From 0606663fe8aba194dea92e67c92f2ef835b6d7cb Mon Sep 17 00:00:00 2001 From: RuoYi Date: Tue, 10 Aug 2021 11:39:17 +0800 Subject: [PATCH] =?UTF-8?q?=E6=94=AF=E6=8C=81=E9=85=8D=E7=BD=AE=E6=98=AF?= =?UTF-8?q?=E5=90=A6=E5=BC=80=E5=90=AF=E8=AE=B0=E4=BD=8F=E6=88=91=E5=8A=9F?= =?UTF-8?q?=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/common/CommonController.java | 10 ++++++---- .../controller/system/SysLoginController.java | 20 +++++++++++++++++-- .../src/main/resources/application.yml | 3 +++ .../src/main/resources/templates/login.html | 4 ++-- .../ruoyi/framework/config/ShiroConfig.java | 8 +++++++- 5 files changed, 36 insertions(+), 9 deletions(-) diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java index 49bde4db5..9f8d1fef8 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CommonController.java @@ -1,5 +1,6 @@ package com.ruoyi.web.controller.common; +import java.util.ArrayList; import java.util.List; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -103,9 +104,10 @@ public class CommonController { // 上传文件路径 String filePath = RuoYiConfig.getUploadPath(); - List fileNames = new ArrayList<>(); - List urls = new ArrayList<>(); - for (MultipartFile file : files) { + List fileNames = new ArrayList(); + List urls = new ArrayList(); + for (MultipartFile file : files) + { // 上传并返回新文件名称 String fileName = FileUploadUtils.upload(filePath, file); String url = serverConfig.getUrl() + fileName; @@ -151,4 +153,4 @@ public class CommonController log.error("下载文件失败", e); } } -} \ No newline at end of file +} diff --git a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java index 1652f74ef..b24d6cfa5 100644 --- a/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java +++ b/ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/SysLoginController.java @@ -6,7 +6,10 @@ import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Controller; +import org.springframework.ui.ModelMap; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.ResponseBody; @@ -14,6 +17,7 @@ import com.ruoyi.common.core.controller.BaseController; import com.ruoyi.common.core.domain.AjaxResult; import com.ruoyi.common.utils.ServletUtils; import com.ruoyi.common.utils.StringUtils; +import com.ruoyi.framework.web.service.ConfigService; /** * 登录验证 @@ -23,15 +27,27 @@ import com.ruoyi.common.utils.StringUtils; @Controller public class SysLoginController extends BaseController { + /** + * 是否开启记住我功能 + */ + @Value("${shiro.rememberMe.enabled: false}") + private boolean rememberMe; + + @Autowired + private ConfigService configService; + @GetMapping("/login") - public String login(HttpServletRequest request, HttpServletResponse response) + public String login(HttpServletRequest request, HttpServletResponse response, ModelMap mmap) { // 如果是Ajax请求,返回Json字符串。 if (ServletUtils.isAjaxRequest(request)) { return ServletUtils.renderString(response, "{\"code\":\"1\",\"msg\":\"未登录或登录超时。请重新登录\"}"); } - + // 是否开启记住我 + mmap.put("isRemembered", rememberMe); + // 是否开启用户注册 + mmap.put("isAllowRegister", configService.getKey("sys.account.registerUser")); return "login"; } diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml index b79e9b30f..c515e0416 100644 --- a/ruoyi-admin/src/main/resources/application.yml +++ b/ruoyi-admin/src/main/resources/application.yml @@ -120,6 +120,9 @@ shiro: maxSession: -1 # 踢出之前登录的/之后登录的用户,默认踢出之前登录的用户 kickoutAfter: false + rememberMe: + # 是否开启记住我 + enabled: true # 防止XSS攻击 xss: diff --git a/ruoyi-admin/src/main/resources/templates/login.html b/ruoyi-admin/src/main/resources/templates/login.html index 923665cf6..2a1a8a4f3 100644 --- a/ruoyi-admin/src/main/resources/templates/login.html +++ b/ruoyi-admin/src/main/resources/templates/login.html @@ -37,7 +37,7 @@
  • Thymeleaf
  • Bootstrap
    • - 还没有账号? 立即注册» + 还没有账号? 立即注册»
    @@ -56,7 +56,7 @@
    -
    +
    diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java index 89171e51e..dac3b872e 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/ShiroConfig.java @@ -123,6 +123,12 @@ public class ShiroConfig @Value("${shiro.user.unauthorizedUrl}") private String unauthorizedUrl; + /** + * 是否开启记住我功能 + */ + @Value("${shiro.rememberMe.enabled: false}") + private boolean rememberMe; + /** * 缓存管理器 使用Ehcache实现 */ @@ -236,7 +242,7 @@ public class ShiroConfig // 设置realm. securityManager.setRealm(userRealm); // 记住我 - securityManager.setRememberMeManager(rememberMeManager()); + securityManager.setRememberMeManager(rememberMe ? rememberMeManager() : null); // 注入缓存管理器; securityManager.setCacheManager(getEhCacheManager()); // session管理器