opt:五月增补-去掉登录验证码,token有效期24小时、主登录界面已经登录后,看板页面不要再次登录

This commit is contained in:
zhaoyf
2026-06-01 16:24:28 +08:00
parent 4902c0e9a1
commit c76b06cdcb
18 changed files with 63 additions and 315 deletions

View File

@@ -3,18 +3,13 @@ package org.nl.system.controller.secutiry;
import cn.dev33.satoken.stp.StpUtil;
import cn.hutool.core.util.IdUtil;
import cn.hutool.core.util.ObjectUtil;
import com.alibaba.fastjson.JSONObject;
import com.wf.captcha.base.Captcha;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.nl.common.utils.RedisUtils;
import org.nl.common.utils.SecurityUtils;
import org.nl.common.utils.dto.CurrentUser;
import org.nl.common.security.config.bean.LoginCodeEnum;
import org.nl.common.security.config.bean.LoginProperties;
import org.nl.system.service.secutiry.impl.OnlineUserService;
import org.nl.system.service.user.ISysUserService;
import org.nl.system.service.user.dao.SysUser;
@@ -24,9 +19,7 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.TimeUnit;
/**
* @author Zheng Jie
@@ -38,14 +31,10 @@ import java.util.concurrent.TimeUnit;
@RequestMapping("/auth")
@Api(tags = "系统:系统授权接口")
public class AuthorizationController {
@Autowired
private RedisUtils redisUtils;
@Autowired
private OnlineUserService onlineUserService;
@Autowired
private ISysUserService userService;
@Autowired
private LoginProperties loginProperties;
@ApiOperation("登录授权")
@PostMapping(value = "/login")
@@ -77,27 +66,6 @@ public class AuthorizationController {
return ResponseEntity.noContent().build();
}
@ApiOperation("获取验证码")
@GetMapping(value = "/code")
public ResponseEntity<Object> getCode() {
// 获取运算的结果
Captcha captcha = loginProperties.getCaptcha();
String uuid = IdUtil.simpleUUID();
//当验证码类型为 arithmetic时且长度 >= 2 时captcha.text()的结果有几率为浮点型
String captchaValue = captcha.text();
if (captcha.getCharType() - 1 == LoginCodeEnum.arithmetic.ordinal() && captchaValue.contains(".")) {
captchaValue = captchaValue.split("\\.")[0];
}
// 保存
redisUtils.set(uuid, captchaValue, loginProperties.getLoginCode().getExpiration(), TimeUnit.MINUTES);
// 验证码信息
Map<String, Object> imgResult = new HashMap<String, Object>(2) {{
put("img", captcha.toBase64());
put("uuid", uuid);
}};
return ResponseEntity.ok(imgResult);
}
@ApiOperation("退出登录")
@DeleteMapping(value = "/logout")
public ResponseEntity<Object> logout(HttpServletRequest request) {

View File

@@ -215,16 +215,6 @@ public class OnlineUserService {
// 密码解密 - 前端的加密规则: encrypt
AuthUserDto authUser = JSON.toJavaObject((JSON) JSON.toJSON(paramMap), AuthUserDto.class);
String password = RsaUtils.decryptByPrivateKey(RsaProperties.privateKey, authUser.getPassword());
// 查询验证码
String code = (String) redisUtils.get(authUser.getUuid());
// 清除验证码
redisUtils.del(authUser.getUuid());
if (StrUtil.isEmpty(code)) {
throw new BadRequestException("验证码不存在或已过期");
}
if (StrUtil.isEmpty(authUser.getCode()) || !authUser.getCode().equalsIgnoreCase(code)) {
throw new BadRequestException("验证码错误");
}
// 校验数据库
// 根据用户名查询,在比对密码
SysUser userInfo = sysUserService.getOne(new QueryWrapper<SysUser>().eq("username",authUser.getUsername()));

View File

@@ -81,24 +81,8 @@ spring:
login:
# 登录缓存
cache-enable: true
# 是否限制单用户登录
# 是否限制单用户登录
single-login: false
# 验证码
login-code:
# 验证码类型配置 查看 LoginProperties 类
code-type: arithmetic
# 登录图形验证码有效时间/分钟
expiration: 2
# 验证码高度
width: 111
# 验证码宽度
heigth: 36
# 内容长度
length: 2
# 字体名称,为空则使用默认字体
font-name:
# 字体大小
font-size: 25
#是否允许生成代码生产环境设置为false
generator:
@@ -135,8 +119,8 @@ logging:
sa-token:
# token 名称 (同时也是cookie名称)
token-name: Authorization
# token 有效期单位s 默认30天, -1代表永不过期
timeout: 2592000
# token 有效期单位s 默认24小时, -1代表永不过期
timeout: 86400
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
activity-timeout: -1
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)

View File

@@ -81,24 +81,8 @@ spring:
login:
# 登录缓存
cache-enable: true
# 是否限制单用户登录
# 是否限制单用户登录
single-login: false
# 验证码
login-code:
# 验证码类型配置 查看 LoginProperties 类
code-type: arithmetic
# 登录图形验证码有效时间/分钟
expiration: 2
# 验证码高度
width: 111
# 验证码宽度
heigth: 36
# 内容长度
length: 2
# 字体名称,为空则使用默认字体
font-name:
# 字体大小
font-size: 25
#是否允许生成代码生产环境设置为false
generator:
@@ -135,8 +119,8 @@ logging:
sa-token:
# token 名称 (同时也是cookie名称)
token-name: Authorization
# token 有效期单位s 默认30天, -1代表永不过期
timeout: 2592000
# token 有效期单位s 默认24小时, -1代表永不过期
timeout: 86400
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
activity-timeout: -1
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)

View File

@@ -72,24 +72,8 @@ spring:
login:
# 登录缓存
cache-enable: true
# 是否限制单用户登录
# 是否限制单用户登录
single-login: false
# 验证码
login-code:
# 验证码类型配置 查看 LoginProperties 类
code-type: arithmetic
# 登录图形验证码有效时间/分钟
expiration: 2
# 验证码高度
width: 111
# 验证码宽度
heigth: 36
# 内容长度
length: 2
# 字体名称,为空则使用默认字体,如遇到线上乱码,设置其他字体即可
font-name:
# 字体大小
font-size: 25
#jwt
jwt:
@@ -151,8 +135,8 @@ logging:
sa-token:
# token 名称 (同时也是cookie名称)
token-name: Authorization
# token 有效期单位s 默认30天, -1代表永不过期
timeout: 2592000
# token 有效期单位s 默认24小时, -1代表永不过期
timeout: 86400
# token 临时有效期 (指定时间内无操作就视为token过期) 单位: 秒
activity-timeout: -1
# 是否允许同一账号并发登录 (为true时允许一起登录, 为false时新登录挤掉旧登录)

View File

@@ -1,14 +1,12 @@
import request from '@/utils/request'
export function login(username, password, code, uuid) {
export function login(username, password) {
return request({
url: 'auth/login',
method: 'post',
data: {
username,
password,
code,
uuid
password
}
})
}
@@ -20,13 +18,6 @@ export function getInfo() {
})
}
export function getCodeImg() {
return request({
url: 'auth/code',
method: 'get'
})
}
export function logout() {
return request({
url: 'auth/logout',

View File

@@ -30,7 +30,7 @@ const user = {
Login({ commit }, userInfo) {
// const rememberMe = userInfo.rememberMe
return new Promise((resolve, reject) => {
login(userInfo.username, userInfo.password, userInfo.code, userInfo.uuid).then(res => {
login(userInfo.username, userInfo.password).then(res => {
// setToken(res.token, rememberMe)
commit('SET_TOKEN', res.token)
setUserInfo(res.user, commit)

View File

@@ -13,14 +13,6 @@
<svg-icon slot="prefix" icon-class="password" class="el-input__icon input-icon" />
</el-input>
</el-form-item>
<el-form-item prop="code">
<el-input v-model="loginForm.code" auto-complete="off" placeholder="验证码" style="width: 63%" @keyup.enter.native="handleLogin">
<svg-icon slot="prefix" icon-class="validCode" class="el-input__icon input-icon" />
</el-input>
<div class="login-code">
<img :src="codeUrl" @click="getCode">
</div>
</el-form-item>
<el-checkbox v-model="loginForm.rememberMe" style="margin:0 0 25px 0;">
记住我
</el-checkbox>
@@ -43,7 +35,6 @@
<script>
import { encrypt } from '@/utils/rsaEncrypt'
import Config from '@/settings'
import { getCodeImg } from '@/api/login'
import Cookies from 'js-cookie'
import Background from '@/assets/images/background.jpg'
export default {
@@ -53,19 +44,15 @@ export default {
title: '诺力开发平台',
title_param: 'platform',
Background: Background,
codeUrl: '',
cookiePass: '',
loginForm: {
username: '',
password: '',
rememberMe: true,
code: '',
uuid: ''
rememberMe: true
},
loginRules: {
username: [{ required: true, trigger: 'blur', message: '用户名不能为空' }],
password: [{ required: true, trigger: 'blur', message: '密码不能为空' }],
code: [{ required: true, trigger: 'change', message: '验证码不能为空' }]
password: [{ required: true, trigger: 'blur', message: '密码不能为空' }]
},
loading: false,
redirect: undefined
@@ -83,20 +70,12 @@ export default {
this.getValueByCode(this.title_param).then(res => {
this.title = res.value
})
// 获取验证码
this.getCode()
// 获取用户名密码等Cookie
this.getCookie()
// token 过期提示
this.point()
},
methods: {
getCode() {
getCodeImg().then(res => {
this.codeUrl = res.img
this.loginForm.uuid = res.uuid
})
},
getCookie() {
const username = Cookies.get('username')
let password = Cookies.get('password')
@@ -116,9 +95,7 @@ export default {
const user = {
username: this.loginForm.username,
password: this.loginForm.password,
rememberMe: this.loginForm.rememberMe,
code: this.loginForm.code,
uuid: this.loginForm.uuid
rememberMe: this.loginForm.rememberMe
}
user.password = encrypt(user.password)
if (valid) {
@@ -139,10 +116,9 @@ export default {
// window.location.href = this.redirect
// }
// this.$router.push({ path: this.redirect || '/' })
}).catch(() => {
this.loading = false
this.getCode()
})
}).catch(() => {
this.loading = false
})
} else {
console.log('error submit!!')
return false
@@ -195,19 +171,9 @@ export default {
height: 39px;width: 14px;margin-left: 2px;
}
}
.login-tip {
font-size: 13px;
text-align: center;
color: #bfbfbf;
}
.login-code {
width: 33%;
display: inline-block;
height: 38px;
float: right;
img{
cursor: pointer;
vertical-align:middle
}
}
.login-tip {
font-size: 13px;
text-align: center;
color: #bfbfbf;
}
</style>