Skip to content

Y
yudao-cloud
提交 76171e5a authored 作者: sin's avatar sin
浏览文件
操作

- TODO 暂时不开启 认证拦截

上级 40cb1ff5
隐藏空白字符变更
内嵌 并排
正在显示 包含 11 行增加2 行删除
system/system-sdk/src/main/java/cn/iocoder/mall/admin/sdk/interceptor/AdminSecurityInterceptor.java
浏览文件 @ 76171e5a
...@@ -8,6 +8,7 @@ import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO; ...@@ -8,6 +8,7 @@ import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum; import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext; import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext;
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder; import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
import com.google.common.collect.Sets;
import org.apache.dubbo.config.annotation.Reference; import org.apache.dubbo.config.annotation.Reference;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
...@@ -15,6 +16,7 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter; ...@@ -15,6 +16,7 @@ import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import java.util.HashSet;
import java.util.Set; import java.util.Set;
/** /**
...@@ -42,7 +44,13 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter { ...@@ -42,7 +44,13 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter {
String accessToken = HttpUtil.obtainAccess(request); String accessToken = HttpUtil.obtainAccess(request);
OAuth2AuthenticationBO authentication = null; OAuth2AuthenticationBO authentication = null;
if (accessToken != null) { if (accessToken != null) {
CommonResult<OAuth2AuthenticationBO> result = oauth2Service.checkToken(accessToken); // CommonResult<OAuth2AuthenticationBO> result = oauth2Service.checkToken(accessToken);
// TODO sin 先临时跳过 认证
CommonResult<OAuth2AuthenticationBO> result = CommonResult.success(new OAuth2AuthenticationBO()
.setAdminId(1)
.setRoleIds(Sets.newHashSet(1, 2, 3, 4)));
if (result.isError()) { // TODO 芋艿,如果访问的地址无需登录,这里也不用抛异常 if (result.isError()) { // TODO 芋艿,如果访问的地址无需登录,这里也不用抛异常
throw new ServiceException(result.getCode(), result.getMessage()); throw new ServiceException(result.getCode(), result.getMessage());
} }
...@@ -64,7 +72,8 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter { ...@@ -64,7 +72,8 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter {
} }
} }
// 校验是否需要已授权 // 校验是否需要已授权
checkPermission(request, authentication); // TODO sin 暂时不校验
// checkPermission(request, authentication);
// 返回成功 // 返回成功
return super.preHandle(request, response, handler); return super.preHandle(request, response, handler);
} }
......
Markdown 格式
0%
您添加了 0 到此讨论。请谨慎行事。
请先完成此评论的编辑!
注册 或者 后发表评论