兰宝车间质量管理系统
blame | 历史 | 补丁 | 提交 | 提交对比 | 忽略空白
zlyx
2023-07-24 02177069603e71f83e76ac5d969d65f9911b8481 
 ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java


@@ -1,9 +1,13 @@


package org.dromara.common.security.config;




import cn.dev33.satoken.exception.NotLoginException;


import cn.dev33.satoken.interceptor.SaInterceptor;


import cn.dev33.satoken.router.SaRouter;


import cn.dev33.satoken.stp.StpUtil;


import org.dromara.common.core.utils.ServletUtils;


import org.dromara.common.core.utils.SpringUtils;


import org.dromara.common.core.utils.StringUtils;


import org.dromara.common.satoken.utils.LoginHelper;


import org.dromara.common.security.config.properties.SecurityProperties;


import org.dromara.common.security.handler.AllUrlHandler;


import lombok.RequiredArgsConstructor;


@@ -44,6 +48,18 @@


                    // 检查是否登录 是否有token


                    StpUtil.checkLogin();




                    // 检查 header 里的 clientId 与 token 里的是否一致


                    String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);


                    String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();


                    if (!StringUtils.equals(headerCid, clientId)) {


                        // token 无效


                        throw NotLoginException.newInstance(


                            StpUtil.getLoginType(),


                            NotLoginException.INVALID_TOKEN,


                            NotLoginException.NOT_TOKEN_MESSAGE,


                            StpUtil.getTokenValue());


                    }




                    // 有效率影响 用于临时测试


                    // if (log.isDebugEnabled()) {


                    //     log.debug("剩余有效时间: {}", StpUtil.getTokenTimeout());