From 8a590d5c39f0f8bb1a4bfab427deb9483f780f4b Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期四, 30 三月 2023 09:01:36 +0800
Subject: [PATCH] Merge pull request #800 from yjkhtddx/wvp-28181-2.0

---
 src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java |   31 +++++++++++++++++++++++++------
 1 files changed, 25 insertions(+), 6 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
index 91709aa..e50a8b0 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
@@ -1,7 +1,9 @@
 package com.genersoft.iot.vmp.conf.security;
 
+import com.genersoft.iot.vmp.conf.UserSetting;
 import com.genersoft.iot.vmp.conf.security.dto.JwtUser;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;
@@ -22,16 +24,36 @@
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
 
+    @Autowired
+    private UserSetting userSetting;
+
+
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException {
+
+        // 蹇界暐鐧诲綍璇锋眰鐨則oken楠岃瘉
+        String requestURI = request.getRequestURI();
+        if (requestURI.equalsIgnoreCase("/api/user/login")) {
+            chain.doFilter(request, response);
+            return;
+        }
+        if (!userSetting.isInterfaceAuthentication()) {
+            // 鏋勫缓UsernamePasswordAuthenticationToken,杩欓噷瀵嗙爜涓簄ull锛屾槸鍥犱负鎻愪緵浜嗘纭殑JWT,瀹炵幇鑷姩鐧诲綍
+            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() );
+            SecurityContextHolder.getContext().setAuthentication(token);
+            chain.doFilter(request, response);
+            return;
+        }
         String jwt = request.getHeader(JwtUtils.getHeader());
         // 杩欓噷濡傛灉娌℃湁jwt锛岀户缁線鍚庤蛋锛屽洜涓哄悗闈㈣繕鏈夐壌鏉冪鐞嗗櫒绛夊幓鍒ゆ柇鏄惁鎷ユ湁韬唤鍑瘉锛屾墍浠ユ槸鍙互鏀捐鐨�
         // 娌℃湁jwt鐩稿綋浜庡尶鍚嶈闂紝鑻ユ湁涓�浜涙帴鍙ｆ槸闇�瑕佹潈闄愮殑锛屽垯涓嶈兘璁块棶杩欎簺鎺ュ彛
         if (StringUtils.isBlank(jwt)) {
-            chain.doFilter(request, response);
-            return;
+            jwt = request.getParameter(JwtUtils.getHeader());
+            if (StringUtils.isBlank(jwt)) {
+                chain.doFilter(request, response);
+                return;
+            }
         }
-
 
         JwtUser jwtUser = JwtUtils.verifyToken(jwt);
         String username = jwtUser.getUserName();
@@ -52,9 +74,6 @@
 //                return;
             default:
         }
-
-//        String password = SecurityUtils.encryptPassword(jwtUser.getPassword());
-//        user.setPassword(password);
 
         // 鏋勫缓UsernamePasswordAuthenticationToken,杩欓噷瀵嗙爜涓簄ull锛屾槸鍥犱负鎻愪緵浜嗘纭殑JWT,瀹炵幇鑷姩鐧诲綍
         UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, jwtUser.getPassword(), new ArrayList<>() );

--
Gitblit v1.8.0