opt:五月增补-去掉登录验证码,token有效期24小时、主登录界面已经登录后,看板页面不要再次登录
This commit is contained in:
@@ -3,18 +3,13 @@ package org.nl.system.controller.secutiry;
|
||||
|
||||
|
||||
import cn.dev33.satoken.stp.StpUtil;
|
||||
import cn.hutool.core.util.IdUtil;
|
||||
import cn.hutool.core.util.ObjectUtil;
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.wf.captcha.base.Captcha;
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.nl.common.utils.RedisUtils;
|
||||
import org.nl.common.utils.SecurityUtils;
|
||||
import org.nl.common.utils.dto.CurrentUser;
|
||||
import org.nl.common.security.config.bean.LoginCodeEnum;
|
||||
import org.nl.common.security.config.bean.LoginProperties;
|
||||
import org.nl.system.service.secutiry.impl.OnlineUserService;
|
||||
import org.nl.system.service.user.ISysUserService;
|
||||
import org.nl.system.service.user.dao.SysUser;
|
||||
@@ -24,9 +19,7 @@ import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
/**
|
||||
* @author Zheng Jie
|
||||
@@ -38,14 +31,10 @@ import java.util.concurrent.TimeUnit;
|
||||
@RequestMapping("/auth")
|
||||
@Api(tags = "系统:系统授权接口")
|
||||
public class AuthorizationController {
|
||||
@Autowired
|
||||
private RedisUtils redisUtils;
|
||||
@Autowired
|
||||
private OnlineUserService onlineUserService;
|
||||
@Autowired
|
||||
private ISysUserService userService;
|
||||
@Autowired
|
||||
private LoginProperties loginProperties;
|
||||
|
||||
@ApiOperation("登录授权")
|
||||
@PostMapping(value = "/login")
|
||||
@@ -77,27 +66,6 @@ public class AuthorizationController {
|
||||
return ResponseEntity.noContent().build();
|
||||
}
|
||||
|
||||
@ApiOperation("获取验证码")
|
||||
@GetMapping(value = "/code")
|
||||
public ResponseEntity<Object> getCode() {
|
||||
// 获取运算的结果
|
||||
Captcha captcha = loginProperties.getCaptcha();
|
||||
String uuid = IdUtil.simpleUUID();
|
||||
//当验证码类型为 arithmetic时且长度 >= 2 时,captcha.text()的结果有几率为浮点型
|
||||
String captchaValue = captcha.text();
|
||||
if (captcha.getCharType() - 1 == LoginCodeEnum.arithmetic.ordinal() && captchaValue.contains(".")) {
|
||||
captchaValue = captchaValue.split("\\.")[0];
|
||||
}
|
||||
// 保存
|
||||
redisUtils.set(uuid, captchaValue, loginProperties.getLoginCode().getExpiration(), TimeUnit.MINUTES);
|
||||
// 验证码信息
|
||||
Map<String, Object> imgResult = new HashMap<String, Object>(2) {{
|
||||
put("img", captcha.toBase64());
|
||||
put("uuid", uuid);
|
||||
}};
|
||||
return ResponseEntity.ok(imgResult);
|
||||
}
|
||||
|
||||
@ApiOperation("退出登录")
|
||||
@DeleteMapping(value = "/logout")
|
||||
public ResponseEntity<Object> logout(HttpServletRequest request) {
|
||||
|
||||
@@ -215,16 +215,6 @@ public class OnlineUserService {
|
||||
// 密码解密 - 前端的加密规则: encrypt
|
||||
AuthUserDto authUser = JSON.toJavaObject((JSON) JSON.toJSON(paramMap), AuthUserDto.class);
|
||||
String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
|
||||
// 查询验证码
|
||||
String code = (String) redisUtils.get(authUser.getUuid());
|
||||
// 清除验证码
|
||||
redisUtils.del(authUser.getUuid());
|
||||
if (StrUtil.isEmpty(code)) {
|
||||
throw new BadRequestException("验证码不存在或已过期");
|
||||
}
|
||||
if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
|
||||
throw new BadRequestException("验证码错误");
|
||||
}
|
||||
// 校验数据库
|
||||
// 根据用户名查询,在比对密码
|
||||
SysUser userInfo = sysUserService.getOne(new QueryWrapper<SysUser>().eq("username",authUser.getUsername()));
|
||||
|
||||
@@ -81,24 +81,8 @@ spring:
|
||||
login:
|
||||
# 登录缓存
|
||||
cache-enable: true
|
||||
# 是否限制单用户登录
|
||||
# 是否限制单用户登录
|
||||
single-login: false
|
||||
# 验证码
|
||||
login-code:
|
||||
# 验证码类型配置 查看 LoginProperties 类
|
||||
code-type: arithmetic
|
||||
# 登录图形验证码有效时间/分钟
|
||||
expiration: 2
|
||||
# 验证码高度
|
||||
width: 111
|
||||
# 验证码宽度
|
||||
heigth: 36
|
||||
# 内容长度
|
||||
length: 2
|
||||
# 字体名称,为空则使用默认字体
|
||||
font-name:
|
||||
# 字体大小
|
||||
font-size: 25
|
||||
|
||||
#是否允许生成代码,生产环境设置为false
|
||||
generator:
|
||||
@@ -135,8 +119,8 @@ logging:
|
||||
sa-token:
|
||||
# token 名称 (同时也是cookie名称)
|
||||
token-name: Authorization
|
||||
# token 有效期,单位s 默认30天, -1代表永不过期
|
||||
timeout: 2592000
|
||||
# token 有效期,单位s 默认24小时, -1代表永不过期
|
||||
timeout: 86400
|
||||
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
|
||||
activity-timeout: -1
|
||||
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
|
||||
|
||||
@@ -81,24 +81,8 @@ spring:
|
||||
login:
|
||||
# 登录缓存
|
||||
cache-enable: true
|
||||
# 是否限制单用户登录
|
||||
# 是否限制单用户登录
|
||||
single-login: false
|
||||
# 验证码
|
||||
login-code:
|
||||
# 验证码类型配置 查看 LoginProperties 类
|
||||
code-type: arithmetic
|
||||
# 登录图形验证码有效时间/分钟
|
||||
expiration: 2
|
||||
# 验证码高度
|
||||
width: 111
|
||||
# 验证码宽度
|
||||
heigth: 36
|
||||
# 内容长度
|
||||
length: 2
|
||||
# 字体名称,为空则使用默认字体
|
||||
font-name:
|
||||
# 字体大小
|
||||
font-size: 25
|
||||
|
||||
#是否允许生成代码,生产环境设置为false
|
||||
generator:
|
||||
@@ -135,8 +119,8 @@ logging:
|
||||
sa-token:
|
||||
# token 名称 (同时也是cookie名称)
|
||||
token-name: Authorization
|
||||
# token 有效期,单位s 默认30天, -1代表永不过期
|
||||
timeout: 2592000
|
||||
# token 有效期,单位s 默认24小时, -1代表永不过期
|
||||
timeout: 86400
|
||||
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
|
||||
activity-timeout: -1
|
||||
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
|
||||
|
||||
@@ -72,24 +72,8 @@ spring:
|
||||
login:
|
||||
# 登录缓存
|
||||
cache-enable: true
|
||||
# 是否限制单用户登录
|
||||
# 是否限制单用户登录
|
||||
single-login: false
|
||||
# 验证码
|
||||
login-code:
|
||||
# 验证码类型配置 查看 LoginProperties 类
|
||||
code-type: arithmetic
|
||||
# 登录图形验证码有效时间/分钟
|
||||
expiration: 2
|
||||
# 验证码高度
|
||||
width: 111
|
||||
# 验证码宽度
|
||||
heigth: 36
|
||||
# 内容长度
|
||||
length: 2
|
||||
# 字体名称,为空则使用默认字体,如遇到线上乱码,设置其他字体即可
|
||||
font-name:
|
||||
# 字体大小
|
||||
font-size: 25
|
||||
|
||||
#jwt
|
||||
jwt:
|
||||
@@ -151,8 +135,8 @@ logging:
|
||||
sa-token:
|
||||
# token 名称 (同时也是cookie名称)
|
||||
token-name: Authorization
|
||||
# token 有效期,单位s 默认30天, -1代表永不过期
|
||||
timeout: 2592000
|
||||
# token 有效期,单位s 默认24小时, -1代表永不过期
|
||||
timeout: 86400
|
||||
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
|
||||
activity-timeout: -1
|
||||
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)
|
||||
|
||||
@@ -1,14 +1,12 @@
|
||||
import request from '@/utils/request'
|
||||
|
||||
export function login(username, password, code, uuid) {
|
||||
export function login(username, password) {
|
||||
return request({
|
||||
url: 'auth/login',
|
||||
method: 'post',
|
||||
data: {
|
||||
username,
|
||||
password,
|
||||
code,
|
||||
uuid
|
||||
password
|
||||
}
|
||||
})
|
||||
}
|
||||
@@ -20,13 +18,6 @@ export function getInfo() {
|
||||
})
|
||||
}
|
||||
|
||||
export function getCodeImg() {
|
||||
return request({
|
||||
url: 'auth/code',
|
||||
method: 'get'
|
||||
})
|
||||
}
|
||||
|
||||
export function logout() {
|
||||
return request({
|
||||
url: 'auth/logout',
|
||||
|
||||
@@ -30,7 +30,7 @@ const user = {
|
||||
Login({ commit }, userInfo) {
|
||||
// const rememberMe = userInfo.rememberMe
|
||||
return new Promise((resolve, reject) => {
|
||||
login(userInfo.username, userInfo.password, userInfo.code, userInfo.uuid).then(res => {
|
||||
login(userInfo.username, userInfo.password).then(res => {
|
||||
// setToken(res.token, rememberMe)
|
||||
commit('SET_TOKEN', res.token)
|
||||
setUserInfo(res.user, commit)
|
||||
|
||||
@@ -13,14 +13,6 @@
|
||||
<svg-icon slot="prefix" icon-class="password" class="el-input__icon input-icon" />
|
||||
</el-input>
|
||||
</el-form-item>
|
||||
<el-form-item prop="code">
|
||||
<el-input v-model="loginForm.code" auto-complete="off" placeholder="验证码" style="width: 63%" @keyup.enter.native="handleLogin">
|
||||
<svg-icon slot="prefix" icon-class="validCode" class="el-input__icon input-icon" />
|
||||
</el-input>
|
||||
<div class="login-code">
|
||||
<img :src="codeUrl" @click="getCode">
|
||||
</div>
|
||||
</el-form-item>
|
||||
<el-checkbox v-model="loginForm.rememberMe" style="margin:0 0 25px 0;">
|
||||
记住我
|
||||
</el-checkbox>
|
||||
@@ -43,7 +35,6 @@
|
||||
<script>
|
||||
import { encrypt } from '@/utils/rsaEncrypt'
|
||||
import Config from '@/settings'
|
||||
import { getCodeImg } from '@/api/login'
|
||||
import Cookies from 'js-cookie'
|
||||
import Background from '@/assets/images/background.jpg'
|
||||
export default {
|
||||
@@ -53,19 +44,15 @@ export default {
|
||||
title: '诺力开发平台',
|
||||
title_param: 'platform',
|
||||
Background: Background,
|
||||
codeUrl: '',
|
||||
cookiePass: '',
|
||||
loginForm: {
|
||||
username: '',
|
||||
password: '',
|
||||
rememberMe: true,
|
||||
code: '',
|
||||
uuid: ''
|
||||
rememberMe: true
|
||||
},
|
||||
loginRules: {
|
||||
username: [{ required: true, trigger: 'blur', message: '用户名不能为空' }],
|
||||
password: [{ required: true, trigger: 'blur', message: '密码不能为空' }],
|
||||
code: [{ required: true, trigger: 'change', message: '验证码不能为空' }]
|
||||
password: [{ required: true, trigger: 'blur', message: '密码不能为空' }]
|
||||
},
|
||||
loading: false,
|
||||
redirect: undefined
|
||||
@@ -83,20 +70,12 @@ export default {
|
||||
this.getValueByCode(this.title_param).then(res => {
|
||||
this.title = res.value
|
||||
})
|
||||
// 获取验证码
|
||||
this.getCode()
|
||||
// 获取用户名密码等Cookie
|
||||
this.getCookie()
|
||||
// token 过期提示
|
||||
this.point()
|
||||
},
|
||||
methods: {
|
||||
getCode() {
|
||||
getCodeImg().then(res => {
|
||||
this.codeUrl = res.img
|
||||
this.loginForm.uuid = res.uuid
|
||||
})
|
||||
},
|
||||
getCookie() {
|
||||
const username = Cookies.get('username')
|
||||
let password = Cookies.get('password')
|
||||
@@ -116,9 +95,7 @@ export default {
|
||||
const user = {
|
||||
username: this.loginForm.username,
|
||||
password: this.loginForm.password,
|
||||
rememberMe: this.loginForm.rememberMe,
|
||||
code: this.loginForm.code,
|
||||
uuid: this.loginForm.uuid
|
||||
rememberMe: this.loginForm.rememberMe
|
||||
}
|
||||
user.password = encrypt(user.password)
|
||||
if (valid) {
|
||||
@@ -139,10 +116,9 @@ export default {
|
||||
// window.location.href = this.redirect
|
||||
// }
|
||||
// this.$router.push({ path: this.redirect || '/' })
|
||||
}).catch(() => {
|
||||
this.loading = false
|
||||
this.getCode()
|
||||
})
|
||||
}).catch(() => {
|
||||
this.loading = false
|
||||
})
|
||||
} else {
|
||||
console.log('error submit!!')
|
||||
return false
|
||||
@@ -195,19 +171,9 @@ export default {
|
||||
height: 39px;width: 14px;margin-left: 2px;
|
||||
}
|
||||
}
|
||||
.login-tip {
|
||||
font-size: 13px;
|
||||
text-align: center;
|
||||
color: #bfbfbf;
|
||||
}
|
||||
.login-code {
|
||||
width: 33%;
|
||||
display: inline-block;
|
||||
height: 38px;
|
||||
float: right;
|
||||
img{
|
||||
cursor: pointer;
|
||||
vertical-align:middle
|
||||
}
|
||||
}
|
||||
.login-tip {
|
||||
font-size: 13px;
|
||||
text-align: center;
|
||||
color: #bfbfbf;
|
||||
}
|
||||
</style>
|
||||
|
||||
Reference in New Issue
Block a user