添加Anonymous注解，当接口的方法上有此注解时，表示该接口是公开的，不需要用户登录就能访问

b3cfa2d3 · 段启岩 · c52bfa36 · b3cfa2d3 · b3cfa2d3 · b3cfa2d3
Commit b3cfa2d3 authored Jan 30, 2020 by 段启岩
6 changed files
--- a/src/main/java/cn/meteor/beyondclouds/config/WebMvcConfig.java
+++ b/src/main/java/cn/meteor/beyondclouds/config/WebMvcConfig.java
@@ -31,9 +31,6 @@ public class WebMvcConfig implements WebMvcConfigurer {
        registry.addInterceptor(subjectInterceptor())
                .addPathPatterns("/**")
                .excludePathPatterns("/error")
-                .excludePathPatterns("/api/auth/**")
-                .excludePathPatterns("/api/sms/**")
-                .excludePathPatterns("/api/user/register")
                .excludePathPatterns("/swagger-resources/**", "/webjars/**", "/v2/**", "/swagger-ui.html/**");
    }

--- a/src/main/java/cn/meteor/beyondclouds/core/annotation/Anonymous.java
+++ b/src/main/java/cn/meteor/beyondclouds/core/annotation/Anonymous.java
+package cn.meteor.beyondclouds.core.annotation;
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+/**
+ * 在接口上加入此注解表示该接口对所有用户是开放的
+ * @author 段启岩
+ */
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface Anonymous {
+}
--- a/src/main/java/cn/meteor/beyondclouds/core/interceptor/SubjectInterceptor.java
+++ b/src/main/java/cn/meteor/beyondclouds/core/interceptor/SubjectInterceptor.java
 package cn.meteor.beyondclouds.core.interceptor;
+import cn.meteor.beyondclouds.core.annotation.Anonymous;
 import cn.meteor.beyondclouds.util.JwtUtils;
 import cn.meteor.beyondclouds.core.bean.Subject;
 import cn.meteor.beyondclouds.core.constant.HttpRequestHeaderNames;
@@ -9,6 +10,7 @@ import cn.meteor.beyondclouds.core.exception.AuthorizationException;
 import com.auth0.jwt.interfaces.Claim;
 import lombok.extern.java.Log;
 import org.springframework.util.StringUtils;
+import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerInterceptor;
 import javax.servlet.http.HttpServletRequest;
@@ -25,6 +27,16 @@ public class SubjectInterceptor implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        /**
+         * 判断该接口是否需要认证用户才能访问
+         * 如果目标接口方法上有Anonymous注解，则直接放行
+         */
+        if (((HandlerMethod) handler).hasMethodAnnotation(Anonymous.class)) {
+            return true;
+        }
        // 获取请求头Authorization
        String authorization = request.getHeader(HttpRequestHeaderNames.AUTHORIZATION);

--- a/src/main/java/cn/meteor/beyondclouds/modules/sms/api/SmsApi.java
+++ b/src/main/java/cn/meteor/beyondclouds/modules/sms/api/SmsApi.java
 package cn.meteor.beyondclouds.modules.sms.api;
 import cn.meteor.beyondclouds.common.exception.SmsException;
+import cn.meteor.beyondclouds.core.annotation.Anonymous;
 import cn.meteor.beyondclouds.core.api.Response;
 import cn.meteor.beyondclouds.core.exception.ServiceException;
 import cn.meteor.beyondclouds.modules.sms.exception.SmsServiceException;
@@ -31,6 +32,7 @@ public class SmsApi {
        this.smsService = smsService;
    }
+    @Anonymous
    @ApiOperation("发送验证码")
    @GetMapping("/verifyCode")
    public Response sendVerify(@RequestParam("mobile") String mobile) {

--- a/src/main/java/cn/meteor/beyondclouds/modules/user/api/AuthenticationApi.java
+++ b/src/main/java/cn/meteor/beyondclouds/modules/user/api/AuthenticationApi.java
 package cn.meteor.beyondclouds.modules.user.api;
+import cn.meteor.beyondclouds.core.annotation.Anonymous;
 import cn.meteor.beyondclouds.core.api.Response;
 import cn.meteor.beyondclouds.modules.user.bean.AuthenticationResult;
 import cn.meteor.beyondclouds.modules.user.exception.AuthenticationServiceException;
@@ -31,6 +32,7 @@ public class AuthenticationApi {
        this.authenticationService = authenticationService;
    }
+    @Anonymous
    @ApiOperation(value = "本地认证")
    @PostMapping("/local")
    public Response<AuthenticationResult> localAuth(@RequestBody @Valid @ApiParam("本地认证表单") LocalAuthFrom localAuthFrom) {

--- a/src/main/java/cn/meteor/beyondclouds/modules/user/api/UserApi.java
+++ b/src/main/java/cn/meteor/beyondclouds/modules/user/api/UserApi.java
 package cn.meteor.beyondclouds.modules.user.api;
+import cn.meteor.beyondclouds.core.annotation.Anonymous;
 import cn.meteor.beyondclouds.core.api.Response;
 import cn.meteor.beyondclouds.modules.user.exception.UserServiceException;
 import cn.meteor.beyondclouds.modules.user.form.UserRegisterFrom;
@@ -31,6 +32,7 @@ public class UserApi {
        this.userService = userService;
    }
+    @Anonymous
    @ApiOperation("用户注册")
    @PostMapping("/register")
    public Response register(@RequestBody @Valid UserRegisterFrom registerFrom, BindingResult result) {