From ec65b1f7ec0e3c973151d4f6bc351ba0ffab2f4a Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期三, 01 四月 2020 14:01:31 +0800
Subject: [PATCH] 登录请求params更换为data,防止暴露url
---
ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java | 69 ++++++++++++++++++++++++++++++++++
ruoyi-ui/src/api/login.js | 2
ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java | 7 ++-
3 files changed, 75 insertions(+), 3 deletions(-)
diff --git a/ruoyi-ui/src/api/login.js b/ruoyi-ui/src/api/login.js
index faa7bbe..9971357 100644
--- a/ruoyi-ui/src/api/login.js
+++ b/ruoyi-ui/src/api/login.js
@@ -11,7 +11,7 @@
return request({
url: '/login',
method: 'post',
- params: data
+ data: data
})
}
diff --git a/ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java b/ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java
new file mode 100644
index 0000000..5986053
--- /dev/null
+++ b/ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java
@@ -0,0 +1,69 @@
+package com.ruoyi.framework.security;
+
+/**
+ * 鐢ㄦ埛鐧诲綍瀵硅薄
+ *
+ * @author ruoyi
+ */
+public class LoginBody
+{
+ /**
+ * 鐢ㄦ埛鍚�
+ */
+ private String username;
+
+ /**
+ * 鐢ㄦ埛瀵嗙爜
+ */
+ private String password;
+
+ /**
+ * 楠岃瘉鐮�
+ */
+ private String code;
+
+ /**
+ * 鍞竴鏍囪瘑
+ */
+ private String uuid = "";
+
+ public String getUsername()
+ {
+ return username;
+ }
+
+ public void setUsername(String username)
+ {
+ this.username = username;
+ }
+
+ public String getPassword()
+ {
+ return password;
+ }
+
+ public void setPassword(String password)
+ {
+ this.password = password;
+ }
+
+ public String getCode()
+ {
+ return code;
+ }
+
+ public void setCode(String code)
+ {
+ this.code = code;
+ }
+
+ public String getUuid()
+ {
+ return uuid;
+ }
+
+ public void setUuid(String uuid)
+ {
+ this.uuid = uuid;
+ }
+}
diff --git a/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java b/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java
index d7bf923..6871d83 100644
--- a/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java
+++ b/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java
@@ -5,9 +5,11 @@
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.framework.security.LoginBody;
import com.ruoyi.framework.security.LoginUser;
import com.ruoyi.framework.security.service.SysLoginService;
import com.ruoyi.framework.security.service.SysPermissionService;
@@ -47,11 +49,12 @@
* @return 缁撴灉
*/
@PostMapping("/login")
- public AjaxResult login(String username, String password, String code, String uuid)
+ public AjaxResult login(@RequestBody LoginBody loginBody)
{
AjaxResult ajax = AjaxResult.success();
// 鐢熸垚浠ょ墝
- String token = loginService.login(username, password, code, uuid);
+ String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
+ loginBody.getUuid());
ajax.put(Constants.TOKEN, token);
return ajax;
}
--
Gitblit v1.9.3