验证登录取消

2023-11-14 15:15:30 +08:00 · 2023-11-14 15:15:30 +08:00 · e1b42a874c
parent e29d8a7e81
commit e1b42a874c
1 changed files with 75 additions and 75 deletions
--- a/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
+++ b/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java
@ -88,26 +88,26 @@ public class LoginController {
 		//update-begin--Author:scott  Date:20190805 for：暂时注释掉密码加密逻辑，有点问题

 		//update-begin-author:taoyan date:20190828 for:校验验证码
-        String captcha = sysLoginModel.getCaptcha();
-        if(captcha==null){
-            result.error500("验证码无效");
-            return result;
-        }
-        String lowerCaseCaptcha = captcha.toLowerCase();
-        //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
-		// 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
-        String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
-		String realKey = Md5Util.md5Encode(origin, "utf-8");
-		//update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
-		Object checkCode = redisUtil.get(realKey);
-		//当进入登录页时，有一定几率出现验证码错误 #1714
-		if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
-            log.warn("验证码错误，key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
-			result.error500("验证码错误");
-			// 改成特殊的code 便于前端判断
-			result.setCode(HttpStatus.PRECONDITION_FAILED.value());
-			return result;
-		}
+//        String captcha = sysLoginModel.getCaptcha();
+//        if(captcha==null){
+//            result.error500("验证码无效");
+//            return result;
+//        }
+//        String lowerCaseCaptcha = captcha.toLowerCase();
+//        //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
+//		// 加入密钥作为混淆，避免简单的拼接，被外部利用，用户自定义该密钥即可
+//        String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
+//		String realKey = Md5Util.md5Encode(origin, "utf-8");
+//		//update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
+//		Object checkCode = redisUtil.get(realKey);
+//		//当进入登录页时，有一定几率出现验证码错误 #1714
+//		if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
+//            log.warn("验证码错误，key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
+//			result.error500("验证码错误");
+//			// 改成特殊的code 便于前端判断
+//			result.setCode(HttpStatus.PRECONDITION_FAILED.value());
+//			return result;
+//		}
 		//update-end-author:taoyan date:20190828 for:校验验证码

 		//1. 校验用户是否有效
@ -135,7 +135,7 @@ public class LoginController {
 		//用户登录信息
 		userInfo(sysUser, result);
 		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
-		redisUtil.del(realKey);
+//		redisUtil.del(realKey);
 		//update-begin--Author:liusq  Date:20210126  for：登录成功，删除redis中的验证码
 		redisUtil.del(CommonConstant.LOGIN_FAIL + username);
 		LoginUser loginUser = new LoginUser();