[代码完善](v2.5): v2.5 beta TokenFilter Token 验证逻辑优化

对于已放行的接口不去验证 Token Closes #338 2.5 Beta 详情：https://www.ydyno.com/archives/1225.html
2020-05-06 22:09:58 +08:00 · 2020-05-06 22:09:58 +08:00 · 493c02980b
parent adde56babe
commit 493c02980b
1 changed files with 17 additions and 18 deletions
--- a/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenFilter.java
+++ b/eladmin-system/src/main/java/me/zhengjie/modules/security/security/TokenFilter.java
@ -15,6 +15,7 @@
 */
 package me.zhengjie.modules.security.security;
 import cn.hutool.core.util.StrUtil;
 import io.jsonwebtoken.ExpiredJwtException;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
@ -47,8 +48,8 @@ public class TokenFilter extends GenericFilterBean {
      throws IOException, ServletException {
      HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
      String token = resolveToken(httpServletRequest);
-      String requestRri = httpServletRequest.getRequestURI();
+      // 对于 Token 为空的不需要去查 Redis
-      // 验证 token 是否存在
+      if(StrUtil.isNotBlank(token)){
         OnlineUserDto onlineUserDto = null;
         SecurityProperties properties = SpringContextHolder.getBean(SecurityProperties.class);
         try {
@ -62,9 +63,7 @@ public class TokenFilter extends GenericFilterBean {
            SecurityContextHolder.getContext().setAuthentication(authentication);
            // Token 续期
            tokenProvider.checkRenewal(token);
-         log.debug("set Authentication to security context for '{}', uri: {}", authentication.getName(), requestRri);
+         }
      } else {
         log.debug("no valid JWT token found, uri: {}", requestRri);
      }
      filterChain.doFilter(servletRequest, servletResponse);
   }