修复匿名用户会被鉴定为anonymousUser

2021-03-09 20:08:44 +08:00 · 2021-03-09 20:08:44 +08:00 · 4749090fc0
parent 61c7687473
commit 4749090fc0
1 changed files with 6 additions and 5 deletions
--- a/src/main/java/cn/iocoder/dashboard/framework/security/core/util/SecurityFrameworkUtils.java
+++ b/src/main/java/cn/iocoder/dashboard/framework/security/core/util/SecurityFrameworkUtils.java
@ -20,13 +20,14 @@ import java.util.Set;
 */
 public class SecurityFrameworkUtils {

-    private SecurityFrameworkUtils() {}
+    private SecurityFrameworkUtils() {
+    }

    /**
     * 从请求中，获得认证 Token
     *
     * @param request 请求
-     * @param header 认证 Token 对应的 Header 名字
+     * @param header  认证 Token 对应的 Header 名字
     * @return 认证 Token
     */
    public static String obtainAuthorization(HttpServletRequest request, String header) {
@ -56,7 +57,7 @@ public class SecurityFrameworkUtils {
        if (authentication == null) {
            return null;
        }
-        return (LoginUser) authentication.getPrincipal();
+        return authentication.getPrincipal() instanceof LoginUser ? (LoginUser) authentication.getPrincipal() : null;
    }

    /**
@ -85,12 +86,12 @@ public class SecurityFrameworkUtils {
     * 设置当前用户
     *
     * @param loginUser 登陆用户
-     * @param request 请求
+     * @param request   请求
     */
    public static void setLoginUser(LoginUser loginUser, HttpServletRequest request) {
        // 创建 UsernamePasswordAuthenticationToken 对象
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
-                loginUser, null, null);
+            loginUser, null, null);
        authenticationToken.setDetails(new WebAuthenticationDetailsSource().buildDetails(request));
        // 设置到上下文
        SecurityContextHolder.getContext().setAuthentication(authenticationToken);