腾讯云滑块验证码集成|阿里滑块验证码被破解 换个腾讯云验证码 云服务与黑产灰色产业链的爱恨情仇 附送腾讯云99元云主机下单入口

 Yuema约吗?一起学技术,一起成长!学海无涯 高人带路系列

程序的世界,就是有坑的地方!分享踩坑的心得与体验!每天分享一点点!
关注公众号,进入学海无涯,高人带路模式!!验证码​再难,有人带路,轻松搞定

云服务被越来越多的企业所接受,风险也日趋集中,像阿里滑块验证码被破解了,影响的客户应该​不在少数。阿里按次数收费,无论是正常还是异常使用,收费​照常。单个云服务的接入,存在风险集中,无备选方案。今天分享的腾讯云验证码即是作为阿里滑块验证码​的备选方案。

使用阿里滑块验证码​的风险:

一、产品下线风险

目前阿里已经下线滑块验证码,已经开通的可以正常使用。这项云服务有点像被阿里抛弃的产品,可能不再进一步维护,要做下线处理。风险​可想而知。

二、破解风险与成本风险并存

目前阿里滑块验证码已经被破解,阿里也承认被破解了。但是收费正常,被​刷了,也不退款。​其中的成本风险,也是可想而知。
腾讯云验证码做为阿里滑块验证码的备选方案,今天就来分享一下有关腾讯云验证码的接入​。感觉还是比较简单的,可以结合官方文档与网上的示例进行。
先睹为快
实例导航https://i.zuime.com/2019/10/11/%E8%85%BE%E8%AE%AF%E4%BA%91%E9%AA%8C%E8%AF%81%E7%A0%81%E9%9B%86%E6%88%90/前端示例https://i.zuime.com/tencent/captcha验证接口https://i.zuime.com/tencent/verify?ticket=t02PT9ySVJ80sIcI3xYNU-2CkRrXxquqXcPsdNYstOny7DVDl7i00VqHK4RrTFxIijSv2FXgn0TpXg0aDfc6sTij0Nncf3NUtzV9a89AEJ65YTOqAY6S9gY4A**&[email protected]
文档
验证码后台文档 https://cloud.tencent.com/document/product/1110/36926Web 前端接入文档 https://cloud.tencent.com/document/product/1110/36841

前端代码参考

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head>  <meta http-equiv="Content-Type" content="text/html; charset=utf-8">  <title>腾讯云验证码 demo</title>    <link rel="stylesheet" type="text/css" href="/css/style.css"/>    <link rel="stylesheet" type="text/css" href="/css/markdown.css"/>  <script src="https://ssl.captcha.qq.com/TCaptcha.js"></script></head><body>腾讯云验证码 demo<button id="TencentCaptcha"     data-appid="2046804662"     data-cbfn="callback"     type="button">验证</button><!--===============================================================================================-->  <script src="/jquery/jquery-3.2.1.min.js"></script>  <script src="/jquery/jquery.datetimepicker.full.min.js"></script>  <script src="/jquery/jquery-confirm.min.js"></script><!--===============================================================================================-->  <script src="/js/main.js"></script>  <script src="/js/jblog-admin.js"></script><script>window.callback = function(res){ console.log(res) // res(用户主动关闭验证码)= {ret: 2, ticket: null} // res(验证成功) = {ret: 0, ticket: "String", randstr: "String"} if(res.ret === 0){     alert(res.ticket);   // 票据     $.get("/tencent/verify",       {         ticket:res.ticket,         randstr:res.randstr       }       ,function(data){       alert(data);     }); }}</script></body></html>

后端代码:agent

package jblog.guohai.org.bll.agent;import org.springframework.beans.factory.annotation.Value;import org.springframework.stereotype.Service;import com.tencentcloudapi.captcha.v20190722.CaptchaClient;import com.tencentcloudapi.captcha.v20190722.models.DescribeCaptchaResultRequest;import com.tencentcloudapi.captcha.v20190722.models.DescribeCaptchaResultResponse;import com.tencentcloudapi.common.Credential;import com.tencentcloudapi.common.exception.TencentCloudSDKException;import com.tencentcloudapi.common.profile.ClientProfile;@Servicepublic class TencentCaptchaAgent {  /**   * 网关地址   */  @Value("${tencent.secretId}")  private String secretId;  @Value("${tencent.secretKey}")  private String secretKey;    /**   * 网关地址   */  @Value("${tencent.captcha.captchaAppId}")  private Long captchaAppId;  @Value("${tencent.captcha.appSecretKey}")  private String appSecretKey;      public String verify(String ticket,String randstr,String userIp){     try{              // 实例化一个认证对象,入参需要传入腾讯云账户secretId,secretKey              Credential cred = new Credential(secretId, secretKey);                            // 实例化要请求产品(以cvm为例)的client对象              ClientProfile clientProfile = new ClientProfile();              clientProfile.setSignMethod(ClientProfile.SIGN_TC3_256);              CaptchaClient client = new CaptchaClient(cred, "ap-beijing", clientProfile);                            // 实例化一个请求对象              DescribeCaptchaResultRequest req = new DescribeCaptchaResultRequest();              req.setCaptchaType(9L);              req.setTicket(ticket);              req.setCaptchaAppId(captchaAppId);              req.setAppSecretKey(appSecretKey);              req.setRandstr(randstr);              req.setUserIp(userIp);                                          // 通过client对象调用想要访问的接口,需要传入请求对象              DescribeCaptchaResultResponse resp = client.DescribeCaptchaResult(req);                            // 输出json格式的字符串回包              System.out.println(DescribeCaptchaResultRequest.toJsonString(resp));              return DescribeCaptchaResultRequest.toJsonString(resp);          } catch (TencentCloudSDKException e) {                  System.out.println(e.toString());                return e.toString();          }  }}

后端代码 :控制器

package jblog.guohai.org.web;import javax.servlet.http.HttpServletRequest;import org.springframework.beans.factory.annotation.Autowired;import org.springframework.stereotype.Controller;import org.springframework.ui.Model;import org.springframework.web.bind.annotation.RequestMapping;import org.springframework.web.bind.annotation.ResponseBody;import jblog.guohai.org.bll.agent.TencentCaptchaAgent;/** * 腾讯云 *  * @author zhongdaiqi * */@Controller@RequestMapping("/tencent")public class TencentController {  @Autowired  private TencentCaptchaAgent tencentCaptchaAgent;  @RequestMapping(value = "captcha")  public String captcha(Model model) throws Exception {    return "tencent/captcha";  }  @RequestMapping(value = "verify")  @ResponseBody  public String verify(Model model, String ticket, String randstr,HttpServletRequest request) throws Exception {    return tencentCaptchaAgent.verify(ticket, randstr,request.getRemoteAddr());  }}

后端代码:POM包

<dependency>        <groupId>com.tencentcloudapi</groupId>        <artifactId>tencentcloud-sdk-java</artifactId>        <!-- go to https://search.maven.org/search?q=tencentcloud-sdk-java and get the latest version. -->        <!-- 请到https://search.maven.org/search?q=tencentcloud-sdk-java查询最新版本 -->        <version>3.0.95</version>    </dependency>

以上代码仅供参考,未处理坏味道,​请谨慎使用!获取完整的可运行项目代码方式:关注公众号,回复”tencent”​。

关注公众号Yuema约吗,每天进步一点点

腾讯云福利

​【新用户限量秒杀】热门云产品限量秒杀,云服务器1核1G 首年99元

识别二维码进入活动现场!

作者:钟代麒

出处:http://www.jishudao.com/
版权归作者所有,转载请注明出处

发表评论

电子邮件地址不会被公开。 必填项已用*标注