From 4f7702b22a715272e9210571c69b80b4eb89ef4f Mon Sep 17 00:00:00 2001
From: Lyy <1250400743@qq.com>
Date: 星期一, 17 八月 2020 17:05:33 +0800
Subject: [PATCH] update ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java. 修改注释,CRSF禁用
---
ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/impl/SameUrlDataInterceptor.java | 28 +++++++++++++++++++++++-----
1 files changed, 23 insertions(+), 5 deletions(-)
diff --git a/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/impl/SameUrlDataInterceptor.java b/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/impl/SameUrlDataInterceptor.java
index 5f78380..e3864c7 100644
--- a/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/impl/SameUrlDataInterceptor.java
+++ b/ruoyi-framework/src/main/java/com/ruoyi/framework/interceptor/impl/SameUrlDataInterceptor.java
@@ -5,8 +5,10 @@
import java.util.concurrent.TimeUnit;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import com.alibaba.fastjson.JSONObject;
+import com.ruoyi.common.constant.Constants;
import com.ruoyi.common.core.redis.RedisCache;
import com.ruoyi.common.filter.RepeatedlyRequestWrapper;
import com.ruoyi.common.utils.StringUtils;
@@ -26,7 +28,9 @@
public final String REPEAT_TIME = "repeatTime";
- public final String CACHE_REPEAT_KEY = "repeatData";
+ // 令牌自定义标识
+ @Value("${token.header}")
+ private String header;
@Autowired
private RedisCache redisCache;
@@ -47,8 +51,12 @@
@Override
public boolean isRepeatSubmit(HttpServletRequest request)
{
- RepeatedlyRequestWrapper repeatedlyRequest = (RepeatedlyRequestWrapper) request;
- String nowParams = HttpHelper.getBodyString(repeatedlyRequest);
+ String nowParams = "";
+ if (request instanceof RepeatedlyRequestWrapper)
+ {
+ RepeatedlyRequestWrapper repeatedlyRequest = (RepeatedlyRequestWrapper) request;
+ nowParams = HttpHelper.getBodyString(repeatedlyRequest);
+ }
// body参数为空,获取Parameter的数据
if (StringUtils.isEmpty(nowParams))
@@ -62,7 +70,17 @@
// 请求地址(作为存放cache的key值)
String url = request.getRequestURI();
- Object sessionObj = redisCache.getCacheObject(CACHE_REPEAT_KEY);
+ // 唯一值(没有消息头则使用请求地址)
+ String submitKey = request.getHeader(header);
+ if (StringUtils.isEmpty(submitKey))
+ {
+ submitKey = url;
+ }
+
+ // 唯一标识(指定key + 消息头)
+ String cache_repeat_key = Constants.REPEAT_SUBMIT_KEY + submitKey;
+
+ Object sessionObj = redisCache.getCacheObject(cache_repeat_key);
if (sessionObj != null)
{
Map<String, Object> sessionMap = (Map<String, Object>) sessionObj;
@@ -77,7 +95,7 @@
}
Map<String, Object> cacheMap = new HashMap<String, Object>();
cacheMap.put(url, nowDataMap);
- redisCache.setCacheObject(CACHE_REPEAT_KEY, cacheMap, intervalTime, TimeUnit.SECONDS);
+ redisCache.setCacheObject(cache_repeat_key, cacheMap, intervalTime, TimeUnit.SECONDS);
return false;
}
--
Gitblit v1.9.2