权限加一个开关

6 months ago · 808ff5e7da
3 changed files with 19 additions and 11 deletions
--- a/build.gradle
+++ b/build.gradle
@ -37,7 +37,6 @@ dependencies {
    implementation group: 'io.jsonwebtoken', name: 'jjwt-api', version: '0.12.6'
    runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-impl', version: '0.12.6'
    runtimeOnly group: 'io.jsonwebtoken', name: 'jjwt-jackson', version: '0.12.6'
-
    implementation group: 'com.alibaba', name: 'fastjson', version: '2.0.54'

    //++++++++项目级别的放到下面++++++++
--- a/src/main/java/com/qyft/gd/system/filter/JwtAuthenticationFilter.java
+++ b/src/main/java/com/qyft/gd/system/filter/JwtAuthenticationFilter.java
@ -7,6 +7,7 @@ import jakarta.servlet.FilterChain;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
 import org.springframework.web.filter.OncePerRequestFilter;

@ -15,18 +16,23 @@ import java.io.IOException;
@Component
 public class JwtAuthenticationFilter extends OncePerRequestFilter {

+    @Value("${jwt.enabled:true}")  // 从配置文件中读取 jwt.enabled，默认为 true
+    private boolean jwtEnabled;
+
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
-        String token = getTokenFromRequest(request);
-        if (shouldBypass(request)) {
-            filterChain.doFilter(request, response);
-            return;
-        }
-        if (token != null && JwtUtil.parseJWE(token) != null) {
-            request.setAttribute("token", token); // 可以将 token 存储在 request 属性中，供后续使用
-        } else {
-            ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID);
-            return;
+        if(jwtEnabled){
+            String token = getTokenFromRequest(request);
+            if (shouldBypass(request)) {
+                filterChain.doFilter(request, response);
+                return;
+            }
+            if (token != null && JwtUtil.parseJWE(token) != null) {
+                request.setAttribute("token", token); // 可以将 token 存储在 request 属性中，供后续使用
+            } else {
+                ResponseUtils.writeErrMsg(response, ResultCode.ACCESS_TOKEN_INVALID);
+                return;
+            }
        }
        filterChain.doFilter(request, response);
    }
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@ -26,3 +26,6 @@ logging:
    root: INFO
    org.mybatis: DEBUG

+
+jwt:
+  enabled: false  # 是否启用权限认证，设置为 true 启用，false 禁用