Merge branch '2.x' into 2.2.2

hsweb-web-core/src/main/java/org/hsweb/web/core/authorize/AopAuthorizeValidator.java

@@ -88,7 +88,10 @@ public class AopAuthorizeValidator extends SimpleAuthorizeValidator {
             HttpSession session = request.getSession(false);
             if (session == null) throw new AuthorizeException("未登录", 401);
             user = httpSessionManager.getUserBySessionId(session.getId());
-            if (user == null) throw new AuthorizeException("未登录", 401);
+            if (user == null)
+                user = (User) session.getAttribute("user");
+            if (user == null)
+                throw new AuthorizeException("未登录", 401);
         }
         if (config.isEmpty()) return true;
         Map<String, Object> param = new LinkedHashMap<>();

hsweb-web-core/src/main/java/org/hsweb/web/core/authorize/AuthorizeValidatorConfig.java

@@ -18,8 +18,10 @@ public interface AuthorizeValidatorConfig {
 
     AuthorizeValidatorConfig addExpression(String expression, String language);
 
+    @Deprecated
     AuthorizeValidatorConfig setApiSupport(boolean apiSupport);
 
+    @Deprecated
     boolean isApiSupport();
 
     boolean isEmpty();

hsweb-web-core/src/main/java/org/hsweb/web/core/authorize/annotation/Authorize.java

@@ -52,6 +52,7 @@ public @interface Authorize {
      *
      * @return
      */
+    @Deprecated
     boolean api() default false;
 
     /**

hsweb-web-core/src/main/java/org/hsweb/web/core/authorize/validator/SimpleAuthorizeValidatorConfig.java

@@ -20,7 +20,7 @@ public class SimpleAuthorizeValidatorConfig implements AuthorizeValidatorConfig
     protected Set<String> actions;
     protected Set<Expression> expressions = new LinkedHashSet<>();
     protected Authorize.MOD mod;
-    protected boolean apiSupport;
+    protected boolean       apiSupport;
 
     @Override
     public AuthorizeValidatorConfig setApiSupport(boolean apiSupport) {
@@ -92,7 +92,8 @@ public class SimpleAuthorizeValidatorConfig implements AuthorizeValidatorConfig
     }
 
     public boolean isApiSupport() {
-        return apiSupport;
+        return true;
+        //    return apiSupport;
     }
 
     public void setExpressions(Set<Expression> expressions) {

hsweb-web-core/src/main/java/org/hsweb/web/core/utils/WebUtil.java

@@ -73,14 +73,17 @@ public class WebUtil {
     public static User getLoginUser(HttpServletRequest request) {
         if (request == null) return ThreadLocalUtils.get("current-user");
         HttpSession session = request.getSession(false);
-        if (session == null) {
+        User user = null;
+        if (session != null) {
+            user = getLoginUser(session);
+        }
+        if (user == null) {
             OAuth2Manager manager = OAuth2ManagerHolder.getManager();
             if (manager != null) {
-                return manager.getUserByRequest(request);
+                user = manager.getUserByRequest(request);
             }
-            return null;
         }
-        return getLoginUser(session);
+        return user;
     }
 
     public static Map<String, String> getHeaders(HttpServletRequest request) {