|
|
@@ -4,11 +4,14 @@ import com.ruoyi.common.core.domain.model.LoginUser;
|
|
|
import com.ruoyi.common.core.service.TokenService;
|
|
|
import com.ruoyi.common.utils.SecurityUtils;
|
|
|
import com.ruoyi.common.utils.StringUtils;
|
|
|
+import com.ruoyi.framework.config.properties.SecurityProperties;
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
|
|
import org.springframework.security.core.context.SecurityContextHolder;
|
|
|
import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
|
|
|
import org.springframework.stereotype.Component;
|
|
|
+import org.springframework.util.AntPathMatcher;
|
|
|
+import org.springframework.util.PathMatcher;
|
|
|
import org.springframework.web.filter.OncePerRequestFilter;
|
|
|
|
|
|
import javax.servlet.FilterChain;
|
|
|
@@ -28,10 +31,20 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
|
|
|
@Autowired
|
|
|
private TokenService tokenService;
|
|
|
|
|
|
+ @Autowired
|
|
|
+ private SecurityProperties securityProperties;
|
|
|
+
|
|
|
@Override
|
|
|
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
|
|
throws ServletException, IOException
|
|
|
{
|
|
|
+ // 匿名路径放行
|
|
|
+ for (String anonymou : securityProperties.getAnonymous()) {
|
|
|
+ PathMatcher pm = new AntPathMatcher();
|
|
|
+ if (pm.matchStart(anonymou, request.getRequestURI())) {
|
|
|
+ chain.doFilter(request, response);
|
|
|
+ }
|
|
|
+ }
|
|
|
LoginUser loginUser = tokenService.getLoginUser(request);
|
|
|
if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
|
|
|
{
|
疯狂的狮子li