diff --git a/soraka-common/src/main/java/com/soraka/common/constant/Constants.java b/soraka-common/src/main/java/com/soraka/common/constant/Constants.java index 966b19b..5639070 100644 --- a/soraka-common/src/main/java/com/soraka/common/constant/Constants.java +++ b/soraka-common/src/main/java/com/soraka/common/constant/Constants.java @@ -26,9 +26,15 @@ public interface Constants { * 基本角色 */ String BASE_ROLE = "ROLE_USER"; + String ROLE_ANONYMOUS = "ROLE_ANONYMOUS"; /** * 安全相关 */ String SORAKA_LICENSE = "Made By SORAKA"; String JWT_SIGN_KEY = "soraka"; + /** + * token请求头名称 + */ + String TOKEN_HEADER = "Authorization"; + String TOKEN_BEARER = "Bearer "; } diff --git a/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java b/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java index dc2abc3..0ef72ed 100644 --- a/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java +++ b/soraka-gateway/src/main/java/com/soraka/gateway/config/SorakaResourceConfigurerAdapter.java @@ -33,6 +33,7 @@ public void configure(HttpSecurity http) throws Exception { http.headers().frameOptions().disable(); http .authorizeRequests() + .antMatchers("/auth/oauth/token_key").denyAll() .antMatchers( "/auth/**", "/*/swagger-ui.html", diff --git a/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java b/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java index 7e31364..f53e174 100644 --- a/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java +++ b/soraka-gateway/src/main/java/com/soraka/gateway/service/impl/PermissionServiceImpl.java @@ -51,17 +51,20 @@ public boolean hasPermission(HttpServletRequest request, Authentication authenti // 获取角色权限 List roleKeys = new ArrayList<>(); for (SimpleGrantedAuthority authority : grantedAuthorityList) { - if (!Constants.BASE_ROLE.equals(authority.getAuthority())) { + if (!Constants.BASE_ROLE.equalsIgnoreCase(authority.getAuthority()) + && !Constants.ROLE_ANONYMOUS.equalsIgnoreCase(authority.getAuthority())) { roleKeys.add(authority.getAuthority()); } } - List menus = menuService.findRoleMenu(roleKeys); - // 权限校验 - for (MenuDO menu : menus) { - if (StringUtils.isNotBlank(menu.getUrl()) - && antPathMatcher.match(menu.getUrl(), request.getRequestURI()) - && request.getMethod().equalsIgnoreCase(menu.getMethod())) { - return true; + if (!roleKeys.isEmpty()) { + List menus = menuService.findRoleMenu(roleKeys); + // 权限校验 + for (MenuDO menu : menus) { + if (StringUtils.isNotBlank(menu.getUrl()) + && antPathMatcher.match(menu.getUrl(), request.getRequestURI()) + && request.getMethod().equalsIgnoreCase(menu.getMethod())) { + return true; + } } } return false; diff --git a/soraka-gateway/src/main/resources/application.yml b/soraka-gateway/src/main/resources/application.yml index ddee936..9ed0a0e 100644 --- a/soraka-gateway/src/main/resources/application.yml +++ b/soraka-gateway/src/main/resources/application.yml @@ -5,7 +5,7 @@ spring: date-format: yyyy-MM-dd HH:mm:ss time-zone: GMT+8 server: - port: 8002 + port: 80 #注册中心 eureka: instance: