表单提交问题
diff --git a/src/main/kotlin/com/supwisdom/dlpay/security.kt b/src/main/kotlin/com/supwisdom/dlpay/security.kt
index 6a32255..6274983 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/security.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/security.kt
@@ -178,7 +178,6 @@
override fun configure(http: HttpSecurity) {
// 设置 Web MVC 应用权限
http.apply(validateCodeSecurityConfig)
- .and().csrf()
.and()
.authorizeRequests()
.antMatchers("/login", "/login/form").permitAll()
@@ -201,6 +200,7 @@
.logoutSuccessUrl("/login")
.deleteCookies("JSESSIONID")
.invalidateHttpSession(true)
+ .and().csrf()
// 设置 Web MVC 应用权限
// http.apply(validateCodeSecurityConfig)
// .and()
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index db534ba..4c33b78 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -26,4 +26,3 @@
################################################
# user password
auth.password.bcrypt.length=10
-
diff --git a/src/main/resources/templates/index.html b/src/main/resources/templates/index.html
index 011e8f8..a66007c 100755
--- a/src/main/resources/templates/index.html
+++ b/src/main/resources/templates/index.html
@@ -3,7 +3,8 @@
<head>
<title>首页</title>
-
+ <meta name="_csrf_header" th:content="${_csrf.headerName}" />
+ <meta name="_csrf_token" th:content="${_csrf.parameterName}" th:value="${_csrf.token}" />
<meta charset="utf-8"/>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
diff --git a/src/main/resources/templates/system/operator/index.html b/src/main/resources/templates/system/operator/index.html
index 530f5ce..279a2ed 100644
--- a/src/main/resources/templates/system/operator/index.html
+++ b/src/main/resources/templates/system/operator/index.html
@@ -92,38 +92,7 @@
// 添加按钮点击事件
$('#oper-btn-add').click(function () {
- // showEditModel();
- $.ajax({
- type : "POST",
- dataType : "json",
- url : "/operator/add",
- data : {
- "opercode":"www",
- "opername":"www",
- "sex":"male",
- "roleId":"2"
- },
- success : function(result) {
- layer.closeAll('loading');
- if (data.code == 200) {
- layer.msg(data.msg, {icon: 1});
- admin.finishPopupCenter();
- } else if (data.code == 401) {
- layer.msg(data.msg, {icon: 2, time: 1500}, function () {
- location.replace('/login');
- }, 1000);
- return;
- } else {
- console.log('err:' + data.code);
- layer.msg(data.msg, {icon: 2});
- }
- },
- error : function(data) {
- layer.closeAll('loading');
- layer.msg("请求服务器失败!", {icon: 2});
- }
- });
-
+ showEditModel();
});
diff --git a/src/main/resources/templates/system/operator/operator.html b/src/main/resources/templates/system/operator/operator.html
index 319f7fe..c43995c 100644
--- a/src/main/resources/templates/system/operator/operator.html
+++ b/src/main/resources/templates/system/operator/operator.html
@@ -46,7 +46,7 @@
<div class="layui-form-item model-form-footer">
<button class="layui-btn layui-btn-primary" type="button" ew-event="closeDialog">取消</button>
- <button class="layui-btn" lay-filter="oper-form-submit" lay-submit>保存</button>
+ <button class="layui-btn" lay-filter="oper-form-submit" lay-submit id="submitbtn">保存</button>
</div>
</form>
@@ -112,10 +112,14 @@
}
formSelects.value('roleId', rds);
}
-
// 表单提交事件
form.on('submit(oper-form-submit)', function (data) {
layer.load(2);
+ var token_name = $("meta[name='_csrf_token']").attr("content");
+ var token = $("meta[name='_csrf_token']").attr("value");
+ data.field[token_name] = token;
+ console.log(data);
+ debugger
$.ajax({
type : "POST",
dataType : "json",