add<验证码校验>

2025-01-13 23:54:21 +08:00 · 2025-01-13 23:54:21 +08:00 · d546287891
parent 66449ed821
commit d546287891
2 changed files with 35 additions and 19 deletions
--- a/src/main/java/example/controller/LoginServlet.java
+++ b/src/main/java/example/controller/LoginServlet.java
@ -22,7 +22,13 @@ public class LoginServlet extends HttpServlet {
        req.setCharacterEncoding("utf-8");
        String username = req.getParameter("username");
        String password = req.getParameter("password");
+        String captcha = req.getParameter("captcha");
        try {
+            if(!captcha.equalsIgnoreCase((String)req.getSession().getAttribute("captcha"))){
+                req.getSession().setAttribute("msg","验证码错误");
+                resp.sendRedirect("/msg.jsp");
+                return;
+            }
            User user = userService.login(username, password);
            if(user!=null){
                req.getSession().setAttribute("user",user);
--- a/src/main/webapp/login.jsp
+++ b/src/main/webapp/login.jsp
@ -1,23 +1,33 @@
 <%@ page contentType="text/html;charset=UTF-8" language="java" %>
-    <!DOCTYPE html>
-    <html>
+<!DOCTYPE html>
+<html>

-    <head>
-        <script src="https://www.liyansheng.top/cdn/watermark.js"></script>
-    </head>
+<head>
+    <script src="https://www.liyansheng.top/cdn/watermark.js"></script>
+    <script>
+        // 定义一个函数，用于刷新验证码
+        function refreshCaptcha() {
+            const captchaImage = document.getElementById("captchaImage");
+            captchaImage.src = "/captcha?timestamp=" + new Date().getTime(); // 添加时间戳避免缓存
+        }
+    </script>
+</head>

-    <body>
-        <h2>-电脑商城-用户登录</h2>
-        <form action="login" method="post">
-            <label for="username">用户名:</label>
-            <input type="text" id="username" name="username" required><br><br>
-            <label for="password">密码:</label>
-            <input type="password" id="password" name="password" required><br><br>
-            <button type="submit">登录</button>
-            <a href="/register">没有账号?去注册</a>
-        </form>
-        <br>
-        ${requestScope.msg}
-    </body>
+<body>
+    <h2>-电脑商城-用户登录</h2>
+    <form action="login" method="post">
+        <label for="username">用户名:</label>
+        <input type="text" id="username" name="username" required><br><br>
+        <label for="password">密码:</label>
+        <input type="password" id="password" name="password" required><br><br>
+        <label for="captcha">验证码</label>
+        <input type="text" id="captcha" name="captcha" required>
+        <img id="captchaImage" src="/captcha" alt="验证码" onclick="refreshCaptcha()" style="cursor: pointer;" title="点击刷新验证码"><br><br>
+        <button type="submit">登录</button>
+        <a href="/register">没有账号?去注册</a>
+    </form>
+    <br>
+    ${requestScope.msg}
+</body>

-    </html>
+</html>