Merge remote-tracking branch 'origin/master'

2025-04-25 15:08:37 +08:00 · 2025-04-25 15:08:37 +08:00 · 21f3c62a9d
parent ee69af1509 62ed225d2b
commit 21f3c62a9d
4 changed files with 40 additions and 18 deletions
--- a/src/main/java/com/syjiaer/clinic/server/common/annotations/NoAuthCheck.java
+++ b/src/main/java/com/syjiaer/clinic/server/common/annotations/NoAuthCheck.java
@ -0,0 +1,11 @@
+package com.syjiaer.clinic.server.common.annotations;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface NoAuthCheck {
+}
--- a/src/main/java/com/syjiaer/clinic/server/common/inteceptor/MvcInterceptor.java
+++ b/src/main/java/com/syjiaer/clinic/server/common/inteceptor/MvcInterceptor.java
@ -2,6 +2,7 @@ package com.syjiaer.clinic.server.common.inteceptor;

 import com.alibaba.fastjson2.JSON;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.syjiaer.clinic.server.common.annotations.NoAuthCheck;
 import com.syjiaer.clinic.server.common.util.HeadersUtil;
 import com.syjiaer.clinic.server.common.util.InfoUtil;
 import com.syjiaer.clinic.server.common.util.ParmsUtil;
@ -16,6 +17,7 @@ import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
 import org.springframework.web.servlet.HandlerInterceptor;

 import java.io.BufferedReader;
@ -41,11 +43,15 @@ public class MvcInterceptor implements HandlerInterceptor {
        setParms(request);
        setHeaders(request);

-        if (!request.getRequestURI().endsWith("/manager/user/login")) {
-            return checkManage(response);
+        // 检查是否是需要跳过权限检查的请求
+        if (handler instanceof HandlerMethod) {
+            HandlerMethod handlerMethod = (HandlerMethod) handler;
+            NoAuthCheck noAuthCheck = handlerMethod.getMethodAnnotation(NoAuthCheck.class);
+            if (noAuthCheck != null) {
+                return true; // 如果方法上有 @NoAuthCheck 注解，则跳过检查
+            }
        }
-
-        return true;
+        return checkManage(response);
    }
    private Boolean checkManage(HttpServletResponse response) throws IOException {
        Map<String, String> headers =headersUtil.getMap();
--- a/src/main/java/com/syjiaer/clinic/server/controller/common/AuthController.java
+++ b/src/main/java/com/syjiaer/clinic/server/controller/common/AuthController.java
@ -1,6 +1,7 @@
 package com.syjiaer.clinic.server.controller.common;

 import com.alibaba.fastjson.JSONObject;
+import com.syjiaer.clinic.server.common.annotations.NoAuthCheck;
 import com.syjiaer.clinic.server.common.config.Config;
 import com.syjiaer.clinic.server.common.util.RsaUtil;
 import com.syjiaer.clinic.server.common.vo.Result;
@ -12,18 +13,20 @@ import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/auth")
 public class AuthController extends BaseController {
-//    @Autowired
-//    private Config config;
-//    @RequestMapping("set")
-//    public Result<JSONObject> set() {
-//        String ciphertext = parmsUtil.getString("ciphertext", "请输入密文");
-//        String data= RsaUtil.decryp(ciphertext);
-//        config.set("common","cert",ciphertext);
-//        return success();
-//    }
-//    @RequestMapping("set")
-//    public Result<JSONObject> get() {
-//        String cert=config.get("common","cert");
-//        return success(JSONObject.parseObject(cert));
-//    }
+    @Autowired
+    private Config config;
+    @RequestMapping("set")
+    @NoAuthCheck
+    public Result<JSONObject> set() {
+        String ciphertext = parmsUtil.getString("ciphertext", "请输入密文");
+        String data= RsaUtil.decryp(ciphertext);
+        config.set("common","cert",ciphertext);
+        return success();
+    }
+    @RequestMapping("get")
+    @NoAuthCheck
+    public Result<JSONObject> get() {
+        String cert=config.get("common","cert");
+        return success(JSONObject.parseObject(cert));
+    }
 }
--- a/src/main/java/com/syjiaer/clinic/server/controller/common/ManagerUserController.java
+++ b/src/main/java/com/syjiaer/clinic/server/controller/common/ManagerUserController.java
@ -1,6 +1,7 @@
 package com.syjiaer.clinic.server.controller.common;

 import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
+import com.syjiaer.clinic.server.common.annotations.NoAuthCheck;
 import com.syjiaer.clinic.server.common.vo.Result;
 import com.syjiaer.clinic.server.controller.BaseController;
 import com.syjiaer.clinic.server.entity.manager.ManagerUser;
@ -33,6 +34,7 @@ public class ManagerUserController extends BaseController {


    @PostMapping("login")
+    @NoAuthCheck
    public Result<String> login() {
        Map<String, Object> parms = getParms();
        String username = (String) parms.get("username");