登录页尝试使用csrf校验
This commit is contained in:
27
web/public/js/components/common/csrf-token.js
Normal file
27
web/public/js/components/common/csrf-token.js
Normal file
@@ -0,0 +1,27 @@
|
||||
Vue.component("csrf-token", {
|
||||
created: function () {
|
||||
this.refreshToken()
|
||||
},
|
||||
mounted: function () {
|
||||
let that = this
|
||||
this.$refs.token.form.addEventListener("submit", function () {
|
||||
that.refreshToken()
|
||||
})
|
||||
},
|
||||
data: function () {
|
||||
return {
|
||||
token: ""
|
||||
}
|
||||
},
|
||||
methods: {
|
||||
refreshToken: function () {
|
||||
let that = this
|
||||
Tea.action("/csrf/token")
|
||||
.get()
|
||||
.success(function (resp) {
|
||||
that.token = resp.data.token
|
||||
})
|
||||
}
|
||||
},
|
||||
template: `<input type="hidden" name="csrfToken" :value="token" ref="token"/>`
|
||||
})
|
||||
@@ -10,6 +10,7 @@
|
||||
<script type="text/javascript" src="/js/md5.min.js"></script>
|
||||
<script type="text/javascript" src="/js/utils.js"></script>
|
||||
<script type="text/javascript" src="/js/sweetalert2/dist/sweetalert2.all.min.js"></script>
|
||||
<script type="text/javascript" src="/ui/components.js?v=1.0.0"></script>
|
||||
</head>
|
||||
<body>
|
||||
<div>
|
||||
@@ -17,6 +18,7 @@
|
||||
|
||||
<div class="form-box">
|
||||
<form class="ui form" data-tea-action="$" data-tea-before="submitBefore" data-tea-done="submitDone" data-tea-success="submitSuccess" autocomplete="off">
|
||||
<csrf-token></csrf-token>
|
||||
<input type="hidden" name="password" v-model="passwordMd5"/>
|
||||
<input type="hidden" name="token" v-model="token"/>
|
||||
<div class="ui segment stacked">
|
||||
|
||||
Reference in New Issue
Block a user