fix securiry

htoooth
Commit 0b5d5ba834c65ce0cc15e493a88ffa4bbeca95c3 1 parent 6f4f5a7b
Showing 4 changed files with 13 additions and 6 deletions
apps/home/router.js
apps/passport/router.js
public/js/home/validate.page.js
public/js/passport/back/back.js
--- a/apps/home/router.js
View file @0b5d5ba
+++ b/apps/home/router.js
View file @0b5d5ba
@@ -247,7 +247,7 @@ router.post('/account/checkmobile', AccountController.checkMobile);
 
 router.post('/account/checkmobilemsg', AccountController.checkMobileMsg);
 
- router.post('/account/sendmobilemsg', AccountController.sendMobileMsg);
+ router.post('/account/sendmobilemsg', captcha.requiredAPI, AccountController.sendMobileMsg);
 
 router.post('/account/modifymobile', AccountController.modifyMobile);
 
--- a/apps/passport/router.js
View file @0b5d5ba
+++ b/apps/passport/router.js
View file @0b5d5ba
@@ -135,6 +135,7 @@ router.post('/passport/back/email',
 
 // 提交按钮手机AP
 router.post('/passport/back/mobile',
+     captcha.requiredAPI,
     back.validateInputPage,
     back.sendCodePage,
     back.saveInSession);
--- a/public/js/home/validate.page.js
View file @0b5d5ba
+++ b/public/js/home/validate.page.js
View file @0b5d5ba
@@ -249,10 +249,14 @@ function sendMobileMsg(mobileV) {
         mobile: mobileV
     };
 
+     captcha.hideTip();
+ 
     if (baseQs.checkCode) {
         reqData.checkCode = baseQs.checkCode;
     }
 
+     reqData.verifyCode = captcha.getResults();
+ 
     $.post('/home/account/sendmobilemsg', reqData, function(data) {
         if (typeof data.code !== 'undefined' && data.code === 200) {
             canSend = false;
@@ -260,6 +264,8 @@ function sendMobileMsg(mobileV) {
                 code();
             }, 1000);
             $ccheckInfo.html('');
+         } else if (data.code && data.code === 405) {
+             captcha.showTip(data.message);
         } else {
             $ccheckInfo.html('<div class="form-error">验证码发送失败</div>');
         }
@@ -476,9 +482,7 @@ $(function() {
     });
 
     $('#send-mobile-code').on('click', function() {
-         captcha.check().then(function() {
-             sendcode();
-         });
+         sendcode();
     });
 
     if ($('#newPwd').length > 0) {
--- a/public/js/passport/back/back.js
View file @0b5d5ba
+++ b/public/js/passport/back/back.js
View file @0b5d5ba
@@ -129,16 +129,18 @@ $phoneNum.keyup(function() {
 
 // 下一步
 $btn.click(function(e) {
+     var url = '/passport/back/email';
+ 
     if (!validatePhone()) {
         return;
     }
 
     if (/^[0-9]+$/.test($.trim($phoneNum.val()))) {
-         $('#find-form').attr('action', '/passport/back/mobile');
+         url = '/passport/back/mobile';
     }
 
     if (hasPh) {
-         $.post('/passport/back/email', {
+         $.post(url, {
             verifyCode: captcha.getResults(),
             phoneNum: $('#phone-num').val(),
             area: $('#country-code-hide').val()