mirror of
https://gitee.com/huangge1199_admin/vue-pro.git
synced 2024-11-27 01:32:03 +08:00
积木报表post请求增加身份认证
This commit is contained in:
parent
5c58a377db
commit
227a125719
@ -37,13 +37,34 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
private final OAuth2TokenApi oauth2TokenApi;
|
||||
|
||||
/**
|
||||
* 积木报表内部请求获取token
|
||||
*
|
||||
* @param request
|
||||
* @return
|
||||
*/
|
||||
private static String getToken(HttpServletRequest request) {
|
||||
String token = request.getParameter("token");
|
||||
if (token == null) {
|
||||
token = request.getHeader("X-Access-Token");
|
||||
}
|
||||
return token;
|
||||
}
|
||||
|
||||
@Override
|
||||
@SuppressWarnings("NullableProblems")
|
||||
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
|
||||
throws ServletException, IOException {
|
||||
String token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
|
||||
String token;
|
||||
Integer userType;
|
||||
if (request.getRequestURI().startsWith("/jmreport/")) {
|
||||
token = getToken(request);
|
||||
userType = 2;
|
||||
} else {
|
||||
token = SecurityFrameworkUtils.obtainAuthorization(request, securityProperties.getTokenHeader());
|
||||
userType = WebFrameworkUtils.getLoginUserType(request);
|
||||
}
|
||||
if (StrUtil.isNotEmpty(token)) {
|
||||
Integer userType = WebFrameworkUtils.getLoginUserType(request);
|
||||
try {
|
||||
// 1.1 基于 token 构建登录用户
|
||||
LoginUser loginUser = buildLoginUserByToken(token, userType);
|
||||
@ -88,11 +109,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
|
||||
|
||||
/**
|
||||
* 模拟登录用户,方便日常开发调试
|
||||
*
|
||||
* <p>
|
||||
* 注意,在线上环境下,一定要关闭该功能!!!
|
||||
*
|
||||
* @param request 请求
|
||||
* @param token 模拟的 token,格式为 {@link SecurityProperties#getMockSecret()} + 用户编号
|
||||
* @param request 请求
|
||||
* @param token 模拟的 token,格式为 {@link SecurityProperties#getMockSecret()} + 用户编号
|
||||
* @param userType 用户类型
|
||||
* @return 模拟的 LoginUser
|
||||
*/
|
||||
|
@ -24,6 +24,20 @@ public class SecurityFrameworkUtils {
|
||||
|
||||
private SecurityFrameworkUtils() {}
|
||||
|
||||
/**
|
||||
* 积木报表内部请求获取token
|
||||
*
|
||||
* @param request
|
||||
* @return
|
||||
*/
|
||||
private static String getToken(HttpServletRequest request) {
|
||||
String token = request.getParameter("token");
|
||||
if (token == null) {
|
||||
token = request.getHeader("X-Access-Token");
|
||||
}
|
||||
return token;
|
||||
}
|
||||
|
||||
/**
|
||||
* 从请求中,获得认证 Token
|
||||
*
|
||||
@ -32,6 +46,9 @@ public class SecurityFrameworkUtils {
|
||||
* @return 认证 Token
|
||||
*/
|
||||
public static String obtainAuthorization(HttpServletRequest request, String header) {
|
||||
if (request.getRequestURI().startsWith("/jmreport/")) {
|
||||
return getToken(request);
|
||||
}
|
||||
String authorization = request.getHeader(header);
|
||||
if (!StringUtils.hasText(authorization)) {
|
||||
return null;
|
||||
|
@ -3,6 +3,7 @@ package cn.iocoder.yudao.module.visualization.framework.security.config;
|
||||
import cn.iocoder.yudao.framework.security.config.AuthorizeRequestsCustomizer;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configurers.ExpressionUrlAuthorizationConfigurer;
|
||||
|
||||
@ -17,7 +18,7 @@ public class SecurityConfiguration {
|
||||
return new AuthorizeRequestsCustomizer() {
|
||||
@Override
|
||||
public void customize(ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry registry) {
|
||||
registry.antMatchers("/jmreport/**").anonymous();
|
||||
registry.antMatchers(HttpMethod.GET, "/jmreport/**").permitAll();
|
||||
}
|
||||
};
|
||||
}
|
||||
|
@ -6,12 +6,13 @@
|
||||
</template>
|
||||
<script>
|
||||
import iFrame from "@/components/iFrame/index";
|
||||
import {getAccessToken} from "@/utils/auth";
|
||||
export default {
|
||||
name: "JimuReport",
|
||||
components: { iFrame },
|
||||
data() {
|
||||
return {
|
||||
url: process.env.VUE_APP_BASE_API + "/jmreport/list"
|
||||
url: process.env.VUE_APP_BASE_API + "/jmreport/list?token=" + getAccessToken(),
|
||||
};
|
||||
},
|
||||
};
|
||||
|
Loading…
Reference in New Issue
Block a user