From bc11ec0e6b09d1da34abd970a2acf7b461127eca Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期二, 16 九月 2025 15:19:12 +0800
Subject: [PATCH] 修改安全漏洞

---
 management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java b/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
index 1c19d87..33d3b0e 100644
--- a/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
+++ b/management/guns-admin/src/main/java/com/stylefeng/guns/modular/system/controller/system/LoginController.java
@@ -18,6 +18,7 @@
 import com.stylefeng.guns.modular.system.model.User;
 import com.stylefeng.guns.modular.system.service.IMenuService;
 import com.stylefeng.guns.modular.system.service.IUserService;
+import com.stylefeng.guns.modular.system.util.AESUtil;
 import com.stylefeng.guns.modular.system.util.AESUtils;
 import com.stylefeng.guns.modular.system.util.RedisUtil;
 import org.apache.shiro.authc.SimpleAuthenticationInfo;
@@ -121,6 +122,7 @@
      */
     @RequestMapping(value = "/login", method = RequestMethod.POST)
     public String loginVali(String username, String password,String sms_code, String remember, Model model, HttpServletRequest request) {
+        password = AESUtil.decrypt(password);
         Integer f = loginFailures.get(username);
         f = f == null ? 0 : f;
         // 校验账号，密码是否正确，如果错误，对次数进行加1

--
Gitblit v1.7.1