增加检查 sign 开关

commit: c82e2c8107b62659118837d05082adcf239cac9f [log] [tgz]
author: Tang Cheng <cheng.tang@supwisdom.com> 周三 6月 19 15:00:42 2019 +0800
committer: Tang Cheng <cheng.tang@supwisdom.com> 周三 6月 19 15:00:42 2019 +0800
tree: 0e9e1c7782529e9a4d1d107b55c9c6821c771c17
parent: 6ab45d98aed504a943a9a374267dfd69454623b7 [diff]
diff --git a/config/application-devel-pg-local.properties b/config/application-devel-pg-local.properties
index e976303..ef591a9 100644
--- a/config/application-devel-pg-local.properties
+++ b/config/application-devel-pg-local.properties

@@ -21,6 +21,7 @@
 # user password
 auth.password.bcrypt.seed=
 
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
 shopbalance.updater.cron = -
\ No newline at end of file

diff --git a/config/application-devel-pg.properties b/config/application-devel-pg.properties
index ada087d..5ea16f5 100644
--- a/config/application-devel-pg.properties
+++ b/config/application-devel-pg.properties

@@ -21,8 +21,7 @@
 auth.password.bcrypt.seed=
 spring.jackson.serialization.fail-on-empty-beans=false
 logging.level.org.springframework.web=DEBUG
-
-
+security.request.sign=false
 ##################################################
 ## quartz task scheduler
-shopbalance.updater.cron = -
\ No newline at end of file
+shopbalance.updater.cron=-
\ No newline at end of file

diff --git a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
index d19f656..0f9f314 100644
--- a/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt
+++ b/src/main/kotlin/com/supwisdom/dlpay/api/advices.kt

@@ -13,6 +13,7 @@
 import org.aspectj.lang.annotation.Aspect
 import org.aspectj.lang.annotation.Pointcut
 import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.beans.factory.annotation.Value
 import org.springframework.http.ResponseEntity
 import org.springframework.security.core.Authentication
 import org.springframework.stereotype.Component
@@ -49,6 +50,9 @@
     @Autowired
     lateinit var commonService: CommonService
 
+    @Value("\${security.request.sign: true}")
+    private var requestSignCheck: Boolean = true
+
     private val logger = KotlinLogging.logger { }
 
     @Pointcut("@within(org.springframework.web.bind.annotation.RestController)")
@@ -65,7 +69,7 @@
         return try {
             if (body is APIRequestParam) {
                 body.checkParam()
-                if (!body.checkSign(commonService.getSecretByAppid(auth.name))) {
+                if (requestSignCheck && !body.checkSign(commonService.getSecretByAppid(auth.name))) {
                     throw RequestParamCheckException(TradeErrorCode.REQUEST_SIGN_ERROR, "参数签名错误")
                 }
             } else {
commit	c82e2c8107b62659118837d05082adcf239cac9f	[log] [tgz]
author	Tang Cheng <cheng.tang@supwisdom.com>	周三 6月 19 15:00:42 2019 +0800
committer	Tang Cheng <cheng.tang@supwisdom.com>	周三 6月 19 15:00:42 2019 +0800
tree	0e9e1c7782529e9a4d1d107b55c9c6821c771c17
parent	6ab45d98aed504a943a9a374267dfd69454623b7 [diff]