Nutz
  1. 主页/
  2. 问答
NutzCN Logo
问答 https 迷之跳转到http 求大神解答
发布于 1914天前 作者 Hamming 2248 次浏览 复制 上一个帖子 下一个帖子
标签:

https 迷之跳转到http 求大神解答
login.js


$(function() {
    validateRule();
	$('.imgcode').click(function() {
		var url = ctx + "captcha/next?w=120&h=60&s=" + Math.random();
		$(".imgcode").attr("src", url);
	});
});

$.validator.setDefaults({
    submitHandler: function() {
		login();
    }
});

function login() {
	$.modal.loading($("#btnSubmit").data("loading"));
	var username = $.common.trim($("input[name='username']").val());
    var password = $.common.trim($("input[name='password']").val());
    var validateCode = $("input[name='validateCode']").val();
    var rememberMe = $("input[name='rememberme']").is(':checked');
    $.ajax({
        type: "post",
        url: ctx + "login/login",
        data: {
            "username": username,
            "password": password,
            "validateCode" : validateCode,
            "rememberMe": rememberMe
        },
        success: function(r) {
            if (r.code == 0) {
                location.href = ctx + 'index';
            } else {
            	$.modal.closeLoading();
            	$('.imgcode').click();
            	$(".code").val("");
            	$.modal.msg(r.msg);
            }
        }
    });
}

function validateRule() {
    var icon = "<i class='fa fa-times-circle'></i> ";
    $("#signupForm").validate({
        rules: {
            username: {
                required: true
            },
            password: {
                required: true
            }
        },
        messages: {
            username: {
                required: icon + "请输入您的用户名",
            },
            password: {
                required: icon + "请输入您的密码",
            }
        }
    })
}


package io.nutz.nutzsite.module.sys.controllers;

import io.nutz.nutzsite.common.base.Globals;
import io.nutz.nutzsite.common.base.Result;
import io.nutz.nutzsite.common.manager.AsyncManager;
import io.nutz.nutzsite.common.manager.factory.AsyncFactory;
import io.nutz.nutzsite.common.utils.ShiroUtils;
import io.nutz.nutzsite.common.utils.Toolkit;
import io.nutz.nutzsite.module.sys.models.User;
import io.nutz.nutzsite.module.sys.services.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.nutz.ioc.loader.annotation.Inject;
import org.nutz.ioc.loader.annotation.IocBean;
import org.nutz.lang.Lang;
import org.nutz.lang.Strings;
import org.nutz.mvc.Mvcs;
import org.nutz.mvc.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * @author haiming
 */
@At("/login")
@IocBean
public class LoginController {

    @Inject
    private UserService userService;
    @Inject
    private AsyncFactory asyncFactory;


    @GET
    @At({"","/loginPage"})
    @Ok("re")
    public String loginPage(HttpServletRequest req) {
        req.setAttribute("base", Globals.AppBase);
        User user = ShiroUtils.getSysUser();
        if (Lang.isNotEmpty(user)) {
            return ">>:/index";
        }
        return "th:/login.html";
    }


    @Ok("json")
    @Fail("http:500")
    @POST
    @At("/login")
    public Result login(@Param("username")String username,
                        @Param("password")String password,
                        @Param("rememberMe")boolean rememberMe,
                        @Param("validateCode")String validateCode,
                        HttpServletRequest req) {
        // session是否有效
        HttpSession session = Mvcs.getHttpSession(false);
        if (session == null) {
            return Result.error("当前回话已过期,请刷新后重试");
        }
        // 比对验证码
        String _captcha = (String) session.getAttribute(Toolkit.captcha_attr);
        if (Strings.isBlank(_captcha) || !Toolkit.checkCaptcha(_captcha,validateCode)) {
            return Result.error("验证码错误");
        }
        try {
            Subject subject = SecurityUtils.getSubject();
            ThreadContext.bind(subject);
            subject.login(new UsernamePasswordToken(username,password,rememberMe));
            User user = (User) subject.getPrincipal();
            AsyncManager.me().execute(asyncFactory.recordLogininfor(user.getLoginName(), true,req,"登录成功"));
            userService.recordLoginInfo(user);
            return Result.success("login.success");
        } catch (LockedAccountException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"账号锁定"));
            return Result.error(3, "login.error.locked");
        } catch (UnknownAccountException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"用户不存在"));
            return Result.error(4, "login.error.user");
        } catch (AuthenticationException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"密码错误"));
            return Result.error(5, "login.error.user");
        } catch (Exception e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"登录系统异常"));
            return Result.error(6, "login.error.system");
        }
    }

    @At
    @Ok("re")
    public String logout() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            subject.logout();
        }
        return ">>:/login";
    }

    @At
    @Ok("th:/error/unauth.html")
    public void unauth() {

    }

}

为什么它非要跳转 从https 跳转 http
T T

8 回复

nginx 配置


server {
    listen              443 ssl;
    listen       80;
    server_name         www.fangbq.com;
    keepalive_timeout   70;

    ssl_certificate     a.pem;
    ssl_certificate_key a.key;
    ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         HIGH:!aNULL:!MD5;

    location / {
    	proxy_pass http://localhost:8080;
    	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    	proxy_set_header X-Forwarded-Proto https;
	proxy_set_header Host $host;
    	expires 10m;
    }
    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
    error_page   500 502 503 504  /50x.html;
    location = /50x.html {
        root   /usr/share/nginx/html;
    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    #location ~ \.php$ {
    #    root           html;
    #    fastcgi_pass   127.0.0.1:9000;
    #    fastcgi_index  index.php;
    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
    #    include        fastcgi_params;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    #    deny  all;
    #}
}

proxy_rewrite

配置 proxy 80 rewrite 443么

server {
    listen 80;
    server_name XXX.com;
    rewrite ^(.*) https://$server_name$1 permanent;
}

酱紫配置后 又会 神奇的登录不上302错误
地址变成

 http://XXX.com/login;JSESSIONID=rausoibhs0j05o89hnhd9mkj4v

用proxy rewrite啊

说错了。。。。

http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_redirect

设置

  proxy_redirect off;
或
proxy_redirect ~^http://([^:]+)(:\d+)?(.*)$ https://$1$2$3;

可以解决 https转http
但是 我退出登录 又神奇的变成了http

是不是nutz

 return ">>:/login";

重定向 问题

后端并不知道前端是不是https

添加回复
请先登陆
回到顶部