|
|
@@ -51,6 +51,7 @@ public class ApiInterceptor extends HandlerInterceptorAdapter {
|
|
|
|
|
|
@Autowired
|
|
|
private SessionService sessionService;
|
|
|
+
|
|
|
@Autowired
|
|
|
private SubjectUserService subjectUserService;
|
|
|
|
|
|
@@ -96,7 +97,9 @@ public class ApiInterceptor extends HandlerInterceptorAdapter {
|
|
|
} else if (info.getType() == SignatureType.TOKEN) {
|
|
|
User user = userService.findByLoginName(info.getInvoker());
|
|
|
if (user == null || user.getScanTokenInvalidTime() == null || new Date()
|
|
|
- .after(user.getScanTokenInvalidTime()) || !info.validate(user.getScanToken())) {
|
|
|
+ .after(user.getScanTokenInvalidTime()) ||
|
|
|
+ (!info.validate(user.getScanToken())&&!info.validate(user.getAccessToken()))
|
|
|
+ ) {
|
|
|
try {
|
|
|
ObjectMapper mapper = new ObjectMapper();
|
|
|
log.warn("api token signature invalud, signature={}, user={}",
|
|
|
@@ -167,7 +170,8 @@ public class ApiInterceptor extends HandlerInterceptorAdapter {
|
|
|
|| wu.getRole() == Role.COLLEGE_ADMIN || wu.getRole() == Role.SCHOOL_VIEWER) {
|
|
|
wu.setSubjectCodeSet(subjectUserService.findSubjectCode(wu.getId()));
|
|
|
}
|
|
|
- RequestUtils.setRolePrivilegeCodes(request, rolePrivilegeService.getRoleCodes(wu.getUser().getSchoolId(), wu.getRole()));
|
|
|
+ RequestUtils.setRolePrivilegeCodes(request,
|
|
|
+ rolePrivilegeService.getRoleCodes(wu.getUser().getSchoolId(), wu.getRole()));
|
|
|
RequestUtils.setPrivileges(request, privilegeService.getMenuPrivileges());
|
|
|
}
|
|
|
RequestUtils.setApiUser(request, wu);
|
