支持彻底关闭文档页面 + 修复云端录像偶现callId错误问题

src/main/java/com/genersoft/iot/vmp/conf/security/JwtAuthenticationFilter.java

@@ -35,10 +35,16 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter {
 
         // 忽略登录请求的token验证
         String requestURI = request.getRequestURI();
+        System.out.println(requestURI);
+        if ((requestURI.startsWith("/doc.html") || requestURI.startsWith("/swagger-ui") ) && !userSetting.getDocEnable()) {
+            response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+            return;
+        }
         if (requestURI.equalsIgnoreCase("/api/user/login")) {
             chain.doFilter(request, response);
             return;
         }
+
         if (!userSetting.isInterfaceAuthentication()) {
             UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(null, null, new ArrayList<>() );
             SecurityContextHolder.getContext().setAuthentication(token);

src/main/java/com/genersoft/iot/vmp/conf/security/WebSecurityConfig.java

@@ -117,7 +117,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .authorizeRequests()
                 .requestMatchers(CorsUtils::isPreFlightRequest).permitAll()
                 .antMatchers(userSetting.getInterfaceAuthenticationExcludes().toArray(new String[0])).permitAll()
-                .antMatchers("/api/user/login", "/index/hook/**", "/swagger-ui/**", "/doc.html").permitAll()
+                .antMatchers("/api/user/login", "/index/hook/**", "/swagger-ui/**", "/doc.html#/**").permitAll()
                 .anyRequest().authenticated()
                 // 异常处理器
                 .and()