From f5fb315b940753f8414f5bcd1acb48dff61f22ef Mon Sep 17 00:00:00 2001 From: OathK1per Date: Mon, 6 Dec 2021 11:03:28 +0800 Subject: [PATCH] =?UTF-8?q?=E6=B7=BB=E5=8A=A0=E9=AA=8C=E8=AF=81=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../controller/backend/AdminController.java | 23 ++++++++++++++++++- .../resources/templates/admin/admin_login.ftl | 13 +++++------ 2 files changed, 28 insertions(+), 8 deletions(-) diff --git a/src/main/java/cn/palmte/work/controller/backend/AdminController.java b/src/main/java/cn/palmte/work/controller/backend/AdminController.java index c35e1ad..633bb3c 100644 --- a/src/main/java/cn/palmte/work/controller/backend/AdminController.java +++ b/src/main/java/cn/palmte/work/controller/backend/AdminController.java @@ -49,12 +49,24 @@ public class AdminController extends BaseController { public String singIn(RedirectAttributes attr, LoginRequest loginRequest, HttpServletRequest request) throws Exception { String userName = loginRequest.getUserName(); String password = loginRequest.getPassword(); + String captchaToken = loginRequest.getCaptchaToken(); + String code; String message; - try { + try{ + try{ + code = request.getSession().getAttribute(CaptchaUtils.RANDOM_CODE_KEY).toString(); + }catch(Exception e){ + logger.info(e.getMessage() , e); + message ="验证码错误"; + attr.addAttribute("errorMessages",message); + return "redirect:/admin/err"; + } try { String privateKey = request.getSession().getAttribute(Constant.PRIVATEKEY).toString(); userName = new String(RSAUtils.decryptByPrivateKey(Base64Utils.decode(userName), privateKey)); password = new String(RSAUtils.decryptByPrivateKey(Base64Utils.decode(password), privateKey)); + captchaToken = new String(RSAUtils.decryptByPrivateKey(Base64Utils.decode(captchaToken),privateKey)); + logger.info("username:" + userName + ",password:" + password + ",captcha:" + captchaToken); } catch (Exception e) { logger.error("解密出错", e); attr.addAttribute("errorMessages", "用户名密码错误"); @@ -66,6 +78,15 @@ public class AdminController extends BaseController { attr.addAttribute("errorMessages", message); return "redirect:/admin/err"; } + if(!captchaToken.toUpperCase().equals(code)){ + message ="验证码错误!"; + attr.addAttribute("errorMessages",message); + return "redirect:/admin/err"; + } + /** + * 移除验证数据 + */ + request.getSession().removeAttribute(CaptchaUtils.RANDOM_CODE_KEY); Admin admin = adminService.getAdminByUsername(userName); if (null == admin) { message = "用户名或密码错误~~~"; diff --git a/src/main/resources/templates/admin/admin_login.ftl b/src/main/resources/templates/admin/admin_login.ftl index 8b30c7b..4a0f45e 100644 --- a/src/main/resources/templates/admin/admin_login.ftl +++ b/src/main/resources/templates/admin/admin_login.ftl @@ -78,14 +78,13 @@ - <#--
换一张 -
--> +
@@ -120,7 +119,7 @@ }; $().ready( function() { - /*var $captcha = $("#captcha"); + var $captcha = $("#captcha"); var $captchaImage = $("#captchaImage"); $captchaImage.click( function() { @@ -131,7 +130,7 @@ } imageSrc = imageSrc + "?timestamp=" + timestamp + "&width=100&height=35&fontsize=30"; $captchaImage.attr("src", imageSrc); - });*/ + }); //登录 @@ -145,10 +144,10 @@ } else if(passwd.length == 0) { $("#msg").html("密码不能为空"); return false; - }/* else if(vcode.length != 4) { + } else if(vcode.length != 4) { $("#msg").html("验证码错误"); return false; - }*/ + } /* $("#password").val(encryptByDES(passwd,"C36DF8PM")); $("#username").val(encryptByDES(username,"C36DF8PM")); $("#captchaToken").val(encryptByDES(vcode,"C36DF8PM"));*/ @@ -160,7 +159,7 @@ console.log(encrypted); $("#password").val(encrypt.encrypt(passwd)); $("#username").val(encrypt.encrypt(username)); - //$("#captchaToken").val(encrypt.encrypt(vcode)); + $("#captchaToken").val(encrypt.encrypt(vcode));