diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java index ec4b57db5..715afe2b7 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java @@ -44,23 +44,6 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { @Override protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { - // 忽略登录请求的token验证 -// String requestURI = request.getRequestURI(); -// if ((requestURI.startsWith("/doc.html") || requestURI.startsWith("/swagger-ui") ) && !userSetting.getDocEnable()) { -// response.setStatus(HttpServletResponse.SC_NOT_FOUND); -// return; -// } -// if (requestURI.equalsIgnoreCase("/api/user/login")) { -// chain.doFilter(request, response); -// return; -// } -// -// if (!userSetting.isInterfaceAuthentication()) { -// UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() ); -// SecurityContextHolder.getContext().setAuthentication(token); -// chain.doFilter(request, response); -// return; -// } String jwt = request.getHeader(JwtUtils.getHeader()); if(jwt != null) { JwtUser jwtUser = JwtUtils.verifyToken(jwt); diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/SecurityUtils.java b/src/main/java/com/genersoft/iot/vmp/conf/security/SecurityUtils.java index 6bdf3883f..c712a6630 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/SecurityUtils.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/SecurityUtils.java @@ -57,7 +57,6 @@ public class SecurityUtils { if(principal!=null && !"anonymousUser".equals(principal.toString())){ return (LoginUser) principal; -// return new LoginUser(user, LocalDateTime.now()); } } return null; diff --git a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java index 44fd1c73d..4b3425690 100644 --- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java +++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java @@ -134,42 +134,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { .logoutSuccessHandler(logoutHandler) ; http.addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); -// ExpressionUrlAuthorizationConfigurer.ExpressionInterceptUrlRegistry registry = http -// .authorizeRequests(); -// //允许跨域请求的OPTIONS请求 -// registry.antMatchers(HttpMethod.OPTIONS) -// .permitAll(); -// registry.and() -// .authorizeRequests() -// .antMatchers(HttpMethod.GET, -// "/", -// "/swagger-ui/", -// "/doc.html") -// .permitAll() -// .antMatchers("/api/user/login", "/api/ptz/**", "/zlm/**", "/api/server/**","/index/hook/**","/index/hook/abl/**", "/swagger-ui/**", "/doc.html#/**") -// .permitAll() -// .anyRequest() -// .authenticated() -// // 关闭跨站请求防护及不使用session -// .and() -// .headers().contentTypeOptions().disable() -// .and() -// .cors().configurationSource(configurationSource()) -// .and() -// .csrf() -// .disable() -// .sessionManagement() -// .sessionCreationPolicy(SessionCreationPolicy.STATELESS) -// // 自定义权限拒绝处理类 -// .and() -// .exceptionHandling() -// .authenticationEntryPoint(anonymousAuthenticationEntryPoint) -// .and().logout().logoutUrl("/api/user/logout").permitAll() -// .logoutSuccessHandler(logoutHandler) -// // 自定义权限拦截器JWT过滤器 -// .and() -// .addFilterBefore(jwtAuthenticationFilter, UsernamePasswordAuthenticationFilter.class); - } CorsConfigurationSource configurationSource() { diff --git a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java index 8704f783a..a5832dbe7 100755 --- a/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java +++ b/src/main/java/com/genersoft/iot/vmp/vmanager/user/UserController.java @@ -19,7 +19,6 @@ import io.swagger.v3.oas.annotations.tags.Tag; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; -import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; @@ -31,7 +30,6 @@ import javax.security.sasl.AuthenticationException; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import java.security.Principal; -import java.time.LocalDateTime; import java.util.List; @Tag(name = "用户管理") @@ -231,10 +229,6 @@ public class UserController { if (userInfo == null) { throw new ControllerException(ErrorCode.ERROR100); } -// User user = userService.getUser(userInfo.getUsername(), userInfo.getPassword()); -// if (user == null) { -// throw new ControllerException(ErrorCode.ERROR100.getCode(), "用户不存在"); -// } return userInfo; } }