diff --git a/zlt-commons/zlt-ribbon-spring-boot-starter/src/main/java/com/central/common/ribbon/config/FeignInterceptorConfig.java b/zlt-commons/zlt-ribbon-spring-boot-starter/src/main/java/com/central/common/ribbon/config/FeignInterceptorConfig.java index 5aae34a0df8e0dc8b19e33fbb4a779b351ad9af1..8a30666ae34d41ffa76c8f02ecf1ae947ca865b7 100644 --- a/zlt-commons/zlt-ribbon-spring-boot-starter/src/main/java/com/central/common/ribbon/config/FeignInterceptorConfig.java +++ b/zlt-commons/zlt-ribbon-spring-boot-starter/src/main/java/com/central/common/ribbon/config/FeignInterceptorConfig.java @@ -28,47 +28,49 @@ public class FeignInterceptorConfig { RequestInterceptor requestInterceptor = template -> { ServletRequestAttributes attributes = (ServletRequestAttributes) RequestContextHolder .getRequestAttributes(); - HttpServletRequest request = attributes.getRequest(); + if (attributes != null) { + HttpServletRequest request = attributes.getRequest(); - //传递access_token,无网络隔离时需要传递 - /* - String token = extractHeaderToken(request); - if (StrUtil.isEmpty(token)) { - token = request.getParameter(CommonConstant.ACCESS_TOKEN); - } - if (StrUtil.isNotEmpty(token)) { - template.header(CommonConstant.TOKEN_HEADER, CommonConstant.BEARER_TYPE + " " + token); - } - */ + //传递access_token,无网络隔离时需要传递 + /* + String token = extractHeaderToken(request); + if (StrUtil.isEmpty(token)) { + token = request.getParameter(CommonConstant.ACCESS_TOKEN); + } + if (StrUtil.isNotEmpty(token)) { + template.header(CommonConstant.TOKEN_HEADER, CommonConstant.BEARER_TYPE + " " + token); + } + */ - //传递userid - String userid = request.getHeader(SecurityConstants.USER_ID_HEADER); - if (StrUtil.isNotEmpty(userid)) { - template.header(SecurityConstants.USER_ID_HEADER, userid); - } + //传递userid + String userid = request.getHeader(SecurityConstants.USER_ID_HEADER); + if (StrUtil.isNotEmpty(userid)) { + template.header(SecurityConstants.USER_ID_HEADER, userid); + } - //传递username - String username = request.getHeader(SecurityConstants.USER_HEADER); - if (StrUtil.isNotEmpty(username)) { - template.header(SecurityConstants.USER_HEADER, username); - } + //传递username + String username = request.getHeader(SecurityConstants.USER_HEADER); + if (StrUtil.isNotEmpty(username)) { + template.header(SecurityConstants.USER_HEADER, username); + } - //传递roles - String roles = request.getHeader(SecurityConstants.ROLE_HEADER); - if (StrUtil.isNotEmpty(roles)) { - template.header(SecurityConstants.ROLE_HEADER, roles); - } + //传递roles + String roles = request.getHeader(SecurityConstants.ROLE_HEADER); + if (StrUtil.isNotEmpty(roles)) { + template.header(SecurityConstants.ROLE_HEADER, roles); + } - //传递client - String tenant = TenantContextHolder.getTenant(); - if (StrUtil.isNotEmpty(tenant)) { - template.header(SecurityConstants.TENANT_HEADER, tenant); - } + //传递client + String tenant = TenantContextHolder.getTenant(); + if (StrUtil.isNotEmpty(tenant)) { + template.header(SecurityConstants.TENANT_HEADER, tenant); + } - //传递日志traceId - String traceId = MDC.get(CommonConstant.LOG_TRACE_ID); - if (StrUtil.isNotEmpty(traceId)) { - template.header(CommonConstant.TRACE_ID_HEADER, traceId); + //传递日志traceId + String traceId = MDC.get(CommonConstant.LOG_TRACE_ID); + if (StrUtil.isNotEmpty(traceId)) { + template.header(CommonConstant.TRACE_ID_HEADER, traceId); + } } }; return requestInterceptor; diff --git a/zlt-config/src/main/resources/application-dev.properties b/zlt-config/src/main/resources/application-dev.properties index c0e15c216d4ecbcf0aba02732af27743e3d0484f..adc12cba8244275bdccc23a2f807c71498cadbf2 100644 --- a/zlt-config/src/main/resources/application-dev.properties +++ b/zlt-config/src/main/resources/application-dev.properties @@ -1,6 +1,6 @@ ########################## 统一变量配置 ########################## ##### 数据库配置 -zlt.datasource.ip=192.168.28.131 +zlt.datasource.ip=192.168.28.130 zlt.datasource.username=root zlt.datasource.password=1q2w3e4r diff --git a/zlt-doc/sql/user-center.sql b/zlt-doc/sql/user-center.sql index 9c34b1ebb19caaaf2d9f2365848284e3cfd6f17e..77286800a62af6e3cae5f28633ef0333919ce4db 100644 --- a/zlt-doc/sql/user-center.sql +++ b/zlt-doc/sql/user-center.sql @@ -202,7 +202,6 @@ INSERT INTO `sys_role_menu` VALUES (3, 2); INSERT INTO `sys_role_menu` VALUES (3, 3); INSERT INTO `sys_role_menu` VALUES (3, 4); INSERT INTO `sys_role_menu` VALUES (3, 12); -INSERT INTO `sys_role_menu` VALUES (3, 12); INSERT INTO `sys_role_menu` VALUES (4, 80); INSERT INTO `sys_role_menu` VALUES (4, 81); INSERT INTO `sys_role_menu` VALUES (4, 82); diff --git a/zlt-gateway/zuul-gateway/src/main/resources/application.yml b/zlt-gateway/zuul-gateway/src/main/resources/application.yml index 04cc572e7eb6e6f72d571d2678c4dc8df938d710..3ada9a5e061e9cc93f8aab2035ef97ed1f79b128 100644 --- a/zlt-gateway/zuul-gateway/src/main/resources/application.yml +++ b/zlt-gateway/zuul-gateway/src/main/resources/application.yml @@ -26,6 +26,10 @@ spring: groupId: DEFAULT_GROUP rule-type: gw-api-group + security: + sessions: ALWAYS + + zlt: oauth2: token: @@ -35,6 +39,7 @@ zlt: ignore: # 忽略认证的地址 httpUrls: > + /api-user/test, /api-uaa/oauth/**, /api-uaa/validata/**, /api-uaa/css/**, @@ -61,6 +66,10 @@ zlt: #白名单 includeClientIds: - webApp + gateway: + #网关动态路由 + dynamicRoute: + enabled: true zuul: @@ -73,8 +82,6 @@ zuul: threadPoolKeyPrefix: api-gateway #关闭重试 retryable: false - #/oauth/token需要请求头处理 - sensitive-headers: ignored-headers: Access-Control-Allow-Credentials,Access-Control-Allow-Origin,Access-Control-Allow-Methods add-host-header: true routes: @@ -82,53 +89,67 @@ zuul: path: /api-uaa/** service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true auth-login-page: path: /login.html service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true auth-login-process: path: /user/login service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true auth-login-token: path: /oauth/token service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true auth-login-authorize: path: /oauth/authorize service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true auth-check-process: path: /oauth/check_token service-id: uaa-server strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true user: path: /api-user/** service-id: user-center strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true file: path: /api-file/** service-id: file-center strip-prefix: true + sensitive-headers: '*' + custom-sensitive-headers: true log: path: /api-log/** service-id: log-center strip-prefix: true + sensitive-headers: '*' + custom-sensitive-headers: true generator: path: /api-generator/** service-id: code-generator strip-prefix: true + sensitive-headers: '*' + custom-sensitive-headers: true search: path: /api-search/** service-id: search-center strip-prefix: true + sensitive-headers: '*' custom-sensitive-headers: true ssl-hostname-validation-enabled: false diff --git a/zlt-web/back-web/src/main/resources/static/login.html b/zlt-web/back-web/src/main/resources/static/login.html index 2191bb6f50dfe43d79d8c6e4b1655b08ee1d2449..c398802f5d2f460d6da601ee5af7d1273b3e8fe7 100644 --- a/zlt-web/back-web/src/main/resources/static/login.html +++ b/zlt-web/back-web/src/main/resources/static/login.html @@ -84,6 +84,9 @@ layer.load(2); $.ajax({ url: config.base_server + 'api-uaa/oauth/user/token', + xhrFields: { + withCredentials: true + }, data: obj.field, type: 'POST', beforeSend: function (xhr) {