From de6baa157edf398262ca7babbf68e325d3021041 Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期五, 24 五月 2024 08:51:09 +0800
Subject: [PATCH] 合并271分支

---
 src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java |   12 ++++++++++--
 1 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
index f45f89a..ebeea98 100644
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
@@ -35,10 +35,15 @@
 
         // 蹇界暐鐧诲綍璇锋眰鐨則oken楠岃瘉
         String requestURI = request.getRequestURI();
+        if ((requestURI.startsWith("/doc.html") || requestURI.startsWith("/swagger-ui") ) && !userSetting.getDocEnable()) {
+            response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+            return;
+        }
         if (requestURI.equalsIgnoreCase("/api/user/login")) {
             chain.doFilter(request, response);
             return;
         }
+
         if (!userSetting.isInterfaceAuthentication()) {
             UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() );
             SecurityContextHolder.getContext().setAuthentication(token);
@@ -51,8 +56,11 @@
         if (StringUtils.isBlank(jwt)) {
             jwt = request.getParameter(JwtUtils.getHeader());
             if (StringUtils.isBlank(jwt)) {
-                chain.doFilter(request, response);
-                return;
+                jwt = request.getHeader(JwtUtils.getApiKeyHeader());
+                if (StringUtils.isBlank(jwt)) {
+                    chain.doFilter(request, response);
+                    return;
+                }
             }
         }
 

--
Gitblit v1.8.0