3 年之前 · 369438a46d
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java
@@ -4,14 +4,11 @@ import com.ruoyi.common.core.domain.model.LoginUser;
 
				 import com.ruoyi.common.core.service.TokenService;
			
 
				 import com.ruoyi.common.utils.SecurityUtils;
			
 
				 import com.ruoyi.common.utils.StringUtils;
			
 
				-import com.ruoyi.framework.config.properties.SecurityProperties;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
			
 
				 import org.springframework.security.core.context.SecurityContextHolder;
			
 
				 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
			
 
				 import org.springframework.stereotype.Component;
			
 
				-import org.springframework.util.AntPathMatcher;
			
 
				-import org.springframework.util.PathMatcher;
			
 
				 import org.springframework.web.filter.OncePerRequestFilter;
			
 
				 
			
 
				 import javax.servlet.FilterChain;
			
@@ -31,30 +28,16 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
 
				     @Autowired
			
 
				     private TokenService tokenService;
			
 
				 
			
 
				-    @Autowired
			
 
				-    private SecurityProperties securityProperties;
			
 
				-
			
 
				     @Override
			
 
				     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
			
 
				             throws ServletException, IOException
			
 
				     {
			
 
				-        // 匿名路径放行 默认拦截
			
 
				-        boolean flag = true;
			
 
				-        PathMatcher pm = new AntPathMatcher();
			
 
				-        for (String anonymou : securityProperties.getAnonymous()) {
			
 
				-            if (pm.match(anonymou, request.getRequestURI())) {
			
 
				-                flag = false;
			
 
				-                break;
			
 
				-            }
			
 
				-        }
			
 
				-        if (flag) {
			
 
				-            LoginUser loginUser = tokenService.getLoginUser(request);
			
 
				-            if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
			
 
				-                tokenService.verifyToken(loginUser);
			
 
				-                UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
			
 
				-                authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
			
 
				-                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				-            }
			
 
				+        LoginUser loginUser = tokenService.getLoginUser(request);
			
 
				+        if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
			
 
				+            tokenService.verifyToken(loginUser);
			
 
				+            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
			
 
				+            authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
			
 
				+            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				         }
			
 
				         chain.doFilter(request, response);
			
 
				     }