From 4eb23c52080ee6e61f14343c9b994591b5c9704f Mon Sep 17 00:00:00 2001 From: PL <774412461@qq.com> Date: Fri, 3 Jan 2025 17:48:52 +0800 Subject: [PATCH] =?UTF-8?q?up:=E5=8F=96=E6=B6=88=E9=99=90=E5=88=B6?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../cn/teammodel/security/filter/ApiAuthTokenFilter.java | 7 ++++--- .../cn/teammodel/security/filter/AuthInnerTokenFilter.java | 7 ++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/src/main/java/cn/teammodel/security/filter/ApiAuthTokenFilter.java b/src/main/java/cn/teammodel/security/filter/ApiAuthTokenFilter.java index d8025e3..e0a3c66 100644 --- a/src/main/java/cn/teammodel/security/filter/ApiAuthTokenFilter.java +++ b/src/main/java/cn/teammodel/security/filter/ApiAuthTokenFilter.java @@ -29,7 +29,8 @@ import java.util.List; public class ApiAuthTokenFilter extends OncePerRequestFilter { JwtTokenUtil jwtTokenUtil = new JwtTokenUtil(); - private List whiteList = new ArrayList<>(Arrays.asList("1530782422","1531391504","1529649295","1531030192","1533091862","1565140494","1530852951","1532621201","1532605781","1563262699","1530782422","1530670067","1566799279","1536118303","1578275404","6711941735","1528783259")); + //白名单id + //private List whiteList = new ArrayList<>(Arrays.asList("1530782422","1531391504","1529649295","1531030192","1533091862","1565140494","1530852951","1532621201","1532605781","1563262699","1530782422","1530670067","1566799279","1536118303","1578275404","6711941735","1528783259")); @Override protected void doFilterInternal(HttpServletRequest request, @NotNull HttpServletResponse response, @NotNull FilterChain filterChain) throws ServletException, IOException { @@ -48,13 +49,13 @@ public class ApiAuthTokenFilter extends OncePerRequestFilter { filterChain.doFilter(request, response); return; } - User user = validUserDetail1.getUser(); + /*User user = validUserDetail1.getUser(); if (!whiteList.contains(user.getId()) && !"IES".equals(user.getWebsite())) { SecurityContextHolder.clearContext(); // 验证失败不应该在此处抛出异常,应该维护好 context 的值,以便整个过滤器链正常运行 filterChain.doFilter(request, response); return; - } + }*/ // 组装 authToken 的 jwt 进 authentication UsernamePasswordAuthenticationToken finalAuthentication = new UsernamePasswordAuthenticationToken(validUserDetail1, null, null); diff --git a/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java b/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java index f4f15cc..2ca0d81 100644 --- a/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java +++ b/src/main/java/cn/teammodel/security/filter/AuthInnerTokenFilter.java @@ -30,8 +30,9 @@ import java.util.List; @Slf4j public class AuthInnerTokenFilter extends OncePerRequestFilter { JwtTokenUtil jwtTokenUtil = new JwtTokenUtil(); + //白名单id + //private List whiteList = new ArrayList<>(Arrays.asList("1530782422","1531391504","1529649295","1531030192","1533091862","1565140494","1532621201","1532605781","1563262699","1530782422","1530670067","1578275404","6711941735","1528783259")); - private List whiteList = new ArrayList<>(Arrays.asList("1530782422","1531391504","1529649295","1531030192","1533091862","1565140494","1532621201","1532605781","1563262699","1530782422","1530670067","1578275404","6711941735","1528783259")); @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException { SecurityContext context = SecurityContextHolder.getContext(); @@ -45,13 +46,13 @@ public class AuthInnerTokenFilter extends OncePerRequestFilter { filterChain.doFilter(request, response); return; } - User user = tmdUserDetail.getUser(); + /*User user = tmdUserDetail.getUser(); if (!whiteList.contains(user.getId()) && !"IES".equals(user.getWebsite())) { SecurityContextHolder.clearContext(); // 验证失败不应该在此处抛出异常,应该维护好 context 的值,以便整个过滤器链正常运行 filterChain.doFilter(request, response); return; - } + }*/ /*if (!"GP".equals(user.getWebsite()) && !"IES".equals(user.getWebsite())) { SecurityContextHolder.clearContext(); // 验证失败不应该在此处抛出异常,应该维护好 context 的值,以便整个过滤器链正常运行