Skip to content

J
jiedao-app-customer-new-master
Commit 909494b6 authored by honghy's avatar honghy Committed by wux
Browse files
Options

bug233 短信注册受到攻击问题处理

parent 0aee3506
Expand all Hide whitespace changes
Inline Side-by-side
Showing with 5417 additions and 1 deletion
src/pages/register/register.vue
View file @ 909494b6
...@@ -130,6 +130,8 @@ ...@@ -130,6 +130,8 @@
<script> <script>
import userAgreement from "../../components/userAgreement/index.vue"; import userAgreement from "../../components/userAgreement/index.vue";
import { encrypt } from '@/utils/jsencrypt'
export default { export default {
components: { components: {
userAgreement, userAgreement,
...@@ -204,6 +206,7 @@ export default { ...@@ -204,6 +206,7 @@ export default {
if (this.leftTime < 60) { if (this.leftTime < 60) {
return false; return false;
} }
var data = { var data = {
mobile: this.mobile, mobile: this.mobile,
nodeValue: 'user-sms-reg', nodeValue: 'user-sms-reg',
...@@ -214,7 +217,28 @@ export default { ...@@ -214,7 +217,28 @@ export default {
isOrders: 0, isOrders: 0,
messageType: this.smsData[e.detail.value] messageType: this.smsData[e.detail.value]
} }
var i = Math.floor(Math.random() * (3 - 1 + 1)) + 1
const specialChars = ['!', '@', '#', '$', '%', '^', '&', '*'];
var date = Date.now();
// 生成随机索引
const randomIndex = Math.floor(date % specialChars.length);
// 选择特殊字符
const specialChar = specialChars[randomIndex];
var p1 = ''
/*
1:手机号+节点+秘钥
2:手机号+国家号+秘钥
3:手机号+国家号+节点+秘钥
*/
if(i==1) {
p1 = data.mobile + data.nodeValue + 'gzjd8888' + specialChar
} else if (i==2) {
p1 = data.mobile + data.areaCode + 'gzjd8888' + specialChar
} else if (i==3) {
p1 = data.mobile + data.areaCode + data.nodeValue + 'gzjd8888' + specialChar
}
data['p1'] = encrypt(p1)
data['p2'] = [i,date]
this.$request this.$request
.get("/app-api/param/validator/mobile", data) .get("/app-api/param/validator/mobile", data)
.then((res) => { .then((res) => {
......
src/utils/jsencrypt-min.js 0 → 100644
View file @ 909494b6
This diff is collapsed.
src/utils/jsencrypt.js 0 → 100644
View file @ 909494b6
import JSEncrypt from '@/utils/jsencrypt-min'
// 密钥对生成 http://web.chacuo.net/netrsakeypair
const publicKey = 'MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOE4LpDcF8WderHctum1zJQiy2TM+D5VWBEIxn9kvz9GL5A6ki8cWk0xacvN2Ros4pmHm573y7TJi8xv/YHplbsCAwEAAQ=='
const privateKey = 'MIIBVQIBADANBgkqhkiG9w0BAQEFAASCAT8wggE7AgEAAkEA4TgukNwXxZ16sdy26bXMlCLLZMz4PlVYEQjGf2S/P0YvkDqSLxxaTTFpy83ZGizimYebnvfLtMmLzG/9gemVuwIDAQABAkA7X3E/NRZ7PTnEO9hookmtX8LY7wQegqc1zmdt3CRizGJRB7/9LzDqvnOIvqqm+EoiZLjUUNKVkOom0FI2u32hAiEA8UtmegwiMaqmE4xrjqocLRAR0aVWV7i4fSTcSvLVCcsCIQDu8fvGY9wfVKEGgyfcJHuORowDAbYYXOulxC6sEW7l0QIgE1J2Yk+WbWO86NPVyRbWKsWep6sVvvCL1XmeKmJHrQECIQDGAEmVbTyDzdodjmNiXezwye7NswZVC/LNi1LtjQircQIhAIpF1rvPvxXkE7KvWTePrCWeU/+c6e1ylG7sPYumc1cx'
// 加密
export function encrypt(txt) {
const encryptor = new JSEncrypt()
encryptor.setPublicKey(publicKey) // 设置公钥
return encryptor.encrypt(txt) // 对数据进行加密
}
// 解密
export function decrypt(txt) {
const encryptor = new JSEncrypt()
encryptor.setPrivateKey(privateKey) // 设置私钥
return encryptor.decrypt(txt) // 对数据进行解密
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment