安全性问题处理：添加页面访问校验初版代码 --提交人：阳华祥

2025-12-11 19:06:43 +08:00 · 2020-11-14 16:33:54 +08:00
parent 247f403bab
commit b80fec5132
5 changed files with 134 additions and 16 deletions
--- a/src/api/ebiz/common/common.js
+++ b/src/api/ebiz/common/common.js
@@ -80,3 +80,13 @@ export function getAuthCode(data) {
    data
  })
 }
+
+// 获取代理人信息
+export function getCheckModelAgentInfo(data) {
+  return request({
+    // url: getUrl('/agent/agent/info', 0),
+    url: getUrl('/customer/agent/info', 1),
+    method: 'post',
+    data
+  })
+}
--- a/src/views/ebiz/customer/customerList.vue
+++ b/src/views/ebiz/customer/customerList.vue
@@ -86,7 +86,14 @@
    </van-popup>

    <!-- 短信验证 -->
-    <van-dialog v-model="checkModel.show" title="提示" show-cancel-button @confirm="checkModelConfirm" @cancel="checkModelCancel">
+    <van-dialog
+      v-model="checkModel.show"
+      title="提示"
+      show-cancel-button
+      @confirm="checkModelConfirm"
+      @cancel="checkModelCancel"
+      :before-close="checkModelBeforeClose"
+    >
      <p class="p10 fs14">为确保是您本人操作，短信验证码已发送至您手机号{{ checkModel.mobile | encryCheckModelMobile }}，请您输入验证码以完成后续操作。</p>
      <van-cell-group class="flex align-items-c pr5 mb15">
        <van-field maxlength="6" placeholder="请输入短信验证码" v-model="checkModel.authCode" clearable label-width="0" />
@@ -101,7 +108,7 @@
 <script>
 import { Search, Cell, IndexBar, IndexAnchor, Popup, Button, Tag, Dialog, Field } from 'vant'
 import { getCustomersList } from '@/api/ebiz/customer/customer'
-import { checkEnterPower, getAuthCode } from '@/api/ebiz/common/common'
+import { checkEnterPower, getAuthCode, getCheckModelAgentInfo} from '@/api/ebiz/common/common'
 export default {
  name: 'login',
  components: {
@@ -121,7 +128,7 @@ export default {
        show: false,
        authCode: '',
        smsId: '',
-        mobile: localStorage.mobile,
+        mobile: '',
        timeId: null, // 计时器ID
        countDown: 60, // 倒计时
        codeDisabled: false // 获取验证码按钮是否禁用
@@ -198,12 +205,32 @@ export default {
        if (checkModelResult.enterFlag == '0') {
          this.getCustomerList() //客户列表查询
        } else {
-          this.checkModel.show = true
+          this.checkModelFilter()
        }
      } else {
        this.$toast(checkModelResult.resultMessage)
      }
    },
+    checkModelBeforeClose(action, done) {
+      if (action === 'confirm' && !this.checkModel.show) {
+        setTimeout(done, 1000)
+      } else {
+        done(false)
+      }
+    },
+    async checkModelFilter() {
+      const agentInfoRes = await getCheckModelAgentInfo({})
+      if (agentInfoRes.result == 0) {
+        if (/^N{1}/.test(agentInfoRes.branchType)) {
+          this.checkModel.mobile = agentInfoRes.phoneNo
+          this.checkModel.show = true
+        } else {
+          this.getCustomerList() //客户列表查询
+        }
+      } else {
+        this.$toast(agentInfoRes.resultMessage)
+      }
+    },
    async checkModelConfirm() {
      if (!this.checkModel.codeDisabled) {
        this.checkModel.show = true
--- a/src/views/ebiz/manpower/Navigation.vue
+++ b/src/views/ebiz/manpower/Navigation.vue
@@ -5,7 +5,14 @@
      <NavItem v-for="(item, index) of navList" :key="index" :config="item" />
    </van-cell-group>
    <!-- 短信验证 -->
-    <van-dialog v-model="checkModel.show" title="提示" show-cancel-button @confirm="checkModelConfirm" @cancel="checkModelCancel">
+    <van-dialog
+      v-model="checkModel.show"
+      title="提示"
+      show-cancel-button
+      @confirm="checkModelConfirm"
+      @cancel="checkModelCancel"
+      :before-close="checkModelBeforeClose"
+    >
      <p class="p10 fs14">为确保是您本人操作，短信验证码已发送至您手机号{{ checkModel.mobile | encryCheckModelMobile }}，请您输入验证码以完成后续操作。</p>
      <van-cell-group class="flex align-items-c pr5 mb15">
        <van-field maxlength="6" placeholder="请输入短信验证码" v-model="checkModel.authCode" clearable label-width="0" />
@@ -21,7 +28,7 @@
 import UserInfoHeader from '@/components/ebiz/manpower/UserInfoHeader'
 import NavItem from '@/components/ebiz/manpower/NavItem'
 import { CellGroup, Cell, Button, Dialog, Field } from 'vant'
-import { checkEnterPower, getAuthCode } from '@/api/ebiz/common/common'
+import { checkEnterPower, getAuthCode, getCheckModelAgentInfo } from '@/api/ebiz/common/common'
 export default {
  name: 'Navigation',
  components: {
@@ -39,7 +46,7 @@ export default {
        show: false,
        authCode: '',
        smsId: '',
-        mobile: localStorage.mobile,
+        mobile: '',
        timeId: null, // 计时器ID
        countDown: 60, // 倒计时
        codeDisabled: false // 获取验证码按钮是否禁用
@@ -84,12 +91,32 @@ export default {
        if (checkModelResult.enterFlag == '0') {
          this.checkModel.show = false
        } else {
-          this.checkModel.show = true
+          this.checkModelFilter()
        }
      } else {
        this.$toast(checkModelResult.resultMessage)
      }
    },
+    checkModelBeforeClose(action, done) {
+      if (action === 'confirm' && !this.checkModel.show) {
+        setTimeout(done, 1000)
+      } else {
+        done(false)
+      }
+    },
+    async checkModelFilter() {
+      const agentInfoRes = await getCheckModelAgentInfo({})
+      if (agentInfoRes.result == 0) {
+        if (/^N{1}/.test(agentInfoRes.branchType)) {
+          this.checkModel.mobile = agentInfoRes.phoneNo
+          this.checkModel.show = true
+        } else {
+          this.checkModel.show = false
+        }
+      } else {
+        this.$toast(agentInfoRes.resultMessage)
+      }
+    },
    async checkModelConfirm() {
      if (!this.checkModel.codeDisabled) {
        this.checkModel.show = true
--- a/src/views/ebiz/manpower/Training.vue
+++ b/src/views/ebiz/manpower/Training.vue
@@ -6,7 +6,14 @@
    </van-cell-group>

    <!-- 短信验证 -->
-    <van-dialog v-model="checkModel.show" title="提示" show-cancel-button @confirm="checkModelConfirm" @cancel="checkModelCancel">
+    <van-dialog
+      v-model="checkModel.show"
+      title="提示"
+      show-cancel-button
+      @confirm="checkModelConfirm"
+      @cancel="checkModelCancel"
+      :before-close="checkModelBeforeClose"
+    >
      <p class="p10 fs14">为确保是您本人操作，短信验证码已发送至您手机号{{ checkModel.mobile | encryCheckModelMobile }}，请您输入验证码以完成后续操作。</p>
      <van-cell-group class="flex align-items-c pr5 mb15">
        <van-field maxlength="6" placeholder="请输入短信验证码" v-model="checkModel.authCode" clearable label-width="0" />
@@ -24,7 +31,7 @@ import NavItem from '@/components/ebiz/manpower/NavItem'
 import record from '@/assets/images/u73803.png'
 import { CellGroup, Cell, Button, Dialog, Field } from 'vant'
 import { getTokenForUserModel } from '@/api/ebiz/manpower/manpower'
-import { checkEnterPower, getAuthCode } from '@/api/ebiz/common/common'
+import { checkEnterPower, getAuthCode, getCheckModelAgentInfo } from '@/api/ebiz/common/common'

 export default {
  name: 'Navigation',
@@ -43,7 +50,7 @@ export default {
        show: false,
        authCode: '',
        smsId: '',
-        mobile: localStorage.mobile,
+        mobile: '',
        timeId: null, // 计时器ID
        countDown: 60, // 倒计时
        codeDisabled: false // 获取验证码按钮是否禁用
@@ -85,12 +92,32 @@ export default {
        if (checkModelResult.enterFlag == '0') {
          this.getInfo()
        } else {
-          this.checkModel.show = true
+          this.checkModelFilter()
        }
      } else {
        this.$toast(checkModelResult.resultMessage)
      }
    },
+    checkModelBeforeClose(action, done) {
+      if (action === 'confirm' && !this.checkModel.show) {
+        setTimeout(done, 1000)
+      } else {
+        done(false)
+      }
+    },
+    async checkModelFilter() {
+      const agentInfoRes = await getCheckModelAgentInfo({})
+      if (agentInfoRes.result == 0) {
+        if (/^N{1}/.test(agentInfoRes.branchType)) {
+          this.checkModel.mobile = agentInfoRes.phoneNo
+          this.checkModel.show = true
+        } else {
+          this.getInfo()
+        }
+      } else {
+        this.$toast(agentInfoRes.resultMessage)
+      }
+    },
    async checkModelConfirm() {
      if (!this.checkModel.codeDisabled) {
        this.checkModel.show = true
--- a/src/views/ebiz/sale/List.vue
+++ b/src/views/ebiz/sale/List.vue
@@ -144,7 +144,14 @@
    <van-button type="danger" class="bottom-btn" @click="add" v-no-more-click="1000">点我新增</van-button>

    <!-- 短信验证 -->
-    <van-dialog v-model="checkModel.show" title="提示" show-cancel-button @confirm="checkModelConfirm" @cancel="checkModelCancel">
+    <van-dialog
+      v-model="checkModel.show"
+      title="提示"
+      show-cancel-button
+      @confirm="checkModelConfirm"
+      @cancel="checkModelCancel"
+      :before-close="checkModelBeforeClose"
+    >
      <p class="p10 fs14">为确保是您本人操作，短信验证码已发送至您手机号{{ checkModel.mobile | encryCheckModelMobile }}，请您输入验证码以完成后续操作。</p>
      <van-cell-group class="flex align-items-c pr5 mb15">
        <van-field maxlength="6" placeholder="请输入短信验证码" v-model="checkModel.authCode" clearable label-width="0" />
@@ -160,7 +167,7 @@
 import { Search, Tabs, Tab, List, Tag, Sticky, Toast, Dialog, Field } from 'vant'
 import { orderList, deleteOrderInfo, revokeOrder } from '@/api/ebiz/sale/sale'
 import { formatRiskList } from '@/assets/js/utils/formatRiskList.js'
-import { getAuthCode, checkEnterPower } from '@/api/ebiz/common/common'
+import { getAuthCode, checkEnterPower, getCheckModelAgentInfo} from '@/api/ebiz/common/common'
 import dataDictionary from '@/assets/js/utils/data-dictionary' //根据数据字典找到用户等级

 export default {
@@ -181,7 +188,7 @@ export default {
        show: false,
        authCode: '',
        smsId: '',
-        mobile: localStorage.mobile,
+        mobile: '',
        timeId: null, // 计时器ID
        countDown: 60, // 倒计时
        codeDisabled: false // 获取验证码按钮是否禁用
@@ -228,12 +235,32 @@ export default {
        if (checkModelResult.enterFlag == '0') {
          this.loadMore()
        } else {
-          this.checkModel.show = true
+          this.checkModelFilter()
        }
      } else {
        this.$toast(checkModelResult.resultMessage)
      }
    },
+    checkModelBeforeClose(action, done) {
+      if (action === 'confirm' && !this.checkModel.show) {
+        setTimeout(done, 1000)
+      } else {
+        done(false)
+      }
+    },
+    async checkModelFilter() {
+      const agentInfoRes = await getCheckModelAgentInfo({})
+      if (agentInfoRes.result == 0) {
+        if (!/^N{1}/.test(agentInfoRes.branchType)) {
+          this.checkModel.mobile = agentInfoRes.phoneNo
+          this.checkModel.show = true
+        } else {
+          this.loadMore()
+        }
+      } else {
+        this.$toast(agentInfoRes.resultMessage)
+      }
+    },
    async checkModelConfirm() {
      if (!this.checkModel.codeDisabled) {
        this.checkModel.show = true