From 6b5dd4d2be69759a8a2452195d0fb0b0ef52e72a Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期三, 28 七月 2021 16:04:59 +0800
Subject: [PATCH] 优化XSS跨站脚本过滤
---
ruoyi-ui/src/views/login.vue | 40 +++++++++++++++++++++++-----------------
1 files changed, 23 insertions(+), 17 deletions(-)
diff --git a/ruoyi-ui/src/views/login.vue b/ruoyi-ui/src/views/login.vue
index 880af8d..132007a 100644
--- a/ruoyi-ui/src/views/login.vue
+++ b/ruoyi-ui/src/views/login.vue
@@ -18,7 +18,7 @@
<svg-icon slot="prefix" icon-class="password" class="el-input__icon input-icon" />
</el-input>
</el-form-item>
- <el-form-item prop="code">
+ <el-form-item prop="code" v-if="captchaOnOff">
<el-input
v-model="loginForm.code"
auto-complete="off"
@@ -29,7 +29,7 @@
<svg-icon slot="prefix" icon-class="validCode" class="el-input__icon input-icon" />
</el-input>
<div class="login-code">
- <img :src="codeUrl" @click="getCode" />
+ <img :src="codeUrl" @click="getCode" class="login-code-img"/>
</div>
</el-form-item>
<el-checkbox v-model="loginForm.rememberMe" style="margin:0px 0px 25px 0px;">记住密码</el-checkbox>
@@ -48,7 +48,7 @@
</el-form>
<!-- 底部 -->
<div class="el-login-footer">
- <span>Copyright © 2018-2019 ruoyi.vip All Rights Reserved.</span>
+ <span>Copyright © 2018-2021 ruoyi.vip All Rights Reserved.</span>
</div>
</div>
</template>
@@ -56,6 +56,7 @@
<script>
import { getCodeImg } from "@/api/login";
import Cookies from "js-cookie";
+import { encrypt, decrypt } from '@/utils/jsencrypt'
export default {
name: "Login",
@@ -80,6 +81,7 @@
code: [{ required: true, trigger: "change", message: "验证码不能为空" }]
},
loading: false,
+ captchaOnOff: true,
redirect: undefined
};
},
@@ -98,8 +100,11 @@
methods: {
getCode() {
getCodeImg().then(res => {
- this.codeUrl = "data:image/gif;base64," + res.img;
- this.loginForm.uuid = res.uuid;
+ this.captchaOnOff = res.captchaOnOff === undefined ? true : res.captchaOnOff;
+ if (this.captchaOnOff) {
+ this.codeUrl = "data:image/gif;base64," + res.img;
+ this.loginForm.uuid = res.uuid;
+ }
});
},
getCookie() {
@@ -108,7 +113,7 @@
const rememberMe = Cookies.get('rememberMe')
this.loginForm = {
username: username === undefined ? this.loginForm.username : username,
- password: password === undefined ? this.loginForm.password : password,
+ password: password === undefined ? this.loginForm.password : decrypt(password),
rememberMe: rememberMe === undefined ? false : Boolean(rememberMe)
};
},
@@ -118,23 +123,21 @@
this.loading = true;
if (this.loginForm.rememberMe) {
Cookies.set("username", this.loginForm.username, { expires: 30 });
- Cookies.set("password", this.loginForm.password, { expires: 30 });
+ Cookies.set("password", encrypt(this.loginForm.password), { expires: 30 });
Cookies.set('rememberMe', this.loginForm.rememberMe, { expires: 30 });
} else {
Cookies.remove("username");
Cookies.remove("password");
Cookies.remove('rememberMe');
}
- this.$store
- .dispatch("Login", this.loginForm)
- .then(() => {
- this.loading = false;
- this.$router.push({ path: this.redirect || "/" });
- })
- .catch(() => {
- this.loading = false;
+ this.$store.dispatch("Login", this.loginForm).then(() => {
+ this.$router.push({ path: this.redirect || "/" }).catch(()=>{});
+ }).catch(() => {
+ this.loading = false;
+ if (this.captchaOnOff) {
this.getCode();
- });
+ }
+ });
}
});
}
@@ -148,7 +151,7 @@
justify-content: center;
align-items: center;
height: 100%;
- background-image: url("../assets/image/login-background.jpg");
+ background-image: url("../assets/images/login-background.jpg");
background-size: cover;
}
.title {
@@ -200,4 +203,7 @@
font-size: 12px;
letter-spacing: 1px;
}
+.login-code-img {
+ height: 38px;
+}
</style>
--
Gitblit v1.9.2