fix:system 白名单

This commit is contained in:
2025-12-08 08:57:06 +08:00
parent bc9fe2f55a
commit f5b408a6f7
2 changed files with 20 additions and 3 deletions

View File

@@ -1,22 +1,31 @@
package com.sdm.system.filter;
import com.sdm.common.common.ThreadLocalContext;
import com.sdm.common.config.WhitelistProperties;
import jakarta.servlet.*;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.util.AntPathMatcher;
import java.io.IOException;
import java.util.List;
@Slf4j
public class AuthFilter implements Filter {
// @Resource
// private UserService userService;
@Autowired
private WhitelistProperties whitelistProperties;
private List<String> excludedPaths;
private final AntPathMatcher pathMatcher = new AntPathMatcher();
@Override
public void init(FilterConfig filterConfig) throws ServletException {
Filter.super.init(filterConfig);
// 从初始化参数中读取白名单
excludedPaths = whitelistProperties.getPaths();
log.info("----------- AuthFilter init ----------");
}
@@ -24,6 +33,14 @@ public class AuthFilter implements Filter {
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
if (servletRequest instanceof HttpServletRequest) {
HttpServletRequest req = (HttpServletRequest) servletRequest;
String path = req.getRequestURI().substring(req.getContextPath().length());
// 检查当前请求是否在白名单中
for (String excludedPath : excludedPaths) {
if (pathMatcher.match(excludedPath, path)) {
filterChain.doFilter(servletRequest, servletResponse);
return;
}
}
if(!ThreadLocalContext.verifyRequest(req))
{
HttpServletResponse response = (HttpServletResponse) servletResponse;

View File

@@ -175,4 +175,4 @@ cid:
security:
whitelist:
paths:
- aa
- /systemApprove/approveStatusNotice