Merge remote-tracking branch 'origin/master'

86129c2c · 赵啸非 · 3d5261ce · df967671 · 86129c2c · 86129c2c
Commit 86129c2c authored Oct 16, 2024 by 赵啸非
3 changed files
--- a/portal-manager/src/main/java/com/mortals/xhx/base/login/web/LoginController.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/base/login/web/LoginController.java
@@ -58,10 +58,17 @@ public class LoginController extends BaseCRUDJsonBodyMappingController<UserServi
    @RequestMapping("login")
    public String login(@RequestBody LoginForm loginForm) throws Exception {
+        //log.info("Session:"+this.request.getSession().getId());
        JSONObject ret = new JSONObject();
        Map<String, Object> data = new HashMap<>();
        String loginName = loginForm.getLoginName();
        String password = loginForm.getPassword();
+        //loginForm.setSecurityCode("admin");
+        if(!StringUtils.isEmpty(loginForm.getMark())){
+            ret.put(KEY_RESULT_CODE, VALUE_RESULT_FAILURE);
+            ret.put(KEY_RESULT_MSG, "非法的参数");
+            return ret.toJSONString();
+        }
        String ip = super.getRequestIP(request);
        if (StringUtils.isEmpty(loginName) || StringUtils.isEmpty(password)) {
            ret.put(KEY_RESULT_CODE, VALUE_RESULT_FAILURE);
@@ -75,7 +82,7 @@ public class LoginController extends BaseCRUDJsonBodyMappingController<UserServi
        UserEntity userEntity = null;
        try {
            loginForm.validate();
-            boolean validCode = validCodeService.doCheckImageValidCode(loginForm.getMark(), super.getRequestIP(request), loginForm.getSecurityCode());
+            boolean validCode = validCodeService.doCheckImageValidCode(this.request.getSession().getId(), super.getRequestIP(request), loginForm.getSecurityCode());
            if (!validCode) {
                throw new AppException("验证码错误");
            }

--- a/portal-manager/src/main/java/com/mortals/xhx/base/login/web/SecurityCodeController.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/base/login/web/SecurityCodeController.java
@@ -6,7 +6,6 @@ import com.mortals.xhx.base.login.service.GifSecurityImage;
 import com.mortals.xhx.base.system.valid.model.ValidCodeEntity;
 import com.mortals.xhx.base.system.valid.service.ValidCodeService;
 import com.mortals.xhx.base.system.valid.web.ValidCodeForm;
-import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.io.IOUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -25,9 +24,9 @@ public class SecurityCodeController
    @RequestMapping("createCode")
    public void createCode(HttpServletRequest request, HttpServletResponse response) {
+        //log.info("Session:"+this.request.getSession().getId());
        // 获取默认难度和长度的验证码
-        String securityCode = validCodeService.createImageValidCode(request.getParameter("mark"), super.getRequestIP(request));
+        String securityCode = validCodeService.createImageValidCode(this.request.getSession().getId(), super.getRequestIP(request));
        // int imageType = ParamUtil.getInt("securityImage", 1);
        int imageType = 0;
        switch (imageType) {

--- a/portal-manager/src/main/java/com/mortals/xhx/base/system/valid/service/impl/ValidCodeServiceImpl.java
+++ b/portal-manager/src/main/java/com/mortals/xhx/base/system/valid/service/impl/ValidCodeServiceImpl.java
@@ -69,6 +69,7 @@ public class ValidCodeServiceImpl extends AbstractCRUDServiceImpl<ValidCodeDao,V
        if(StringUtils.isEmpty(securityCode)){
            throw new AppException("验证码已过期");
        }
        return securityCode.equals(code);
    }