From 25d4f4cf023fef2cf3ea6905f2aec7784c906be3 Mon Sep 17 00:00:00 2001
From: weike6538 <weike001@chinasoftinc.com>
Date: Thu, 26 Jun 2025 18:27:23 +0800
Subject: [PATCH] =?UTF-8?q?feat(security):=20=E4=BF=AE=E5=A4=8D=E5=A4=9A?=
 =?UTF-8?q?=E7=A7=9F=E6=88=B7=E7=8E=AF=E5=A2=83=E4=B8=8B=E7=94=A8=E6=88=B7?=
 =?UTF-8?q?=E5=88=87=E6=8D=A2=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 在 TokenAuthenticationFilter 中添加逻辑，为没有 tenantId 的用户动态设置 tenantId
- 通过 AdminUserApi 获取用户信息，确保跨租户切换时能够正确获取目标租户信息
---
 .../core/filter/TokenAuthenticationFilter.java       | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java
index 2bf0f87..0859313 100644
--- a/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java
+++ b/yudao-framework/yudao-spring-boot-starter-security/src/main/java/cn/iocoder/yudao/framework/security/core/filter/TokenAuthenticationFilter.java
@@ -13,12 +13,16 @@ import cn.iocoder.yudao.framework.web.core.handler.GlobalExceptionHandler;
 import cn.iocoder.yudao.framework.web.core.util.WebFrameworkUtils;
 import cn.iocoder.yudao.module.system.api.oauth2.OAuth2TokenApi;
 import cn.iocoder.yudao.module.system.api.oauth2.dto.OAuth2AccessTokenCheckRespDTO;
+import cn.iocoder.yudao.module.system.api.tenant.TenantApi;
+import cn.iocoder.yudao.module.system.api.user.AdminUserApi;
+import cn.iocoder.yudao.module.system.api.user.dto.AdminUserRespDTO;
 import lombok.RequiredArgsConstructor;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.access.AccessDeniedException;
 import org.springframework.web.filter.OncePerRequestFilter;
 
+import javax.annotation.Resource;
 import javax.servlet.FilterChain;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
@@ -43,6 +47,9 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
     private final OAuth2TokenApi oauth2TokenApi;
 
+    @Resource
+    private AdminUserApi adminUserApi;
+
     @Override
     @SuppressWarnings("NullableProblems")
     protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
@@ -74,6 +81,11 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
 
         // 设置当前用户
         if (loginUser != null) {
+            if(null == loginUser.getTenantId()){
+                CommonResult<AdminUserRespDTO> user = adminUserApi.getUser(loginUser.getId());
+                loginUser.setTenantId(user.getData().getTenantId());
+            }
+
             SecurityFrameworkUtils.setLoginUser(loginUser, request);
         }
         // 继续过滤链