diff --git a/.gitignore b/.gitignore index 2aaf1d4a..d3bc67d0 100644 --- a/.gitignore +++ b/.gitignore @@ -3,6 +3,8 @@ target/ !.mvn/wrapper/maven-wrapper.jar !**/src/main/**/target/ !**/src/test/**/target/ +!**/node_modules/ +!**/dist/ ### STS ### .apt_generated diff --git a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java index a1ad3ed3..689c5095 100644 --- a/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java +++ b/hippo4j-server/hippo4j-auth/src/main/java/cn/hippo4j/auth/filter/JWTAuthorizationFilter.java @@ -59,28 +59,22 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter { protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain) throws IOException, ServletException { - boolean checkAccessTokenOrTokenHeader = false; // Token when verifying client interaction. String accessToken = request.getParameter(ACCESS_TOKEN); - String tokenHeader = request.getHeader(JwtTokenUtil.TOKEN_HEADER); if (StringUtil.isNotBlank(accessToken)) { tokenManager.validateToken(accessToken); Authentication authentication = this.tokenManager.getAuthentication(accessToken); SecurityContextHolder.getContext().setAuthentication(authentication); - checkAccessTokenOrTokenHeader = true; - } else if (checkTokenHeader(tokenHeader)) { - // If there is no Authorization information in the request header, it will be released directly. - checkAccessTokenOrTokenHeader = true; + chain.doFilter(request, response); + return; } - if (checkAccessTokenOrTokenHeader) { + // If there is no Authorization information in the request header, it will be released directly. + String tokenHeader = request.getHeader(JwtTokenUtil.TOKEN_HEADER); + if (tokenHeader == null || !tokenHeader.startsWith(JwtTokenUtil.TOKEN_PREFIX)) { chain.doFilter(request, response); - } else { - filterInternal(request, response, chain, tokenHeader); + return; } - } - - private void filterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain, - String tokenHeader) throws IOException, ServletException { + // If there is a Token in the request header, it is parsed and the authentication information is set. try { SecurityContextHolder.getContext().setAuthentication(getAuthentication(tokenHeader)); } catch (Exception ex) { @@ -96,21 +90,17 @@ public class JWTAuthorizationFilter extends BasicAuthenticationFilter { return; } try { - doFilterInternal(request, response, chain); + super.doFilterInternal(request, response, chain); } finally { UserContext.clear(); } } - private boolean checkTokenHeader(String tokenHeader) { - return tokenHeader == null || !tokenHeader.startsWith(JwtTokenUtil.TOKEN_PREFIX); - } - /** * Obtain user information from Token and create a new Token. * - * @param tokenHeader tokenHeader - * @return UsernamePasswordAuthenticationToken + * @param tokenHeader token header + * @return username password authentication token */ private UsernamePasswordAuthenticationToken getAuthentication(String tokenHeader) { String token = tokenHeader.replace(JwtTokenUtil.TOKEN_PREFIX, ""); diff --git a/hippo4j-ui/package.json b/hippo4j-ui/package.json index 9adc89b8..aa4202ab 100755 --- a/hippo4j-ui/package.json +++ b/hippo4j-ui/package.json @@ -46,6 +46,7 @@ "axios": ">=0.18.1", "clipboard": "2.0.4", "codemirror": "5.45.0", + "core-js": "^3.26.0", "echarts": "^5.2.2", "element-ui": "^2.15.7", "fuse.js": "3.4.4", diff --git a/hippo4j-ui/vue.config.js b/hippo4j-ui/vue.config.js index d54aa0c9..8eff1b83 100755 --- a/hippo4j-ui/vue.config.js +++ b/hippo4j-ui/vue.config.js @@ -35,7 +35,7 @@ module.exports = { }, proxy: { '/hippo4j/v1/cs': { - target: `http://console.hippo4j.cn:80/hippo4j/v1/cs`, + target: `http://127.0.0.1:6691/hippo4j/v1/cs`, changOrigin: true, secure: false, pathRewrite: {