登录请求params更换为data，防止暴露url

5 years ago · ec65b1f7ec
parent 8a394f0363
commit ec65b1f7ec
3 changed files with 75 additions and 3 deletions
--- a/ruoyi-ui/src/api/login.js
+++ b/ruoyi-ui/src/api/login.js
@ -11,7 +11,7 @@ export function login(username, password, code, uuid) {
  return request({
    url: '/login',
    method: 'post',
-    params: data
+    data: data
  })
 }

--- a/ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java
+++ b/ruoyi/src/main/java/com/ruoyi/framework/security/LoginBody.java
@ -0,0 +1,69 @@
+package com.ruoyi.framework.security;
+
+/**
+ * 用户登录对象
+ * 
+ * @author ruoyi
+ */
+public class LoginBody
+{
+    /**
+     * 用户名
+     */
+    private String username;
+
+    /**
+     * 用户密码
+     */
+    private String password;
+
+    /**
+     * 验证码
+     */
+    private String code;
+
+    /**
+     * 唯一标识
+     */
+    private String uuid = "";
+
+    public String getUsername()
+    {
+        return username;
+    }
+
+    public void setUsername(String username)
+    {
+        this.username = username;
+    }
+
+    public String getPassword()
+    {
+        return password;
+    }
+
+    public void setPassword(String password)
+    {
+        this.password = password;
+    }
+
+    public String getCode()
+    {
+        return code;
+    }
+
+    public void setCode(String code)
+    {
+        this.code = code;
+    }
+
+    public String getUuid()
+    {
+        return uuid;
+    }
+
+    public void setUuid(String uuid)
+    {
+        this.uuid = uuid;
+    }
+}
--- a/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java
+++ b/ruoyi/src/main/java/com/ruoyi/project/system/controller/SysLoginController.java
@ -5,9 +5,11 @@ import java.util.Set;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RestController;
 import com.ruoyi.common.constant.Constants;
 import com.ruoyi.common.utils.ServletUtils;
+import com.ruoyi.framework.security.LoginBody;
 import com.ruoyi.framework.security.LoginUser;
 import com.ruoyi.framework.security.service.SysLoginService;
 import com.ruoyi.framework.security.service.SysPermissionService;
@ -47,11 +49,12 @@ public class SysLoginController
     * @return 结果
     */
    @PostMapping("/login")
-    public AjaxResult login(String username, String password, String code, String uuid)
+    public AjaxResult login(@RequestBody LoginBody loginBody)
    {
        AjaxResult ajax = AjaxResult.success();
        // 生成令牌
-        String token = loginService.login(username, password, code, uuid);
+        String token = loginService.login(loginBody.getUsername(), loginBody.getPassword(), loginBody.getCode(),
+                loginBody.getUuid());
        ajax.put(Constants.TOKEN, token);
        return ajax;
    }