CINXE.COM
Spring Security添加图形验证码 | MrBird
<!-- build time:Wed Mar 09 2022 10:17:51 GMT+0800 (GMT+08:00) --><!doctype html><html class="theme-next mist" lang="zh-Hans"><head><meta name="generator" content="Hexo 3.8.0"><meta name="google-site-verification" content="7Tau9WyVgxnsEY9oYedu9g0U6_8akOX3wiKbaYcrg9A"><meta name="baidu-site-verification" content="EVwLiaxdxX"><link href="/css/xps13.css" rel="stylesheet" type="text/css"><link href="/css/message.css" rel="stylesheet" type="text/css"><link href="//fonts.googleapis.com/css?family=Baloo+Bhaijaan|Inconsolata|Josefin+Sans|Montserrat" rel="stylesheet"><script type="text/javascript" src="/js/jquery-1.11.3.min.js"></script><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1,maximum-scale=1"><meta http-equiv="Cache-Control" content="no-transform"><meta http-equiv="Cache-Control" content="no-siteapp"><link href="/lib/font-awesome/css/font-awesome.min.css?v=4.6.2" rel="stylesheet" type="text/css"><link href="/css/main.css?v=5.1.1" rel="stylesheet" type="text/css"><meta name="keywords" content="Spring,Security,Spring Security,"><link rel="alternate" href="/atom.xml" title="MrBird" type="application/atom+xml"><link rel="shortcut icon" type="image/x-icon" href="/bird.png?v=5.1.1"><meta name="description" content="添加验证码大致可以分为三个步骤:根据随机数生成验证码图片;将验证码图片显示到登录页面;认证流程中加入验证码校验。Spring Security的认证校验是由UsernamePasswordAuthenticationFilter过滤器完成的,所以我们的验证码校验逻辑应该在这个过滤器之前。下面一起学习下如何在上一节Spring Security自定义用户认证的基础上加入验证码校验功能。"><meta name="keywords" content="Spring,Security,Spring Security"><meta property="og:type" content="article"><meta property="og:title" content="Spring Security添加图形验证码"><meta property="og:url" content="http://mrbird.cc/Spring-Security-ValidateCode.html"><meta property="og:site_name" content="MrBird"><meta property="og:description" content="添加验证码大致可以分为三个步骤:根据随机数生成验证码图片;将验证码图片显示到登录页面;认证流程中加入验证码校验。Spring Security的认证校验是由UsernamePasswordAuthenticationFilter过滤器完成的,所以我们的验证码校验逻辑应该在这个过滤器之前。下面一起学习下如何在上一节Spring Security自定义用户认证的基础上加入验证码校验功能。"><meta property="og:locale" content="zh-Hans"><meta property="og:image" content="http://mrbird.cc/img/QQ截图20180715105219.png"><meta property="og:image" content="http://mrbird.cc/img/QQ截图20180715114011.png"><meta property="og:image" content="http://mrbird.cc/img/QQ截图20180715114052.png"><meta property="og:image" content="http://mrbird.cc/img/QQ截图20180715114539.png"><meta property="og:image" content="http://mrbird.cc/img/QQ截图20180715114654.png"><meta property="og:updated_time" content="2020-01-21T03:30:03.156Z"><meta name="twitter:card" content="summary"><meta name="twitter:title" content="Spring Security添加图形验证码"><meta name="twitter:description" content="添加验证码大致可以分为三个步骤:根据随机数生成验证码图片;将验证码图片显示到登录页面;认证流程中加入验证码校验。Spring Security的认证校验是由UsernamePasswordAuthenticationFilter过滤器完成的,所以我们的验证码校验逻辑应该在这个过滤器之前。下面一起学习下如何在上一节Spring Security自定义用户认证的基础上加入验证码校验功能。"><meta name="twitter:image" content="http://mrbird.cc/img/QQ截图20180715105219.png"><script type="text/javascript" id="hexo.configurations">var NexT=window.NexT||{},CONFIG={root:"/",scheme:"Mist",sidebar:{position:"left",display:"always",offset:12,offset_float:0,b2t:!1,scrollpercent:!0},fancybox:!1,motion:!1}</script><title>Spring Security添加图形验证码 | MrBird</title></head><body ondragstart="return!1" class="animsition" lang="zh-Hans" style="overflow-x:hidden;padding-left:280px"><script type="text/javascript" src="/js/mo.min.js"></script><style>body{text-rendering:geometricPrecision!important;font-family:'Josefin Sans','PingFang SC'!important;-webkit-font-smoothing:antialiased!important;-webkit-text-size-adjust:100%!important;background-color:#f4f6f7}@media (min-width:768px) and (max-width:991px){body .header-innerr{width:700px!important}}.header-innerr{margin:0 auto;padding:100px 0 70px;width:880px}@media (min-width:1600px){.container .header-innerr{width:996px}}.header-innerr{position:relative}.header-innerr{padding:0}.header-innerr:after,.header-innerr:before{content:" ";display:table}.header-innerr:after{clear:both}@media (max-width:767px){.header-innerr{width:auto;padding:10px;margin-bottom:-20px}}</style><div class="container sidebar-position-left page-post-detail"><div class="headband"></div><header id="header" class="header"><div class="header-inner"><div class="site-brand-wrapper"><div class="site-meta"><link href="https://fonts.font.im/css?family=Merienda" rel="stylesheet"><div class="custom-logo-site-title"></div><h1 class="site-subtitle" itemprop="description"></h1></div><div class="site-nav-toggle"><button><span class="btn-bar"></span> <span class="btn-bar"></span> <span class="btn-bar"></span></button></div></div><nav class="site-nav"><div class="site-search"><div class="popup search-popup local-search-popup"><div class="local-search-header clearfix"><span class="search-icon"><i class="fa fa-search"></i> </span><span class="popup-btn-close"><i class="fa fa-times-circle"></i></span><div class="local-search-input-wrapper"><input autocomplete="off" placeholder="Search" spellcheck="false" type="text" id="local-search-input"></div></div><div id="local-search-result"></div></div></div></nav></div><div class="header-innerr"></div></header><main id="main" class="main"><div class="main-inner"><div class="content-wrap"><div id="content" class="content"><div id="posts" class="posts-expand"><article class="post post-type-normal" itemscope itemtype="http://schema.org/Article"><link itemprop="mainEntityOfPage" href="http://mrbird.cc/Spring-Security-ValidateCode.html"><span hidden itemprop="author" itemscope itemtype="http://schema.org/Person"><meta itemprop="name" content="MrBird"><meta itemprop="description" content=""><meta itemprop="image" content="/images/blogImage.jpg"></span><span hidden itemprop="publisher" itemscope itemtype="http://schema.org/Organization"><meta itemprop="name" content="MrBird"></span><header class="post-header"><h2 class="post-title" itemprop="name headline">Spring Security添加图形验证码</h2><div class="post-meta"><span class="post-time"><span class="post-meta-item-icon"><i class="fa fa-calendar-o"></i> </span><span class="post-meta-item-text"></span> <time title="创建于" itemprop="dateCreated datePublished" datetime="2018-05-05T09:50:41+08:00">2018-05-05 </time></span><span></span> <span class="post-meta-divider">|</span> <span class="page-pv"><i class="fa fa-laptop"></i> Visit count <span class="busuanzi-value" id="busuanzi_value_page_pv"></span></span></div></header><div class="post-body" itemprop="articleBody"><p>添加验证码大致可以分为三个步骤:根据随机数生成验证码图片;将验证码图片显示到登录页面;认证流程中加入验证码校验。Spring Security的认证校验是由<code>UsernamePasswordAuthenticationFilter</code>过滤器完成的,所以我们的验证码校验逻辑应该在这个过滤器之前。下面一起学习下如何在上一节<a href="/Spring-Security-Authentication.html">Spring Security自定义用户认证</a>的基础上加入验证码校验功能。<a id="more"></a></p><h2 id="生成图形验证码"><a href="#生成图形验证码" class="headerlink" title="生成图形验证码"></a>生成图形验证码</h2><p>验证码功能需要用到<code>spring-social-config</code>依赖:</p><figure class="highlight xml"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"> <span class="tag"><<span class="name">dependency</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">groupId</span>></span>org.springframework.social<span class="tag"></<span class="name">groupId</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">artifactId</span>></span>spring-social-config<span class="tag"></<span class="name">artifactId</span>></span></span><br><span class="line"><span class="tag"></<span class="name">dependency</span>></span></span><br></pre></td></tr></table></figure><p></p><p>首先定义一个验证码对象ImageCode:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">public</span> <span class="class"><span class="keyword">class</span> <span class="title">ImageCode</span> </span>{</span><br><span class="line"></span><br><span class="line"> <span class="keyword">private</span> BufferedImage image;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">private</span> String code;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">private</span> LocalDateTime expireTime;</span><br><span class="line"></span><br><span class="line"> <span class="function"><span class="keyword">public</span> <span class="title">ImageCode</span><span class="params">(BufferedImage image, String code, <span class="keyword">int</span> expireIn)</span> </span>{</span><br><span class="line"> <span class="keyword">this</span>.image = image;</span><br><span class="line"> <span class="keyword">this</span>.code = code;</span><br><span class="line"> <span class="keyword">this</span>.expireTime = LocalDateTime.now().plusSeconds(expireIn);</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> <span class="function"><span class="keyword">public</span> <span class="title">ImageCode</span><span class="params">(BufferedImage image, String code, LocalDateTime expireTime)</span> </span>{</span><br><span class="line"> <span class="keyword">this</span>.image = image;</span><br><span class="line"> <span class="keyword">this</span>.code = code;</span><br><span class="line"> <span class="keyword">this</span>.expireTime = expireTime;</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> <span class="function"><span class="keyword">boolean</span> <span class="title">isExpire</span><span class="params">()</span> </span>{</span><br><span class="line"> <span class="keyword">return</span> LocalDateTime.now().isAfter(expireTime);</span><br><span class="line"> }</span><br><span class="line"> <span class="comment">// get,set 略</span></span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>ImageCode对象包含了三个属性:<code>image</code>图片,<code>code</code>验证码和<code>expireTime</code>过期时间。<code>isExpire</code>方法用于判断验证码是否已过期。</p><p>接着定义一个ValidateCodeController,用于处理生成验证码请求:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">@RestController</span></span><br><span class="line"><span class="keyword">public</span> <span class="class"><span class="keyword">class</span> <span class="title">ValidateController</span> </span>{</span><br><span class="line"></span><br><span class="line"> <span class="keyword">public</span> <span class="keyword">final</span> <span class="keyword">static</span> String SESSION_KEY_IMAGE_CODE = <span class="string">"SESSION_KEY_IMAGE_CODE"</span>;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">private</span> SessionStrategy sessionStrategy = <span class="keyword">new</span> HttpSessionSessionStrategy();</span><br><span class="line"></span><br><span class="line"> <span class="meta">@GetMapping</span>(<span class="string">"/code/image"</span>)</span><br><span class="line"> <span class="function"><span class="keyword">public</span> <span class="keyword">void</span> <span class="title">createCode</span><span class="params">(HttpServletRequest request, HttpServletResponse response)</span> <span class="keyword">throws</span> IOException </span>{</span><br><span class="line"> ImageCode imageCode = createImageCode();</span><br><span class="line"> sessionStrategy.setAttribute(<span class="keyword">new</span> ServletWebRequest(request), SESSION_KEY, imageCode);</span><br><span class="line"> ImageIO.write(imageCode.getImage(), <span class="string">"jpeg"</span>, response.getOutputStream());</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p><code>createImageCode</code>方法用于生成验证码对象,<code>org.springframework.social.connect.web.HttpSessionSessionStrategy</code>对象封装了一些处理Session的方法,包含了<code>setAttribute</code>、<code>getAttribute</code>和<code>removeAttribute</code>方法,具体可以查看该类的源码。使用<code>sessionStrategy</code>将生成的验证码对象存储到Session中,并通过IO流将生成的图片输出到登录页面上。</p><p>其中<code>createImageCode</code>方法代码如下所示:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br><span class="line">29</span><br><span class="line">30</span><br><span class="line">31</span><br><span class="line">32</span><br><span class="line">33</span><br><span class="line">34</span><br><span class="line">35</span><br><span class="line">36</span><br><span class="line">37</span><br><span class="line">38</span><br><span class="line">39</span><br><span class="line">40</span><br><span class="line">41</span><br><span class="line">42</span><br><span class="line">43</span><br><span class="line">44</span><br><span class="line">45</span><br><span class="line">46</span><br><span class="line">47</span><br><span class="line">48</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">private</span> ImageCode <span class="title">createImageCode</span><span class="params">()</span> </span>{</span><br><span class="line"></span><br><span class="line"> <span class="keyword">int</span> width = <span class="number">100</span>; <span class="comment">// 验证码图片宽度</span></span><br><span class="line"> <span class="keyword">int</span> height = <span class="number">36</span>; <span class="comment">// 验证码图片长度</span></span><br><span class="line"> <span class="keyword">int</span> length = <span class="number">4</span>; <span class="comment">// 验证码位数</span></span><br><span class="line"> <span class="keyword">int</span> expireIn = <span class="number">60</span>; <span class="comment">// 验证码有效时间 60s</span></span><br><span class="line"></span><br><span class="line"> BufferedImage image = <span class="keyword">new</span> BufferedImage(width, height, BufferedImage.TYPE_INT_RGB);</span><br><span class="line"> Graphics g = image.getGraphics();</span><br><span class="line"></span><br><span class="line"> Random random = <span class="keyword">new</span> Random();</span><br><span class="line"></span><br><span class="line"> g.setColor(getRandColor(<span class="number">200</span>, <span class="number">250</span>));</span><br><span class="line"> g.fillRect(<span class="number">0</span>, <span class="number">0</span>, width, height);</span><br><span class="line"> g.setFont(<span class="keyword">new</span> Font(<span class="string">"Times New Roman"</span>, Font.ITALIC, <span class="number">20</span>));</span><br><span class="line"> g.setColor(getRandColor(<span class="number">160</span>, <span class="number">200</span>));</span><br><span class="line"> <span class="keyword">for</span> (<span class="keyword">int</span> i = <span class="number">0</span>; i < <span class="number">155</span>; i++) {</span><br><span class="line"> <span class="keyword">int</span> x = random.nextInt(width);</span><br><span class="line"> <span class="keyword">int</span> y = random.nextInt(height);</span><br><span class="line"> <span class="keyword">int</span> xl = random.nextInt(<span class="number">12</span>);</span><br><span class="line"> <span class="keyword">int</span> yl = random.nextInt(<span class="number">12</span>);</span><br><span class="line"> g.drawLine(x, y, x + xl, y + yl);</span><br><span class="line"> }</span><br><span class="line"></span><br><span class="line"> StringBuilder sRand = <span class="keyword">new</span> StringBuilder();</span><br><span class="line"> <span class="keyword">for</span> (<span class="keyword">int</span> i = <span class="number">0</span>; i < length; i++) {</span><br><span class="line"> String rand = String.valueOf(random.nextInt(<span class="number">10</span>));</span><br><span class="line"> sRand.append(rand);</span><br><span class="line"> g.setColor(<span class="keyword">new</span> Color(<span class="number">20</span> + random.nextInt(<span class="number">110</span>), <span class="number">20</span> + random.nextInt(<span class="number">110</span>), <span class="number">20</span> + random.nextInt(<span class="number">110</span>)));</span><br><span class="line"> g.drawString(rand, <span class="number">13</span> * i + <span class="number">6</span>, <span class="number">16</span>);</span><br><span class="line"> }</span><br><span class="line"> g.dispose();</span><br><span class="line"> <span class="keyword">return</span> <span class="keyword">new</span> ImageCode(image, sRand.toString(), expireIn);</span><br><span class="line">}</span><br><span class="line"></span><br><span class="line"><span class="function"><span class="keyword">private</span> Color <span class="title">getRandColor</span><span class="params">(<span class="keyword">int</span> fc, <span class="keyword">int</span> bc)</span> </span>{</span><br><span class="line"> Random random = <span class="keyword">new</span> Random();</span><br><span class="line"> <span class="keyword">if</span> (fc > <span class="number">255</span>) {</span><br><span class="line"> fc = <span class="number">255</span>;</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">if</span> (bc > <span class="number">255</span>) {</span><br><span class="line"> bc = <span class="number">255</span>;</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">int</span> r = fc + random.nextInt(bc - fc);</span><br><span class="line"> <span class="keyword">int</span> g = fc + random.nextInt(bc - fc);</span><br><span class="line"> <span class="keyword">int</span> b = fc + random.nextInt(bc - fc);</span><br><span class="line"> <span class="keyword">return</span> <span class="keyword">new</span> Color(r, g, b);</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>生成验证码的方法写好后,接下来开始改造登录页面。</p><h2 id="改造登录页"><a href="#改造登录页" class="headerlink" title="改造登录页"></a>改造登录页</h2><p>在登录页面加上如下代码:</p><figure class="highlight html"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br></pre></td><td class="code"><pre><span class="line"><span class="tag"><<span class="name">span</span> <span class="attr">style</span>=<span class="string">"display: inline"</span>></span></span><br><span class="line"> <span class="tag"><<span class="name">input</span> <span class="attr">type</span>=<span class="string">"text"</span> <span class="attr">name</span>=<span class="string">"imageCode"</span> <span class="attr">placeholder</span>=<span class="string">"验证码"</span> <span class="attr">style</span>=<span class="string">"width: 50%;"</span>/></span></span><br><span class="line"> <span class="tag"><<span class="name">img</span> <span class="attr">src</span>=<span class="string">"/code/image"</span>/></span></span><br><span class="line"><span class="tag"></<span class="name">span</span>></span></span><br></pre></td></tr></table></figure><p></p><p><code><img></code>标签的<code>src</code>属性对应ValidateController的<code>createImageCode</code>方法。</p><p>要使生成验证码的请求不被拦截,需要在<code>BrowserSecurityConfig</code>的<code>configure</code>方法中配置免拦截:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">@Override</span></span><br><span class="line"><span class="function"><span class="keyword">protected</span> <span class="keyword">void</span> <span class="title">configure</span><span class="params">(HttpSecurity http)</span> <span class="keyword">throws</span> Exception </span>{</span><br><span class="line"> http.formLogin() <span class="comment">// 表单登录</span></span><br><span class="line"> <span class="comment">// http.httpBasic() // HTTP Basic</span></span><br><span class="line"> .loginPage(<span class="string">"/authentication/require"</span>) <span class="comment">// 登录跳转 URL</span></span><br><span class="line"> .loginProcessingUrl(<span class="string">"/login"</span>) <span class="comment">// 处理表单登录 URL</span></span><br><span class="line"> .successHandler(authenticationSucessHandler) <span class="comment">// 处理登录成功</span></span><br><span class="line"> .failureHandler(authenticationFailureHandler) <span class="comment">// 处理登录失败</span></span><br><span class="line"> .and()</span><br><span class="line"> .authorizeRequests() <span class="comment">// 授权配置</span></span><br><span class="line"> .antMatchers(<span class="string">"/authentication/require"</span>,</span><br><span class="line"> <span class="string">"/login.html"</span>,</span><br><span class="line"> <span class="string">"/code/image"</span>).permitAll() <span class="comment">// 无需认证的请求路径</span></span><br><span class="line"> .anyRequest() <span class="comment">// 所有请求</span></span><br><span class="line"> .authenticated() <span class="comment">// 都需要认证</span></span><br><span class="line"> .and().csrf().disable();</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>重启项目,访问<a href="http://localhost:8080/login.html" target="_blank" rel="noopener">http://localhost:8080/login.html</a>,效果如下:</p><p><img src="img/QQ截图20180715105219.png" alt="QQ截图20180715105219.png"></p><h2 id="认证流程添加验证码校验"><a href="#认证流程添加验证码校验" class="headerlink" title="认证流程添加验证码校验"></a>认证流程添加验证码校验</h2><p>在校验验证码的过程中,可能会抛出各种验证码类型的异常,比如“验证码错误”、“验证码已过期”等,所以我们定义一个验证码类型的异常类:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br></pre></td><td class="code"><pre><span class="line"><span class="keyword">public</span> <span class="class"><span class="keyword">class</span> <span class="title">ValidateCodeException</span> <span class="keyword">extends</span> <span class="title">AuthenticationException</span> </span>{</span><br><span class="line"> <span class="keyword">private</span> <span class="keyword">static</span> <span class="keyword">final</span> <span class="keyword">long</span> serialVersionUID = <span class="number">5022575393500654458L</span>;</span><br><span class="line"></span><br><span class="line"> ValidateCodeException(String message) {</span><br><span class="line"> <span class="keyword">super</span>(message);</span><br><span class="line"> }</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>注意,这里继承的是<code>AuthenticationException</code>而不是<code>Exception</code>。</p><p>我们都知道,Spring Security实际上是由许多过滤器组成的过滤器链,处理用户登录逻辑的过滤器为<code>UsernamePasswordAuthenticationFilter</code>,而验证码校验过程应该是在这个过滤器之前的,即只有验证码校验通过后采去校验用户名和密码。由于Spring Security并没有直接提供验证码校验相关的过滤器接口,所以我们需要自己定义一个验证码校验的过滤器<code>ValidateCodeFilter</code>:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br><span class="line">22</span><br><span class="line">23</span><br><span class="line">24</span><br><span class="line">25</span><br><span class="line">26</span><br><span class="line">27</span><br><span class="line">28</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">@Component</span></span><br><span class="line"><span class="keyword">public</span> <span class="class"><span class="keyword">class</span> <span class="title">ValidateCodeFilter</span> <span class="keyword">extends</span> <span class="title">OncePerRequestFilter</span> </span>{</span><br><span class="line"></span><br><span class="line"> <span class="meta">@Autowired</span></span><br><span class="line"> <span class="keyword">private</span> AuthenticationFailureHandler authenticationFailureHandler;</span><br><span class="line"></span><br><span class="line"> <span class="keyword">private</span> SessionStrategy sessionStrategy = <span class="keyword">new</span> HttpSessionSessionStrategy();</span><br><span class="line"></span><br><span class="line"> <span class="meta">@Override</span></span><br><span class="line"> <span class="function"><span class="keyword">protected</span> <span class="keyword">void</span> <span class="title">doFilterInternal</span><span class="params">(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, </span></span></span><br><span class="line"><span class="function"><span class="params"> FilterChain filterChain)</span> <span class="keyword">throws</span> ServletException, IOException </span>{</span><br><span class="line"></span><br><span class="line"> <span class="keyword">if</span> (StringUtils.equalsIgnoreCase(<span class="string">"/login"</span>, httpServletRequest.getRequestURI())</span><br><span class="line"> && StringUtils.equalsIgnoreCase(httpServletRequest.getMethod(), <span class="string">"post"</span>)) {</span><br><span class="line"> <span class="keyword">try</span> {</span><br><span class="line"> validateCode(<span class="keyword">new</span> ServletWebRequest(httpServletRequest));</span><br><span class="line"> } <span class="keyword">catch</span> (ValidateCodeException e) {</span><br><span class="line"> authenticationFailureHandler.onAuthenticationFailure(httpServletRequest, httpServletResponse, e);</span><br><span class="line"> <span class="keyword">return</span>;</span><br><span class="line"> }</span><br><span class="line"> }</span><br><span class="line"> filterChain.doFilter(httpServletRequest, httpServletResponse);</span><br><span class="line"> }</span><br><span class="line"> <span class="function"><span class="keyword">private</span> <span class="keyword">void</span> <span class="title">validateCode</span><span class="params">(ServletWebRequest servletWebRequest)</span> <span class="keyword">throws</span> ServletRequestBindingException </span>{</span><br><span class="line"> ...</span><br><span class="line"> } </span><br><span class="line"></span><br><span class="line">}</span><br></pre></td></tr></table></figure><p><code>ValidateCodeFilter</code>继承了<code>org.springframework.web.filter.OncePerRequestFilter</code>,该过滤器只会执行一次。</p><p>在<code>doFilterInternal</code>方法中我们判断了请求URL是否为<code>/login</code>,该路径对应登录<code>form</code>表单的<code>action</code>路径,请求的方法是否为<strong><code>POST</code></strong>,是的话进行验证码校验逻辑,否则直接执行<code>filterChain.doFilter</code>让代码往下走。当在验证码校验的过程中捕获到异常时,调用Spring Security的校验失败处理器<code>AuthenticationFailureHandler</code>进行处理。</p><p><code>validateCode</code>的校验逻辑如下所示:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br></pre></td><td class="code"><pre><span class="line"><span class="function"><span class="keyword">private</span> <span class="keyword">void</span> <span class="title">validateCode</span><span class="params">(ServletWebRequest servletWebRequest)</span> <span class="keyword">throws</span> ServletRequestBindingException </span>{</span><br><span class="line"> ImageCode codeInSession = (ImageCode) sessionStrategy.getAttribute(servletWebRequest, ValidateController.SESSION_KEY);</span><br><span class="line"> String codeInRequest = ServletRequestUtils.getStringParameter(servletWebRequest.getRequest(), <span class="string">"imageCode"</span>);</span><br><span class="line"></span><br><span class="line"> <span class="keyword">if</span> (StringUtils.isBlank(codeInRequest)) {</span><br><span class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> ValidateCodeException(<span class="string">"验证码不能为空!"</span>);</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">if</span> (codeInSession == <span class="keyword">null</span>) {</span><br><span class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> ValidateCodeException(<span class="string">"验证码不存在!"</span>);</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">if</span> (codeInSession.isExpire()) {</span><br><span class="line"> sessionStrategy.removeAttribute(servletWebRequest, ValidateController.SESSION_KEY);</span><br><span class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> ValidateCodeException(<span class="string">"验证码已过期!"</span>);</span><br><span class="line"> }</span><br><span class="line"> <span class="keyword">if</span> (!StringUtils.equalsIgnoreCase(codeInSession.getCode(), codeInRequest)) {</span><br><span class="line"> <span class="keyword">throw</span> <span class="keyword">new</span> ValidateCodeException(<span class="string">"验证码不正确!"</span>);</span><br><span class="line"> }</span><br><span class="line"> sessionStrategy.removeAttribute(servletWebRequest, ValidateController.SESSION_KEY);</span><br><span class="line"></span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>我们分别从<code>Session</code>中获取了<code>ImageCode</code>对象和请求参数<code>imageCode</code>(对应登录页面的验证码<code><input></code>框<code>name</code>属性),然后进行了各种判断并抛出相应的异常。当验证码过期或者验证码校验通过时,我们便可以删除<code>Session</code>中的<code>ImageCode</code>属性了。</p><p>验证码校验过滤器定义好了,怎么才能将其添加到<code>UsernamePasswordAuthenticationFilter</code>前面呢?很简单,只需要在<code>BrowserSecurityConfig</code>的<code>configure</code>方法中添加些许配置即可:</p><figure class="highlight java"><table><tr><td class="gutter"><pre><span class="line">1</span><br><span class="line">2</span><br><span class="line">3</span><br><span class="line">4</span><br><span class="line">5</span><br><span class="line">6</span><br><span class="line">7</span><br><span class="line">8</span><br><span class="line">9</span><br><span class="line">10</span><br><span class="line">11</span><br><span class="line">12</span><br><span class="line">13</span><br><span class="line">14</span><br><span class="line">15</span><br><span class="line">16</span><br><span class="line">17</span><br><span class="line">18</span><br><span class="line">19</span><br><span class="line">20</span><br><span class="line">21</span><br></pre></td><td class="code"><pre><span class="line"><span class="meta">@Autowired</span></span><br><span class="line"><span class="keyword">private</span> ValidateCodeFilter validateCodeFilter;</span><br><span class="line"></span><br><span class="line"><span class="meta">@Override</span></span><br><span class="line"><span class="function"><span class="keyword">protected</span> <span class="keyword">void</span> <span class="title">configure</span><span class="params">(HttpSecurity http)</span> <span class="keyword">throws</span> Exception </span>{</span><br><span class="line"> http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class) <span class="comment">// 添加验证码校验过滤器</span></span><br><span class="line"> .formLogin() <span class="comment">// 表单登录</span></span><br><span class="line"> <span class="comment">// http.httpBasic() // HTTP Basic</span></span><br><span class="line"> .loginPage(<span class="string">"/authentication/require"</span>) <span class="comment">// 登录跳转 URL</span></span><br><span class="line"> .loginProcessingUrl(<span class="string">"/login"</span>) <span class="comment">// 处理表单登录 URL</span></span><br><span class="line"> .successHandler(authenticationSucessHandler) <span class="comment">// 处理登录成功</span></span><br><span class="line"> .failureHandler(authenticationFailureHandler) <span class="comment">// 处理登录失败</span></span><br><span class="line"> .and()</span><br><span class="line"> .authorizeRequests() <span class="comment">// 授权配置</span></span><br><span class="line"> .antMatchers(<span class="string">"/authentication/require"</span>,</span><br><span class="line"> <span class="string">"/login.html"</span>,</span><br><span class="line"> <span class="string">"/code/image"</span>).permitAll() <span class="comment">// 无需认证的请求路径</span></span><br><span class="line"> .anyRequest() <span class="comment">// 所有请求</span></span><br><span class="line"> .authenticated() <span class="comment">// 都需要认证</span></span><br><span class="line"> .and().csrf().disable();</span><br><span class="line">}</span><br></pre></td></tr></table></figure><p></p><p>上面代码中,我们注入了<code>ValidateCodeFilter</code>,然后通过<code>addFilterBefore</code>方法将<code>ValidateCodeFilter</code>验证码校验过滤器添加到了<code>UsernamePasswordAuthenticationFilter</code>前面。</p><p>大功告成,重启项目,访问<a href="http://localhost:8080/login.html" target="_blank" rel="noopener">http://localhost:8080/login.html</a>,当不输入验证码时点击登录,页面显示如下:</p><p><img src="img/QQ截图20180715114011.png" alt="QQ截图20180715114011.png"></p><p>当输入错误的验证码时点击登录,页面显示如下:</p><p><img src="img/QQ截图20180715114052.png" alt="QQ截图20180715114052.png"></p><p>当页面加载60秒后再输入验证码点击登录,页面显示如下:</p><p><img src="img/QQ截图20180715114539.png" alt="QQ截图20180715114539.png"></p><p>当验证码通过,并且用户名密码正确时,页面显示如下:</p><p><img src="img/QQ截图20180715114654.png" alt="QQ截图20180715114654.png"></p><blockquote><p>源码链接 <a href="https://github.com/wuyouzhuguli/SpringAll/tree/master/36.Spring-Security-ValidateCode" target="_blank" rel="noopener">https://github.com/wuyouzhuguli/SpringAll/tree/master/36.Spring-Security-ValidateCode</a></p></blockquote><script>$(".post-body a").not(".thispage").addClass("ignore-href").attr("target","_blank")</script></div><div></div><div><div style="padding:10px 0;margin:20px auto;width:90%;text-align:center;color:#878787" id="reward-div"><div>请作者喝瓶肥宅水🥤</div><button id="rewardButton" style="margin-top:10px" disable="enable" onclick='var e=document.getElementById("QR");"none"===e.style.display?e.style.display="block":e.style.display="none"'><span style="height:46px;width:46px;line-height:46px;border-radius:50%;color:#fe5f55;font-weight:600;background:#ffd5be;border:none;box-shadow:0 4px 8px 0 rgba(255,213,190,.4)">¥</span></button><div id="QR" style="display:none"><div id="wechat" style="display:inline-block"><img id="wechat_qr" src="/img/wechat_pay.png" alt="MrBird WeChat Pay"></div><div id="alipay" style="display:inline-block"><img id="alipay_qr" src="/img/ali_pay.png" alt="MrBird Alipay"></div></div></div><style>#QR img{width:auto;margin:.8em 1em 0 1em}</style></div><div><ul class="post-copyright"><li class="post-copyright-author"><strong>本文作者:</strong> MrBird</li><li class="post-copyright-link"><strong>本文链接:</strong> <a href="http://mrbird.cc/Spring-Security-ValidateCode.html" title="Spring Security添加图形验证码">http://mrbird.cc/Spring-Security-ValidateCode.html</a></li><li class="post-copyright-license"><strong>版权声明: </strong>本博客所有文章除特别声明外,均采用 <a href="https://creativecommons.org/licenses/by-nc-sa/4.0/" rel="external nofollow" target="_blank">CC BY-NC-SA 4.0</a> 许可协议。转载请注明出处!</li></ul></div><footer class="post-footer"><div class="post-tags" style="margin-bottom:1.3rem"><a href="/tags/Spring/" rel="tag"># Spring</a> <a href="/tags/Security/" rel="tag"># Security</a> <a href="/tags/Spring-Security/" rel="tag"># Spring Security</a></div><div class="post-nav"><div class="post-nav-next post-nav-item"><a href="/Spring-Security-Authentication.html" rel="next" title="Spring Security自定义用户认证"><i class="fa fa-chevron-left"></i> Spring Security自定义用户认证</a></div><span class="post-nav-divider"></span><div class="post-nav-prev post-nav-item"><a href="/Spring-Security-RememberMe.html" rel="prev" title="Spring Security添加记住我功能">Spring Security添加记住我功能 <i class="fa fa-chevron-right"></i></a></div></div></footer></article><hr><div id="container"></div><div class="post-spread"><div id="comment-div"></div><style>.valine .vlist{margin-bottom:3rem}.valine .vwrap .vcontrol .col.col-60{text-align:left}.valine .vlist .vcard .vhead,.valine .vlist .vcard section .vfooter{text-align:left}.valine .vlist .vcard section{padding-bottom:.5rem!important}.vname{color:#6db33f!important}div#comment-div{margin-bottom:-8rem}.valine .vlist .vcard .vcontent .code,.valine .vlist .vcard .vcontent code,.valine .vlist .vcard .vcontent pre{background:#fbfbfb}.valine .vlist .vcard .vcontent a{color:#6db33f}.valine .vlist .vcard .vimg{border-radius:3px}.valine .vinfo{text-align:left}.valine .vbtn{border-radius:2px;padding:.3rem 1.25rem}.valine .vbtn:active,.valine .vbtn:hover{color:#6db33f;border-color:#6db33f;background-color:#fff}.valine .vwrap .vheader .vinput:focus{border-bottom-color:#6db33f}.valine .vlist .vcard .vcontent.expand:before{background:-webkit-gradient(linear,left top,left bottom,from(hsla(0,0%,100%,0)),to(hsla(0,0%,100%,.2)));background:linear-gradient(180deg,hsla(0,0%,100%,0),hsla(0,0%,100%,.2))}.valine .vlist .vcard .vcontent.expand:after{content:"点击展开";font-size:.4rem;text-align:right;left:-1rem;background:hsla(0,0%,100%,.2)}.valine .vlist .vcard section .vfooter .vat{color:#b3b3b3}.valine .vlist .vcard section .vfooter .vat:hover{color:#6db33f}.vcontent img{margin:0}.valine .info{display:none}</style><script type="text/javascript" src="/js/av.min.js"></script><script type="text/javascript" src="/js/Valine.min.js"></script><script type="text/javascript" src="/js/activate-power-mode.js"></script><script>POWERMODE.colorful=!0,POWERMODE.shake=!1,document.body.addEventListener("input",POWERMODE),new Valine({el:"#comment-div",notify:!1,verify:!0,appId:"SMcDFP1bN1jgb9Lo8JmtICHm-gzGzoHsz",appKey:"dH4nrUrt3V5XiJiI6Qyejnbi",placeholder:"",path:window.location.pathname,avatar:"monsterid",guest_info:["nick","mail","link"]});var chicken='<a href="#"><img src="https://image.uisdc.com/wp-content/uploads/2018/06/uisdc-chat-chicken.gif" class="checken"></a>';$("#comment-div").prepend(chicken)</script></div></div><script>var $bqinline=$("img[alt='bq-inline']");$bqinline.css({width:"2.3rem",height:"2.3rem",display:"inline","vertical-align":"text-bottom"})</script></div><div class="comments" id="comments"></div></div><aside id="sidebar" class="sidebar" onselectstart="return!1"><div class="sidebar-inner"><ul class="sidebar-nav motion-element"><li class="sidebar-nav-toc sidebar-nav-active" data-target="post-toc-wrap">Contents</li><li class="sidebar-nav-overview" data-target="site-overview">Site Preview</li></ul><section class="site-overview sidebar-panel"><div class="sidebar-sticky sticky"><div itemscope itemtype="https://mrbird.cc"><div class="author__header"><div class="author__avatar"><img src="/images/blogImage.jpg" class="author__avatar" alt="MrBird" itemprop="image"></div><div class="author__content"><div class="author__name" itemprop="name">MrBird</div><p class="author__bio" itemprop="description">A simple blog, code repository, just keep blogging</p></div><div class="author__count"><a href="/archives" class="ignore-href"><span class="count">14</span> <span>Archives</span> </a><a href="/tags" class="ignore-href"><span class="count">2</span> <span>Labels</span></a></div></div><div class="author__urls-wrapper"><ul class="author__urls social-icons"><li><a href="/" itemprop="url" class="ignore-href">🏠 Home</a></li><li><a href="/archives" itemprop="url" class="ignore-href">📦 Archives</a></li><li><a href="/tags" itemprop="url" class="ignore-href">🔖 Labels</a></li><li><a href="/friends" itemprop="url" class="ignore-href">👬 Friends</a></li><li><a href="javascript:;" class="popup-trigger animsition-link">🔍 Search</a></li></ul></div></div></div></section><section class="post-toc-wrap motion-element sidebar-panel sidebar-panel-active"><div class="post-toc"><div class="post-toc-content"><ol class="nav"><li class="nav-item nav-level-2"><a class="nav-link" href="#生成图形验证码"><span class="nav-number">1.</span> <span class="nav-text">生成图形验证码</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#改造登录页"><span class="nav-number">2.</span> <span class="nav-text">改造登录页</span></a></li><li class="nav-item nav-level-2"><a class="nav-link" href="#认证流程添加验证码校验"><span class="nav-number">3.</span> <span class="nav-text">认证流程添加验证码校验</span></a></li></ol></div></div></section></div><div id="asider-footer"><div id="links"><li><a href="https://love.mrbird.cc" target="_blank" itemprop="url" class="ignore-href"><i class="fa fa-fw fa-diamond" aria-hidden="true"></i></a></li><li><a href="https://cloud.mrbird.cn" target="_blank" itemprop="url" class="ignore-href"><i class="fa fa-fw fa-skyatlas" aria-hidden="true"></i></a></li><li><a href="https://gitee.com/mrbirdd" target="_blank" itemprop="sameAs" class="ignore-href"><i class="fa fa-fw fa-codepen" aria-hidden="true"></i></a></li><li><a href="https://github.com/wuyouzhuguli" target="_blank" itemprop="sameAs" class="ignore-href"><i class="fa fa-fw fa-github-alt" aria-hidden="true"></i></a></li></div><div id="author"></div><script type="text/javascript">var $smsheoschzd100dn="@ 2016 - "+(new Date).getFullYear()+" MrBird";document.getElementById("author").innerHTML=$smsheoschzd100dn</script><div><script type="text/javascript" src="/js/busuanzi.js"></script> UV <span class="busuanzi-value" id="busuanzi_value_site_uv" style="cursor:pointer" title="统计开始时间:2019年7月5日"></span> PV <span class="busuanzi-value" id="busuanzi_value_site_pv" style="cursor:pointer" title="统计开始时间:2019年7月5日"></span></div></div><script>function c__(){var o=sidebar_nav_toc.attr("class");o.indexOf("active")!=-1?footer.hide(300):footer.show(300)}var sidebar_nav_toc=$(".sidebar-nav-toc"),footer=$("#asider-footer");c__(),$(".sidebar-nav").on("click",function(){c__()})</script></aside></div></main><div class="back-to-top"><span id="scrollpercent"><span>0</span></span></div></div><script type="text/javascript">"[object Function]"!==Object.prototype.toString.call(window.Promise)&&(window.Promise=null)</script><script type="text/javascript" src="/lib/jquery/index.js?v=2.1.3"></script><script type="text/javascript" src="/lib/fastclick/lib/fastclick.min.js?v=1.0.6"></script><script type="text/javascript" src="/lib/jquery_lazyload/jquery.lazyload.js?v=1.9.7"></script><script type="text/javascript" src="/lib/velocity/velocity.min.js?v=1.2.1"></script><script type="text/javascript" src="/lib/velocity/velocity.ui.min.js?v=1.2.1"></script><script type="text/javascript" src="/js/src/utils.js?v=5.1.1"></script><script type="text/javascript" src="/js/src/motion.js?v=5.1.1"></script><script type="text/javascript" src="/js/src/scrollspy.js?v=5.1.1"></script><script type="text/javascript" src="/js/src/post-details.js?v=5.1.1"></script><script type="text/javascript" src="/js/src/bootstrap.js?v=5.1.1"></script><script type="text/javascript">function proceedsearch(){$("body").append('<div class="search-popup-overlay local-search-pop-overlay"></div>').css("overflow","hidden"),$(".search-popup-overlay").click(onPopupClose),$(".popup").toggle();var t=$("#local-search-input");t.attr("autocapitalize","none"),t.attr("autocorrect","off"),t.focus()}var isfetched=!1,isXml=!0,search_path="search.xml";0===search_path.length?search_path="search.xml":search_path.endsWith("json")&&(isXml=!1);var path="/"+search_path,onPopupClose=function(t){$(".popup").hide(),$("#local-search-input").val(""),$(".search-result-list").remove(),$("#no-result").remove(),$(".local-search-pop-overlay").remove(),$("body").css("overflow","")},searchFunc=function(t,e,o){"use strict";$("body").append('<div class="search-popup-overlay local-search-pop-overlay"><div id="search-loading-icon"><i class="fa fa-spinner fa-pulse fa-2x fa-fw"></i></div></div>').css("overflow","hidden"),$("#search-loading-icon").css("margin","20% auto 0 auto").css("text-align","center"),$.ajax({url:t,dataType:isXml?"xml":"json",async:!0,success:function(t){isfetched=!0,$(".popup").detach().appendTo(".header-inner");var n=isXml?$("entry",t).map(function(){return{title:$("title",this).text(),content:$("content",this).text(),url:$("url",this).text()}}).get():t,r=document.getElementById(e),s=document.getElementById(o),a=function(){var t=r.value.trim().toLowerCase(),e=t.split(/[\s\-]+/);e.length>1&&e.push(t);var o=[];if(t.length>0&&n.forEach(function(n){function r(e,o,n,r){for(var s=r[r.length-1],a=s.position,i=s.word,l=[],h=0;a+i.length<=n&&0!=r.length;){i===t&&h++,l.push({position:a,length:i.length});var p=a+i.length;for(r.pop();0!=r.length&&(s=r[r.length-1],a=s.position,i=s.word,p>a);)r.pop()}return c+=h,{hits:l,start:o,end:n,searchTextCount:h}}function s(t,e){var o="",n=e.start;return e.hits.forEach(function(e){o+=t.substring(n,e.position);var r=e.position+e.length;o+='<b class="search-keyword">'+t.substring(e.position,r)+"</b>",n=r}),o+=t.substring(n,e.end)}var a=!1,i=0,c=0,l=n.title.trim(),h=l.toLowerCase(),p=n.content.trim().replace(/<[^>]+>/g,""),u=p.toLowerCase(),f=decodeURIComponent(n.url),d=[],g=[];if(""!=l&&(e.forEach(function(t){function e(t,e,o){var n=t.length;if(0===n)return[];var r=0,s=[],a=[];for(o||(e=e.toLowerCase(),t=t.toLowerCase());(s=e.indexOf(t,r))>-1;)a.push({position:s,word:t}),r=s+n;return a}d=d.concat(e(t,h,!1)),g=g.concat(e(t,u,!1))}),(d.length>0||g.length>0)&&(a=!0,i=d.length+g.length)),a){[d,g].forEach(function(t){t.sort(function(t,e){return e.position!==t.position?e.position-t.position:t.word.length-e.word.length})});var v=[];0!=d.length&&v.push(r(l,0,l.length,d));for(var C=[];0!=g.length;){var $=g[g.length-1],m=$.position,x=$.word,w=m-20,y=m+80;w<0&&(w=0),y<m+x.length&&(y=m+x.length),y>p.length&&(y=p.length),C.push(r(p,w,y,g))}C.sort(function(t,e){return t.searchTextCount!==e.searchTextCount?e.searchTextCount-t.searchTextCount:t.hits.length!==e.hits.length?e.hits.length-t.hits.length:t.start-e.start});var T=parseInt("1");T>=0&&(C=C.slice(0,T));var b="";b+=0!=v.length?"<li><a href='"+f+"' class='search-result-title'>"+s(l,v[0])+"</a>":"<li><a href='"+f+"' class='search-result-title'>"+l+"</a>",C.forEach(function(t){b+="<a href='"+f+'\'><p class="search-result">'+s(p,t)+"...</p></a>"}),b+="</li>",o.push({item:b,searchTextCount:c,hitCount:i,id:o.length})}}),1===e.length&&""===e[0])s.innerHTML='<div id="no-result"><i class="fa fa-search fa-5x" /></div>';else if(0===o.length)s.innerHTML='<div id="no-result"><i class="fa fa-frown-o fa-5x" /></div>';else{o.sort(function(t,e){return t.searchTextCount!==e.searchTextCount?e.searchTextCount-t.searchTextCount:t.hitCount!==e.hitCount?e.hitCount-t.hitCount:e.id-t.id});var a='<ul class="search-result-list">';o.forEach(function(t){a+=t.item}),a+="</ul>",s.innerHTML=a}};r.addEventListener("input",a),$(".local-search-pop-overlay").remove(),$("body").css("overflow",""),proceedsearch()}})};$(".popup-trigger").click(function(t){t.stopPropagation(),isfetched===!1?searchFunc(path,"local-search-input","local-search-result"):proceedsearch()}),$(".popup-btn-close").click(onPopupClose),$(".popup").click(function(t){t.stopPropagation()}),$(document).on("keyup",function(t){var e=27===t.which&&$(".search-popup").is(":visible");e&&onPopupClose()})</script></body><script>$(function(){$("a").not(".nav-link,.cloud-tie-join-count,.ignore-href,.jstree-anchor").addClass("animsition-link")});var burst1=new mojs.Burst({left:0,top:0,radius:{5:40},children:{shape:"circle",fill:["red","cyan","orange"],fillOpacity:.8,radiusX:3.5,radiusY:3.5}});document.addEventListener("click",function(a){null==a.target.href&&"footer"!=a.target.className&&"copyright"!=a.target.className&&"author__urls social-icons"!=a.target.className&&"author__avatar"!=a.target.className&&"sidebar sidebar-active"!=a.target.className&&burst1.tune({x:a.pageX,y:a.pageY}).generate().replay()})</script><script type="text/javascript" src="/js/message.js"></script></html><!-- rebuild by neat -->