修复subject

4db9ddc7 · 段启岩 · 61fe7f51 · 4db9ddc7 · 4db9ddc7 · 4db9ddc7
Commit 4db9ddc7 authored Feb 03, 2020 by 段启岩
Showing with 22 additions and 10 deletions

src/main/java/cn/meteor/beyondclouds/core/bean/Subject.java
+1 -4

src/main/java/cn/meteor/beyondclouds/core/interceptor/AccessInterceptor.java
+20 -5

src/main/resources/application.yml
+1 -1

No files found.
--- a/src/main/java/cn/meteor/beyondclouds/core/bean/Subject.java
+++ b/src/main/java/cn/meteor/beyondclouds/core/bean/Subject.java
 package cn.meteor.beyondclouds.core.bean;

 import cn.meteor.beyondclouds.core.emuns.SubjectType;
-import com.fasterxml.jackson.annotation.JsonInclude;
-import lombok.Data;
 import lombok.ToString;
-import org.springframework.util.StringUtils;

 import java.io.Serializable;

@@ -64,7 +61,7 @@ public class Subject implements Serializable {
     * 判断访问者是否经过认证
     * @return
     */
-    public boolean authenticated() {
+    public boolean isAuthenticated() {
        return type.equals(SubjectType.AUTHENTICATED);
    }


--- a/src/main/java/cn/meteor/beyondclouds/core/interceptor/AccessInterceptor.java
+++ b/src/main/java/cn/meteor/beyondclouds/core/interceptor/AccessInterceptor.java
 package cn.meteor.beyondclouds.core.interceptor;

+import cn.meteor.beyondclouds.core.annotation.Anonymous;
 import cn.meteor.beyondclouds.core.bean.Subject;
 import cn.meteor.beyondclouds.core.constant.SysConstants;
 import cn.meteor.beyondclouds.core.emuns.AuthorizationErrorCode;
 import cn.meteor.beyondclouds.modules.user.exception.AuthenticationServiceException;
 import lombok.extern.java.Log;
 import org.apache.http.HttpStatus;
+import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerInterceptor;

 import javax.servlet.http.HttpServletRequest;
@@ -23,11 +25,27 @@ public class AccessInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {

+        /**
+         * 判断该接口是否允许匿名访问
+         * 如果目标接口方法上有Anonymous注解，则直接放行
+         */
+        boolean allowAnonymous = false;
+        if (((HandlerMethod) handler).hasMethodAnnotation(Anonymous.class)) {
+            allowAnonymous = true;
+        }

+        // 1.若不需要认证或者用户认证成功则直接放行
+        if (allowAnonymous) {
+            return true;
+        }

        Subject currentSubject = (Subject) request.getAttribute(SysConstants.HTTP_ATTRIBUTE_SUBJECT);
-        // 1.目标接口需要认证且未经过认证，则抛出异常
-        if (null == currentSubject || !currentSubject.authenticated()) {
+
+        // 2.目标接口需要认证且经过认证，直接放行
+        if (null != currentSubject || currentSubject.isAuthenticated()) {
+            return true;
+        } else {
+            // 3.目标接口需要认证且未经过认证，则抛出异常
            AuthorizationErrorCode authorizationErrorCode = (AuthorizationErrorCode) request.getAttribute(SysConstants.AUTHORIZATION_ERROR_CODE);
            if (null == authorizationErrorCode) {
                authorizationErrorCode = AuthorizationErrorCode.NON_HEADER_AUTHORIZATION;
@@ -53,8 +71,5 @@ public class AccessInterceptor implements HandlerInterceptor {
            // 抛出异常
            throw new AuthenticationServiceException(authorizationErrorCode);
        }
-
-        // 2.若不需要认证或者用户认证成功则直接放行
-        return true;
    }
 }
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -3,7 +3,7 @@ spring:
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://127.0.0.1:3306/beyond_clouds?useUnicode=true&characterEncoding=UTF-8&useSSL=false&allowPublicKeyRetrieval=true
    username: root
-    password: 2018006709
+    password: 100Centa30821%mysql

 swagger:
  enable: true