huanghai
/
QingLongSso
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

'commit'

Browse Source
main
黄海 7 months ago
parent 49ae955cd2
commit 381255a449
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File

11
src/main/java/com/dsideal/sso/Controller/WebLoginController.java
Unescape View File

@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import com.dsideal.sso.Interceptor.EmptyInterface; import com.dsideal.sso.Interceptor.EmptyInterface;
import com.dsideal.sso.Model.LoginModel;
import com.dsideal.sso.Util.AesUtil; import com.dsideal.sso.Util.AesUtil;
import com.dsideal.sso.Util.CaptchaUtil; import com.dsideal.sso.Util.CaptchaUtil;
import com.dsideal.sso.Util.CommonUtil; import com.dsideal.sso.Util.CommonUtil;
@ -26,6 +27,8 @@ import com.jfinal.kit.PropKit;
@ApiDoc @ApiDoc
public class WebLoginController extends Controller { public class WebLoginController extends Controller {
LoginModel lm = new LoginModel();
/** /**
* *
*/ */
@ -46,6 +49,14 @@ public class WebLoginController extends Controller {
redirect301(redirect_url + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString()); redirect301(redirect_url + "&" + PropKit.get("sso.sessionid") + "=" + loginMap.get("session_id").toString());
} }
} else { } else {
//检查重定向地址是不是有效
if (lm.getSystemByRedirectUrl(redirect_url) == null) {
JSONObject resultJson = new JSONObject();
resultJson.put("success", false);
resultJson.put("msg", "输入的回调地址并不在允许接入的业务系统范围内,请先联系管理员添加到接入系统中再试!");
renderJson(resultJson);
return;
}
redirect_url = CommonUtil.handleRedirectUrlParas(redirect_url); redirect_url = CommonUtil.handleRedirectUrlParas(redirect_url);
redirect("/html/login.html?redirect_url=" + redirect_url); redirect("/html/login.html?redirect_url=" + redirect_url);
} }

14
src/main/java/com/dsideal/sso/Model/LoginModel.java
Unescape View File

@ -20,8 +20,8 @@ public class LoginModel {
* @param userName * @param userName
* @return * @return
*/ */
public Map<String,String> getLoginInfoByUserName(String userName) { public Map<String, String> getLoginInfoByUserName(String userName) {
Map<String,String> loginMap = new HashMap<>(); Map<String, String> loginMap = new HashMap<>();
String sql = Db.getSql("login.getLoginInfoByUserName"); String sql = Db.getSql("login.getLoginInfoByUserName");
Record record = Db.findFirst(sql, userName); Record record = Db.findFirst(sql, userName);
loginMap.put("person_id", record.get("person_id").toString()); loginMap.put("person_id", record.get("person_id").toString());
@ -47,4 +47,14 @@ public class LoginModel {
return record.getStr("global_value"); return record.getStr("global_value");
} }
/**
*
*
* @param redirect_url
* @return
*/
public Record getSystemByRedirectUrl(String redirect_url) {
String sql = "select * from t_datashare_system where redirect_url=?";
return Db.findFirst(sql, redirect_url);
}
} }

Write Preview
Loading…
Cancel
Save