login

Disable multiple logins for same user in spring security + spring boot

岁酱吖の 提交于 2021-01-28 03:14:23
问题 I have the below spring configuration :- static SessionRegistry SR; @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/", "/forgotPwd", "/resetPwd").permitAll() .anyRequest().authenticated().and().formLogin().loginPage("/login") .defaultSuccessUrl("/home").failureUrl("/login?error").permitAll() .successHandler(authenticationSuccessHandler) // autowired or defined below .and().logout() .logoutRequestMatcher(new

Disable multiple logins for same user in spring security + spring boot

假如想象 提交于 2021-01-28 01:28:57
问题 I have the below spring configuration :- static SessionRegistry SR; @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/", "/forgotPwd", "/resetPwd").permitAll() .anyRequest().authenticated().and().formLogin().loginPage("/login") .defaultSuccessUrl("/home").failureUrl("/login?error").permitAll() .successHandler(authenticationSuccessHandler) // autowired or defined below .and().logout() .logoutRequestMatcher(new

Php curl login with csrf token

有些话、适合烂在心里 提交于 2021-01-27 19:48:49
问题 I want to simulate login with curl in php with csrf token. I know the token is refreshed every session and I need to use the same cookie and I do it like this: <?php use Symfony\Component\DomCrawler\Crawler; require 'vendor/autoload.php'; function login($url,$data){ $login = curl_init(); curl_setopt($login, CURLOPT_COOKIEJAR, "cookie.txt"); curl_setopt($login, CURLOPT_COOKIEFILE, "cookie.txt"); curl_setopt($login, CURLOPT_TIMEOUT, 40000); curl_setopt($login, CURLOPT_RETURNTRANSFER, TRUE);

Detect Ajax in PHP

China☆狼群 提交于 2021-01-27 13:05:13
问题 I am trying to make an ajax post to the same php page. Ajax: $("#loginForm").submit(function(e) { e.preventDefault(); var postData = $(this).serialize(); $.post("login.php", postData); }); The postData is correct and is in the following format: username=john&password=123123 PHP (same page): if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') { echo 'Ajax Request Detected'; } However this if-check always returns false and the echo

Best way to pass a password via GET or POST

杀马特。学长 韩版系。学妹 提交于 2021-01-27 07:07:01
问题 I have made a simple login form, but what is bugging me is that if you view the request (it's ajax), you can see the users password i.e. ?user=Bob&pass=secret Is this something not to worry about at all or am I doing it wrong? I can't think of a way around this. 回答1: Always use HTTPS and always opt for POST. The GET method will allow your browser to store the username and password when it stores the URL in its history and can also be sent to third party sites, e.g., google analytics. Also,

Add listener before login

巧了我就是萌 提交于 2021-01-03 08:34:03
问题 I have been creating web application using symfony 3, I have added Recaptcha to my login form using EWZRecaptchaBundle, how I can add a listener before login to verify the validation of Recaptcha. <form method="post" action="{{ path('mysubmited') }}" id="form-validation" name="form-validation"> <div class="form-group form-input-icon form-input-icon-right"> <i class="icmn-spinner11 cat__core__spin"></i> <div> {{ form_widget(form.username) }}</div> </div> <div class="form-group"> <div>{{ form

Add listener before login

不羁的心 提交于 2021-01-03 08:29:29
问题 I have been creating web application using symfony 3, I have added Recaptcha to my login form using EWZRecaptchaBundle, how I can add a listener before login to verify the validation of Recaptcha. <form method="post" action="{{ path('mysubmited') }}" id="form-validation" name="form-validation"> <div class="form-group form-input-icon form-input-icon-right"> <i class="icmn-spinner11 cat__core__spin"></i> <div> {{ form_widget(form.username) }}</div> </div> <div class="form-group"> <div>{{ form
订阅 login