Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
jeecg
jeecg-boot
提交
01d7f981
J
jeecg-boot
项目概览
jeecg
/
jeecg-boot
上一次同步 3 年多
通知
865
Star
24375
Fork
84
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
J
jeecg-boot
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
01d7f981
编写于
7月 22, 2019
作者:
JEECG低代码平台
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
登录密码加密解码报错处理
上级
a80b16b3
变更
5
隐藏空白更改
内联
并排
Showing
5 changed file
with
47 addition
and
16 deletion
+47
-16
ant-design-vue-jeecg/src/store/mutation-types.js
ant-design-vue-jeecg/src/store/mutation-types.js
+1
-0
ant-design-vue-jeecg/src/utils/encryption/aesEncrypt.js
ant-design-vue-jeecg/src/utils/encryption/aesEncrypt.js
+15
-0
ant-design-vue-jeecg/src/views/user/Login.vue
ant-design-vue-jeecg/src/views/user/Login.vue
+28
-13
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/config/RedisConfig.java
...le-system/src/main/java/org/jeecg/config/RedisConfig.java
+1
-1
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
.../org/jeecg/modules/system/controller/LoginController.java
+2
-2
未找到文件。
ant-design-vue-jeecg/src/store/mutation-types.js
浏览文件 @
01d7f981
...
...
@@ -13,6 +13,7 @@ export const USER_NAME = 'Login_Username'
export
const
USER_INFO
=
'
Login_Userinfo
'
export
const
USER_AUTH
=
'
LOGIN_USER_BUTTON_AUTH
'
export
const
SYS_BUTTON_AUTH
=
'
SYS_BUTTON_AUTH
'
export
const
ENCRYPTED_STRING
=
'
ENCRYPTED_STRING
'
export
const
CONTENT_WIDTH_TYPE
=
{
Fluid
:
'
Fluid
'
,
...
...
ant-design-vue-jeecg/src/utils/encryption/aesEncrypt.js
浏览文件 @
01d7f981
import
{
getAction
}
from
'
@/api/manage
'
import
{
ENCRYPTED_STRING
}
from
"
@/store/mutation-types
"
import
Vue
from
'
vue
'
/**
* 获取加密字符串,并对结果进行缓存
*/
export
function
getEncryptedString
()
{
return
getAction
(
"
/sys/getEncryptedString
"
,{}).
then
((
res
)
=>
{
let
encryptedString
=
{};
encryptedString
.
key
=
res
.
result
.
key
;
encryptedString
.
iv
=
res
.
result
.
iv
;
Vue
.
ls
.
set
(
ENCRYPTED_STRING
,
encryptedString
,
7
*
24
*
60
*
60
*
1000
);
return
encryptedString
;
});
}
/**
* AES加密 :字符串 key iv 返回base64
...
...
ant-design-vue-jeecg/src/views/user/Login.vue
浏览文件 @
01d7f981
...
...
@@ -171,12 +171,11 @@
import
{
mapActions
}
from
"
vuex
"
import
{
timeFix
}
from
"
@/utils/util
"
import
Vue
from
'
vue
'
import
{
ACCESS_TOKEN
}
from
"
@/store/mutation-types
"
import
{
ACCESS_TOKEN
,
ENCRYPTED_STRING
}
from
"
@/store/mutation-types
"
import
JGraphicCode
from
'
@/components/jeecg/JGraphicCode
'
import
{
putAction
}
from
'
@/api/manage
'
import
{
postAction
}
from
'
@/api/manage
'
import
{
getAction
}
from
'
@/api/manage
'
import
{
encryption
}
from
'
@/utils/encryption/aesEncrypt
'
import
{
encryption
,
getEncryptedString
}
from
'
@/utils/encryption/aesEncrypt
'
export
default
{
components
:
{
...
...
@@ -192,6 +191,10 @@
requiredTwoStepCaptcha
:
false
,
stepCaptchaVisible
:
false
,
form
:
this
.
$form
.
createForm
(
this
),
encryptedString
:{
key
:
""
,
iv
:
""
,
},
state
:
{
time
:
60
,
smsSendBtn
:
false
,
...
...
@@ -224,6 +227,7 @@
created
()
{
Vue
.
ls
.
remove
(
ACCESS_TOKEN
)
this
.
getRouterData
();
this
.
getEncrypte
();
// update-begin- --- author:scott ------ date:20190225 ---- for:暂时注释,未实现登录验证码功能
// this.$http.get('/auth/2step-code')
// .then(res => {
...
...
@@ -256,23 +260,23 @@
let
loginParams
=
{
remember_me
:
that
.
formLogin
.
rememberMe
};
that
.
loginBtn
=
true
;
// 使用账户密码登陆
if
(
that
.
customActiveKey
===
'
tab1
'
)
{
that
.
form
.
validateFields
([
'
username
'
,
'
password
'
,
'
inputCode
'
],
{
force
:
true
},
(
err
,
values
)
=>
{
if
(
!
err
)
{
getAction
(
"
/sys/getEncryptedString
"
,{}).
then
((
res
)
=>
{
loginParams
.
username
=
values
.
username
//loginParams.password = md5(values.password)
loginParams
.
password
=
encryption
(
values
.
password
,
res
.
result
.
key
,
res
.
result
.
iv
)
that
.
Login
(
loginParams
).
then
((
res
)
=>
{
this
.
departConfirm
(
res
)
}).
catch
((
err
)
=>
{
that
.
requestFailed
(
err
);
})
loginParams
.
username
=
values
.
username
//loginParams.password = md5(values.password)
loginParams
.
password
=
encryption
(
values
.
password
,
that
.
encryptedString
.
key
,
that
.
encryptedString
.
iv
).
replace
(
/
\+
/g
,
"
%2B
"
);
that
.
Login
(
loginParams
).
then
((
res
)
=>
{
this
.
departConfirm
(
res
)
}).
catch
((
err
)
=>
{
that
.
requestFailed
(
err
);
});
}
else
{
that
.
loginBtn
=
false
;
}
})
// 使用手机号登陆
...
...
@@ -453,6 +457,17 @@
});
})
},
//获取密码加密规则
getEncrypte
(){
var
encryptedString
=
Vue
.
ls
.
get
(
ENCRYPTED_STRING
);
if
(
encryptedString
==
null
){
getEncryptedString
().
then
((
data
)
=>
{
this
.
encryptedString
=
data
});
}
else
{
this
.
encryptedString
=
encryptedString
;
}
},
}
}
</
script
>
...
...
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/config/RedisConfig.java
浏览文件 @
01d7f981
...
...
@@ -86,7 +86,7 @@ public class RedisConfig extends CachingConfigurerSupport {
RedisCacheWriter
writer
=
RedisCacheWriter
.
lockingRedisCacheWriter
(
factory
);
// 创建默认缓存配置对象
/* 默认配置,设置缓存有效期 1小时*/
RedisCacheConfiguration
defaultCacheConfig
=
RedisCacheConfiguration
.
defaultCacheConfig
().
entryTtl
(
Duration
.
ofHours
(
1
))
.
disableCachingNullValues
()
;
RedisCacheConfiguration
defaultCacheConfig
=
RedisCacheConfiguration
.
defaultCacheConfig
().
entryTtl
(
Duration
.
ofHours
(
1
));
/* 配置test的超时时间为120s*/
RedisCacheManager
cacheManager
=
RedisCacheManager
.
builder
(
RedisCacheWriter
.
lockingRedisCacheWriter
(
lettuceConnectionFactory
)).
cacheDefaults
(
defaultCacheConfig
)
.
withInitialCacheConfigurations
(
singletonMap
(
"test"
,
RedisCacheConfiguration
.
defaultCacheConfig
().
entryTtl
(
Duration
.
ofMinutes
(
120
)).
disableCachingNullValues
()))
...
...
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/LoginController.java
浏览文件 @
01d7f981
...
...
@@ -68,7 +68,7 @@ public class LoginController {
String
username
=
sysLoginModel
.
getUsername
();
String
password
=
sysLoginModel
.
getPassword
();
//步骤1:TODO 前端密码加密,后端进行密码解密,防止传输密码篡改等问题,不配就直接提示密码错误,并记录日志后期进行统计分析是否锁定
password
=
AesEncryptUtil
.
desEncrypt
(
sysLoginModel
.
getPassword
()).
trim
();
//密码解密
password
=
AesEncryptUtil
.
desEncrypt
(
sysLoginModel
.
getPassword
()
.
replaceAll
(
"%2B"
,
"\\+"
)
).
trim
();
//密码解密
//1. 校验用户是否有效
SysUser
sysUser
=
sysUserService
.
getUserByName
(
username
);
result
=
sysUserService
.
checkUserIsEffective
(
sysUser
);
...
...
@@ -249,7 +249,7 @@ public class LoginController {
}
catch
(
ClientException
e
)
{
e
.
printStackTrace
();
result
.
error500
(
" 短信接口
异常
,请联系管理员!"
);
result
.
error500
(
" 短信接口
未配置
,请联系管理员!"
);
return
result
;
}
return
result
;
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录