# user password
auth.password.bcrypt.seed=
+security.request.sign=false
##################################################
## quartz task scheduler
shopbalance.updater.cron = -
\ No newline at end of file
auth.password.bcrypt.seed=
spring.jackson.serialization.fail-on-empty-beans=false
logging.level.org.springframework.web=DEBUG
-
-
+security.request.sign=false
##################################################
## quartz task scheduler
-shopbalance.updater.cron = -
\ No newline at end of file
+shopbalance.updater.cron=-
\ No newline at end of file
import org.aspectj.lang.annotation.Aspect
import org.aspectj.lang.annotation.Pointcut
import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
import org.springframework.http.ResponseEntity
import org.springframework.security.core.Authentication
import org.springframework.stereotype.Component
@Autowired
lateinit var commonService: CommonService
+ @Value("\${security.request.sign: true}")
+ private var requestSignCheck: Boolean = true
+
private val logger = KotlinLogging.logger { }
@Pointcut("@within(org.springframework.web.bind.annotation.RestController)")
return try {
if (body is APIRequestParam) {
body.checkParam()
- if (!body.checkSign(commonService.getSecretByAppid(auth.name))) {
+ if (requestSignCheck && !body.checkSign(commonService.getSecretByAppid(auth.name))) {
throw RequestParamCheckException(TradeErrorCode.REQUEST_SIGN_ERROR, "参数签名错误")
}
} else {
Code Review / epayment / food_payapi.git / commitdiff
