caojiahao/dev_caojiahao
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

鉴权写入前对权限的非空校验

Browse Source
This commit is contained in:
Chopper 2021-07-29 17:52:42 +08:00
parent 363e7f40bf
commit b804fa68cf
1 changed files with 7 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
manager-api/src/main/java/cn/lili/security/ManagerAuthenticationFilter.java
View File

@ -61,16 +61,19 @@ public class ManagerAuthenticationFilter extends BasicAuthenticationFilter {
//获取用户信息存入context //获取用户信息存入context
UsernamePasswordAuthenticationToken authentication = getAuthentication(jwt, response); UsernamePasswordAuthenticationToken authentication = getAuthentication(jwt, response);
//自定义权限过滤 //自定义权限过滤
if (authentication != null) {
customAuthentication(request, response, authentication); customAuthentication(request, response, authentication);
SecurityContextHolder.getContext().setAuthentication(authentication); SecurityContextHolder.getContext().setAuthentication(authentication);
}
chain.doFilter(request, response); chain.doFilter(request, response);
} }
/** /**
* 自定义权限过滤 * 自定义权限过滤
* *
* @param request * @param request 请求
* @param authentication * @param response 响应
* @param authentication 用户信息
*/ */
private void customAuthentication(HttpServletRequest request, HttpServletResponse response, UsernamePasswordAuthenticationToken authentication) throws NoPermissionException { private void customAuthentication(HttpServletRequest request, HttpServletResponse response, UsernamePasswordAuthenticationToken authentication) throws NoPermissionException {
AuthUser authUser = (AuthUser) authentication.getDetails(); AuthUser authUser = (AuthUser) authentication.getDetails();