权限部分调整

src/main/java/com/zhiwei/brandkbs2/auth/AuthAspect.java

@@ -2,12 +2,15 @@ package com.zhiwei.brandkbs2.auth;
 
 import com.alibaba.fastjson.JSON;
 import com.zhiwei.brandkbs2.common.GenericAttribute;
+import com.zhiwei.brandkbs2.enmus.RoleEnum;
 import com.zhiwei.brandkbs2.model.CommonCodeEnum;
 import com.zhiwei.brandkbs2.model.ResponseResult;
 import com.zhiwei.brandkbs2.pojo.UserInfo;
 import com.zhiwei.brandkbs2.service.UserService;
 import com.zhiwei.brandkbs2.util.Tools;
 import com.zhiwei.middleware.auth.util.JwtUtil;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.aspectj.lang.ProceedingJoinPoint;
 import org.aspectj.lang.Signature;
 import org.aspectj.lang.annotation.Around;
@@ -36,6 +39,7 @@ import java.util.Map;
 @Aspect
 @Component
 public class AuthAspect {
+    public static final Logger log = LogManager.getLogger(AuthAspect.class);
 
     @Value("${jwt.key}")
     private String jwtKey;
@@ -52,18 +56,36 @@ public class AuthAspect {
     public Object around(ProceedingJoinPoint joinPoint) throws Throwable {
         ServletRequestAttributes servletRequestAttributes = ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes());
         HttpServletRequest request = servletRequestAttributes.getRequest();
+        Signature signature = joinPoint.getSignature();
+        Method method = ((MethodSignature) signature).getMethod();
+        Class<?> classTarget = joinPoint.getTarget().getClass();
+        // 优先使用方法权限
+        Auth auth = method.getAnnotation(Auth.class);
+        if (null == auth) {
+            auth = classTarget.getAnnotation(Auth.class);
+        }
+        // 不需要验证权限
+        if (null == auth || RoleEnum.NO_AUTHORISE == auth.role()) {
+            return joinPoint.proceed();
+        }
         String token = request.getHeader(jwtKey);
         // 存在有效token
         if (null != token && !Tools.tokenEmpty(token)) {
             Object proceed;
             try {
                 Map<String, Object> tokenInfo = JwtUtil.unsign(token, Map.class);
+                if (null == tokenInfo) {
+                    String uri = request.getRequestURI();
+                    String methodName = joinPoint.getSignature().getName();
+                    log.error("token解析异常,uri:{},methodName:{},token:{}", uri, methodName, token);
+                } else {
                     String uid = tokenInfo.get(GenericAttribute.USER_ID).toString();
                     UserInfo userInfo = UserService.queryUserInfo(uid, request.getHeader("pid"));
                     if (null == userInfo) {
                         userInfo = new UserInfo().setUserId(uid).setProjectId(request.getHeader("pid"));
                     }
                     UserThreadLocal.set(userInfo);
+                }
             } catch (Exception ignore) {
             } finally {
                 proceed = joinPoint.proceed();

src/main/java/com/zhiwei/brandkbs2/controller/LoginController.java

@@ -26,6 +26,7 @@ import javax.annotation.Resource;
  */
 @RestController
 @Api(tags = "用户登录接口", description = "实现用户登录")
+@Auth(role = RoleEnum.CUSTOMER)
 public class LoginController extends BaseController {
 
     @Value("${jwt.key}")
@@ -51,7 +52,6 @@ public class LoginController extends BaseController {
 
     @ApiOperation("用户信息获取")
     @GetMapping("/user/getLoginInfo")
-    @Auth(role = RoleEnum.CUSTOMER)
     public ResponseResult getLoginInfo() {
         return ResponseResult.success(userService.getLoginInfo());
     }
@@ -115,6 +115,7 @@ public class LoginController extends BaseController {
 
     @ApiOperation("测试接口")
     @GetMapping("/test")
+    @Auth(role = RoleEnum.NO_AUTHORISE)
     public ResponseResult test() {
         return ResponseResult.success("brandkbs2-success 2023/1/6");
     }