混淆电子邮件地址和密码设计导轨?
使用设计进行身份验证,
我想混淆用户信息(例如用户名和密码),当请求来自客户端时,
<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name, service: params[:service]), html: { class: 'm-t' }) do |f| %>
<%= devise_error_messages! %>
<%= f.email_field :name, required: true, hide_label: true, placeholder: 'Name' %>
<%= f.password_field :password, required: true, hide_label: true, placeholder: 'Password'%>
<%= f.submit "Sign In", class: 'btn btn-primary btn-block dark-button-text' %>
<% end %>
请求主体中的名称和密码可见,应该加密,我正在尝试使用JavaScript,
$(document).ready(function() {
$('form#new_user').submit(function() {
let userPassword = $('#user_password')
let userName = $('#user_name')
userPassword.val(window.btoa(userPassword.val()))
userName.val(window.btoa(userName.val()))
})
})
但是浏览器上的此更新值。
在应用程序中,如何解密与设计会话控制器相同的是对传入请求进行消毒。
Using Devise for Authentication
I want to Obfuscate user information like username and password when request comes from the client side
<%= bootstrap_form_for(resource, as: resource_name, url: session_path(resource_name, service: params[:service]), html: { class: 'm-t' }) do |f| %>
<%= devise_error_messages! %>
<%= f.email_field :name, required: true, hide_label: true, placeholder: 'Name' %>
<%= f.password_field :password, required: true, hide_label: true, placeholder: 'Password'%>
<%= f.submit "Sign In", class: 'btn btn-primary btn-block dark-button-text' %>
<% end %>
The name and password in the request body are visible which should be encrypted, i am trying to use javascript
$(document).ready(function() {
$('form#new_user').submit(function() {
let userPassword = $('#user_password')
let userName = $('#user_name')
userPassword.val(window.btoa(userPassword.val()))
userName.val(window.btoa(userName.val()))
})
})
But this updating value on the browser.
On application how to decrypt the same as devise session controller is doing sanitizing of the incoming request.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论