登录页尝试使用csrf校验

This commit is contained in:
GoEdgeLab
2020-10-25 11:22:11 +08:00
parent 5345888280
commit 08af418665
11 changed files with 236 additions and 1 deletions

View File

@@ -0,0 +1,27 @@
Vue.component("csrf-token", {
created: function () {
this.refreshToken()
},
mounted: function () {
let that = this
this.$refs.token.form.addEventListener("submit", function () {
that.refreshToken()
})
},
data: function () {
return {
token: ""
}
},
methods: {
refreshToken: function () {
let that = this
Tea.action("/csrf/token")
.get()
.success(function (resp) {
that.token = resp.data.token
})
}
},
template: `<input type="hidden" name="csrfToken" :value="token" ref="token"/>`
})

View File

@@ -10,6 +10,7 @@
<script type="text/javascript" src="/js/md5.min.js"></script>
<script type="text/javascript" src="/js/utils.js"></script>
<script type="text/javascript" src="/js/sweetalert2/dist/sweetalert2.all.min.js"></script>
<script type="text/javascript" src="/ui/components.js?v=1.0.0"></script>
</head>
<body>
<div>
@@ -17,6 +18,7 @@
<div class="form-box">
<form class="ui form" data-tea-action="$" data-tea-before="submitBefore" data-tea-done="submitDone" data-tea-success="submitSuccess" autocomplete="off">
<csrf-token></csrf-token>
<input type="hidden" name="password" v-model="passwordMd5"/>
<input type="hidden" name="token" v-model="token"/>
<div class="ui segment stacked">