modfiy

xiaoyong931011

2020-06-08 9a82d627a6cf5439ec9018239ace1cdc7fbf72f5

modfiy

 src/main/java/com/xcong/excoin/configurations/security/TokenFilter.java

@@ -42,10 +42,8 @@
    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        String token = resolveToken(request);
        log.info("token--->{}", token);
        if (StrUtil.isNotBlank(token)) {
            String loginStr = (String) redisUtils.get(AppContants.APP_LOGIN_PREFIX + token);
            log.info("login user --> {}", loginStr);
            if (StrUtil.isNotBlank(loginStr)) {
                LoginUserBean loginUser = JSONObject.parseObject(loginStr, LoginUserBean.class);
                Authentication authentication = new UsernamePasswordAuthenticationToken(loginUser.getMemberEntity(), token, new ArrayList<>());
@@ -76,7 +74,6 @@
            } else {
                bearerToken = request.getHeader(AppContants.TOKEN_HEADER);
            }
            log.info("bearerToken --->{}", bearerToken);
            if (StringUtils.hasText(bearerToken) && bearerToken.startsWith(AppContants.TOKEN_START_WITH)) {
                // 去掉令牌前缀
                String rsaToken = bearerToken.replace(AppContants.TOKEN_START_WITH, "");

 src/main/java/com/xcong/excoin/configurations/security/WebSecurityConfig.java

@@ -46,6 +46,8 @@
                .antMatchers("/api/symbols/**").permitAll()
                .antMatchers("/common/**").permitAll()
                .antMatchers("/api/exchange/**").permitAll()
                .antMatchers("/api/member/getMemberAccountInfo").permitAll()
                .antMatchers("/api/member/memberForgetPwd").permitAll()
                .anyRequest().authenticated()
                .and().apply(securityConfiguereAdapter());
    }