Spring实现短信验证码登录

Spring实现短信验证码登录

基本说明

短信验证码:网站或者客户端应用需要接入短信验证码(手机验证码)的功能,可以实现注册用户的手机号码正确性校验,确保用户填写的手机号码的真实性。

实现原理:发送短信的服务一般是由第三方短信服务商提供的,系统先生成一个验证码,调用第三方服务商的短信接口,发送到手机方,手机方输入验证码,再由系统去校验是否符合,符合则说明手机真实有效。

技术核心:后台下发一条随机码X,网页客户端通过算法将用户信息和随机码X合并,生成一条字符串Y,并返回给后台;后台用同样的算法处理这条随机码X和后台存储的用户信息,得到一条字符串Z。后台比对来自客户端的字符串Y和自己生成的字符串Z,如果两者一致,则确认用户身份。

开通短信验证码服务

详见(以腾讯云为例):腾讯云短信发送验证码(超详细)

SpringBoot开发

build.gradle,依赖

1
2
3
// 腾讯短信验证码服务依赖
// 请到 https://search.maven.org/search?q=tencentcloud-sdk-java 查询最新版本
implementation 'com.tencentcloudapi:tencentcloud-sdk-java-all:3.1.427'

application.properties,配置

1
2
3
4
5
6
7
8
# SecretId 用于标识 API 调用者的身份
sms.secretId=xxx
# SecretKey 用于加密签名字符串和服务器端验证签名字符串的密钥
sms.secretKey=xxx
sms.SmsSdkAppid=xxx
sms.TemplateID=xxx
# 签名(发件人)
sms.Signature=xxx

SMSRandomHelper,生成随机验证码

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
import org.springframework.stereotype.Component;

import java.util.Random;

@Component
public class SMSTokenHelper {

    // 生成随机验证码
    public String createNumber(int digit) {

        String text = "1234567890";
        String result = "";
        Random random = new Random();
        for (int i = 0; i < digit; i++) {
            int index = random.nextInt(text.length());
            char c = text.charAt(index);
            result += c;
        }

        return result;
    }
}

SMSHelper,发送验证码短信,工具类

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
import com.tencentcloudapi.common.Credential;
import com.tencentcloudapi.common.exception.TencentCloudSDKException;
import com.tencentcloudapi.common.profile.ClientProfile;
import com.tencentcloudapi.common.profile.HttpProfile;
import com.tencentcloudapi.sms.v20190711.SmsClient;
import com.tencentcloudapi.sms.v20190711.models.SendSmsRequest;
import com.tencentcloudapi.sms.v20190711.models.SendSmsResponse;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.stereotype.Component;

@Component
@ConfigurationProperties(prefix = "sms")
@Data
public class SMSHelper {
    
    private String secretId;
    private String secretKey;
    private String SmsSdkAppid;
    private String TemplateID;
    private String Signature;

    // 发送短信到用户,工具类
    public String sendSMS(String number, String content) {
        
        try {
            Credential cred = new Credential(secretId, secretKey);

            HttpProfile httpProfile = new HttpProfile();
            httpProfile.setEndpoint("sms.tencentcloudapi.com");

            ClientProfile clientProfile = new ClientProfile();
            clientProfile.setHttpProfile(httpProfile);

            SmsClient client = new SmsClient(cred, "", clientProfile);

            SendSmsRequest req = new SendSmsRequest();
            String[] phoneNumberSet1 = {number};
            req.setPhoneNumberSet(phoneNumberSet1);

            String[] templateParamSet1 = {content};
            req.setTemplateParamSet(templateParamSet1);

            req.setSmsSdkAppid(SmsSdkAppid);
            req.setTemplateID(TemplateID);
            req.setSign(Signature);

            SendSmsResponse resp = client.SendSms(req);

            System.out.println(SendSmsResponse.toJsonString(resp));
            return resp.getSendStatusSet()[0].getCode();

        } catch (TencentCloudSDKException e) {
            System.out.println(e.toString());
            return null;
        }
    }
}

SmsService,发送验证码短信,服务类

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
@Service
public class SmsService {

    @Autowired 
    private SMSHelper smsHelper;

    // 发送短信到用户
    public ServerResponse sendSMS(String userPhone, String messageContent) {
        try {
            String result = smsHelper.sendSMS("+86" + userPhone, messageContent);
            if (result.equals("Ok"))
                return ServerResponse.getInstance()
                        .ok()
                        .responseEnum(ResponseEnum.SUCCESS)
                        .message("手机号可用");
            else
                return ServerResponse.getInstance()
                        .failed()
                        .responseEnum(ResponseEnum.PHONE_ERROR)
                        .data(result);
        } catch (Exception e) {
            e.printStackTrace();
            return ServerResponse.getInstance().failed().responseEnum(ResponseEnum.FAILED);
        }
    }
}

VerifyService,短信验证码认证,发送+认证

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
@Service
public class VerifyService {

	@Autowired
    private SmsService smsService;
    @Autowired
    private SMSTokenHelper smsTokenHelper;
    
    // 执行发送验证码短信到用户
    public ServerResponse checkPhone(String userPhone) {
        String createText = smsTokenHelper.createNumber(4);
        /**
        * Redis缓存手机号码和验证码
        * 用于后续身份验证
        * */ 
        return smsService.sendSMS(userPhone, createText);
    }
    
    // 验证用户身份
    public ServerResponse verifyPhone(String userPhone, String messageContent) {

        /**
        * 从Redis获取手机号和验证码信息
        * 对比用户前端提交的数据
        * 验证用户注册或登录或验证是否成功
        * */
		
    }
    
}

tag:

    缺失模块。
    1、请确保node版本大于6.2
    2、在博客根目录(注意不是yilia根目录)执行以下命令:
    npm i hexo-generator-json-content --save

    3、在根目录_config.yml里添加配置: 

      jsonContent:
    meta: false
    pages: false
    posts:
      title: true
      date: true
      path: true
      text: false
      raw: false
      content: false
      slug: false
      updated: false
      comments: false
      link: false
      permalink: false
      excerpt: false
      categories: false
      tags: true

徘徊在原子与字节的边缘<br><br>将更好的自己呈现给世界<br><br><br><br>修心至要,事上磨练<br><br>一蓑衣,一壶酒,一曲长歌,一剑天涯<br><br>见自己,见天地,见众生<br><br>