WFC/be.wfc
2
0
Fork 0
Code Activity

feat: 用户所属平台标识,限制用户平台只能访问指定前缀的模块地址

Browse Source
This commit is contained in:
TsMask
2024-11-27 16:44:49 +08:00
parent 724e9e4775
commit dd62a85f51
7 changed files with 54 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
wfc-gateway/src/main/java/org/wfc/gateway/filter/AuthFilter.java
View File

@@ -73,11 +73,16 @@ public class AuthFilter implements GlobalFilter, Ordered
{
return unauthorizedResponse(exchange, "令牌验证失败");
}
String platform = JwtUtils.getUserPlatform(claims);
if (StringUtils.isEmpty(platform) || !StringUtils.startsWith(url,"/u"))
{
return unauthorizedResponse(exchange, "用户平台禁止访问");
}
// 设置用户信息到请求
addHeader(mutate, SecurityConstants.USER_KEY, userkey);
addHeader(mutate, SecurityConstants.DETAILS_USER_ID, userid);
addHeader(mutate, SecurityConstants.DETAILS_USERNAME, username);
addHeader(mutate, SecurityConstants.DETAILS_PLATFORM, platform);
// 内部请求来源参数清除
removeHeader(mutate, SecurityConstants.FROM_SOURCE);
return chain.filter(exchange.mutate().request(mutate.build()).build());