1.修改权限认证逻辑，在白名单中的url也需要在context中存入用户信息

2 days ago · a5f3f1c863
parent 15e8c2f4dc
commit a5f3f1c863
1 changed files with 22 additions and 5 deletions
--- a/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java
+++ b/src/main/java/com/supervision/filter/JwtAuthenticationFilter.java
@ -39,10 +39,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
                                    @NonNull FilterChain filterChain) throws ServletException, IOException {

        // 1. 检查是否在白名单中
-        if (isPermitAllRequest(request)) {
-            filterChain.doFilter(request, response);
-            return;
-        }
+        boolean permitAllRequest = isPermitAllRequest(request);
+
        // 获取 Authorization 头
        String authHeader = request.getHeader("Authorization");
        // 提取 token（去掉 "Bearer " 前缀）
@ -53,6 +51,10 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
        try {
            username = jwtUtils.getUsernameFromToken(token);
        } catch (Exception e) {
+            if (permitAllRequest) {
+                filterChain.doFilter(request, response);
+                return;
+            }
            writeTokenErrorResponse(response, "Token 无效或已过期，请重新登录");
            return; //  中断
        }
@ -77,22 +79,37 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
                    filterChain.doFilter(request, response);
                    return;
                } else {
+                    if (permitAllRequest) {
+                        filterChain.doFilter(request, response);
+                        return;
+                    }
                    //  Token 已过期
                    writeTokenErrorResponse(response, "Token 已过期，请重新登录");
                    return;
                }

            } catch (UsernameNotFoundException e) {
+                if (permitAllRequest) {
+                    filterChain.doFilter(request, response);
+                    return;
+                }
                //  用户不存在
                writeTokenErrorResponse(response, "用户不存在或已被删除");
                return;
            } catch (Exception e) {
+                if (permitAllRequest) {
+                    filterChain.doFilter(request, response);
+                    return;
+                }
                //  其他加载异常
                writeTokenErrorResponse(response, "用户信息加载失败：" + e.getMessage());
                return;
            }
        }
-
+        if (permitAllRequest) {
+            filterChain.doFilter(request, response);
+            return;
+        }
        // 特殊情况兜底：比如 token 解析成功但 userDetails 为 null，或已认证但不符合预期
        // 根据你的“核心逻辑”，只要没成功放行，就视为失败
        writeTokenErrorResponse(response, "认证失败，请重新登录");