2 年之前 · 1ad233d7c9
--- a/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
+++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
@@ -101,15 +101,17 @@ public class TokenFilter implements Filter {
 
				             filterChain.doFilter(request, response);
			
 
				             return;
			
 
				         }
			
 
				-
			
 
				+        //获取token
			
 
				+        String token = request.getHeader("Authorization");
			
 
				         //针对大屏分享，优先处理
			
 
				         String shareToken = request.getHeader("Share-Token");
			
 
				-        if (StringUtils.isNotBlank(shareToken)) {
			
 
				-            //两个接口需要处理
			
 
				+        if (StringUtils.isNotBlank(shareToken) && StringUtils.isBlank(token)) {
			
 
				+            //需要处理
			
 
				             //  /reportDashboard/getData
			
 
				             //  /reportDashboard/{reportCode}
			
 
				-            String reportCode = JwtUtil.getReportCode(shareToken);
			
 
				-            if (!uri.endsWith("/getData") && !uri.contains(reportCode)) {
			
 
				+            //  /reportExcel/preview
			
 
				+            List<String> reportCodeList = JwtUtil.getReportCodeList(shareToken);
			
 
				+            if (!uri.endsWith("/reportDashboard/getData") && !uri.endsWith("/reportExcel/preview") && reportCodeList.stream().noneMatch(uri::contains)) {
			
 
				                 ResponseBean responseBean = ResponseBean.builder().code("50014")
			
 
				                         .message("分享链接已过期").build();
			
 
				                 response.getWriter().print(JSONObject.toJSONString(responseBean));
			
@@ -120,8 +122,7 @@ public class TokenFilter implements Filter {
 
				         }
			
 
				 
			
 
				 
			
 
				-        //获取token
			
 
				-        String token = request.getHeader("Authorization");
			
 
				+
			
 
				         if (StringUtils.isBlank(token)) {
			
 
				             error(response);
			
 
				             return;
			
--- a/report-core/src/main/java/com/anjiplus/template/gaea/business/util/JwtUtil.java
+++ b/report-core/src/main/java/com/anjiplus/template/gaea/business/util/JwtUtil.java
@@ -1,5 +1,6 @@
 
				 package com.anjiplus.template.gaea.business.util;
			
 
				 
			
 
				+import com.anji.plus.gaea.constant.GaeaConstant;
			
 
				 import com.anji.plus.gaea.exception.BusinessExceptionBuilder;
			
 
				 import com.anjiplus.template.gaea.business.code.ResponseCode;
			
 
				 import com.auth0.jwt.JWT;
			
@@ -9,8 +10,11 @@ import com.auth0.jwt.interfaces.Claim;
 
				 import com.auth0.jwt.interfaces.DecodedJWT;
			
 
				 import org.apache.commons.lang3.StringUtils;
			
 
				 
			
 
				+import java.util.Arrays;
			
 
				 import java.util.Date;
			
 
				+import java.util.List;
			
 
				 import java.util.Map;
			
 
				+import java.util.stream.Collectors;
			
 
				 
			
 
				 /**
			
 
				  * Created by raodeming on 2021/8/18.
			
@@ -53,6 +57,15 @@ public class JwtUtil {
 
				         return claim.asString();
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * 存在多个分享token
			
 
				+     * @param tokenList
			
 
				+     * @return
			
 
				+     */
			
 
				+    public static List<String> getReportCodeList(String tokenList) {
			
 
				+        return Arrays.stream(tokenList.split(GaeaConstant.SPLIT)).filter(StringUtils::isNotBlank).map(JwtUtil::getReportCode).distinct().collect(Collectors.toList());
			
 
				+    }
			
 
				+
			
 
				     public static String getShareCode(String token) {
			
 
				         Claim claim = getClaim(token).get("shareCode");
			
 
				         if (null == claim) {
			
--- a/report-ui/src/api/GaeaReport.js
+++ b/report-ui/src/api/GaeaReport.js
@@ -1,4 +1,5 @@
 
				 import request from '@/utils/request'
			
 
				+import {getShareToken, getToken} from "@/utils/auth";
			
 
				 
			
 
				 // 设计报表
			
 
				 export function design(data) {
			
@@ -14,6 +15,7 @@ export function preview(data) {
 
				   return request({
			
 
				     url: 'reportExcel/preview',
			
 
				     method: 'post',
			
 
				+    headers: { 'Share-Token': getShareToken(), 'Authorization': getToken() },
			
 
				     data,
			
 
				   })
			
 
				 }
			
--- a/report-ui/src/permission.js
+++ b/report-ui/src/permission.js
@@ -3,7 +3,7 @@ import NProgress from 'nprogress'
 
				 import 'nprogress/nprogress.css'
			
 
				 import { getToken, getAccessUser } from "@/utils/auth";
			
 
				 export default router
			
 
				-const whiteList = ['/login', '/aj/**', '/bigscreen/viewer']
			
 
				+const whiteList = ['/login', '/aj/**', '/el/**', '/bigscreen/viewer', '/excelreport/viewer']
			
 
				 //  判断是否需要登录权限 以及是否登录
			
 
				 router.beforeEach((to, from, next) => {
			
 
				 
			
--- a/report-ui/src/utils/auth.js
+++ b/report-ui/src/utils/auth.js
@@ -11,9 +11,13 @@ export function getShareToken() {
 
				   return getStorageItem(ShareTokenKey) == null ? '' : getStorageItem(ShareTokenKey);
			
 
				 }
			
 
				 export function setToken(token) {
			
 
				-  return setStorageItem(TokenKey, token)
			
 
				+  return setStorageItem(TokenKey, token);
			
 
				 }
			
 
				 export function setShareToken(shareToken) {
			
 
				+  const originalShareToken = getShareToken();
			
 
				+  if ((originalShareToken != null || originalShareToken != '') && originalShareToken.indexOf(shareToken) == -1) {
			
 
				+    shareToken = originalShareToken + ',' + shareToken
			
 
				+  }
			
 
				   return setStorageItem(ShareTokenKey, shareToken)
			
 
				 }
			
 
				 export function delToken() {