lxm_front/AJ-Report
1
0
Fork 0
mirror of synced 2025-12-08 22:38:07 +08:00
Code Issues Projects Releases Wiki Activity

updaet token filter

Browse Source
This commit is contained in:
木子李·De
2021-07-18 14:33:32 +08:00
parent 67f377bbfb
commit cbf1539663
3 changed files with 115 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

147
report-core/src/main/java/com/anjiplus/template/gaea/business/filter/TokenFilter.java
View File

@@ -5,10 +5,10 @@ import com.alibaba.fastjson.JSONObject;
import com.anji.plus.gaea.bean.ResponseBean; import com.anji.plus.gaea.bean.ResponseBean;
import com.anji.plus.gaea.cache.CacheHelper; import com.anji.plus.gaea.cache.CacheHelper;
import com.anji.plus.gaea.utils.JwtBean; import com.anji.plus.gaea.utils.JwtBean;
import com.anjiplus.template.gaea.business.constant.BusinessConstant;
import org.apache.commons.lang3.StringUtils; import org.apache.commons.lang3.StringUtils;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value; import org.springframework.beans.factory.annotation.Value;
import org.springframework.core.Ordered;
import org.springframework.core.annotation.Order; import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component; import org.springframework.stereotype.Component;
@@ -32,16 +32,89 @@ public class TokenFilter implements Filter {
@Autowired @Autowired
private JwtBean jwtBean; private JwtBean jwtBean;
/**跳过token验证和权限验证的url清单*/ // 跳过token验证和权限验证的url清单
@Value("#{'${customer.skip-authenticate-urls}'.split(',')}") @Value("#{'${customer.skip-authenticate-urls}'.split(',')}")
private List<String> skipAuthenticateUrls; private List<String> skipAuthenticateUrls;
private Pattern SKIP_AUTHENTICATE_PATTERN; private Pattern SKIP_AUTHENTICATE_PATTERN;
@Override @Override
public void init(FilterConfig filterConfig) throws ServletException { public void init(FilterConfig filterConfig) throws ServletException {
// 生成匹配正则跳过token验证和权限验证的url
SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls);
Filter.super.init(filterConfig); Filter.super.init(filterConfig);
} }
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String uri = request.getRequestURI();
if(uri.equals("/")){
response.sendRedirect("/index.html");
return;
}
// 不需要token验证和权限验证的url直接放行
boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches();
if(skipAuthenticate){
filterChain.doFilter(request, response);
return;
}
//获取token
String token = request.getHeader("Authorization");
if (StringUtils.isBlank(token)) {
error(response);
return;
}
// 判断token是否过期
String loginName = jwtBean.getUsername(token);
String tokenKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_TOKEN, loginName);
String userKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_USER, loginName);
if (!cacheHelper.exist(tokenKey)) {
error(response);
return;
}
if (!cacheHelper.exist(userKey)) {
error(response);
return;
}
String gaeaUserJsonStr = cacheHelper.stringGet(userKey);
// 延长有效期
cacheHelper.stringSetExpire(tokenKey, token, 3600);
cacheHelper.stringSetExpire(userKey, gaeaUserJsonStr, 3600);
//在线体验版本
if (loginName.equals("guest")
&& !uri.endsWith("/dataSet/testTransform")
&& !uri.endsWith("/reportDashboard/getData")
&& !uri.startsWith("/dict")
&& !uri.startsWith("/dict")
) {
//不允许删除
String method = request.getMethod();
if ("post".equalsIgnoreCase(method)
|| "put".equalsIgnoreCase(method)
|| "delete".equalsIgnoreCase(method)
) {
ResponseBean responseBean = ResponseBean.builder().code("50001").message("在线体验版本,不允许此操作。请自行下载本地运行").build();
response.getWriter().print(JSONObject.toJSONString(responseBean));
return;
}
}
//执行
filterChain.doFilter(request, response);
}
@Override
public void destroy() {
Filter.super.destroy();
}
/** 根据名单,生成正则 /** 根据名单,生成正则
* @param skipUrlList * @param skipUrlList
* @return * @return
@@ -65,76 +138,6 @@ public class TokenFilter implements Filter {
return Pattern.compile(patternString.toString()); return Pattern.compile(patternString.toString());
} }
@PostConstruct
private void postConstruct() {
SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls);
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
String uri = request.getRequestURI();
if(uri.equals("/")){
response.sendRedirect("/index.html");
return;
}
// 不需要token验证和权限验证的url直接放行
boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches();
if(skipAuthenticate){
filterChain.doFilter(request, response);
return;
}
//获取token
String authorization = request.getHeader("Authorization");
if (StringUtils.isBlank(authorization)) {
error(response);
return;
}
String username = jwtBean.getUsername(authorization);
// String uuid = jwtBean.getUUID(authorization);
if (!cacheHelper.exist(username)) {
error(response);
return;
}
//延长有效期
cacheHelper.stringSetExpire(username, authorization, 3600);
//在线体验版本
if (username.equals("guest")
&& !uri.endsWith("/dataSet/testTransform")
&& !uri.endsWith("/reportDashboard/getData")
&& !uri.startsWith("/dict")
&& !uri.startsWith("/dict")
) {
//不允许删除
String method = request.getMethod();
if ("post".equalsIgnoreCase(method)
|| "put".equalsIgnoreCase(method)
|| "delete".equalsIgnoreCase(method)
) {
ResponseBean responseBean = ResponseBean.builder().code("50001").message("在线体验版本,不允许此操作。请自行下载本地运行").build();
response.getWriter().print(JSONObject.toJSONString(responseBean));
return;
}
}
//执行
filterChain.doFilter(request, response);
}
@Override
public void destroy() {
Filter.super.destroy();
}
private void error(HttpServletResponse response) throws IOException { private void error(HttpServletResponse response) throws IOException {
ResponseBean responseBean = ResponseBean.builder().code("50014").message("The Token has expired").build(); ResponseBean responseBean = ResponseBean.builder().code("50014").message("The Token has expired").build();
response.getWriter().print(JSONObject.toJSONString(responseBean)); response.getWriter().print(JSONObject.toJSONString(responseBean));

5
report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/AccessAuthorityService.java
View File

@@ -21,4 +21,9 @@ public interface AccessAuthorityService extends GaeaBaseService<AccessAuthorityP
* @return * @return
*/ */
List<TreeNode> getAuthorityTree(String loginName, boolean withActionNode); List<TreeNode> getAuthorityTree(String loginName, boolean withActionNode);
/**
* 扫描所有mvc url的需要权限码建立拦截体系
*/
void scanGaeaSecurityAuthorities();
} }

35
report-core/src/main/java/com/anjiplus/template/gaea/business/modules/accessauthority/service/impl/AccessAuthorityServiceImpl.java
View File

@@ -1,8 +1,13 @@
package com.anjiplus.template.gaea.business.modules.accessauthority.service.impl; package com.anjiplus.template.gaea.business.modules.accessauthority.service.impl;
import com.alibaba.fastjson.JSONObject;
import com.anji.plus.gaea.bean.TreeNode; import com.anji.plus.gaea.bean.TreeNode;
import com.anji.plus.gaea.cache.CacheHelper;
import com.anji.plus.gaea.constant.Enabled;
import com.anji.plus.gaea.curd.mapper.GaeaBaseMapper; import com.anji.plus.gaea.curd.mapper.GaeaBaseMapper;
import com.anji.plus.gaea.init.InitRequestUrlMappings;
import com.anjiplus.template.gaea.business.constant.BusinessConstant;
import com.anjiplus.template.gaea.business.modules.accessauthority.dao.entity.AccessAuthority; import com.anjiplus.template.gaea.business.modules.accessauthority.dao.entity.AccessAuthority;
import com.anjiplus.template.gaea.business.modules.accessauthority.service.AccessAuthorityService; import com.anjiplus.template.gaea.business.modules.accessauthority.service.AccessAuthorityService;
import com.anjiplus.template.gaea.business.modules.accessauthority.dao.AccessAuthorityMapper; import com.anjiplus.template.gaea.business.modules.accessauthority.dao.AccessAuthorityMapper;
@@ -13,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
import java.util.stream.Collectors; import java.util.stream.Collectors;
@@ -25,6 +31,12 @@ import java.util.stream.Collectors;
@Service @Service
public class AccessAuthorityServiceImpl implements AccessAuthorityService { public class AccessAuthorityServiceImpl implements AccessAuthorityService {
@Autowired
private InitRequestUrlMappings initRequestUrlMappings;
@Autowired
private CacheHelper cacheHelper;
@Autowired @Autowired
private AccessAuthorityMapper accessAuthorityMapper; private AccessAuthorityMapper accessAuthorityMapper;
@@ -102,4 +114,27 @@ public class AccessAuthorityServiceImpl implements AccessAuthorityService {
return parentNodes; return parentNodes;
} }
@Override
public void scanGaeaSecurityAuthorities() {
/* 获取当前应用中所有的请求信息
{
"applicationName": "aj-report",
"authCode": "authorityManage:query",
"authName": "权限管理查询",
"beanName": "accessAuthorityController",
"menuCode": "authorityManage",
"path": "GET#/accessAuthority/menuTree"
}*/
List<InitRequestUrlMappings.RequestInfo> requestInfos = initRequestUrlMappings.getRequestInfos(Enabled.YES.getValue());
// key="GET#/accessAuthority/menuTree" value="authorityManage:query"
Map<String, String> securityAuthorityMap = new HashMap<String, String>();
requestInfos.stream().forEach(requestInfo -> {
securityAuthorityMap.put(requestInfo.getPath(), requestInfo.getAuthCode());
});
// 将key存入到缓存中
cacheHelper.hashSet(BusinessConstant.GAEA_SECURITY_AUTHORITIES, securityAuthorityMap);
}
} }