hz/ebiz-h5
1
0
Fork 0
mirror of http://112.124.100.131/GFRS/ebiz-h5.git synced 2025-12-12 18:26:43 +08:00
Code Issues Packages Projects Releases Wiki Activity

安全性问题处理:添加页面访问校验初版代码 --提交人:阳华祥

Browse Source
This commit is contained in:
yang.huaxiang
2020-11-13 17:42:33 +08:00
parent 7043904b6c
commit 15f831700c
2 changed files with 105 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
src/api/ebiz/common/common.js
View File

@@ -62,3 +62,21 @@ export function wxShare(data) {
data
})
}
//验证代理人访问
export function checkEnterPower(data) {
return request({
url: getUrl('/customer/agent/checkEnterPower', 1),
method: 'post',
data
})
}
// 获取验证码
export function getAuthCode(data) {
return request({
url: getUrl('/customer/authcode/loginedSend', 1),
method: 'post',
data
})
}

88
src/views/ebiz/sale/List.vue
View File

@@ -142,6 +142,17 @@
</van-list>
<van-button type="danger" class="bottom-btn" @click="add" v-no-more-click="1000">点我新增</van-button>
<!-- 短信验证 -->
<van-dialog v-model="checkModel.show" title="提示" show-cancel-button @confirm="checkModelConfirm" @cancel="checkModelCancel">
<p class="p10 fs14">为确保是您本人操作短信验证码已发送至您手机号{{ checkModel.mobile }}请您输入验证码以完成后续操作</p>
<van-cell-group class="flex align-items-c pr5 mb15">
<van-field maxlength="6" placeholder="请输入短信验证码" v-model="checkModel.authCode" clearable label-width="0" />
<van-button type="danger" plain size="small" class="w160 p0" @click="checkModelGetCode" :disabled="checkModel.codeDisabled" v-no-more-click="2000">{{
checkModel.codeDisabled ? `${checkModel.countDown}s后重新获取` : '获取验证码'
}}</van-button>
</van-cell-group>
</van-dialog>
</div>
</template>
@@ -149,6 +160,7 @@
import { Search, Tabs, Tab, List, Tag, Sticky, Toast, Dialog } from 'vant'
import { orderList, deleteOrderInfo, revokeOrder } from '@/api/ebiz/sale/sale'
import { formatRiskList } from '@/assets/js/utils/formatRiskList.js'
import { getAuthCode, checkEnterPower } from '@/api/ebiz/common/common'
import dataDictionary from '@/assets/js/utils/data-dictionary' //根据数据字典找到用户等级
export default {
@@ -164,6 +176,15 @@ export default {
},
data() {
return {
checkModel: {
show: false,
authCode: '',
smsId: '',
mobile: localStorage.mobile,
timeId: null, // 计时器ID
countDown: 60, // 倒计时
codeDisabled: true // 获取验证码按钮是否禁用
},
searchName: '',
active: 'uncommit', //uncommit 表示未提交 commit表示已提交
saleList: [],
@@ -192,9 +213,74 @@ export default {
})
}, 100)
window.appCallBack = this.appCallBack
this.loadMore()
},
methods: {
async checkModelEnterValidate() {
let checkModelResult = await checkEnterPower({ operateType: 'isEnter' })
if (checkModelResult.result == 0) {
if (checkModelResult.enterFlag == '0') {
this.loadMore()
} else {
this.checkModel.show = true
}
} else {
this.$toast(checkModelResult.resultMessage)
}
},
async checkModelConfirm() {
if (!this.checkModel.codeDisabled) {
return this.$toast('请先获取验证码')
}
if (!this.checkModel.authCode || this.logoutDTO.authCode == '') {
return this.$toast('请输入短信验证码')
}
if (this.checkModel.authCode.length !== 6) {
return this.$toast('验证码格式错误')
}
let that = this
let checkModelResult = await checkEnterPower({ operateType: 'validateSms', smsId: that.checkModel.smsId, code: that.checkModel.authCode })
if (checkModelResult.result == 0) {
that.loadMore()
} else {
this.codeDisabled = false
window.clearInterval(this.timeId)
this.$toast(checkModelResult.resultMessage)
}
},
checkModelCancel() {
// 跳转首页
this.$jump({
flag: 'home'
})
},
checkModelGetCode() {
let data = {
operateType: 'agentValidateEnter',
type: 'H5',
operateCode: this.checkModel.mobile,
system: 'agentApp',
operateCodeType: '0'
}
//获取验证码
getAuthCode(data).then(res => {
this.codeDisabled = true
if (res.result == 0) {
this.checkModel.smsId = res.sessionId
this.checkModel.smsCode = null
//倒计时
this.timeId = setInterval(() => {
this.countDown--
if (this.countDown <= 0) {
window.clearInterval(this.timeId)
this.codeDisabled = false
this.countDown = 60
}
}, 1000)
} else {
this.$toast(res.resultMessage)
}
})
},
appCallBack(data) {
if (data.trigger == 'left_button_click') {
this.$jump({