updaet token filter
This commit is contained in:
木子李·De
@@ -5,10 +5,10 @@ import com.alibaba.fastjson.JSONObject;
|
||||
import com.anji.plus.gaea.bean.ResponseBean;
|
||||
import com.anji.plus.gaea.cache.CacheHelper;
|
||||
import com.anji.plus.gaea.utils.JwtBean;
|
||||
import com.anjiplus.template.gaea.business.constant.BusinessConstant;
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.core.Ordered;
|
||||
import org.springframework.core.annotation.Order;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
@@ -32,16 +32,89 @@ public class TokenFilter implements Filter {
|
||||
@Autowired
|
||||
private JwtBean jwtBean;
|
||||
|
||||
/**跳过token验证和权限验证的url清单*/
|
||||
// 跳过token验证和权限验证的url清单
|
||||
@Value("#{'${customer.skip-authenticate-urls}'.split(',')}")
|
||||
private List<String> skipAuthenticateUrls;
|
||||
private Pattern SKIP_AUTHENTICATE_PATTERN;
|
||||
|
||||
@Override
|
||||
public void init(FilterConfig filterConfig) throws ServletException {
|
||||
// 生成匹配正则,跳过token验证和权限验证的url
|
||||
SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls);
|
||||
Filter.super.init(filterConfig);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
String uri = request.getRequestURI();
|
||||
|
||||
if(uri.equals("/")){
|
||||
response.sendRedirect("/index.html");
|
||||
return;
|
||||
}
|
||||
|
||||
// 不需要token验证和权限验证的url,直接放行
|
||||
boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches();
|
||||
if(skipAuthenticate){
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
//获取token
|
||||
String token = request.getHeader("Authorization");
|
||||
if (StringUtils.isBlank(token)) {
|
||||
error(response);
|
||||
return;
|
||||
}
|
||||
|
||||
// 判断token是否过期
|
||||
String loginName = jwtBean.getUsername(token);
|
||||
String tokenKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_TOKEN, loginName);
|
||||
String userKey = String.format(BusinessConstant.GAEA_SECURITY_LOGIN_USER, loginName);
|
||||
if (!cacheHelper.exist(tokenKey)) {
|
||||
error(response);
|
||||
return;
|
||||
}
|
||||
if (!cacheHelper.exist(userKey)) {
|
||||
error(response);
|
||||
return;
|
||||
}
|
||||
String gaeaUserJsonStr = cacheHelper.stringGet(userKey);
|
||||
|
||||
// 延长有效期
|
||||
cacheHelper.stringSetExpire(tokenKey, token, 3600);
|
||||
cacheHelper.stringSetExpire(userKey, gaeaUserJsonStr, 3600);
|
||||
|
||||
//在线体验版本
|
||||
if (loginName.equals("guest")
|
||||
&& !uri.endsWith("/dataSet/testTransform")
|
||||
&& !uri.endsWith("/reportDashboard/getData")
|
||||
&& !uri.startsWith("/dict")
|
||||
&& !uri.startsWith("/dict")
|
||||
) {
|
||||
//不允许删除
|
||||
String method = request.getMethod();
|
||||
if ("post".equalsIgnoreCase(method)
|
||||
|| "put".equalsIgnoreCase(method)
|
||||
|| "delete".equalsIgnoreCase(method)
|
||||
) {
|
||||
ResponseBean responseBean = ResponseBean.builder().code("50001").message("在线体验版本,不允许此操作。请自行下载本地运行").build();
|
||||
response.getWriter().print(JSONObject.toJSONString(responseBean));
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//执行
|
||||
filterChain.doFilter(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void destroy() {
|
||||
Filter.super.destroy();
|
||||
}
|
||||
|
||||
/** 根据名单,生成正则
|
||||
* @param skipUrlList
|
||||
* @return
|
||||
@@ -65,76 +138,6 @@ public class TokenFilter implements Filter {
|
||||
return Pattern.compile(patternString.toString());
|
||||
}
|
||||
|
||||
@PostConstruct
|
||||
private void postConstruct() {
|
||||
SKIP_AUTHENTICATE_PATTERN = fitByList(skipAuthenticateUrls);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
|
||||
HttpServletRequest request = (HttpServletRequest) servletRequest;
|
||||
HttpServletResponse response = (HttpServletResponse) servletResponse;
|
||||
String uri = request.getRequestURI();
|
||||
|
||||
if(uri.equals("/")){
|
||||
response.sendRedirect("/index.html");
|
||||
return;
|
||||
}
|
||||
|
||||
// 不需要token验证和权限验证的url,直接放行
|
||||
boolean skipAuthenticate = SKIP_AUTHENTICATE_PATTERN.matcher(uri).matches();
|
||||
if(skipAuthenticate){
|
||||
filterChain.doFilter(request, response);
|
||||
return;
|
||||
}
|
||||
|
||||
//获取token
|
||||
String authorization = request.getHeader("Authorization");
|
||||
if (StringUtils.isBlank(authorization)) {
|
||||
error(response);
|
||||
return;
|
||||
}
|
||||
|
||||
String username = jwtBean.getUsername(authorization);
|
||||
// String uuid = jwtBean.getUUID(authorization);
|
||||
|
||||
if (!cacheHelper.exist(username)) {
|
||||
error(response);
|
||||
return;
|
||||
}
|
||||
|
||||
//延长有效期
|
||||
cacheHelper.stringSetExpire(username, authorization, 3600);
|
||||
|
||||
//在线体验版本
|
||||
if (username.equals("guest")
|
||||
&& !uri.endsWith("/dataSet/testTransform")
|
||||
&& !uri.endsWith("/reportDashboard/getData")
|
||||
&& !uri.startsWith("/dict")
|
||||
&& !uri.startsWith("/dict")
|
||||
) {
|
||||
//不允许删除
|
||||
String method = request.getMethod();
|
||||
if ("post".equalsIgnoreCase(method)
|
||||
|| "put".equalsIgnoreCase(method)
|
||||
|| "delete".equalsIgnoreCase(method)
|
||||
) {
|
||||
ResponseBean responseBean = ResponseBean.builder().code("50001").message("在线体验版本,不允许此操作。请自行下载本地运行").build();
|
||||
response.getWriter().print(JSONObject.toJSONString(responseBean));
|
||||
return;
|
||||
}
|
||||
}
|
||||
|
||||
//执行
|
||||
filterChain.doFilter(request, response);
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
public void destroy() {
|
||||
Filter.super.destroy();
|
||||
}
|
||||
|
||||
private void error(HttpServletResponse response) throws IOException {
|
||||
ResponseBean responseBean = ResponseBean.builder().code("50014").message("The Token has expired").build();
|
||||
response.getWriter().print(JSONObject.toJSONString(responseBean));
|
||||
|
||||
@@ -21,4 +21,9 @@ public interface AccessAuthorityService extends GaeaBaseService<AccessAuthorityP
|
||||
* @return
|
||||
*/
|
||||
List<TreeNode> getAuthorityTree(String loginName, boolean withActionNode);
|
||||
|
||||
/**
|
||||
* 扫描所有mvc url的需要权限码,建立拦截体系
|
||||
*/
|
||||
void scanGaeaSecurityAuthorities();
|
||||
}
|
||||
@@ -1,8 +1,13 @@
|
||||
|
||||
package com.anjiplus.template.gaea.business.modules.accessauthority.service.impl;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.anji.plus.gaea.bean.TreeNode;
|
||||
import com.anji.plus.gaea.cache.CacheHelper;
|
||||
import com.anji.plus.gaea.constant.Enabled;
|
||||
import com.anji.plus.gaea.curd.mapper.GaeaBaseMapper;
|
||||
import com.anji.plus.gaea.init.InitRequestUrlMappings;
|
||||
import com.anjiplus.template.gaea.business.constant.BusinessConstant;
|
||||
import com.anjiplus.template.gaea.business.modules.accessauthority.dao.entity.AccessAuthority;
|
||||
import com.anjiplus.template.gaea.business.modules.accessauthority.service.AccessAuthorityService;
|
||||
import com.anjiplus.template.gaea.business.modules.accessauthority.dao.AccessAuthorityMapper;
|
||||
@@ -13,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.stream.Collectors;
|
||||
@@ -25,6 +31,12 @@ import java.util.stream.Collectors;
|
||||
@Service
|
||||
public class AccessAuthorityServiceImpl implements AccessAuthorityService {
|
||||
|
||||
@Autowired
|
||||
private InitRequestUrlMappings initRequestUrlMappings;
|
||||
|
||||
@Autowired
|
||||
private CacheHelper cacheHelper;
|
||||
|
||||
@Autowired
|
||||
private AccessAuthorityMapper accessAuthorityMapper;
|
||||
|
||||
@@ -102,4 +114,27 @@ public class AccessAuthorityServiceImpl implements AccessAuthorityService {
|
||||
|
||||
return parentNodes;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void scanGaeaSecurityAuthorities() {
|
||||
/* 获取当前应用中所有的请求信息
|
||||
{
|
||||
"applicationName": "aj-report",
|
||||
"authCode": "authorityManage:query",
|
||||
"authName": "权限管理查询",
|
||||
"beanName": "accessAuthorityController",
|
||||
"menuCode": "authorityManage",
|
||||
"path": "GET#/accessAuthority/menuTree"
|
||||
}*/
|
||||
List<InitRequestUrlMappings.RequestInfo> requestInfos = initRequestUrlMappings.getRequestInfos(Enabled.YES.getValue());
|
||||
|
||||
// key="GET#/accessAuthority/menuTree" value="authorityManage:query"
|
||||
Map<String, String> securityAuthorityMap = new HashMap<String, String>();
|
||||
requestInfos.stream().forEach(requestInfo -> {
|
||||
securityAuthorityMap.put(requestInfo.getPath(), requestInfo.getAuthCode());
|
||||
});
|
||||
|
||||
// 将key存入到缓存中
|
||||
cacheHelper.hashSet(BusinessConstant.GAEA_SECURITY_AUTHORITIES, securityAuthorityMap);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user