Merge branch 'master' of https://gitee.com/zhijiantianya/ruoyi-vue-pro into feature/1.6.1

This commit is contained in:
YunaiV
2022-03-10 21:19:50 +08:00
9 changed files with 20 additions and 312 deletions

View File

@ -75,16 +75,16 @@ public class TenantSecurityWebFilter extends ApiRequestFilter {
}
}
// 2. 如果请求未带租户的编号,检查是否是忽略的 URL,否则也不允许访问
if (tenantId == null && !isIgnoreUrl(request)) {
log.error("[doFilterInternal][URL({}/{}) 未传递租户编号]", request.getRequestURI(), request.getMethod());
ServletUtils.writeJSON(response, CommonResult.error(GlobalErrorCodeConstants.BAD_REQUEST.getCode(),
"租户的请求未传递,请进行排查"));
return;
}
// 3. 校验租户是合法,例如说被禁用、到期
if (tenantId != null) {
//检查是否是忽略的 URL, 如果是则允许访问
if (!isIgnoreUrl(request)) {
// 2. 如果请求未带租户编号,不允许访问。
if (tenantId == null) {
log.error("[doFilterInternal][URL({}/{}) 未传递租户编号]", request.getRequestURI(), request.getMethod());
ServletUtils.writeJSON(response, CommonResult.error(GlobalErrorCodeConstants.BAD_REQUEST.getCode(),
"租户的请求未传递,请进行排查"));
return;
}
// 3. 校验租户是合法,例如说被禁用、到期
try {
tenantFrameworkService.validTenant(tenantId);
} catch (Throwable ex) {

View File

@ -4,7 +4,6 @@ import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.validation.annotation.Validated;
import javax.validation.Valid;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;
import java.time.Duration;
@ -24,11 +23,6 @@ public class SecurityProperties {
*/
@NotNull(message = "Token 过期时间不能为空")
private Duration tokenTimeout;
/**
* Token 秘钥
*/
@NotEmpty(message = "Token 秘钥不能为空")
private String tokenSecret;
/**
* Session 过期时间
*

View File

@ -66,7 +66,7 @@ public class JWTAuthenticationTokenFilter extends OncePerRequestFilter {
* 注意,在线上环境下,一定要关闭该功能!!!
*
* @param request 请求
* @param token 模拟的 token格式为 {@link SecurityProperties#getTokenSecret()} + 用户编号
* @param token 模拟的 token格式为 {@link SecurityProperties#getMockSecret()} + 用户编号
* @return 模拟的 LoginUser
*/
private LoginUser mockLoginUser(HttpServletRequest request, String token) {