From 9d3b772272d1b7563cff4a37c24f2ab2b375fe36 Mon Sep 17 00:00:00 2001
From: zhangdaihao <zhangdaiscott@163.com>
Date: Mon, 5 Aug 2019 15:31:36 +0800
Subject: [PATCH] 密码加密传递暂时注释掉
---
ant-design-vue-jeecg/src/views/user/Login.vue | 20 ++++++++------------
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java | 9 ++++++---
2 files changed, 14 insertions(+), 15 deletions(-)
diff --git a/ant-design-vue-jeecg/src/views/user/Login.vue b/ant-design-vue-jeecg/src/views/user/Login.vue
index 604d9ff..c35b2e4 100644
--- a/ant-design-vue-jeecg/src/views/user/Login.vue
+++ b/ant-design-vue-jeecg/src/views/user/Login.vue
@@ -227,17 +227,9 @@
created () {
Vue.ls.remove(ACCESS_TOKEN)
this.getRouterData();
- this.getEncrypte();
- // update-begin- --- author:scott ------ date:20190225 ---- for:暂时注释,未实现登录验证码功能
-// this.$http.get('/auth/2step-code')
-// .then(res => {
-// this.requiredTwoStepCaptcha = res.result.stepCode
-// }).catch(err => {
-// console.log('2step-code:', err)
-// })
- // update-end- --- author:scott ------ date:20190225 ---- for:暂时注释,未实现登录验证码功能
- // this.requiredTwoStepCaptcha = true
-
+ // update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
+ //this.getEncrypte();
+ // update-end- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
},
methods: {
...mapActions([ "Login", "Logout","PhoneLogin" ]),
@@ -266,8 +258,12 @@
that.form.validateFields([ 'username', 'password','inputCode' ], { force: true }, (err, values) => {
if (!err) {
loginParams.username = values.username
+ // update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
//loginParams.password = md5(values.password)
- loginParams.password = encryption(values.password,that.encryptedString.key,that.encryptedString.iv).replace(/\+/g,"%2B");
+ //loginParams.password = encryption(values.password,that.encryptedString.key,that.encryptedString.iv)
+ loginParams.password = values.password
+ // update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
+
that.Login(loginParams).then((res) => {
this.departConfirm(res)
}).catch((err) => {
diff --git a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
index 25c624a..2979daa 100644
--- a/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
+++ b/jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
@@ -67,8 +67,11 @@ public class LoginController {
Result<JSONObject> result = new Result<JSONObject>();
String username = sysLoginModel.getUsername();
String password = sysLoginModel.getPassword();
- //步骤1:TODO 前端密码加密,后端进行密码解密,防止传输密码篡改等问题,不配就直接提示密码错误,并记录日志后期进行统计分析是否锁定
- password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
+ //update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题
+ //前端密码加密,后端进行密码解密
+ //password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
+ //update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题
+
//1. 校验用户是否有效
SysUser sysUser = sysUserService.getUserByName(username);
result = sysUserService.checkUserIsEffective(sysUser);
@@ -263,7 +266,7 @@ public class LoginController {
* @return
*/
@PostMapping("/phoneLogin")
- public Result<JSONObject> login(@RequestBody JSONObject jsonObject) {
+ public Result<JSONObject> phoneLogin(@RequestBody JSONObject jsonObject) {
Result<JSONObject> result = new Result<JSONObject>();
String phone = jsonObject.getString("mobile");
--
libgit2 0.22.2