Merge remote-tracking branch 'origin/master'

# Conflicts:
#	ruoyi-framework/src/main/java/com/ruoyi/framework/config/SecurityConfig.java

ruoyi-admin/src/main/java/com/ruoyi/web/controller/system/NtzyFileController.java

@@ -2,6 +2,8 @@ package com.ruoyi.web.controller.system;
 
 import java.util.List;
 import javax.servlet.http.HttpServletResponse;
+
+import com.ruoyi.common.annotation.NoToken;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.GetMapping;
@@ -23,7 +25,7 @@ import com.ruoyi.common.core.page.TableDataInfo;
 
 /**
  * 录像拍照文件Controller
- * 
+ *
  * @author ruoyi
  * @date 2025-12-09
  */
@@ -72,9 +74,10 @@ public class NtzyFileController extends BaseController
     /**
      * 新增录像拍照文件
      */
+//    @NoToken
     @PreAuthorize("@ss.hasPermi('system:file:add')")
     @Log(title = "录像拍照文件", businessType = BusinessType.INSERT)
-    @PostMapping
+    @PostMapping()
     public AjaxResult add(@RequestBody NtzyFile ntzyFile)
     {
         return toAjax(ntzyFileService.insertNtzyFile(ntzyFile));

ruoyi-admin/src/main/resources/application-druid.yml

@@ -9,6 +9,10 @@ spring:
                 url: jdbc:mysql://192.168.1.48:3306/ntzy_camera_system?useUnicode=true&characterEncoding=utf8&zeroDateTimeBehavior=convertToNull&useSSL=true&serverTimezone=GMT%2B8
                 username: root
                 password: 123456
+
+
+
+
             # 从库数据源
             slave:
                 # 从数据源开关/默认关闭

ruoyi-common/src/main/java/com/ruoyi/common/annotation/NoToken.java

@@ -0,0 +1,17 @@
+package com.ruoyi.common.annotation;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+/**
+ * 自定义注解：标记该接口无需Token校验
+ */
+// 注解仅作用于方法上
+@Target({ElementType.METHOD})
+// 运行时生效（才能在拦截器中反射获取）
+@Retention(RetentionPolicy.RUNTIME)
+public @interface NoToken {
+    // 注解无需属性，仅作为标记即可
+}

ruoyi-framework/src/main/java/com/ruoyi/framework/security/filter/JwtAuthenticationTokenFilter.java

@@ -10,6 +10,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 import org.springframework.stereotype.Component;
+import org.springframework.util.AntPathMatcher;
 import org.springframework.web.filter.OncePerRequestFilter;
 import com.ruoyi.common.core.domain.model.LoginUser;
 import com.ruoyi.common.utils.SecurityUtils;
@@ -27,10 +28,24 @@ public class JwtAuthenticationTokenFilter extends OncePerRequestFilter
     @Autowired
     private TokenService tokenService;
 
+//    private static final AntPathMatcher PATH_MATCHER = new AntPathMatcher();
+
     @Override
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
             throws ServletException, IOException
     {
+//        String[] excludePaths = {
+//                "/system/file/"
+//        };
+//        String requestUri = request.getRequestURI();
+//        // 匹配到放行路径则直接跳过Token校验
+//        for (String path : excludePaths) {
+//            if (PATH_MATCHER.match(path, requestUri)) {
+//                chain.doFilter(request, response);
+//                return;
+//            }
+//        }
+
         LoginUser loginUser = tokenService.getLoginUser(request);
         if (StringUtils.isNotNull(loginUser) && StringUtils.isNull(SecurityUtils.getAuthentication()))
         {