fix:system 白名单

2025-12-08 08:57:06 +08:00
parent bc9fe2f55a
commit f5b408a6f7
2 changed files with 20 additions and 3 deletions
--- a/system/src/main/java/com/sdm/system/filter/AuthFilter.java
+++ b/system/src/main/java/com/sdm/system/filter/AuthFilter.java
@@ -1,22 +1,31 @@
 package com.sdm.system.filter;

 import com.sdm.common.common.ThreadLocalContext;
+import com.sdm.common.config.WhitelistProperties;
 import jakarta.servlet.*;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import lombok.extern.slf4j.Slf4j;
 import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.AntPathMatcher;

 import java.io.IOException;
+import java.util.List;

@Slf4j
 public class AuthFilter implements Filter {
-//    @Resource
-//    private UserService userService;
+    @Autowired
+    private WhitelistProperties whitelistProperties;
+
+    private List<String> excludedPaths;
+    private final AntPathMatcher pathMatcher = new AntPathMatcher();

    @Override
    public void init(FilterConfig filterConfig) throws ServletException {
        Filter.super.init(filterConfig);
+        // 从初始化参数中读取白名单
+        excludedPaths = whitelistProperties.getPaths();
        log.info("----------- AuthFilter init ----------");
    }

@@ -24,6 +33,14 @@ public class AuthFilter implements Filter {
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        if (servletRequest instanceof HttpServletRequest) {
            HttpServletRequest req = (HttpServletRequest) servletRequest;
+            String path = req.getRequestURI().substring(req.getContextPath().length());
+            // 检查当前请求是否在白名单中
+            for (String excludedPath : excludedPaths) {
+                if (pathMatcher.match(excludedPath, path)) {
+                    filterChain.doFilter(servletRequest, servletResponse);
+                    return;
+                }
+            }
            if(!ThreadLocalContext.verifyRequest(req))
            {
                HttpServletResponse response = (HttpServletResponse) servletResponse;
--- a/system/src/main/resources/application-dev.yml
+++ b/system/src/main/resources/application-dev.yml
@@ -175,4 +175,4 @@ cid:
 security:
  whitelist:
    paths:
-      - aa
+      - /systemApprove/approveStatusNotice