change:订单和购物车channel=3 跳过鉴权

order-application-service/src/main/java/cn/freemud/aop/WebAspect.java

@@ -31,6 +31,7 @@ import java.beans.PropertyDescriptor;
 import java.lang.reflect.Method;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Objects;
 
 /**
  * All rights Reserved, Designed By www.freemud.cn
@@ -70,6 +71,8 @@ public class WebAspect {
 
     private static final String SESSION_ID_STR = "sessionId";
 
+    private static final String APP_CHANNEL = "3";
+
     @Pointcut("execution(* cn.freemud.controller..*.*(..))")
     public void webAspect() {
     }
@@ -86,13 +89,21 @@ public class WebAspect {
             // 是否授权验证
             AssortmentCustomerInfoVo userInfo = assortmentCustomerInfoManager.getCustomerInfoByObject(sessionId);
             if (!notFilterUrls.contains(requestUrl)) {
-                if(userInfo == null || StringUtils.isEmpty(userInfo.getMemberId())) {
+                if(userInfo == null) {
+                    throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
+                }
+                // app 没有unionId得概念,   并且app上是thirdMemberId概念。 不需要做校验
+                if(!Objects.equals(userInfo.getChannel(), APP_CHANNEL)) {
+                    if(StringUtils.isEmpty(userInfo.getMemberId())) {
                         throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
                     }
                     List<String> unauthorizedUrls = Arrays.asList(getNotFilterUrl(CommonRedisKeyConstant.SAAS_NOT_AUTHORIZED_URL, NOT_AUTHORIZED_KEY).split(","));
                     if (!unauthorizedUrls.contains(requestUrl) && StringUtils.isEmpty(userInfo.getUnionId())) {
                         throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
                     }
+                } else {
+                    // app上是thirdMemberId概念
+                }
             }
             Object[] args = joinPoint.getArgs();
             for (Object arg : args) {

shopping-cart-application-service/src/main/java/cn/freemud/aop/WebAspect.java

@@ -31,6 +31,7 @@ import java.beans.PropertyDescriptor;
 import java.lang.reflect.Method;
 import java.util.Arrays;
 import java.util.List;
+import java.util.Objects;
 
 /**
  * All rights Reserved, Designed By www.freemud.cn
@@ -70,6 +71,8 @@ public class WebAspect {
 
     private static final String SESSION_ID_STR = "sessionId";
 
+    private static final String APP_CHANNEL = "3";
+
     @Pointcut("execution(* cn.freemud.controller..*.*(..))")
     public void webAspect() {
     }
@@ -86,13 +89,21 @@ public class WebAspect {
             // 是否授权验证
             AssortmentCustomerInfoVo userInfo = assortmentCustomerInfoManager.getCustomerInfoByObject(sessionId);
             if (!notFilterUrls.contains(requestUrl)) {
-                if(userInfo == null || StringUtils.isEmpty(userInfo.getMemberId())) {
+                if(userInfo == null) {
+                    throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
+                }
+                // app 没有unionId得概念,   并且app上是thirdMemberId概念。 不需要做校验
+                if(!Objects.equals(userInfo.getChannel(), APP_CHANNEL)) {
+                    if(StringUtils.isEmpty(userInfo.getMemberId())) {
                         throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
                     }
                     List<String> unauthorizedUrls = Arrays.asList(getNotFilterUrl(CommonRedisKeyConstant.SAAS_NOT_AUTHORIZED_URL, NOT_AUTHORIZED_KEY).split(","));
                     if (!unauthorizedUrls.contains(requestUrl) && StringUtils.isEmpty(userInfo.getUnionId())) {
                         throw new CommonServiceException(CommonResponseResult.USER_UNAUTHORIZED);
                     }
+                } else {
+                    // app上是thirdMemberId概念
+                }
             }
             Object[] args = joinPoint.getArgs();
             for (Object arg : args) {