1.去掉token权限认证逻辑，使用header中获取

2 years ago · c4f5c4b4a7
3 changed files with 44 additions and 3 deletions
--- a/tduck-api/src/main/java/com/tduck/cloud/api/web/interceptor/AuthorizationInterceptor.java
+++ b/tduck-api/src/main/java/com/tduck/cloud/api/web/interceptor/AuthorizationInterceptor.java
@ -17,6 +17,7 @@ import javax.annotation.PostConstruct;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import java.util.ArrayList;
 import java.util.Enumeration;
 import java.util.List;
 /**
@ -44,6 +45,39 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        // return authFromToken(request);
        return authByHeader(request);
    }
    private boolean authByHeader(HttpServletRequest request) {
        LoginUserVO loginUserVO = new LoginUserVO();
        Enumeration<String> headerNames = request.getHeaderNames();
        while (headerNames.hasMoreElements()) {
            String name = headerNames.nextElement();
            if (name.toLowerCase().equals("customerid")) {
                loginUserVO.setCustomerId(request.getHeader(name));
            }
            if (name.toLowerCase().equals("userid")) {
                String userId = request.getHeader(name);
                loginUserVO.setUserId(userId);
                request.setAttribute(USER_KEY, userId);
            }
        }
        if (StringUtils.isBlank(loginUserVO.getCustomerId())) {
            loginUserVO.setCustomerId(CommonConstants.LOGIN_USER_CUSTOMER_ANONYMOUS);
        }
        if (StringUtils.isBlank(loginUserVO.getUserId())) {
            loginUserVO.setUserId(CommonConstants.LOGIN_USER_ID_ANONYMOUS);
        }
        LoginUserUtil.set(loginUserVO);
        return true;
    }
    private boolean authByToken(HttpServletRequest request) {
        Login annotation;
        /*if (handler instanceof HandlerMethod) {
            annotation = ((HandlerMethod) handler).getMethodAnnotation(Login.class);
@ -54,6 +88,7 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
        if (annotation == null) {
            return true;
        }*/
        String requestURI = request.getRequestURI();
        if (isSkip(requestURI)){
@ -85,11 +120,12 @@ public class AuthorizationInterceptor extends HandlerInterceptorAdapter {
        //设置用户信息到threadLocal中
        LoginUserVO loginUserVO = new LoginUserVO();
        if (StringUtils.isBlank(customerId)){
-            customerId = CommonConstants.DEFAULT_FREE_OPEN_CUSTOMER_ID;
+            customerId = CommonConstants.LOGIN_USER_CUSTOMER_ANONYMOUS;
        }
        loginUserVO.setCustomerId(customerId);
        loginUserVO.setUserId(userId);
        LoginUserUtil.set(loginUserVO);
        return true;
    }
--- a/tduck-api/src/main/resources/application.yml
+++ b/tduck-api/src/main/resources/application.yml
@ -78,7 +78,7 @@ platform:
 aj:
  captcha:
-    enable: true
+    enable: false
    water-mark: empet
    cache-type: redis
    type: default
--- a/tduck-common/src/main/java/com/tduck/cloud/common/constant/CommonConstants.java
+++ b/tduck-common/src/main/java/com/tduck/cloud/common/constant/CommonConstants.java
@ -44,7 +44,12 @@ public interface CommonConstants {
    /**
     * 平台其他散户默认客户Id
     */
-    String DEFAULT_FREE_OPEN_CUSTOMER_ID = "free_open";
+    String LOGIN_USER_CUSTOMER_ANONYMOUS = "anonymous";
    /**
     * 当前登录用户：匿名用户
     */
    String LOGIN_USER_ID_ANONYMOUS = "anonymous";
    /**