From 78c91d0733ed359957a18db05930977eca75b5e5 Mon Sep 17 00:00:00 2001
From: MichelleChung <1242874891@qq.com>
Date: 星期一, 27 十一月 2023 10:56:59 +0800
Subject: [PATCH] !451 响应加密功能 * update 优化调整加解密判断逻辑, 避免 NPE ; * rollback 回滚错误提交, 保留加密组件开关 ; * add 新增注解 @ApiEncrypt 用于校验接口加解密 ; * add 新增 EncryptResponseBodyWrapper 加密响应参数包装类 ;

---
 ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java |   15 +++++++--------
 1 files changed, 7 insertions(+), 8 deletions(-)

diff --git a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
index 7ac920f..63d7eb1 100644
--- a/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
+++ b/ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
@@ -48,22 +48,21 @@
                     // 妫�鏌ユ槸鍚︾櫥褰� 鏄惁鏈塼oken
                     StpUtil.checkLogin();
 
-                    // 妫�鏌� header 閲岀殑 clientId 涓� token 閲岀殑鏄惁涓�鑷�
+                    // 妫�鏌� header 涓� param 閲岀殑 clientid 涓� token 閲岀殑鏄惁涓�鑷�
                     String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
+                    String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
                     String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
-                    if (!StringUtils.equals(headerCid, clientId)) {
+                    if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
                         // token 鏃犳晥
-                        throw NotLoginException.newInstance(
-                            StpUtil.getLoginType(),
-                            NotLoginException.INVALID_TOKEN,
-                            NotLoginException.NOT_TOKEN_MESSAGE,
+                        throw NotLoginException.newInstance(StpUtil.getLoginType(),
+                            "-100", "瀹㈡埛绔疘D涓嶵oken涓嶅尮閰�",
                             StpUtil.getTokenValue());
                     }
 
                     // 鏈夋晥鐜囧奖鍝� 鐢ㄤ簬涓存椂娴嬭瘯
                     // if (log.isDebugEnabled()) {
-                    //     log.debug("鍓╀綑鏈夋晥鏃堕棿: {}", StpUtil.getTokenTimeout());
-                    //     log.debug("涓存椂鏈夋晥鏃堕棿: {}", StpUtil.getTokenActivityTimeout());
+                    //     log.info("鍓╀綑鏈夋晥鏃堕棿: {}", StpUtil.getTokenTimeout());
+                    //     log.info("涓存椂鏈夋晥鏃堕棿: {}", StpUtil.getTokenActivityTimeout());
                     // }
 
                 });

--
Gitblit v1.9.3