From e89c99d2ca613764af95b9c20cc5ef1277275264 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=BD=97=E6=88=90?= <2847920761@qq.com>
Date: Tue, 22 Jul 2025 19:25:31 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8A=A0=E5=AF=86=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/encrypt/filter/CryptoFilter.java   | 29 ++++++++++++-------
 1 file changed, 18 insertions(+), 11 deletions(-)

diff --git a/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java b/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
index 79d58daf..ea77c8d4 100644
--- a/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
+++ b/xinnengyuan/ruoyi-common/ruoyi-common-encrypt/src/main/java/org/dromara/common/encrypt/filter/CryptoFilter.java
@@ -35,9 +35,15 @@ public class CryptoFilter implements Filter {
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
         HttpServletRequest servletRequest = (HttpServletRequest) request;
         HttpServletResponse servletResponse = (HttpServletResponse) response;
-        // 获取加密注解
-        ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
-        boolean responseFlag = apiEncrypt != null && apiEncrypt.response();
+        boolean responseFlag = true;
+        if ("OPTIONS".equalsIgnoreCase(servletRequest.getMethod())) {
+            // 是预检请求就直接返回不走响应加密
+            responseFlag = false;
+        }
+//        // 获取加密注解
+//        ApiEncrypt apiEncrypt = this.getApiEncryptAnnotation(servletRequest);
+//        boolean responseFlag = apiEncrypt != null && apiEncrypt.response();
+
         ServletRequest requestWrapper = null;
         ServletResponse responseWrapper = null;
         EncryptResponseBodyWrapper responseBodyWrapper = null;
@@ -50,14 +56,15 @@ public class CryptoFilter implements Filter {
                 // 请求解密
                 requestWrapper = new DecryptRequestBodyWrapper(servletRequest, properties.getPrivateKey(), properties.getHeaderFlag());
             } else {
-                // 是否有注解，有就报错，没有放行
-                if (ObjectUtil.isNotNull(apiEncrypt)) {
-                    HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver", HandlerExceptionResolver.class);
-                    exceptionResolver.resolveException(
-                        servletRequest, servletResponse, null,
-                        new ServiceException("没有访问权限，请联系管理员授权", HttpStatus.FORBIDDEN));
-                    return;
-                }
+//                // 是否有注解，有就报错，没有放行
+//                if (ObjectUtil.isNotNull(apiEncrypt)) {
+//                    HandlerExceptionResolver exceptionResolver = SpringUtils.getBean("handlerExceptionResolver", HandlerExceptionResolver.class);
+//                    exceptionResolver.resolveException(
+//                        servletRequest, servletResponse, null,
+//                        new ServiceException("没有访问权限，请联系管理员授权", HttpStatus.FORBIDDEN));
+//                    return;
+//                }
+                throw new ServiceException("无权访问接口", HttpStatus.BAD_METHOD);
             }
         }