From ce3298b9b01d83aea11bd144ccdc2e890a75cd97 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期三, 26 六月 2024 19:52:25 +0800
Subject: [PATCH] 升级spring-security到安全版本，防止漏洞风险

---
 src/main/java/com/ruoyi/framework/security/service/SysLoginService.java |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java b/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java
index 3ecb09b..12a7c68 100644
--- a/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java
+++ b/src/main/java/com/ruoyi/framework/security/service/SysLoginService.java
@@ -115,12 +115,12 @@
         {
             String verifyKey = CacheConstants.CAPTCHA_CODE_KEY + StringUtils.nvl(uuid, "");
             String captcha = redisCache.getCacheObject(verifyKey);
-            redisCache.deleteObject(verifyKey);
             if (captcha == null)
             {
                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.expire")));
                 throw new CaptchaExpireException();
             }
+            redisCache.deleteObject(verifyKey);
             if (!code.equalsIgnoreCase(captcha))
             {
                 AsyncManager.me().execute(AsyncFactory.recordLogininfor(username, Constants.LOGIN_FAIL, MessageUtils.message("user.jcaptcha.error")));

--
Gitblit v1.9.3