5 ay önce · ffe271a29c
--- a/qmjszx-admin/src/main/java/beilv/web/controller/system/AppAuthController.java
+++ b/qmjszx-admin/src/main/java/beilv/web/controller/system/AppAuthController.java
@@ -18,15 +18,13 @@ import javax.validation.Valid;
 
				 
			
 
				 @Tag(name = "用户 APP - 认证")
			
 
				 @RestController
			
 
				-@RequestMapping("/app-api")
			
 
				+@RequestMapping("/weixin-mini-app")
			
 
				 @Validated
			
 
				 @Slf4j
			
 
				 public class AppAuthController {
			
 
				 
			
 
				     @Resource
			
 
				     private IAppAuthService appAuthService;
			
 
				-    @Resource
			
 
				-    private ISysMemberService sysMemberService;
			
 
				 
			
 
				 
			
 
				     @PostMapping("/login")
			
@@ -35,11 +33,4 @@ public class AppAuthController {
 
				         return AjaxResult.success(appAuthService.weixinMiniAppLogin(reqVO));
			
 
				     }
			
 
				 
			
 
				-    @PostMapping("/testAuth")
			
 
				-    @Operation(summary = "测试认证接口")
			
 
				-    public AjaxResult testAuth(HttpServletRequest request) throws Exception {
			
 
				-        SysMember loginSysMember = sysMemberService.getLoginSysMember(request);
			
 
				-        return AjaxResult.success();
			
 
				-    }
			
 
				-
			
 
				 }
			
--- a/qmjszx-framework/src/main/java/beilv/framework/config/ShiroConfig.java
+++ b/qmjszx-framework/src/main/java/beilv/framework/config/ShiroConfig.java
@@ -288,7 +288,7 @@ public class ShiroConfig {
 
				         // 不需要拦截的访问
			
 
				         filterChainDefinitionMap.put("/login", "anon,captchaValidate");
			
 
				         // 微信小程序登录
			
 
				-//        filterChainDefinitionMap.put("/app-api/**", "anon,captchaValidate");
			
 
				+        filterChainDefinitionMap.put("/weixin-mini-app/login", "anon,captchaValidate");
			
 
				         // 注册相关
			
 
				         filterChainDefinitionMap.put("/register", "anon,captchaValidate");
			
 
				         // 系统权限列表
			
@@ -305,8 +305,8 @@ public class ShiroConfig {
 
				         shiroFilterFactoryBean.setFilters(filters);
			
 
				 
			
 
				         // 所有请求需要认证
			
 
				-        filterChainDefinitionMap.put("/app-api/**", "wxAccessControl");
			
 
				         filterChainDefinitionMap.put("/**", "user,kickout,onlineSession,syncOnlineSession");
			
 
				+        filterChainDefinitionMap.put("/app-api/**", "wxAccessControl");
			
 
				         shiroFilterFactoryBean.setFilterChainDefinitionMap(filterChainDefinitionMap);
			
 
				 
			
 
				         return shiroFilterFactoryBean;
			
--- a/qmjszx-framework/src/main/java/beilv/framework/shiro/web/filter/wxMiniAppAccessControlFilter/WxMiniAppAccessControlFilter.java
+++ b/qmjszx-framework/src/main/java/beilv/framework/shiro/web/filter/wxMiniAppAccessControlFilter/WxMiniAppAccessControlFilter.java
@@ -1,6 +1,5 @@
 
				 package beilv.framework.shiro.web.filter.wxMiniAppAccessControlFilter;
			
 
				 
			
 
				-import beilv.common.utils.StringUtils;
			
 
				 import beilv.common.utils.rsa.RsaUtil;
			
 
				 import beilv.system.domain.SysMember;
			
 
				 import beilv.system.mapper.SysMemberMapper;
			
@@ -15,9 +14,6 @@ import javax.servlet.ServletResponse;
 
				 import javax.servlet.http.HttpServletRequest;
			
 
				 import javax.servlet.http.HttpServletResponse;
			
 
				 
			
 
				-import static beilv.common.enums.ErrorCodeConstants.USER_NOT_EXISTS;
			
 
				-import static beilv.common.utils.ExceptionUtil.exception;
			
 
				-
			
 
				 @Slf4j
			
 
				 @Component
			
 
				 public class WxMiniAppAccessControlFilter extends AccessControlFilter {
			
@@ -33,12 +29,13 @@ public class WxMiniAppAccessControlFilter extends AccessControlFilter {
 
				     @Override
			
 
				     protected boolean isAccessAllowed(ServletRequest request, ServletResponse response, Object mappedValue) throws Exception {
			
 
				         HttpServletRequest httpRequest = (HttpServletRequest) request;
			
 
				+        response.setContentType("application/json; charset=UTF-8"); // 设置内容类型和字符编码
			
 
				+        response.setCharacterEncoding("UTF-8"); // 设置字符编码
			
 
				         // 这里可以添加你的自定义验证逻辑
			
 
				         String token = httpRequest.getHeader("accessToken");
			
 
				         // 验证 token，返回 true 表示允许访问
			
 
				-        if (null == token || !isValidToken(token)) {
			
 
				-//            throw new Exception("123123123");// 默认不允许访问
			
 
				-            response.getWriter().write("{\"message\": \"false!\"}");
			
 
				+        if (null == token || isValidToken(token)) {
			
 
				+            response.getWriter().write("{\"message\": \"用户不存在!\"}");
			
 
				             return false;
			
 
				         } else {
			
 
				             return true;
			
@@ -54,14 +51,14 @@ public class WxMiniAppAccessControlFilter extends AccessControlFilter {
 
				         return false; // 拒绝访问
			
 
				     }
			
 
				 
			
 
				-    private boolean isValidToken(String token){
			
 
				+    private boolean isValidToken(String token) {
			
 
				         // 在这里实现你的 token 验证逻辑
			
 
				         String str;
			
 
				         try {
			
 
				             str = RsaUtil.decrypt(token, privateKey);
			
 
				             //根据userId从数据库中查询用户信息，判断用户是否存在，如果不存在，则返回false，表示拒绝访问；如果存在，则返回true，表示放行访问
			
 
				             SysMember sysMember = sysMemberMapper.selectSysMemberById(Long.parseLong(str));
			
 
				-            return ObjectUtils.isNotEmpty(sysMember);
			
 
				+            return ObjectUtils.isEmpty(sysMember);
			
 
				         } catch (Exception e) {
			
 
				             e.printStackTrace();
			
 
				             return false;