feat:跳过权限验证

2 years ago · ac3b609b89
parent a681ef2641
commit ac3b609b89
2 changed files with 19 additions and 25 deletions
--- a/server/config.yaml
+++ b/server/config.yaml
@ -34,7 +34,7 @@ captcha:
    key-long: 6
    img-width: 240
    img-height: 80
-    open-captcha: 0
+    open-captcha: 10
    open-captcha-timeout: 3600
 cors:
    mode: strict-whitelist
@ -83,7 +83,7 @@ hua-wei-obs:
    access-key: you-access-key
    secret-key: you-secret-key
 jwt:
-    signing-key: a60293b6-abec-4f8c-87a6-348460033ddf
+    signing-key: 4b304b15-26d4-4ccd-8cff-91e3652708ba
    expires-time: 7d
    buffer-time: 1d
    issuer: qmPlus
--- a/server/middleware/casbin_rbac.go
+++ b/server/middleware/casbin_rbac.go
@ -1,14 +1,8 @@
 package middleware
 import (
 	"strconv"
 	"strings"
 	"github.com/gin-gonic/gin"
 	"pychr/global"
 	"pychr/model/common/response"
 	"pychr/service"
 	"pychr/utils"
 )
 var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
@ -16,23 +10,23 @@ var casbinService = service.ServiceGroupApp.SystemServiceGroup.CasbinService
 // CasbinHandler 拦截器
 func CasbinHandler() gin.HandlerFunc {
 	return func(c *gin.Context) {
-		if global.GVA_CONFIG.System.Env != "develop" {
+		// if global.GVA_CONFIG.System.Env != "develop" {
-			waitUse, _ := utils.GetClaims(c)
+		// 	waitUse, _ := utils.GetClaims(c)
-			// 获取请求的PATH
+		// 	// 获取请求的PATH
-			path := c.Request.URL.Path
+		// 	path := c.Request.URL.Path
-			obj := strings.TrimPrefix(path, global.GVA_CONFIG.System.RouterPrefix)
+		// 	obj := strings.TrimPrefix(path, global.GVA_CONFIG.System.RouterPrefix)
-			// 获取请求方法
+		// 	// 获取请求方法
-			act := c.Request.Method
+		// 	act := c.Request.Method
-			// 获取用户的角色
+		// 	// 获取用户的角色
-			sub := strconv.Itoa(int(waitUse.AuthorityId))
+		// 	sub := strconv.Itoa(int(waitUse.AuthorityId))
-			e := casbinService.Casbin() // 判断策略中是否存在
+		// 	e := casbinService.Casbin() // 判断策略中是否存在
-			success, _ := e.Enforce(sub, obj, act)
+		// 	success, _ := e.Enforce(sub, obj, act)
-			if !success {
+		// 	if !success {
-				response.FailWithDetailed(gin.H{}, "权限不足", c)
+		// 		response.FailWithDetailed(gin.H{}, "权限不足", c)
-				c.Abort()
+		// 		c.Abort()
-				return
+		// 		return
-			}
+		// 	}
-		}
+		// }
 		c.Next()
 	}
 }