Merge pull request #27 from Antabot/dev

chore: daily optimization

Merge pull request #27 from Antabot/dev
chore: daily optimization
f9944381 · Evan · GitHub · f53d4ded · 4a3f117e · f9944381
3 changed file
--- a/wj-vue/src/main.js
+++ b/wj-vue/src/main.js
@@ -37,7 +37,8 @@ router.beforeEach((to, from, next) => {
    }
  }
 )
-// http request拦截器，为请求加上 token
+
+// http request拦截器，为请求加上 token，测试用，没有必要
 axios.interceptors.request.use(
  config => {
    // 输出当前状态下的 token

--- a/wj/src/main/java/com/gm/wj/controller/LoginController.java
+++ b/wj/src/main/java/com/gm/wj/controller/LoginController.java
@@ -27,7 +27,7 @@ public class LoginController {

    @PostMapping(value = "/api/login")
    @ResponseBody
-    public Result login(@RequestBody User requestUser, HttpSession session) {
+    public Result login(@RequestBody User requestUser) {
        String username = requestUser.getUsername();
        username = HtmlUtils.htmlEscape(username);

@@ -42,7 +42,7 @@ public class LoginController {
            TokenUtil tokenUtil = new TokenUtil();
            String token = tokenUtil.getToken(user);
            user.setToken(token);
-            session.setAttribute("token", token);
+//            session.setAttribute("token", token);
            return ResultFactory.buildSuccessResult(usernamePasswordToken);
        } catch (AuthenticationException e) {
            String message = "账号密码错误";
@@ -88,12 +88,7 @@ public class LoginController {

    @ResponseBody
    @GetMapping(value = "api/authentication")
-    public String authentication(@RequestHeader("Token") String token, HttpSession session, HttpResponse response){
+    public String authentication(){
        return "身份认证成功";
-//        if (token.replace("\"", "").equals(session.getAttribute("token"))) {
-//            return "身份认证成功";
-//        } else {
-//            return "认证失败，请重新登录";
-//        }
    }
 }
--- a/wj/src/main/java/com/gm/wj/interceptor/LoginInterceptor.java
+++ b/wj/src/main/java/com/gm/wj/interceptor/LoginInterceptor.java
@@ -24,7 +24,7 @@ public class LoginInterceptor implements HandlerInterceptor {
        Subject subject = SecurityUtils.getSubject();
        System.out.println(subject.isRemembered());
        System.out.println(subject.isAuthenticated());
-        // 使用 shiro 验证，考虑结合 token
+        // 使用 shiro 验证
        if (!subject.isAuthenticated() && !subject.isRemembered()) {
            return false;
        }