密码加密放在后台进行

bookshelfplus-frontend/routes/index.js

@@ -38,6 +38,12 @@ router.get('/login', function (req, res) {
     });
 });
 
+router.get('/register', function (req, res) {
+    res.render('register', {
+        title: "用户注册"
+    });
+});
+
 router.get('/admin/index', function (req, res) { // '/admin(/index)?'
     res.render('admin/index', {
         title: "后台管理"

bookshelfplus-frontend/views/login.html

@@ -48,11 +48,9 @@
             var username = $("#username").val();
             var password = $("#password").val();
             // var encryptpwd = hex_sha1(password);
-            var encryptpwd = hex_md5(password);
+            // var encryptpwd = hex_md5(password);
 
-            console.log(password, encryptpwd);
+            postRequest("/user/login", { username: username, password: password })
-
-            postRequest("/user/login", { username: username, encryptpwd: encryptpwd })
                 .then(function (response) {
                     var axiosData = response.data;
                     var status = axiosData.status;

bookshelfplus-frontend/views/register.html

@@ -0,0 +1,82 @@
+<!DOCTYPE html>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+    <%- include("./component/header.html"); %>
+    <style>
+        .main {
+            width: 80vw !important;
+            max-width: initial !important;
+        }
+
+        #bookImage {
+            /* width: 100%; */
+            height: auto;
+            max-height: 300px;
+            margin-bottom: 20px;
+        }
+    </style>
+</head>
+<body>
+    <%- include("./component/navbar.html"); %>
+    <main class="main">
+        <h1><%= title %></h1>
+        <div id="container">
+            <div>
+                <!-- 用户登录 输入用户名和密码的文本框 -->
+                <div class="form">
+                    <div class="form-group">
+                        <label for="username">用户名</label>
+                        <input type="text" id="username" placeholder="用户名">
+                    </div>
+                    <div class="form-group">
+                        <label for="password">密码</label>
+                        <input type="password" id="password" placeholder="密码">
+                    </div>
+                    <button class="btn-submit">登录</button>
+                </div>
+            </div>
+        </div>
+    </main>
+    <%- include("./component/footer.html"); %>
+
+    <script src="./assets/lib/cryptography/2.2/md5-min.js"></script>
+    <!-- <script src="./assets/lib/cryptography/2.2/sha1-min.js"></script> -->
+    <script>
+        $("#username").val("xiaomo");
+        $("#password").val("123456");
+        $(".btn-submit").click(function() {
+            var username = $("#username").val();
+            var password = $("#password").val();
+            // var encryptpwd = hex_sha1(password);
+            var encryptpwd = hex_md5(password);
+
+            console.log(password, encryptpwd);
+
+            postRequest("/user/login", { username: username, encryptpwd: encryptpwd })
+                .then(function (response) {
+                    var axiosData = response.data;
+                    var status = axiosData.status;
+                    var data = axiosData.data;
+
+                    if (status === "success") {
+                        console.log(data);
+                        if(data) {
+                            alert("登录成功");
+                            if(data.group === "ADMIN") {
+                                window.location.href = "/admin/index";
+                            } else {
+                                window.location.href = "/user/index";
+                            }
+                        } else {
+                            alert("用户名或密码错误");
+                        }
+                    } else {
+                        alert(`出错啦！${data.errMsg} (错误码: ${data.errCode}) `);
+                    }
+                }).catch(function (error) {
+                    console.log(error);
+                });
+        });
+    </script>
+</body>
+</html>

bookshelfplus/src/main/java/plus/bookshelf/Controller/Controller/UserController.java

@@ -2,6 +2,7 @@ package plus.bookshelf.Controller.Controller;
 
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;
+import org.apache.commons.codec.digest.DigestUtils;
 import org.springframework.beans.BeanUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
@@ -11,7 +12,6 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import plus.bookshelf.Common.Response.CommonReturnType;
 import plus.bookshelf.Common.SessionManager.LocalSessionManager;
-import plus.bookshelf.Common.SessionManager.SessionManager;
 import plus.bookshelf.Controller.VO.UserVO;
 import plus.bookshelf.Service.Impl.UserServiceImpl;
 import plus.bookshelf.Service.Model.UserModel;
@@ -24,14 +24,15 @@ public class UserController extends BaseController {
     @Autowired
     UserServiceImpl userService;
 
-    @ApiOperation(value = "用户登录", notes = "传入用户名，以及密码的MD5值，进行登录")
+    @ApiOperation(value = "用户登录", notes = "传入用户名，以及密码明文，后台计算密码SHA1值，进行登录")
     @RequestMapping(value = "login", method = {RequestMethod.POST}, consumes = {CONTENT_TYPE_FORMED})
     @ResponseBody
     public CommonReturnType login(@RequestParam(value = "username") String username,
-                                  @RequestParam(value = "encryptpwd") String encryptPwd) {
+                                  @RequestParam(value = "password") String password) {
-        if (username == null || encryptPwd == null) {
+        if (username == null || password == null) {
             return null;
         }
+        String encryptPwd = DigestUtils.sha1Hex(password);
 
         UserModel userModel = userService.userLogin(username, encryptPwd);
         UserVO userVO = convertFromService(userModel);
@@ -42,14 +43,16 @@ public class UserController extends BaseController {
         return CommonReturnType.create(userVO);
     }
 
-    // @ApiOperation(value = "用户注册", notes = "传入用户名，以及密码的MD5值，进行注册")
+    // @ApiOperation(value = "用户注册", notes = "传入用户名，以及密码明文，后台计算密码SHA1值，进行注册")
     // @RequestMapping(value = "register", method = {RequestMethod.POST}, consumes = {CONTENT_TYPE_FORMED})
     // @ResponseBody
     // public CommonReturnType register(@RequestParam(value = "username") String username,
-    //                                  @RequestParam(value = "encryptpwd") String encryptPwd) {
+    //                                  @RequestParam(value = "password") String password) {
-    //     if (username == null || encryptPwd == null) {
+    //     if (username == null || password == null) {
     //         return null;
     //     }
+    //     String encryptPwd = DigestUtils.sha1Hex(password);
+    //
     //     UserModel userModel = userService.userRegister(username, encryptPwd);
     //     UserVO userVO = convertFromService(userModel);
     //     return CommonReturnType.create(userVO);