mirror of https://github.com/jeecgboot/jeecg-boot
密码加密传递暂时注释掉\swagger设置全局token,解决接口需要token验证的问题
parent
29d77c89df
commit
6f831dbb46
|
@ -227,17 +227,9 @@
|
|||
created () {
|
||||
Vue.ls.remove(ACCESS_TOKEN)
|
||||
this.getRouterData();
|
||||
this.getEncrypte();
|
||||
// update-begin- --- author:scott ------ date:20190225 ---- for:暂时注释,未实现登录验证码功能
|
||||
// this.$http.get('/auth/2step-code')
|
||||
// .then(res => {
|
||||
// this.requiredTwoStepCaptcha = res.result.stepCode
|
||||
// }).catch(err => {
|
||||
// console.log('2step-code:', err)
|
||||
// })
|
||||
// update-end- --- author:scott ------ date:20190225 ---- for:暂时注释,未实现登录验证码功能
|
||||
// this.requiredTwoStepCaptcha = true
|
||||
|
||||
// update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
|
||||
//this.getEncrypte();
|
||||
// update-end- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
|
||||
},
|
||||
methods: {
|
||||
...mapActions([ "Login", "Logout","PhoneLogin" ]),
|
||||
|
@ -266,8 +258,12 @@
|
|||
that.form.validateFields([ 'username', 'password','inputCode' ], { force: true }, (err, values) => {
|
||||
if (!err) {
|
||||
loginParams.username = values.username
|
||||
// update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
|
||||
//loginParams.password = md5(values.password)
|
||||
loginParams.password = encryption(values.password,that.encryptedString.key,that.encryptedString.iv).replace(/\+/g,"%2B");
|
||||
//loginParams.password = encryption(values.password,that.encryptedString.key,that.encryptedString.iv)
|
||||
loginParams.password = values.password
|
||||
// update-begin- --- author:scott ------ date:20190805 ---- for:密码加密逻辑暂时注释掉,有点问题
|
||||
|
||||
that.Login(loginParams).then((res) => {
|
||||
this.departConfirm(res)
|
||||
}).catch((err) => {
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
package org.jeecg.config;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.Collections;
|
||||
import java.util.List;
|
||||
|
||||
import org.jeecg.modules.shiro.vo.DefContants;
|
||||
|
@ -12,6 +13,7 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
|
|||
import com.github.xiaoymin.swaggerbootstrapui.annotations.EnableSwaggerBootstrapUI;
|
||||
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import springfox.documentation.service.ApiKey;
|
||||
import springfox.documentation.service.Parameter;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import springfox.documentation.builders.ApiInfoBuilder;
|
||||
|
@ -20,6 +22,7 @@ import springfox.documentation.builders.PathSelectors;
|
|||
import springfox.documentation.builders.RequestHandlerSelectors;
|
||||
import springfox.documentation.schema.ModelRef;
|
||||
import springfox.documentation.service.ApiInfo;
|
||||
import springfox.documentation.service.SecurityScheme;
|
||||
import springfox.documentation.spi.DocumentationType;
|
||||
import springfox.documentation.spring.web.plugins.Docket;
|
||||
import springfox.documentation.swagger2.annotations.EnableSwagger2;
|
||||
|
@ -62,9 +65,20 @@ public class Swagger2Config implements WebMvcConfigurer {
|
|||
.apis(RequestHandlerSelectors.withMethodAnnotation(ApiOperation.class))
|
||||
.paths(PathSelectors.any())
|
||||
.build()
|
||||
.globalOperationParameters(setHeaderToken());
|
||||
.securitySchemes(Collections.singletonList(securityScheme()));
|
||||
//.globalOperationParameters(setHeaderToken());
|
||||
}
|
||||
|
||||
/***
|
||||
* oauth2配置
|
||||
* 需要增加swagger授权回调地址
|
||||
* http://localhost:8888/webjars/springfox-swagger-ui/o2c.html
|
||||
* @return
|
||||
*/
|
||||
@Bean
|
||||
SecurityScheme securityScheme() {
|
||||
return new ApiKey(DefContants.X_ACCESS_TOKEN, DefContants.X_ACCESS_TOKEN, "header");
|
||||
}
|
||||
/**
|
||||
* JWT token
|
||||
* @return
|
||||
|
@ -90,11 +104,11 @@ public class Swagger2Config implements WebMvcConfigurer {
|
|||
.version("1.0")
|
||||
// .termsOfServiceUrl("NO terms of service")
|
||||
// 描述
|
||||
.description("restful 风格接口")
|
||||
.description("后台API接口")
|
||||
// 作者
|
||||
// .contact(new Contact("scott", "http://jeecg.org", "jeecgos@163.com"))
|
||||
// .license("The Apache License, Version 2.0")
|
||||
// .licenseUrl("http://www.apache.org/licenses/LICENSE-2.0.html")
|
||||
.contact("JEECG团队")
|
||||
.license("The Apache License, Version 2.0")
|
||||
.licenseUrl("http://www.apache.org/licenses/LICENSE-2.0.html")
|
||||
.build();
|
||||
}
|
||||
|
||||
|
|
|
@ -67,8 +67,11 @@ public class LoginController {
|
|||
Result<JSONObject> result = new Result<JSONObject>();
|
||||
String username = sysLoginModel.getUsername();
|
||||
String password = sysLoginModel.getPassword();
|
||||
//步骤1:TODO 前端密码加密,后端进行密码解密,防止传输密码篡改等问题,不配就直接提示密码错误,并记录日志后期进行统计分析是否锁定
|
||||
password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
|
||||
//update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题
|
||||
//前端密码加密,后端进行密码解密
|
||||
//password = AesEncryptUtil.desEncrypt(sysLoginModel.getPassword().replaceAll("%2B", "\\+")).trim();//密码解密
|
||||
//update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题
|
||||
|
||||
//1. 校验用户是否有效
|
||||
SysUser sysUser = sysUserService.getUserByName(username);
|
||||
result = sysUserService.checkUserIsEffective(sysUser);
|
||||
|
@ -263,7 +266,7 @@ public class LoginController {
|
|||
* @return
|
||||
*/
|
||||
@PostMapping("/phoneLogin")
|
||||
public Result<JSONObject> login(@RequestBody JSONObject jsonObject) {
|
||||
public Result<JSONObject> phoneLogin(@RequestBody JSONObject jsonObject) {
|
||||
Result<JSONObject> result = new Result<JSONObject>();
|
||||
String phone = jsonObject.getString("mobile");
|
||||
|
||||
|
|
Loading…
Reference in New Issue