.getSession().getAttribute(gtSdk.gtServerStatusSessionKey); int gtResult = 0; if (gt_server_status_code == 1) { //gt-server正常,向gt-server进行二次验证 gtResult = gtSdk.enhencedValidateRequest(challenge, validate, seccode, userid); } else { // gt-server非正常情况下,进行failback模式验证 logger.warn("failback:use your own server captcha validate"); gtResult = gtSdk.failbackValidateRequest(challenge, validate, seccode); } return gtResult == 1; }</pre> <h2><strong>前端页面login.jsp</strong></h2> <pre> <!-- 为使用方便,直接使用jquery.js库,如您代码中不需要,可以去掉 --> <script src="http://code.jquery.com/jquery-1.12.3.min.js"></script> <!-- 引入封装了failback的接口--initGeetest --> <script src="http://static.geetest.com/static/tools/gt.js"></script> <!-- 若是https,使用以下接口 --> <!-- <script src="https://code.jquery.com/jquery-1.12.3.min.js"></script> --> <!-- <script src="https://static.geetest.com/static/tools/gt.js"></script> --> <script> var handlerPopup = function (captchaObj) { // 成功的回调 captchaObj.onSuccess(function () { var validate = captchaObj.getValidate(); $.ajax({ url: "gt/validate", // 进行二次验证 type: "post", dataType: "json", data: { username: $('#username1').val(), password: $('#password1').val(), geetest_challenge: validate.geetest_challenge, geetest_validate: validate.geetest_validate, geetest_seccode: validate.geetest_seccode }, success: function (data) { if (data && (data.status === "success")) { $(document.body).html('<h1>登录成功</h1>'); } else { $(document.body).html('<h1>登录失败</h1>'); } } }); }); $("#popup-submit").click(function () { captchaObj.show(); }); // 将验证码加到id为captcha的元素里 captchaObj.appendTo("#popup-captcha"); // 更多接口参考:http://www.geetest.com/install/sections/idx-client-sdk.html }; // 验证开始需要向网站主后台获取id,challenge,success(是否启用failback) $.ajax({ url: "gt/init?t=" + (new Date()).getTime(), // 加随机数防止缓存 type: "get", dataType: "json", success: function (data) { // 使用initGeetest接口 // 参数1:配置参数 // 参数2:回调,回调的第一个参数验证码对象,之后可以使用它做appendTo之类的事件 initGeetest({ gt: data.gt, challenge: data.challenge, product: "popup", // 产品形式,包括:float,embed,popup。注意只对PC版验证码有效 offline: !data.success // 表示用户后台检测极验服务器是否宕机,一般不需要关注 // 更多配置参数请参见:http://www.geetest.com/install/sections/idx-client-sdk.html#config }, handlerPopup); } }); </script></pre> <h2><strong>效果</strong></h2> <h3><strong>浮动式</strong></h3> <p style="text-align: center;"><img src="https://simg.open-open.com/show/803b6b61613372ba95fa5ac3cac72c14.png"></p> <h3><strong>嵌入式</strong></h3> <p style="text-align: center;"><img src="https://simg.open-open.com/show/b21dae343d2724337ce1bf7d109b80b9.png"></p> <h3>弹出式</h3> <p style="text-align: center;"><img src="https://simg.open-open.com/show/19f160d5165ea73831e8b911ac299f50.png"></p> <h3><strong>移动端形式</strong></h3> <p style="text-align: center;"><img src="https://simg.open-open.com/show/094d3ceb27d3249979e9f036baf2e26f.png"></p> <p> </p> <p> </p> <p>来自:http://www.jianshu.com/p/d2dadc2c387a</p> <p> </p>