Mirrors
/
CoreShop
mirror of https://gitee.com/CoreUnion/CoreShop.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

【优化】修改launchSettings.json本地调试端口号,防止接口端和后端同时启动应用程序模式下端口号冲突。

Browse Source 
【优化】移除后台登录默认记录账号密码功能。
【修复】修复前端提交数据可能存在风险的校验。
pull/218/head
jianweie code 1 year ago
parent 4898aaadef
commit 5fae0aaa04
4 changed files with 25 additions and 21 deletions
Show Stats Download Patch File Download Diff File

2
CoreCms.Net.Auth/AuthorizationSetup.cs
Unescape Escape View File

@ -41,7 +41,7 @@ namespace CoreCms.Net.Auth
#region 参数
//读取配置文件
var symmetricKeyAsBase64 = AppSettingsConstVars.JwtConfigSecretKey;
var symmetricKeyAsBase64 = AppSettingsHelper.GetMachineRandomKey(AppSettingsConstVars.JwtConfigSecretKey);
var keyByteArray = Encoding.ASCII.GetBytes(symmetricKeyAsBase64);
var signingKey = new SymmetricSecurityKey(keyByteArray);
var issuer = AppSettingsConstVars.JwtConfigIssuer;

7
CoreCms.Net.Services/Bill/CoreCmsBillPaymentsServices.cs
Unescape Escape View File

@ -454,6 +454,13 @@ namespace CoreCms.Net.Services
}
var billPayments = result.data as CoreCmsBillPayments;
if (billPayments.money < 0)
{
jm.msg = "支付金额异常!";
return jm;
}
//根据支付方式返回支付配置
//微信支付
if (paymentCode == GlobalEnumVars.PaymentsTypes.wechatpay.ToString())

21
CoreCms.Net.Services/Cart/CoreCmsCartServices.cs
Unescape Escape View File

@ -102,7 +102,11 @@ namespace CoreCms.Net.Services
public async Task<WebApiCallBack> SetCartNum(int id, int nums, int userId, int numType, int type = 1)
{
var jm = new WebApiCallBack();
if (nums <= 0)
{
jm.msg = "商品数量必须为正整数";
return jm;
}
if (userId == 0)
{
jm.msg = "用户信息获取失败";
@ -180,12 +184,12 @@ namespace CoreCms.Net.Services
var goodsServices = container.ServiceProvider.GetService<ICoreCmsGoodsServices>();
//获取数据
if (nums == 0)
if (nums <= 0)
{
jm.msg = "请选择货品数量";
return jm;
}
if (productId == 0)
if (productId <= 0)
{
jm.msg = "请选择货品";
return jm;
@ -421,6 +425,9 @@ namespace CoreCms.Net.Services
{
var jm = new WebApiCallBack() { methodDescription = "获取购物车原始列表(未核算)" };
//强制过滤一遍,防止出现可以造假数据
await _dal.DeleteAsync(p => p.userId == userId && p.nums <= 0);
using var container = _serviceProvider.CreateScope();
var productsService = container.ServiceProvider.GetService<ICoreCmsProductsServices>();
var goodsServices = container.ServiceProvider.GetService<ICoreCmsGoodsServices>();
@ -446,6 +453,12 @@ namespace CoreCms.Net.Services
await _dal.DeleteAsync(item);
continue;
}
//商品金额设置为0就从购物车里面删除
if (productInfo.price <= 0)
{
await _dal.DeleteAsync(item);
continue;
}
//获取重量
var goodsWeight = await goodsServices.GetWeight(item.productId);
@ -700,7 +713,7 @@ namespace CoreCms.Net.Services
public async Task<WebApiCallBack> CartPoint(CartDto cartDto, int userId, int point)
{
var jm = new WebApiCallBack() { status = true };
if (point != 0)
if (point > 0)
{
var getUserPointDto = await _userServices.GetUserPoint(userId, 0);
if (getUserPointDto.point < point)

16
CoreCms.Net.Web.Admin/wwwroot/views/user/login.html
Unescape Escape View File

@ -43,11 +43,6 @@
<input type="password" name="password" id="LAY-user-login-password" lay-verType="tips" lay-verify="required" placeholder="密码" class="form-control">
</div>
</div>
<div class="col-sm-12 mb-2">
<div class="form-group">
<input type="checkbox" name="saveLoginInfo" lay-skin="primary" checked="checked"><small>保存登录信息</small>
</div>
</div>
<div class="col-sm-12 mb-2">
<button type="button" class="btn btn-info w-100" lay-submit lay-filter="LAY-user-login-submit" id="loginSubmit">登录</button>
</div>
@ -118,17 +113,6 @@
var field = obj.field; //获取提交的字段
console.log("saveLoginInfo:" + field.saveLoginInfo);
if (field.saveLoginInfo == 'on') {
console.log("保存缓存");
coreHelper.setCookie("username", field.username);
coreHelper.setCookie("password", field.password);
} else {
console.log("清空缓存");
coreHelper.delCookie("username");
coreHelper.delCookie("password");
}
coreHelper.Post("api/login/getJwtToken", field, function (res) {
if (res.code === 0) {
//jwttoekn处理

Write Preview
Loading…
Cancel
Save