xhkjedu
/
cloud-schoolapi
Watch 8
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 22 Wiki Activity
Browse Source

优化白名单

tags/正式3.13.0
王宁 1 year ago
parent
0ba83da804
commit
64c4f7ef62
2 changed files with 7 additions and 22 deletions
Split View Show Diff Stats
  1. 2
    17
      gateway/src/main/java/com/xhkjedu/gateway/interceptors/DecryptRequestionBodyFilter.java
  2. 5
    5
      gateway/src/main/resources/application.properties

+ 2
- 17
gateway/src/main/java/com/xhkjedu/gateway/interceptors/DecryptRequestionBodyFilter.java View File 

@@ -63,7 +63,8 @@ public class DecryptRequestionBodyFilter extends JedisUtil implements GlobalFilt
63 63 
             throw new GatewayException(1, "验证失败,请刷新重试");
64 64 
         }
65 65 
         Mono<Void> voidMono;
66 
-        if (!decrypt.equals("true")) {
66 
+        if (!"true".equals(decrypt)) {
67 
+            //白名单中的接口
67 68 
             voidMono = returnMononew(chain, exchange);
68 69 
         }else{
69 70 
             voidMono = readBody(exchange, chain);

@@ -76,28 +77,12 @@ public class DecryptRequestionBodyFilter extends JedisUtil implements GlobalFilt
76 77 
             String userid = ApiUtil.listToStr(headers.get("Xh-User-Id"));
77 78 
             if (ApiUtil.isEmpty(token) || !token.equals(redis_token)
78 79 
                     || ApiUtil.isEmpty(key) || !key.split("_")[1].equals(userid)) {
79 
-                //GatewayException throwable = new GatewayException(2, "登录失效");
80 
-                //return Mono.error(throwable);
81 80 
                 throw new GatewayException(2, "登录失效");
82 81 
             } else {
83 82 
                 refreshToken(key, redis_token);//刷新token
84 83 
             }
85 84 
         }
86 85 
         return voidMono;
87 
-
88 
-//        //  登录跳过网关验证,检查白名单(配置)最好把不拦截路径放入配置文件,此处通过正则
89 
-//        if(antPathMatcher.match("/**/api/login/auth/**",path)){
90 
-//            return readBody(exchange, chain);
91 
-//        }
92 
-//        // 处理参数
93 
-//        MediaType contentType = headers.getContentType();
94 
-//        long contentLength = headers.getContentLength();
95 
-//        if (contentLength > 0) {
96 
-//            if (MediaType.APPLICATION_JSON.equals(contentType) || MediaType.APPLICATION_JSON_UTF8.equals(contentType)) {
97 
-//                return readBody(exchange, chain);
98 
-//            }
99 
-//        }
100 
-//        return chain.filter(exchange);
101 86 
     }
102 87
103 88 
     ServerHttpRequestDecorator decorate(ServerWebExchange exchange, HttpHeaders headers, CachedBodyOutputMessage outputMessage) {

+ 5
- 5
gateway/src/main/resources/application.properties View File 

@@ -81,15 +81,15 @@ spring.redis.jedis.pool.max-idle=300
81 81 
 #最大等待时间:单位ms //高版本改为maxWaitMillis
82 82 
 spring.redis.jedis.pool.max-wait=1000000
83 83 
 spring.redis.jedis.pool.max-active=60000
84 
-#缓存访问数据有效时长60*60*24*7
85 
-redisdatatime=604800
84 
+#缓存访问数据有效时长5*60*60
85 
+redisdatatime=18000
86 86
87 87 
 #白名单接口
88 88 
 whitelistAPI=user/login,/class_student/stu_class,/user/detail,/status/info,/user/qrg,/user/check_user\
89 89 
   ,/user/update_code,/user/update_pwd_byCode,/user/list_usecret,/user/check_usecret,/user/reset_pwd\
90 
-  ,/get_new,/stype/list,/cloud/detail\
91 
-  ,/pdf\
92 
-  ,/section/get_zjr,/csw/add
90 
+  ,/class_student/import_user,/user/import_teacher\
91 
+  ,/get_new,/stype/list,/cloud/detail,/auser/import,/pdf,/epsb/import\
92 
+  ,/section/get_zjr,/csw/add,/xz/import,/agora_token/rtc_token,/epqt/pqs,/eb/get_mn,/scan/save,/eps/sca,/eps/scaer
93 93
94 94 
 #版本号
95 95 
 versionname=Test_v3.13.0

Write Preview
Loading…
Cancel
Save