放开websocket

base-framework/src/main/java/com/ozs/framework/config/SecurityConfig.java

@@ -115,7 +115,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
                 // 过滤请求
                 .authorizeRequests()
                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
-                .antMatchers("/login", "/register", "/captchaImage").permitAll()
+                .antMatchers("/login", "/register", "/captchaImage", "/sdk/**").permitAll()
                 // 静态资源，可匿名访问
                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()

base-framework/src/main/java/com/ozs/framework/security/filter/JwtAuthenticationTokenFilter.java

@@ -33,7 +33,7 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
             throws ServletException, IOException {
         log.info("request.getRequestURI()：{}", request.getRequestURI());
-        if (!request.getRequestURI().contains("/websocket")) {
+        if (!request.getRequestURI().contains("/websocket") || !request.getRequestURI().contains("/sdk")) {
             LoginUser loginUser = tokenService.getLoginUser(request);
             if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
                 tokenService.verifyToken(loginUser);