Merge branch 'refs/heads/2.7.1'

# Conflicts: # pom.xml # src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java # src/main/java/com/genersoft/iot/vmp/gb28181/transmit/event/request/impl/NotifyRequestForMobilePositionProcessor.java # src/main/java/com/genersoft/iot/vmp/media/bean/MediaServer.java # src/main/java/com/genersoft/iot/vmp/media/zlm/ZLMHttpHookListener.java # src/main/java/com/genersoft/iot/vmp/service/ICloudRecordService.java # src/main/java/com/genersoft/iot/vmp/service/bean/CloudRecordItem.java # src/main/java/com/genersoft/iot/vmp/service/impl/CloudRecordServiceImpl.java # src/main/java/com/genersoft/iot/vmp/service/impl/MediaServerServiceImpl.java # src/main/java/com/genersoft/iot/vmp/service/impl/MediaServiceImpl.java # src/main/java/com/genersoft/iot/vmp/service/impl/StreamProxyServiceImpl.java # src/main/java/com/genersoft/iot/vmp/storager/dao/CloudRecordServiceMapper.java # src/main/java/com/genersoft/iot/vmp/storager/dao/MediaServerMapper.java
2024-05-23 17:32:15 +08:00
parent 7f9c903344 fe9b8154e0
commit 2c89fae49a
36 changed files with 1256 additions and 97 deletions
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java
@@ -35,10 +35,15 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {

        // 忽略登录请求的token验证
        String requestURI = request.getRequestURI();
+        if ((requestURI.startsWith("/doc.html") || requestURI.startsWith("/swagger-ui") ) && !userSetting.getDocEnable()) {
+            response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+            return;
+        }
        if (requestURI.equalsIgnoreCase("/api/user/login")) {
            chain.doFilter(request, response);
            return;
        }
+
        if (!userSetting.isInterfaceAuthentication()) {
            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() );
            SecurityContextHolder.getContext().setAuthentication(token);
--- a/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
+++ b/src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java
@@ -117,7 +117,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                .authorizeRequests()
                .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                .antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
-                .antMatchers("/api/user/login", "/index/hook/**","/index/hook/abl/**", "/swagger-ui/**", "/doc.html").permitAll()
+                .antMatchers("/api/user/login", "/index/hook/**","/index/hook/abl/**", "/swagger-ui/**", "/doc.html#/**").permitAll()
                .anyRequest().authenticated()
                // 异常处理器
                .and()