lbqms.git - Gitblit

			@@ -7,9 +7,11 @@
			import cn.dev33.satoken.router.SaRouter;
			import cn.dev33.satoken.stp.StpUtil;
			import cn.dev33.satoken.util.SaResult;
			import jakarta.servlet.http.HttpServletRequest;
			import lombok.RequiredArgsConstructor;
			import lombok.extern.slf4j.Slf4j;
			import org.dromara.common.core.constant.HttpStatus;
			import org.dromara.common.core.exception.SseException;
			import org.dromara.common.core.utils.ServletUtils;
			import org.dromara.common.core.utils.SpringUtils;
			import org.dromara.common.core.utils.StringUtils;
			@@ -50,11 +52,20 @@
			.match(allUrlHandler.getUrls())
			// 对未排除的路径进行检查
			.check(() -> {
			HttpServletRequest request = ServletUtils.getRequest();
			// 检查是否登录是否有token
			StpUtil.checkLogin();
			try {
			StpUtil.checkLogin();
			} catch (NotLoginException e) {
			if (request.getRequestURI().contains("sse")) {
			throw new SseException(e.getMessage(), e.getCode());
			} else {
			throw e;
			}
			}

			// 检查 header 与 param 里的 clientid 与 token 里的是否一致
			String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
			String headerCid = request.getHeader(LoginHelper.CLIENT_KEY);
			String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
			String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
			if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {