From 985082d33930868c3cc1723f28fd9aaae9013a8f Mon Sep 17 00:00:00 2001 From: 648540858 <648540858@qq.com> Date: 星期三, 16 八月 2023 09:11:22 +0800 Subject: [PATCH] 添加缺少的内容 --- src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java | 40 +++++++++++++++++++++++++++++++++------- 1 files changed, 33 insertions(+), 7 deletions(-) diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java index 91709aa..f35b5bd 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java @@ -1,7 +1,11 @@ package com.genersoft.iot.vmp.conf.security; +import com.genersoft.iot.vmp.conf.UserSetting; import com.genersoft.iot.vmp.conf.security.dto.JwtUser; +import com.genersoft.iot.vmp.storager.dao.dto.Role; +import com.genersoft.iot.vmp.storager.dao.dto.User; import org.apache.commons.lang3.StringUtils; +import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Component; @@ -22,16 +26,35 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { + @Autowired + private UserSetting userSetting; + + @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { + + // 蹇界暐鐧诲綍璇锋眰鐨則oken楠岃瘉 + String requestURI = request.getRequestURI(); + if (requestURI.equalsIgnoreCase("/api/user/login")) { + chain.doFilter(request, response); + return; + } + if (!userSetting.isInterfaceAuthentication()) { + UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() ); + SecurityContextHolder.getContext().setAuthentication(token); + chain.doFilter(request, response); + return; + } String jwt = request.getHeader(JwtUtils.getHeader()); // 杩欓噷濡傛灉娌℃湁jwt锛岀户缁線鍚庤蛋锛屽洜涓哄悗闈㈣繕鏈夐壌鏉冪鐞嗗櫒绛夊幓鍒ゆ柇鏄惁鎷ユ湁韬唤鍑瘉锛屾墍浠ユ槸鍙互鏀捐鐨� // 娌℃湁jwt鐩稿綋浜庡尶鍚嶈闂紝鑻ユ湁涓�浜涙帴鍙f槸闇�瑕佹潈闄愮殑锛屽垯涓嶈兘璁块棶杩欎簺鎺ュ彛 if (StringUtils.isBlank(jwt)) { - chain.doFilter(request, response); - return; + jwt = request.getParameter(JwtUtils.getHeader()); + if (StringUtils.isBlank(jwt)) { + chain.doFilter(request, response); + return; + } } - JwtUser jwtUser = JwtUtils.verifyToken(jwt); String username = jwtUser.getUserName(); @@ -53,11 +76,14 @@ default: } -// String password = SecurityUtils.encryptPassword(jwtUser.getPassword()); -// user.setPassword(password); - // 鏋勫缓UsernamePasswordAuthenticationToken,杩欓噷瀵嗙爜涓簄ull锛屾槸鍥犱负鎻愪緵浜嗘纭殑JWT,瀹炵幇鑷姩鐧诲綍 - UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, jwtUser.getPassword(), new ArrayList<>() ); + User user = new User(); + user.setUsername(jwtUser.getUserName()); + user.setPassword(jwtUser.getPassword()); + Role role = new Role(); + role.setId(jwtUser.getRoleId()); + user.setRole(role); + UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(user, jwtUser.getPassword(), new ArrayList<>() ); SecurityContextHolder.getContext().setAuthentication(token); chain.doFilter(request, response); } -- Gitblit v1.8.0