From: qiaowei <jov123@163.com>
Date: Mon, 29 Apr 2019 01:35:04 +0000 (+0800)
Subject: 表单提交问题
X-Git-Tag: 1.0.0^2~247
X-Git-Url: https://source.supwisdom.com/gerrit/gitweb?a=commitdiff_plain;h=00edf01aa6f826809430b6de86345ec56c01f3eb;p=epayment%2Ffood_payapi.git

表单提交问题
---

diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 6a32255b..62749839 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -178,7 +178,6 @@ class WebSecurityConfig {
             override fun configure(http: HttpSecurity) {
                 // è®¾ç½® Web MVC åºç¨æé
                 http.apply(validateCodeSecurityConfig)
-                        .and().csrf()
                         .and()
                         .authorizeRequests()
                         .antMatchers("/login", "/login/form").permitAll()
@@ -201,6 +200,7 @@ class WebSecurityConfig {
                         .logoutSuccessUrl("/login")
                         .deleteCookies("JSESSIONID")
                         .invalidateHttpSession(true)
+                        .and().csrf()
                 // è®¾ç½® Web MVC åºç¨æé
 //                http.apply(validateCodeSecurityConfig)
 //                        .and()
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index db534baf..4c33b781 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -26,4 +26,3 @@ spring.thymeleaf.enabled=true
 ################################################
 # user password
 auth.password.bcrypt.length=10
-
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html
index 011e8f8f..a66007cf 100755
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@@ -3,7 +3,8 @@
 
 <head>
     <title>é¦é¡µ</title>
-
+    <meta name="_csrf_header" th:content="${_csrf.headerName}" />
+    <meta name="_csrf_token" th:content="${_csrf.parameterName}" th:value="${_csrf.token}" />
     <meta charset="utf-8"/>
     <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
diff --git a/src/main/resources/templates/system/operator/index.html b/src/main/resources/templates/system/operator/index.html
index 530f5ce4..279a2ede 100644
--- a/src/main/resources/templates/system/operator/index.html
+++ b/src/main/resources/templates/system/operator/index.html
@@ -92,38 +92,7 @@
 
         // æ·»å æé®ç¹å»äºä»¶
         $('#oper-btn-add').click(function () {
-           // showEditModel();
-            $.ajax({
-                type : "POST",
-                dataType : "json",
-                url : "/operator/add",
-                data : {
-                    "opercode":"www",
-                    "opername":"www",
-                    "sex":"male",
-                    "roleId":"2"
-                },
-                success : function(result) {
-                    layer.closeAll('loading');
-                    if (data.code == 200) {
-                        layer.msg(data.msg, {icon: 1});
-                        admin.finishPopupCenter();
-                    } else if (data.code == 401) {
-                        layer.msg(data.msg, {icon: 2, time: 1500}, function () {
-                            location.replace('/login');
-                        }, 1000);
-                        return;
-                    } else {
-                        console.log('err:' + data.code);
-                        layer.msg(data.msg, {icon: 2});
-                    }
-                },
-                error : function(data) {
-                    layer.closeAll('loading');
-                    layer.msg("è¯·æ±æå¡å¨å¤±è´¥ï¼", {icon: 2});
-                }
-            });
-
+            showEditModel();
         });
 
 
diff --git a/src/main/resources/templates/system/operator/operator.html b/src/main/resources/templates/system/operator/operator.html
index 319f7fea..c43995ca 100644
--- a/src/main/resources/templates/system/operator/operator.html
+++ b/src/main/resources/templates/system/operator/operator.html
@@ -46,7 +46,7 @@
 
     <div class="layui-form-item model-form-footer">
         <button class="layui-btn layui-btn-primary" type="button" ew-event="closeDialog">åæ¶</button>
-        <button class="layui-btn" lay-filter="oper-form-submit" lay-submit>ä¿å­</button>
+        <button class="layui-btn" lay-filter="oper-form-submit" lay-submit  id="submitbtn">ä¿å­</button>
     </div>
 </form>
 
@@ -112,10 +112,14 @@
             }
             formSelects.value('roleId', rds);
         }
-
         // è¡¨åæäº¤äºä»¶
         form.on('submit(oper-form-submit)', function (data) {
             layer.load(2);
+            var token_name = $("meta[name='_csrf_token']").attr("content");
+            var token = $("meta[name='_csrf_token']").attr("value");
+            data.field[token_name] = token;
+            console.log(data);
+            debugger
             $.ajax({
                 type : "POST",
                 dataType : "json",
