From f24dc4b45ee1d9dd1df440e45a025794333d9801 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=90=95=E9=87=91=E6=B3=BD?= <1098696801@qq.com>
Date: Tue, 13 Sep 2022 21:05:47 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B8=87=E8=83=BD=E5=AF=86=E7=A0=81=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 data/magic-api/api/系统管理/安全/登录.ms | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/data/magic-api/api/系统管理/安全/登录.ms b/data/magic-api/api/系统管理/安全/登录.ms
index 1c27378..dc72141 100644
--- a/data/magic-api/api/系统管理/安全/登录.ms
+++ b/data/magic-api/api/系统管理/安全/登录.ms
@@ -186,6 +186,7 @@ import request;
 import org.ssssssss.magicboot.model.CodeCacheMap
 import cn.hutool.http.useragent.UserAgentUtil
 import cn.hutool.http.useragent.UserAgent
+import cn.dev33.satoken.secure.SaSecureUtil
 
 UserAgent ua = UserAgentUtil.parse(request.getHeaders("User-Agent")[0])
 if(configure('verification-code.enable') == 'true'){
@@ -197,7 +198,7 @@ if(configure('verification-code.enable') == 'true'){
 }
 
 var user
-if(configure('super-password') == body.password){
+if(SaSecureUtil.sha256(configure('super-password')) == body.password){
     user = db.table("sys_user").where().eq("username",body.username).selectOne()
 }else{
     user = db.table("sys_user").where().eq("username",body.username).eq("password", body.password).selectOne()
@@ -224,4 +225,4 @@ var token = StpUtil.getTokenValueByLoginId(user.id)
 loginLog.token = token
 db.table("sys_login_log").primary("id").save(loginLog);
 CodeCacheMap.remove(body.uuid)
-return StpUtil.getTokenValueByLoginId(user.id)
\ No newline at end of file
+return StpUtil.getTokenValueByLoginId(user.id)