Merge remote-tracking branch 'origin/main' into main

2026-05-20 19:48:18 +08:00 · 2021-03-29 14:57:19 +08:00
parent 873a03065c 12a226643c
commit c154e642c1
18 changed files with 177 additions and 74 deletions
--- a/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
+++ b/backend/src/main/java/io/dataease/auth/service/impl/ShiroServiceImpl.java
@@ -39,6 +39,11 @@ public class ShiroServiceImpl implements ShiroService {
        filterChainDefinitionMap.put("/test/**", ANON);
        filterChainDefinitionMap.put("/index.html", ANON);
        filterChainDefinitionMap.put("/link.html", ANON);
+
+        //验证链接
+        filterChainDefinitionMap.put("/api/link/validate**", ANON);
+
+
        filterChainDefinitionMap.put("/api/auth/login", ANON);
        filterChainDefinitionMap.put("/unauth", ANON);
        filterChainDefinitionMap.put("/display/**", ANON);
--- a/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
+++ b/backend/src/main/java/io/dataease/controller/panel/api/LinkApi.java
@@ -36,9 +36,9 @@ public interface LinkApi {

    @ApiOperation("验证访问")
    @PostMapping("/validate")
-    ValidateDto validate(Map<String, String> param);
+    ValidateDto validate(Map<String, String> param) throws Exception;

    @ApiOperation("验证密码")
    @PostMapping("/validatePwd")
-    boolean validatePwd(PasswordRequest request);
+    boolean validatePwd(PasswordRequest request) throws Exception;
 }
--- a/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
+++ b/backend/src/main/java/io/dataease/controller/panel/server/LinkServer.java
@@ -49,20 +49,16 @@ public class LinkServer implements LinkApi {
    }

    @Override
-    public ValidateDto validate(@RequestBody Map<String, String> param)  {
+    public ValidateDto validate(@RequestBody Map<String, String> param)  throws Exception{
        String link = param.get("link");
-        String json = null;
-        try {
-            json = panelLinkService.decryptParam(link);
-        } catch (Exception e) {
-            e.printStackTrace();
-        }
+        String json = panelLinkService.decryptParam(link);
        Gson gson = new Gson();

        ValidateRequest request = gson.fromJson(json, ValidateRequest.class);
        ValidateDto dto = new ValidateDto();
        String resourceId = request.getResourceId();
        PanelLink one = panelLinkService.findOne(resourceId);
+        dto.setResourceId(resourceId);
        if (ObjectUtils.isEmpty(one)){
            dto.setValid(false);
            return dto;
@@ -74,7 +70,7 @@ public class LinkServer implements LinkApi {
    }

    @Override
-    public boolean validatePwd(@RequestBody PasswordRequest request) {
+    public boolean validatePwd(@RequestBody PasswordRequest request) throws Exception {
        return panelLinkService.validatePwd(request);
    }
 }
--- a/backend/src/main/java/io/dataease/dto/panel/link/ValidateDto.java
+++ b/backend/src/main/java/io/dataease/dto/panel/link/ValidateDto.java
@@ -10,4 +10,6 @@ public class ValidateDto {
    private boolean enablePwd;

    private boolean passPwd;
+
+    private String resourceId;
 }
--- a/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
+++ b/backend/src/main/java/io/dataease/service/panel/PanelLinkService.java
@@ -25,7 +25,7 @@ import java.util.Map;
@Service
 public class PanelLinkService {

-    @Value("${public-link-url:http://localhost:8081/link?link=}")
+    @Value("${public-link-url:http://localhost:9528/link.html?link=}")
    private String baseUrl;

    @Value("${public-link-salt:DataEaseLinkSalt}")
@@ -113,19 +113,19 @@ public class PanelLinkService {
    }

    // 验证请求头部携带的信息 如果正确说明通过密码验证 否则没有通过
-    public Boolean validateHeads(PanelLink panelLink){
+    public Boolean validateHeads(PanelLink panelLink) throws Exception{
        HttpServletRequest request = ServletUtils.request();
        String token = request.getHeader("LINK-PWD-TOKEN");
        if (StringUtils.isEmpty(token)) return false;
-        boolean verify = JWTUtils.verifyLink(token, panelLink.getResourceId(), panelLink.getPwd());
+        boolean verify = JWTUtils.verifyLink(token, panelLink.getResourceId(), decryptParam(panelLink.getPwd()));
        return verify;
    }

-    public boolean validatePwd(PasswordRequest request) {
-        String password = request.getPassword();
+    public boolean validatePwd(PasswordRequest request) throws Exception {
+        String password = decryptParam(request.getPassword());
        String resourceId = request.getResourceId();
        PanelLink one = findOne(resourceId);
-        String pwd = one.getPwd();
+        String pwd = decryptParam(one.getPwd());
        boolean pass = StringUtils.equals(pwd, password);
        if (pass){
            String token = JWTUtils.signLink(resourceId, password);