alis
/
alis-ruoyi-up
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

update 优化 兼容 clientid 通过 param 传输

Browse Source
feature/model
疯狂的狮子Li 1 year ago
parent 1cabccc9a8
commit cb59082bad
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File

5
ruoyi-common/ruoyi-common-security/src/main/java/org/dromara/common/security/config/SecurityConfig.java
Unescape Escape View File

@ -48,10 +48,11 @@ public class SecurityConfig implements WebMvcConfigurer {
// 检查是否登录 是否有token // 检查是否登录 是否有token
StpUtil.checkLogin(); StpUtil.checkLogin();
// 检查 header 里的 clientId 与 token 里的是否一致 // 检查 header 与 param 里的 clientid 与 token 里的是否一致
String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY); String headerCid = ServletUtils.getRequest().getHeader(LoginHelper.CLIENT_KEY);
String paramCid = ServletUtils.getParameter(LoginHelper.CLIENT_KEY);
String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString(); String clientId = StpUtil.getExtra(LoginHelper.CLIENT_KEY).toString();
if (!StringUtils.equals(headerCid, clientId)) { if (!StringUtils.equalsAny(clientId, headerCid, paramCid)) {
// token 无效 // token 无效
throw NotLoginException.newInstance( throw NotLoginException.newInstance(
StpUtil.getLoginType(), StpUtil.getLoginType(),

Write Preview
Loading…
Cancel
Save