网关优化

beiyoufx · Oct 30, 2018 · 9ed898e · 9ed898e
1 parent a416aeb
commit 9ed898e
Show file tree

Hide file tree

Showing 4 changed files with 19 additions and 9 deletions.
diff --git a/soraka-common/src/main/java/com/soraka/common/constant/Constants.java b/soraka-common/src/main/java/com/soraka/common/constant/Constants.java
@@ -26,9 +26,15 @@ public interface Constants {
      * 基本角色
      */
     String BASE_ROLE = "ROLE_USER";
+    String ROLE_ANONYMOUS = "ROLE_ANONYMOUS";
     /**
      * 安全相关
      */
     String SORAKA_LICENSE = "Made By SORAKA";
     String JWT_SIGN_KEY = "soraka";
+    /**
+     * token请求头名称
+     */
+    String TOKEN_HEADER = "Authorization";
+    String TOKEN_BEARER = "Bearer ";
 }
diff --git a/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java b/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java
@@ -33,6 +33,7 @@ public void configure(HttpSecurity http) throws Exception {
         http.headers().frameOptions().disable();
         http
             .authorizeRequests()
+            .antMatchers("/auth/oauth/token_key").denyAll()
             .antMatchers(
                 "/auth/**",
                 "/*/swagger-ui.html",

diff --git a/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java b/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java
@@ -51,17 +51,20 @@ public boolean hasPermission(HttpServletRequest request, Authentication authenti
         // 获取角色权限
         List<String> roleKeys = new ArrayList<>();
         for (SimpleGrantedAuthority authority : grantedAuthorityList) {
-            if (!Constants.BASE_ROLE.equals(authority.getAuthority())) {
+            if (!Constants.BASE_ROLE.equalsIgnoreCase(authority.getAuthority())
+                && !Constants.ROLE_ANONYMOUS.equalsIgnoreCase(authority.getAuthority())) {
                 roleKeys.add(authority.getAuthority());
             }
         }
-        List<MenuDO> menus = menuService.findRoleMenu(roleKeys);
-        // 权限校验
-        for (MenuDO menu : menus) {
-            if (StringUtils.isNotBlank(menu.getUrl())
-                && antPathMatcher.match(menu.getUrl(), request.getRequestURI())
-                && request.getMethod().equalsIgnoreCase(menu.getMethod())) {
-                return true;
+        if (!roleKeys.isEmpty()) {
+            List<MenuDO> menus = menuService.findRoleMenu(roleKeys);
+            // 权限校验
+            for (MenuDO menu : menus) {
+                if (StringUtils.isNotBlank(menu.getUrl())
+                    && antPathMatcher.match(menu.getUrl(), request.getRequestURI())
+                    && request.getMethod().equalsIgnoreCase(menu.getMethod())) {
+                    return true;
+                }
             }
         }
         return false;

diff --git a/soraka-gateway/src/main/resources/application.yml b/soraka-gateway/src/main/resources/application.yml
@@ -5,7 +5,7 @@ spring:
     date-format: yyyy-MM-dd HH:mm:ss
     time-zone: GMT+8
 server:
-  port: 8002
+  port: 80
 #注册中心
 eureka:
   instance: