Fatal编程技术网
  • java/
  • Java 在HTML表单中发送API密钥

Java 在HTML表单中发送API密钥

java api forms

Java 在HTML表单中发送API密钥,java,api,verification,api-key,forms,http-post,Java,Api,Verification,Api Key,Forms,Http Post,因此,我有一个用于我的Web服务的API密钥。每次用户注册时,我都会给他发送一封电子邮件,让他验证他的帐户。这看起来像这样: public class EmailSender { private static final String username = "somesecretemail@gmail.com"; private static final String password = "uthoughiwillshowyoumypassword?"; public static voi

因此,我有一个用于我的Web服务的API密钥。每次用户注册时,我都会给他发送一封电子邮件,让他验证他的帐户。这看起来像这样:

public class EmailSender {

private static final String username = "somesecretemail@gmail.com";
private static final String password = "uthoughiwillshowyoumypassword?";

public static void sendVerificationCode(String receiverusername, String receiveremail, String code) throws Exception {
    Properties prop = new Properties();
    prop.put("mail.smtp.host", "smtp.gmail.com");
    prop.put("mail.smtp.port", "587");
    prop.put("mail.smtp.auth", "true");
    prop.put("mail.smtp.starttls.enable", "true"); //TLS

    Session session = Session.getInstance(prop,
            new javax.mail.Authenticator() {
        protected PasswordAuthentication getPasswordAuthentication() {
            return new PasswordAuthentication(username, password);
        }
    });

    MimeMessage message = new MimeMessage(session);
    message.addRecipient(Message.RecipientType.TO, new InternetAddress(receiveremail));
    message.setSubject("Verification Code");

    MimeBodyPart messageBodyPart = new MimeBodyPart();
    messageBodyPart.setText("<form action=\"https://pathtomywebserviceurl.com/verify/"+code+"\">\n" +
    "<input type=\"submit\" value=\"Verify\" />\n" +
     "</form>", "UTF-8", "html");

    Multipart multipart = new MimeMultipart();
    multipart.addBodyPart(messageBodyPart);

    message.setContent(multipart);

    Transport.send(message);
}

公共类EmailSender{
私有静态最终字符串用户名=”somesecretemail@gmail.com";
私有静态最终字符串password=“uthoughiwillshowyoumypassword?”;
公共静态void sendVerificationCode(字符串receiverusername、字符串receiveremail、字符串代码)引发异常{
Properties prop=新属性();
prop.put(“mail.smtp.host”、“smtp.gmail.com”);
prop.put(“mail.smtp.port”,“587”);
prop.put(“mail.smtp.auth”,“true”);
prop.put(“mail.smtp.starttls.enable”,“true”);//TLS
Session Session=Session.getInstance(prop,
新的javax.mail.Authenticator(){
受保护的密码身份验证getPasswordAuthentication(){
返回新密码身份验证(用户名、密码);
}
});
MimeMessage message=新MimeMessage(会话);
message.addRecipient(message.RecipientType.TO,新的Internet地址(receiveEmail));
message.setSubject(“验证码”);
MimeBodyPart messageBodyPart=新的MimeBodyPart();
messageBodyPart.setText(“\n”+
“\n”+
“,”UTF-8“,”html“;
Multipart Multipart=新的MimeMultipart();
multipart.addBodyPart(messageBodyPart);
message.setContent(多部分);
传输。发送(消息);
}
当他点击按钮时,用户实际上向我的Web服务发出了一个请求,并使用他的令牌作为参数。但现在我还希望我的API密钥以http头的形式发送,这样我就可以从用户验证请求中提取API密钥,并检查API密钥是否等于实际的API密钥。现在我只发送代码,而不发送API密钥y、 使用隐藏的表单元素:

<input type="hidden" id="myApiKey" name="myApiKey" value="myApiKeyValue">
但是可以通过页面源代码访问它吗?