2 years ago · a9ece69bcd
--- a/base-framework/src/main/java/com/ozs/framework/config/SecurityConfig.java
+++ b/base-framework/src/main/java/com/ozs/framework/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 
				 package com.ozs.framework.config;
			
 
				 
			
 
				+import okhttp3.WebSocket;
			
 
				 import org.springframework.beans.factory.annotation.Autowired;
			
 
				 import org.springframework.context.annotation.Bean;
			
 
				 import org.springframework.http.HttpMethod;
			
@@ -7,6 +8,7 @@ import org.springframework.security.authentication.AuthenticationManager;
 
				 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
			
 
				 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
			
 
				 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
			
 
				+import org.springframework.security.config.annotation.web.builders.WebSecurity;
			
 
				 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
			
 
				 import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
			
 
				 import org.springframework.security.config.http.SessionCreationPolicy;
			
@@ -95,6 +97,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				     @Override
			
 
				     protected void configure(HttpSecurity httpSecurity) throws Exception
			
 
				     {
			
 
				+
			
 
				+
			
 
				         // 注解标记允许匿名访问的url
			
 
				         ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry = httpSecurity.authorizeRequests();
			
 
				         permitAllUrl.getUrls().forEach(url -> registry.antMatchers(url).permitAll());
			
@@ -111,7 +115,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				                 // 过滤请求
			
 
				                 .authorizeRequests()
			
 
				                 // 对于登录login 注册register 验证码captchaImage 允许匿名访问
			
 
				-                .antMatchers("/login", "/register", "/captchaImage", "/websocket/**").permitAll()
			
 
				+                .antMatchers("/login", "/register", "/captchaImage").permitAll()
			
 
				                 // 静态资源，可匿名访问
			
 
				                 .antMatchers(HttpMethod.GET, "/", "/*.html", "/**/*.html", "/**/*.css", "/**/*.js", "/profile/**").permitAll()
			
 
				                 .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/webjars/**", "/*/api-docs", "/druid/**").permitAll()
			
@@ -126,6 +130,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				         // 添加CORS filter
			
 
				         httpSecurity.addFilterBefore(corsFilter, JwtAuthenticationTokenFilter.class);
			
 
				         httpSecurity.addFilterBefore(corsFilter, LogoutFilter.class);
			
 
				+
			
 
				     }
			
 
				 
			
 
				     /**
			
@@ -141,8 +146,14 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter
 
				      * 身份认证接口
			
 
				      */
			
 
				     @Override
			
 
				-    protected void configure(AuthenticationManagerBuilder auth) throws Exception
			
 
				-    {
			
 
				+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
			
 
				         auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder());
			
 
				     }
			
 
				+
			
 
				+    @Override
			
 
				+    public void configure(WebSecurity webSecurity) {
			
 
				+        webSecurity.ignoring().antMatchers(
			
 
				+                "/websocket/**"
			
 
				+        );
			
 
				+    }
			
 
				 }
			
--- a/base-framework/src/main/java/com/ozs/framework/security/filter/JwtAuthenticationTokenFilter.java
+++ b/base-framework/src/main/java/com/ozs/framework/security/filter/JwtAuthenticationTokenFilter.java
@@ -33,15 +33,15 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter {
 
				     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
			
 
				             throws ServletException, IOException {
			
 
				         log.info("request.getRequestURI()：{}", request.getRequestURI());
			
 
				-//        if(!request.getRequestURI().contains("/websocket")){
			
 
				-        LoginUser loginUser = tokenService.getLoginUser(request);
			
 
				-        if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
			
 
				-            tokenService.verifyToken(loginUser);
			
 
				-            UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
			
 
				-            authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
			
 
				-            SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				+        if (!request.getRequestURI().contains("/websocket")) {
			
 
				+            LoginUser loginUser = tokenService.getLoginUser(request);
			
 
				+            if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication())) {
			
 
				+                tokenService.verifyToken(loginUser);
			
 
				+                UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(loginUser, null, loginUser.getAuthorities());
			
 
				+                authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
			
 
				+                SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			
 
				+            }
			
 
				         }
			
 
				-//        }
			
 
				         chain.doFilter(request, response);
			
 
				     }
			
 
				 }