验证登录取消
This commit is contained in:
parent
e29d8a7e81
commit
e1b42a874c
|
|
@ -56,13 +56,13 @@ public class LoginController {
|
|||
@Autowired
|
||||
private ISysLogService logService;
|
||||
@Autowired
|
||||
private RedisUtil redisUtil;
|
||||
private RedisUtil redisUtil;
|
||||
@Autowired
|
||||
private ISysDepartService sysDepartService;
|
||||
private ISysDepartService sysDepartService;
|
||||
@Autowired
|
||||
private ISysTenantService sysTenantService;
|
||||
@Autowired
|
||||
private ISysDictService sysDictService;
|
||||
private ISysDictService sysDictService;
|
||||
@Resource
|
||||
private BaseCommonService baseCommonService;
|
||||
|
||||
|
|
@ -88,26 +88,26 @@ public class LoginController {
|
|||
//update-begin--Author:scott Date:20190805 for:暂时注释掉密码加密逻辑,有点问题
|
||||
|
||||
//update-begin-author:taoyan date:20190828 for:校验验证码
|
||||
String captcha = sysLoginModel.getCaptcha();
|
||||
if(captcha==null){
|
||||
result.error500("验证码无效");
|
||||
return result;
|
||||
}
|
||||
String lowerCaseCaptcha = captcha.toLowerCase();
|
||||
//update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
|
||||
// 加入密钥作为混淆,避免简单的拼接,被外部利用,用户自定义该密钥即可
|
||||
String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
|
||||
String realKey = Md5Util.md5Encode(origin, "utf-8");
|
||||
//update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
|
||||
Object checkCode = redisUtil.get(realKey);
|
||||
//当进入登录页时,有一定几率出现验证码错误 #1714
|
||||
if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
|
||||
log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
|
||||
result.error500("验证码错误");
|
||||
// 改成特殊的code 便于前端判断
|
||||
result.setCode(HttpStatus.PRECONDITION_FAILED.value());
|
||||
return result;
|
||||
}
|
||||
// String captcha = sysLoginModel.getCaptcha();
|
||||
// if(captcha==null){
|
||||
// result.error500("验证码无效");
|
||||
// return result;
|
||||
// }
|
||||
// String lowerCaseCaptcha = captcha.toLowerCase();
|
||||
// //update-begin-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
|
||||
// // 加入密钥作为混淆,避免简单的拼接,被外部利用,用户自定义该密钥即可
|
||||
// String origin = lowerCaseCaptcha+sysLoginModel.getCheckKey()+jeecgBaseConfig.getSignatureSecret();
|
||||
// String realKey = Md5Util.md5Encode(origin, "utf-8");
|
||||
// //update-end-author:taoyan date:2022-9-13 for: VUEN-2245 【漏洞】发现新漏洞待处理20220906
|
||||
// Object checkCode = redisUtil.get(realKey);
|
||||
// //当进入登录页时,有一定几率出现验证码错误 #1714
|
||||
// if(checkCode==null || !checkCode.toString().equals(lowerCaseCaptcha)) {
|
||||
// log.warn("验证码错误,key= {} , Ui checkCode= {}, Redis checkCode = {}", sysLoginModel.getCheckKey(), lowerCaseCaptcha, checkCode);
|
||||
// result.error500("验证码错误");
|
||||
// // 改成特殊的code 便于前端判断
|
||||
// result.setCode(HttpStatus.PRECONDITION_FAILED.value());
|
||||
// return result;
|
||||
// }
|
||||
//update-end-author:taoyan date:20190828 for:校验验证码
|
||||
|
||||
//1. 校验用户是否有效
|
||||
|
|
@ -135,13 +135,13 @@ public class LoginController {
|
|||
//用户登录信息
|
||||
userInfo(sysUser, result);
|
||||
//update-begin--Author:liusq Date:20210126 for:登录成功,删除redis中的验证码
|
||||
redisUtil.del(realKey);
|
||||
// redisUtil.del(realKey);
|
||||
//update-begin--Author:liusq Date:20210126 for:登录成功,删除redis中的验证码
|
||||
redisUtil.del(CommonConstant.LOGIN_FAIL + username);
|
||||
LoginUser loginUser = new LoginUser();
|
||||
BeanUtils.copyProperties(sysUser, loginUser);
|
||||
baseCommonService.addLog("用户名: " + username + ",登录成功!", CommonConstant.LOG_TYPE_1, null,loginUser);
|
||||
//update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
||||
//update-end--Author:wangshuai Date:20200714 for:登录日志没有记录人员
|
||||
return result;
|
||||
}
|
||||
|
||||
|
|
@ -190,29 +190,29 @@ public class LoginController {
|
|||
@RequestMapping(value = "/logout")
|
||||
public Result<Object> logout(HttpServletRequest request,HttpServletResponse response) {
|
||||
//用户退出逻辑
|
||||
String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
||||
if(oConvertUtils.isEmpty(token)) {
|
||||
return Result.error("退出登录失败!");
|
||||
}
|
||||
String username = JwtUtil.getUsername(token);
|
||||
String token = request.getHeader(CommonConstant.X_ACCESS_TOKEN);
|
||||
if(oConvertUtils.isEmpty(token)) {
|
||||
return Result.error("退出登录失败!");
|
||||
}
|
||||
String username = JwtUtil.getUsername(token);
|
||||
LoginUser sysUser = sysBaseApi.getUserByName(username);
|
||||
if(sysUser!=null) {
|
||||
if(sysUser!=null) {
|
||||
//update-begin--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
||||
baseCommonService.addLog("用户名: "+sysUser.getRealname()+",退出成功!", CommonConstant.LOG_TYPE_1, null,sysUser);
|
||||
//update-end--Author:wangshuai Date:20200714 for:登出日志没有记录人员
|
||||
log.info(" 用户名: "+sysUser.getRealname()+",退出成功! ");
|
||||
//清空用户登录Token缓存
|
||||
redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
|
||||
//清空用户登录Shiro权限缓存
|
||||
log.info(" 用户名: "+sysUser.getRealname()+",退出成功! ");
|
||||
//清空用户登录Token缓存
|
||||
redisUtil.del(CommonConstant.PREFIX_USER_TOKEN + token);
|
||||
//清空用户登录Shiro权限缓存
|
||||
redisUtil.del(CommonConstant.PREFIX_USER_SHIRO_CACHE + sysUser.getId());
|
||||
//清空用户的缓存信息(包括部门信息),例如sys:cache:user::<username>
|
||||
redisUtil.del(String.format("%s::%s", CacheConstant.SYS_USERS_CACHE, sysUser.getUsername()));
|
||||
//调用shiro的logout
|
||||
SecurityUtils.getSubject().logout();
|
||||
return Result.ok("退出登录成功!");
|
||||
}else {
|
||||
return Result.error("Token无效!");
|
||||
}
|
||||
return Result.ok("退出登录成功!");
|
||||
}else {
|
||||
return Result.error("Token无效!");
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -255,14 +255,14 @@ public class LoginController {
|
|||
Result<List<Map<String,Object>>> result = new Result<List<Map<String,Object>>>();
|
||||
Calendar calendar = new GregorianCalendar();
|
||||
calendar.set(Calendar.HOUR_OF_DAY,0);
|
||||
calendar.set(Calendar.MINUTE,0);
|
||||
calendar.set(Calendar.SECOND,0);
|
||||
calendar.set(Calendar.MILLISECOND,0);
|
||||
calendar.add(Calendar.DAY_OF_MONTH, 1);
|
||||
Date dayEnd = calendar.getTime();
|
||||
calendar.add(Calendar.DAY_OF_MONTH, -7);
|
||||
Date dayStart = calendar.getTime();
|
||||
List<Map<String,Object>> list = logService.findVisitCount(dayStart, dayEnd);
|
||||
calendar.set(Calendar.MINUTE,0);
|
||||
calendar.set(Calendar.SECOND,0);
|
||||
calendar.set(Calendar.MILLISECOND,0);
|
||||
calendar.add(Calendar.DAY_OF_MONTH, 1);
|
||||
Date dayEnd = calendar.getTime();
|
||||
calendar.add(Calendar.DAY_OF_MONTH, -7);
|
||||
Date dayStart = calendar.getTime();
|
||||
List<Map<String,Object>> list = logService.findVisitCount(dayStart, dayEnd);
|
||||
result.setResult(oConvertUtils.toLowerCasePageList(list));
|
||||
return result;
|
||||
}
|
||||
|
|
@ -327,7 +327,7 @@ public class LoginController {
|
|||
//随机数
|
||||
String captcha = RandomUtil.randomNumbers(6);
|
||||
JSONObject obj = new JSONObject();
|
||||
obj.put("code", captcha);
|
||||
obj.put("code", captcha);
|
||||
try {
|
||||
boolean b = false;
|
||||
//注册模板
|
||||
|
|
|
|||
Loading…
Reference in New Issue