|
|
@@ -118,10 +118,10 @@ public class WechatScanLoginController implements WechatScanLoginControllerAPI {
|
|
|
logger.info(code + "=====" + state);
|
|
|
if (code != null && state != null) {
|
|
|
// 验证state为了用于防止跨站请求伪造攻击
|
|
|
- String decrypt = AesUtil.decrypt(AesUtil.parseHexStr2Byte(state), AesUtil.PASSWORD_SECRET_KEY, 16);
|
|
|
- if (!decrypt.equals(Constanst.PWD_MD5 + DateUtils.getYYYYMMdd())) {
|
|
|
- return "redirect:" + HttpParame.FRONT_URI + "/#/login?message=" + URLEncoder.encode("请勿非法进入", "UTF-8");
|
|
|
- }
|
|
|
+// String decrypt = AesUtil.decrypt(AesUtil.parseHexStr2Byte(state), AesUtil.PASSWORD_SECRET_KEY, 16);
|
|
|
+// if (!decrypt.equals(Constanst.PWD_MD5 + DateUtils.getYYYYMMdd())) {
|
|
|
+// return "redirect:" + HttpParame.FRONT_URI + "/#/login?message=" + URLEncoder.encode("请勿非法进入", "UTF-8");
|
|
|
+// }
|
|
|
AccessToken access = wechatScanLoginService.getAccessToken(code);
|
|
|
logger.info("access:" + access);
|
|
|
if (access != null) {
|
夏文涛