NutzCN Logo
问答 https 迷之跳转到http 求大神解答
发布于 1950天前 作者 Hamming 2310 次浏览 复制 上一个帖子 下一个帖子
标签:

https 迷之跳转到http 求大神解答
login.js


$(function() { validateRule(); $('.imgcode').click(function() { var url = ctx + "captcha/next?w=120&h=60&s=" + Math.random(); $(".imgcode").attr("src", url); }); }); $.validator.setDefaults({ submitHandler: function() { login(); } }); function login() { $.modal.loading($("#btnSubmit").data("loading")); var username = $.common.trim($("input[name='username']").val()); var password = $.common.trim($("input[name='password']").val()); var validateCode = $("input[name='validateCode']").val(); var rememberMe = $("input[name='rememberme']").is(':checked'); $.ajax({ type: "post", url: ctx + "login/login", data: { "username": username, "password": password, "validateCode" : validateCode, "rememberMe": rememberMe }, success: function(r) { if (r.code == 0) { location.href = ctx + 'index'; } else { $.modal.closeLoading(); $('.imgcode').click(); $(".code").val(""); $.modal.msg(r.msg); } } }); } function validateRule() { var icon = "<i class='fa fa-times-circle'></i> "; $("#signupForm").validate({ rules: { username: { required: true }, password: { required: true } }, messages: { username: { required: icon + "请输入您的用户名", }, password: { required: icon + "请输入您的密码", } } }) }
package io.nutz.nutzsite.module.sys.controllers;

import io.nutz.nutzsite.common.base.Globals;
import io.nutz.nutzsite.common.base.Result;
import io.nutz.nutzsite.common.manager.AsyncManager;
import io.nutz.nutzsite.common.manager.factory.AsyncFactory;
import io.nutz.nutzsite.common.utils.ShiroUtils;
import io.nutz.nutzsite.common.utils.Toolkit;
import io.nutz.nutzsite.module.sys.models.User;
import io.nutz.nutzsite.module.sys.services.UserService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.util.ThreadContext;
import org.nutz.ioc.loader.annotation.Inject;
import org.nutz.ioc.loader.annotation.IocBean;
import org.nutz.lang.Lang;
import org.nutz.lang.Strings;
import org.nutz.mvc.Mvcs;
import org.nutz.mvc.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

/**
 * @author haiming
 */
@At("/login")
@IocBean
public class LoginController {

    @Inject
    private UserService userService;
    @Inject
    private AsyncFactory asyncFactory;


    @GET
    @At({"","/loginPage"})
    @Ok("re")
    public String loginPage(HttpServletRequest req) {
        req.setAttribute("base", Globals.AppBase);
        User user = ShiroUtils.getSysUser();
        if (Lang.isNotEmpty(user)) {
            return ">>:/index";
        }
        return "th:/login.html";
    }


    @Ok("json")
    @Fail("http:500")
    @POST
    @At("/login")
    public Result login(@Param("username")String username,
                        @Param("password")String password,
                        @Param("rememberMe")boolean rememberMe,
                        @Param("validateCode")String validateCode,
                        HttpServletRequest req) {
        // session是否有效
        HttpSession session = Mvcs.getHttpSession(false);
        if (session == null) {
            return Result.error("当前回话已过期,请刷新后重试");
        }
        // 比对验证码
        String _captcha = (String) session.getAttribute(Toolkit.captcha_attr);
        if (Strings.isBlank(_captcha) || !Toolkit.checkCaptcha(_captcha,validateCode)) {
            return Result.error("验证码错误");
        }
        try {
            Subject subject = SecurityUtils.getSubject();
            ThreadContext.bind(subject);
            subject.login(new UsernamePasswordToken(username,password,rememberMe));
            User user = (User) subject.getPrincipal();
            AsyncManager.me().execute(asyncFactory.recordLogininfor(user.getLoginName(), true,req,"登录成功"));
            userService.recordLoginInfo(user);
            return Result.success("login.success");
        } catch (LockedAccountException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"账号锁定"));
            return Result.error(3, "login.error.locked");
        } catch (UnknownAccountException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"用户不存在"));
            return Result.error(4, "login.error.user");
        } catch (AuthenticationException e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"密码错误"));
            return Result.error(5, "login.error.user");
        } catch (Exception e) {
            AsyncManager.me().execute(asyncFactory.recordLogininfor(username, false,req,"登录系统异常"));
            return Result.error(6, "login.error.system");
        }
    }

    @At
    @Ok("re")
    public String logout() {
        Subject subject = SecurityUtils.getSubject();
        if (subject.isAuthenticated()) {
            subject.logout();
        }
        return ">>:/login";
    }

    @At
    @Ok("th:/error/unauth.html")
    public void unauth() {

    }

}

为什么它非要跳转 从https 跳转 http
T T

8 回复

nginx 配置


server { listen 443 ssl; listen 80; server_name www.fangbq.com; keepalive_timeout 70; ssl_certificate a.pem; ssl_certificate_key a.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!aNULL:!MD5; location / { proxy_pass http://localhost:8080; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header Host $host; expires 10m; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/html; } # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { # proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { # root html; # fastcgi_pass 127.0.0.1:9000; # fastcgi_index index.php; # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; # include fastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { # deny all; #} }

proxy_rewrite

配置 proxy 80 rewrite 443么

server {
    listen 80;
    server_name XXX.com;
    rewrite ^(.*) https://$server_name$1 permanent;
}

酱紫配置后 又会 神奇的登录不上302错误
地址变成

 http://XXX.com/login;JSESSIONID=rausoibhs0j05o89hnhd9mkj4v

用proxy rewrite啊

设置

  proxy_redirect off;
或
proxy_redirect ~^http://([^:]+)(:\d+)?(.*)$ https://$1$2$3;

可以解决 https转http
但是 我退出登录 又神奇的变成了http

是不是nutz

 return ">>:/login";

重定向 问题

后端并不知道前端是不是https

添加回复
请先登陆
回到顶部