Skip to content

D
dataease
提交 086ab388 authored 作者: junjie's avatar junjie
浏览文件
操作

Merge remote-tracking branch 'origin/main' into main

上级 59a10a27 e64d66bd
显示空白字符变更
内嵌 并排
正在显示 包含 52 行增加46 行删除
backend/src/main/java/io/dataease/auth/config/WhitelistConfig.java 0 → 100644
浏览文件 @ 086ab388
package io.dataease.auth.config;
import lombok.Data;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.context.annotation.Configuration;
import java.util.List;
@Configuration
@ConfigurationProperties(prefix = "dataease")
@Data
public class WhitelistConfig {
private List<String> whitelist;
}
backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
浏览文件 @ 086ab388
package io.dataease.auth.service.impl; package io.dataease.auth.service.impl;
import io.dataease.auth.config.WhitelistConfig;
import io.dataease.auth.service.ShiroService; import io.dataease.auth.service.ShiroService;
import org.apache.commons.collections.CollectionUtils;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean; import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import javax.annotation.Resource;
import java.util.LinkedHashMap; import java.util.LinkedHashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.StringJoiner;
@Service @Service
public class ShiroServiceImpl implements ShiroService { public class ShiroServiceImpl implements ShiroService {
private final static String ANON = "anon";
@Autowired
private WhitelistConfig whitelistConfig;
@Override @Override
public Map<String, String> loadFilterChainDefinitionMap() { public Map<String, String> loadFilterChainDefinitionMap() {
// 权限控制map // 权限控制map
...@@ -20,55 +25,39 @@ public class ShiroServiceImpl implements ShiroService { ...@@ -20,55 +25,39 @@ public class ShiroServiceImpl implements ShiroService {
// 配置过滤:不会被拦截的链接 -> 放行 start ---------------------------------------------------------- // 配置过滤:不会被拦截的链接 -> 放行 start ----------------------------------------------------------
// 放行Swagger2页面,需要放行这些 // 放行Swagger2页面,需要放行这些
filterChainDefinitionMap.put("/swagger-ui.html","anon"); filterChainDefinitionMap.put("/swagger-ui.html",ANON);
filterChainDefinitionMap.put("/swagger-ui/**","anon"); filterChainDefinitionMap.put("/swagger-ui/**",ANON);
filterChainDefinitionMap.put("/swagger/**",ANON);
filterChainDefinitionMap.put("/swagger/**","anon"); filterChainDefinitionMap.put("/webjars/**", ANON);
filterChainDefinitionMap.put("/webjars/**", "anon"); filterChainDefinitionMap.put("/swagger-resources/**",ANON);
filterChainDefinitionMap.put("/swagger-resources/**","anon"); filterChainDefinitionMap.put("/v2/**",ANON);
filterChainDefinitionMap.put("/v2/**","anon"); filterChainDefinitionMap.put("/v3/**",ANON);
filterChainDefinitionMap.put("/v3/**","anon"); filterChainDefinitionMap.put("/static/**", ANON);
filterChainDefinitionMap.put("/static/**", "anon"); filterChainDefinitionMap.put("/css/**", ANON);
filterChainDefinitionMap.put("/js/**", ANON);
filterChainDefinitionMap.put("/css/**", "anon"); filterChainDefinitionMap.put("/img/**", ANON);
filterChainDefinitionMap.put("/js/**", "anon"); filterChainDefinitionMap.put("/fonts/**", ANON);
filterChainDefinitionMap.put("/img/**", "anon"); filterChainDefinitionMap.put("/favicon.ico", ANON);
filterChainDefinitionMap.put("/fonts/**", "anon"); filterChainDefinitionMap.put("/", ANON);
filterChainDefinitionMap.put("/favicon.ico", "anon"); filterChainDefinitionMap.put("/index.html", ANON);
filterChainDefinitionMap.put("/", "anon"); filterChainDefinitionMap.put("/api/auth/login", ANON);
filterChainDefinitionMap.put("/index.html", "anon"); filterChainDefinitionMap.put("/unauth", ANON);
filterChainDefinitionMap.put("/display/**", ANON);
filterChainDefinitionMap.put("/tokenExpired", ANON);
// filterChainDefinitionMap.put("/401", "anon"); filterChainDefinitionMap.put("/downline", ANON);
// filterChainDefinitionMap.put("/404", "anon"); List<String> whitelist = whitelistConfig.getWhitelist();
// 登陆 if (CollectionUtils.isNotEmpty(whitelist))
// filterChainDefinitionMap.put("/api/auth/logout", "anon"); whitelist.forEach(path -> {
filterChainDefinitionMap.put("/api/auth/login", "anon"); filterChainDefinitionMap.put(path, ANON);
// 退出
// 放行未授权接口,重定向使用
filterChainDefinitionMap.put("/unauth", "anon");
filterChainDefinitionMap.put("/display/**", "anon");
// token过期接口
filterChainDefinitionMap.put("/tokenExpired", "anon");
// 被挤下线
filterChainDefinitionMap.put("/downline", "anon");
// 放行 end ----------------------------------------------------------
/*List<ExtPermissionBean> extPermissionBeans = extUserMapper.getPermissions();
extPermissionBeans.forEach(item -> {
StringJoiner f2cPerms = new StringJoiner(",", "f2cPerms[", "]");
f2cPerms.add(item.getPermission());
filterChainDefinitionMap.put(item.getPath(), "jwt," + f2cPerms);
}); });
*/
filterChainDefinitionMap.put("/api/auth/logout", "logout"); filterChainDefinitionMap.put("/api/auth/logout", "logout");
filterChainDefinitionMap.put("/**", "jwt"); filterChainDefinitionMap.put("/**", "jwt");
return filterChainDefinitionMap; return filterChainDefinitionMap;
} }
@Override @Override
public void updatePermission(ShiroFilterFactoryBean shiroFilterFactoryBean, Integer roleId, Boolean isRemoveSession) { public void updatePermission(ShiroFilterFactoryBean shiroFilterFactoryBean, Integer roleId, Boolean isRemoveSession) {
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论