From 7c5d64563927e1ba7867b1492f6c4b07d0b50a2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=96=AF=E7=8B=82=E7=9A=84=E7=8B=AE=E5=AD=90li?= <15040126243@163.com> Date: Tue, 28 Feb 2023 19:13:51 +0800 Subject: [PATCH] =?UTF-8?q?update=20=E4=BC=98=E5=8C=96=20=E5=8F=AA?= =?UTF-8?q?=E6=8B=A6=E6=88=AA=E7=B3=BB=E7=BB=9F=E5=86=85=E5=AD=98=E5=9C=A8?= =?UTF-8?q?=E7=9A=84=E8=B7=AF=E5=BE=84=20=E5=87=8F=E5=B0=91=E4=B8=8D?= =?UTF-8?q?=E5=BF=85=E8=A6=81=E7=9A=84=E6=8B=A6=E6=88=AA=E9=80=A0=E6=88=90?= =?UTF-8?q?=E7=9A=84=E6=80=A7=E8=83=BD=E6=B6=88=E8=80=97?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../src/main/resources/application.yml | 4 +- .../security/config/SecurityConfig.java | 5 ++- .../security/handler/AllUrlHandler.java | 43 +++++++++++++++++++ ...ot.autoconfigure.AutoConfiguration.imports | 1 + 4 files changed, 51 insertions(+), 2 deletions(-) create mode 100644 ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AllUrlHandler.java diff --git a/ruoyi-admin/src/main/resources/application.yml b/ruoyi-admin/src/main/resources/application.yml index f18898cfa..c86967dec 100644 --- a/ruoyi-admin/src/main/resources/application.yml +++ b/ruoyi-admin/src/main/resources/application.yml @@ -127,8 +127,10 @@ security: - /**/*.html - /**/*.css - /**/*.js - # swagger 文档配置 + # 公共路径 - /favicon.ico + - /error + # swagger 文档配置 - /*/api-docs - /*/api-docs/** # actuator 监控配置 diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityConfig.java index ca607c254..b4fa6ba5a 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityConfig.java +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/config/SecurityConfig.java @@ -3,7 +3,9 @@ package com.ruoyi.common.security.config; import cn.dev33.satoken.interceptor.SaInterceptor; import cn.dev33.satoken.router.SaRouter; import cn.dev33.satoken.stp.StpUtil; +import com.ruoyi.common.core.utils.SpringUtils; import com.ruoyi.common.security.config.properties.SecurityProperties; +import com.ruoyi.common.security.handler.AllUrlHandler; import lombok.RequiredArgsConstructor; import lombok.extern.slf4j.Slf4j; import org.springframework.boot.autoconfigure.AutoConfiguration; @@ -32,10 +34,11 @@ public class SecurityConfig implements WebMvcConfigurer { public void addInterceptors(InterceptorRegistry registry) { // 注册路由拦截器,自定义验证规则 registry.addInterceptor(new SaInterceptor(handler -> { + AllUrlHandler allUrlHandler = SpringUtils.getBean(AllUrlHandler.class); // 登录验证 -- 排除多个路径 SaRouter // 获取所有的 - .match("/**") + .match(allUrlHandler.getUrls()) // 对未排除的路径进行检查 .check(() -> { // 检查是否登录 是否有token diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AllUrlHandler.java b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AllUrlHandler.java new file mode 100644 index 000000000..c1d14037d --- /dev/null +++ b/ruoyi-common/ruoyi-common-security/src/main/java/com/ruoyi/common/security/handler/AllUrlHandler.java @@ -0,0 +1,43 @@ +package com.ruoyi.common.security.handler; + +import cn.hutool.core.util.ReUtil; +import com.ruoyi.common.core.utils.SpringUtils; +import lombok.Data; +import org.springframework.beans.factory.InitializingBean; +import org.springframework.web.method.HandlerMethod; +import org.springframework.web.servlet.mvc.method.RequestMappingInfo; +import org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerMapping; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; +import java.util.Objects; +import java.util.regex.Pattern; + +/** + * 获取所有Url配置 + * + * @author Lion Li + */ +@Data +public class AllUrlHandler implements InitializingBean { + + private static final Pattern PATTERN = Pattern.compile("\\{(.*?)\\}"); + + private List urls = new ArrayList<>(); + + @Override + public void afterPropertiesSet() { + RequestMappingHandlerMapping mapping = SpringUtils.getBean("requestMappingHandlerMapping", RequestMappingHandlerMapping.class); + Map map = mapping.getHandlerMethods(); + map.keySet().forEach(info -> { + // 获取方法上边的注解 替代path variable 为 * + Objects.requireNonNull(info.getPathPatternsCondition().getPatterns()) + .forEach(url -> urls.add(ReUtil.replaceAll(url.getPatternString(), PATTERN, "*"))); + // 获取类上边的注解, 替代path variable 为 * + Objects.requireNonNull(info.getPathPatternsCondition().getPatterns()) + .forEach(url -> urls.add(ReUtil.replaceAll(url.getPatternString(), PATTERN, "*"))); + }); + } + +} diff --git a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports index a09e5d650..a72b34df9 100644 --- a/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports +++ b/ruoyi-common/ruoyi-common-security/src/main/resources/META-INF/spring/org.springframework.boot.autoconfigure.AutoConfiguration.imports @@ -1,2 +1,3 @@ com.ruoyi.common.security.handler.GlobalExceptionHandler +com.ruoyi.common.security.handler.AllUrlHandler com.ruoyi.common.security.config.SecurityConfig