Commit 8e27e40f by 吴迪

【新增】修改权限

parent 7ac928b8
/**
* Copyright (c) 2016-2019 人人开源 All rights reserved.
*
* <p>
* https://www.renren.io
*
* <p>
* 版权所有,侵权必究!
*/
......@@ -36,7 +36,7 @@ public class OAuth2Filter extends AuthenticatingFilter {
//获取请求token
String token = getRequestToken((HttpServletRequest) request);
if(StringUtils.isBlank(token)){
if (StringUtils.isBlank(token)) {
return null;
}
......@@ -45,11 +45,11 @@ public class OAuth2Filter extends AuthenticatingFilter {
@Override
protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) {
if(((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())){
if (((HttpServletRequest) request).getMethod().equals(RequestMethod.OPTIONS.name())) {
return true;
}
if(((HttpServletRequest) request).getRequestURI().indexOf("uploadFileResource")>-1 || ((HttpServletRequest) request).getRequestURI().indexOf("ueditorConfig")>-1) {
if (((HttpServletRequest) request).getRequestURI().indexOf("uploadFileResource") > -1 || ((HttpServletRequest) request).getRequestURI().indexOf("ueditorConfig") > -1 || ((HttpServletRequest) request).getRequestURI().indexOf("uploadFile") > -1) {
return true;
}
......@@ -60,7 +60,7 @@ public class OAuth2Filter extends AuthenticatingFilter {
protected boolean onAccessDenied(ServletRequest request, ServletResponse response) throws Exception {
//获取请求token,如果token不存在,直接返回401
String token = getRequestToken((HttpServletRequest) request);
if(StringUtils.isBlank(token)){
if (StringUtils.isBlank(token)) {
HttpServletResponse httpResponse = (HttpServletResponse) response;
httpResponse.setHeader("Access-Control-Allow-Credentials", "true");
httpResponse.setHeader("Access-Control-Allow-Origin", HttpContextUtils.getOrigin());
......@@ -98,12 +98,12 @@ public class OAuth2Filter extends AuthenticatingFilter {
/**
* 获取请求的token
*/
private String getRequestToken(HttpServletRequest httpRequest){
private String getRequestToken(HttpServletRequest httpRequest) {
//从header中获取token
String token = httpRequest.getHeader("token");
//如果header中不存在token,则从参数中获取token
if(StringUtils.isBlank(token)){
if (StringUtils.isBlank(token)) {
token = httpRequest.getParameter("token");
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment