admin/lx-admin-backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix jwt过滤编写问题

Browse Source
This commit is contained in:
疯狂的狮子li 2021-09-26 14:35:25 +08:00
parent 92804151a3
commit f7982ede73
1 changed files with 13 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
View File

@ -38,20 +38,24 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
throws ServletException, IOException throws ServletException, IOException
{ {
// 匿名路径放行 // 匿名路径放行 默认拦截
boolean flag = true;
for (String anonymou : securityProperties.getAnonymous()) { for (String anonymou : securityProperties.getAnonymous()) {
PathMatcher pm = new AntPathMatcher(); PathMatcher pm = new AntPathMatcher();
if (pm.matchStart(anonymou, request.getRequestURI())) { if (pm.matchStart(anonymou, request.getRequestURI())) {
chain.doFilter(request, response); flag = false;
break;
} }
} }
LoginUser loginUser = tokenService.getLoginUser(request); if (flag) {
if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) LoginUser loginUser = tokenService.getLoginUser(request);
{ if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
tokenService.verifyToken(loginUser); tokenService.verifyToken(loginUser);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities()); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request)); authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
SecurityContextHolder.getContext().setAuthentication(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authenticationToken);
}
} }
chain.doFilter(request, response); chain.doFilter(request, response);
} }