修复 admin 认证拦截器,除了登陆接口,其它都必须登陆才可以访问。
This commit is contained in:
parent
6015f41f2d
commit
5616a3cd8b
@ -5,6 +5,7 @@ import cn.iocoder.common.framework.util.HttpUtil;
|
|||||||
import cn.iocoder.common.framework.vo.CommonResult;
|
import cn.iocoder.common.framework.vo.CommonResult;
|
||||||
import cn.iocoder.mall.admin.api.OAuth2Service;
|
import cn.iocoder.mall.admin.api.OAuth2Service;
|
||||||
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
|
import cn.iocoder.mall.admin.api.bo.OAuth2AuthenticationBO;
|
||||||
|
import cn.iocoder.mall.admin.api.constant.AdminErrorCodeEnum;
|
||||||
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext;
|
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContext;
|
||||||
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
|
import cn.iocoder.mall.admin.sdk.context.AdminSecurityContextHolder;
|
||||||
import com.alibaba.dubbo.config.annotation.Reference;
|
import com.alibaba.dubbo.config.annotation.Reference;
|
||||||
@ -38,6 +39,11 @@ public class AdminSecurityInterceptor extends HandlerInterceptorAdapter {
|
|||||||
// 添加到 AdminSecurityContext
|
// 添加到 AdminSecurityContext
|
||||||
AdminSecurityContext context = new AdminSecurityContext(authentication.getAdminId(), authentication.getRoleIds());
|
AdminSecurityContext context = new AdminSecurityContext(authentication.getAdminId(), authentication.getRoleIds());
|
||||||
AdminSecurityContextHolder.setContext(context);
|
AdminSecurityContextHolder.setContext(context);
|
||||||
|
} else {
|
||||||
|
String url = request.getRequestURI();
|
||||||
|
if (!url.equals("/admin/passport/login")) { // TODO 临时写死。非登陆接口,必须已经认证身份,不允许匿名访问
|
||||||
|
throw new ServiceException(AdminErrorCodeEnum.OAUTH_NOT_LOGIN.getCode(), AdminErrorCodeEnum.OAUTH_NOT_LOGIN.getMessage());
|
||||||
|
}
|
||||||
}
|
}
|
||||||
// 校验是否需要已授权
|
// 校验是否需要已授权
|
||||||
checkPermission(request, authentication);
|
checkPermission(request, authentication);
|
||||||
|
@ -16,6 +16,7 @@ public enum AdminErrorCodeEnum {
|
|||||||
OAUTH_INVALID_TOKEN_EXPIRED(1002001012, "访问令牌已过期"),
|
OAUTH_INVALID_TOKEN_EXPIRED(1002001012, "访问令牌已过期"),
|
||||||
OAUTH_INVALID_TOKEN_INVALID(1002001013, "访问令牌已失效"),
|
OAUTH_INVALID_TOKEN_INVALID(1002001013, "访问令牌已失效"),
|
||||||
OAUTH_INVALID_PERMISSION(1002001014, "没有该操作权限"), // TODO 芋艿,临时放在 OAUTH2 模块,理论来说,OAUTH2 只做认证,不做鉴权。
|
OAUTH_INVALID_PERMISSION(1002001014, "没有该操作权限"), // TODO 芋艿,临时放在 OAUTH2 模块,理论来说,OAUTH2 只做认证,不做鉴权。
|
||||||
|
OAUTH_NOT_LOGIN(1002001015, "账号未登陆"),
|
||||||
|
|
||||||
OAUTH_INVALID_TOKEN(1002001020, ""), // 预留
|
OAUTH_INVALID_TOKEN(1002001020, ""), // 预留
|
||||||
|
|
||||||
|
@ -9,7 +9,6 @@ public enum SysErrorCodeEnum {
|
|||||||
|
|
||||||
SYS_ERROR(2001001000, "服务端发生异常"),
|
SYS_ERROR(2001001000, "服务端发生异常"),
|
||||||
MISSING_REQUEST_PARAM_ERROR(2001001001, "参数缺失"),
|
MISSING_REQUEST_PARAM_ERROR(2001001001, "参数缺失"),
|
||||||
|
|
||||||
;
|
;
|
||||||
|
|
||||||
private final int code;
|
private final int code;
|
||||||
|
Loading…
Reference in New Issue
Block a user