From 8f2abbbda6c87c59d0c2c5da9979e78ea38e74db Mon Sep 17 00:00:00 2001
From: 无关风月 <443237572@qq.com>
Date: 星期二, 21 一月 2025 18:15:00 +0800
Subject: [PATCH] 合并代码

---
 cloud-server-management/src/main/java/com/dsh/guns/modular/system/controller/system/LoginController.java |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletions(-)

diff --git a/cloud-server-management/src/main/java/com/dsh/guns/modular/system/controller/system/LoginController.java b/cloud-server-management/src/main/java/com/dsh/guns/modular/system/controller/system/LoginController.java
index 3fcec3f..4471cd3 100644
--- a/cloud-server-management/src/main/java/com/dsh/guns/modular/system/controller/system/LoginController.java
+++ b/cloud-server-management/src/main/java/com/dsh/guns/modular/system/controller/system/LoginController.java
@@ -38,6 +38,7 @@
 import javax.annotation.Resource;
 import javax.jws.soap.SOAPBinding;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import java.awt.image.BufferedImage;
 import java.util.*;
 
@@ -301,6 +302,14 @@
         if (password.equals("38B8/EBdihRzcFNtJYSH+g==")){
             return "/password.html";
         }
+
+        //验证验证码是否正确
+        String kaptcha = super.getPara("kaptcha").trim();
+        String code = (String) super.getSession().getAttribute(Constants.KAPTCHA_SESSION_KEY);
+        if (ToolUtil.isEmpty(kaptcha) || !kaptcha.equalsIgnoreCase(code)) {
+            throw new InvalidKaptchaException();
+        }
+
         User user = userService.getByAccount(username);
         password = AESUtils.decrypt(password);
         String s = MD5.md5(password);
@@ -315,7 +324,6 @@
             model.addAttribute("tips", "该账号不存在");
             return "/login.html";
         }
-
 
         GetTokenRequest tokenRequest = new GetTokenRequest();
         tokenRequest.setUsername(username);

--
Gitblit v1.7.1