diff --git a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
index 7eb6aaff..7f0ab1fa 100644
--- a/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
+++ b/modules/core/src/main/java/com/jeesite/modules/sys/web/LoginController.java
@@ -24,6 +24,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
+import com.jeesite.common.codec.DesUtils;
import com.jeesite.common.config.Global;
import com.jeesite.common.lang.StringUtils;
import com.jeesite.common.shiro.filter.FormAuthenticationFilter;
@@ -135,6 +136,11 @@ public class LoginController extends BaseController{
String exception = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_ERROR_KEY_ATTRIBUTE_NAME);
String message = (String)request.getAttribute(FormAuthenticationFilter.DEFAULT_MESSAGE_PARAM);
+ String secretKey = Global.getProperty("shiro.loginSubmit.secretKey");
+ if (StringUtils.isNotBlank(secretKey)){
+ username = DesUtils.decode(username, secretKey);
+ }
+
model.addAttribute(FormAuthenticationFilter.DEFAULT_USERNAME_PARAM, username);
model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_ME_PARAM, rememberMe);
model.addAttribute(FormAuthenticationFilter.DEFAULT_REMEMBER_USERCODE_PARAM, rememberUserCode);
diff --git a/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html b/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
index 104b8ad7..2c0657e4 100644
--- a/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
+++ b/modules/core/src/main/resources/views/themes/default/modules/sys/sysLogin.html
@@ -34,7 +34,7 @@
<% } -->*/%>
- <#form:validcode name="validCode" isRequired="true" isRemote="true" isLazy="false"/>
+ <#form:validcode name="validCode" isRequired="true" isRemote="true" isLazy="true"/>