fix: 修复开放接口鉴权与小程序联调配置
- 注册小程序租户过滤器并放宽 /api/open 路径匹配 - 移除全局异常吞没逻辑并修复律师列表筛选空值处理 - 统一小程序 develop、trial、release 环境接口域名
This commit is contained in:
@@ -5,6 +5,7 @@ import com.easycard.common.auth.JwtTokenService;
|
||||
import com.easycard.common.auth.LoginUser;
|
||||
import com.easycard.common.tenant.TenantContext;
|
||||
import com.easycard.common.tenant.TenantContextHolder;
|
||||
import com.easycard.module.tenant.web.MiniappTenantContextFilter;
|
||||
import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
import jakarta.servlet.FilterChain;
|
||||
import jakarta.servlet.ServletException;
|
||||
@@ -83,7 +84,8 @@ public class SecurityConfig {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(
|
||||
HttpSecurity http,
|
||||
JwtAuthenticationFilter jwtAuthenticationFilter
|
||||
JwtAuthenticationFilter jwtAuthenticationFilter,
|
||||
MiniappTenantContextFilter miniappTenantContextFilter
|
||||
) throws Exception {
|
||||
http
|
||||
.csrf(AbstractHttpConfigurer::disable)
|
||||
@@ -108,6 +110,7 @@ public class SecurityConfig {
|
||||
response.setContentType(MediaType.APPLICATION_JSON_VALUE);
|
||||
response.getWriter().write("{\"code\":\"UNAUTHORIZED\",\"message\":\"未登录或登录已失效\",\"data\":null}");
|
||||
}))
|
||||
.addFilterBefore(miniappTenantContextFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class)
|
||||
.cors(Customizer.withDefaults());
|
||||
return http.build();
|
||||
@@ -128,7 +131,10 @@ class JwtAuthenticationFilter extends OncePerRequestFilter {
|
||||
@Override
|
||||
protected boolean shouldNotFilter(HttpServletRequest request) {
|
||||
String uri = request.getRequestURI();
|
||||
return uri.startsWith("/api/open/") || "/api/v1/auth/login".equals(uri);
|
||||
if (uri == null) {
|
||||
return false;
|
||||
}
|
||||
return uri.contains("/api/open/") || uri.endsWith("/api/v1/auth/login");
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
Reference in New Issue
Block a user